Day One: Tuesday, October 24, 2023
10:30 EDT
15 min
Welcome and Opening Remarks from the Chair
10:45 EDT
60 min
Enhancing Technology and Cyber Resilience Across the Financial Sector
- Technology and cyber risk landscape
- OSFI policy instruments on technology and cyber risks
- Enhancing your technology and cyber posture
10:45 EDT
60 min
OSFI’s Operational Resilience and Operational Risk Management Guideline
- What Operational Resilience means to OSFI
- What has changed in the new guideline
- Resilience landscape – OSFI’s observations
11:45 EDT
60 min
Focusing on Critical Functions to Boost Operational Resilience
- Using the organization’s critical functions to anchor and align operational resilience programs
- How risk appetite statements and limits can inform decision making and support resilience
- Breaking down silos between Third-Party Risk, Cyber and Technology Risk, Business Continuity Management
- Helping the organization understand that if everything is important, then nothing is
- How protecting critical function through operational resilience can foster a risk culture and support the organization’s values and goals
12:45 EDT
45 minBreak
13:30 EDT
60 min
Adverse Media: The Missing Element in Your ORM Framework
- Define and understand the role of adverse media in a risk-based approach within financial institutions
- Recognize the fundamental role of AI in adverse media analysis and how it complements human judgment
- Explore how generative AI can add another layer of analysis
- Hear use cases of adverse media screening in a risk-based framework
- Questions to consider as part of a risk-based media checklist
14:30 EDT
60 min
Generative AI Risks and Uses Cases for Financial Institutions
Isaac De Souza, Artificial Intelligence & Emerging Technology Risk Officer, BMO
- Enhance fraud detection systems
- Assess the potential benefits and risks of generative AI and implement necessary safeguards to balance innovation with risk management
- Establish strong controls and monitoring mechanisms to detect and mitigate risks
15:30 EDT
60 min
Corporate Culture: How Do You Manage a Risk You Can’t See?
Adeline Cheng, Operational Risk and Resilience Lead, Financial Services Risk Management (FSRM), EY
Kevin Childs, Senior Manager, Non-Financial Risk, Financial Services Risk Management (FSRM), EY
- Encourage cross-functional collaboration
- Implement effective risk monitoring and reporting systems
- Identify any emerging risks or trends that may not be immediately apparent
16:30 EDT
Closing Remarks from the Chair
Day Two: Wednesday, October 25, 2023
10:30 EDT
min
Welcome and Opening Remarks from the Chair
10:30 EDT
60 min
Preparing for the New Normal in a World of Disruption and Increasing Regulatory Expectations
Moderator: Katherine Macpherson, Principal, KM Risk Consulting Ltd.
Adeline Cheng, Operational Risk and Resilience Lead, Financial Services Risk Management (FSRM), EY
Roxanne Meilleur, Vice President, Enterprise and Operational Risk, Coast Capital Savings
Saad Ali, Senior Director, Finance & Treasury Audit, CIBC
Isaac De Souza, Artificial Intelligence & Emerging Technology Risk Officer, BMO
- Hear about the latest expectations for internal control frameworks and risk management practices
- Implement compliance for operational risk management, internal controls, and risk governance
- Understand the importance of risk culture and operational resilience
- Learn the benefits for your organization
- Lessons learned from previous regulatory initiatives highlight the need for effective risk management practices
11:30 EDT
60 min
Connecting the Dots of Operational Resilience
- Overview of regulatory landscape
- What is new?
- Overview of the operational resilience lifecycle
- How to integrate and embed operational resilience within existing operational risk management programs
- Lessons learned from global implementation of operational resilience programs
12:30 EDT
45 minBreak
13:15 EDT
60 min
Lessons Learned: Understanding Third-Party Resilience and Risks
Iain Wright, Chief Risk Officer, Canada, and Global Head of Operational Risk, Canada Life
- Understand key challenges in managing third-party risks including more visibility and control over third-party activities
- Understanding the resilience of suppliers
- Develop strategies for mitigating third-party risks in suppliers such as contractual controls, due diligence, and ongoing monitoring
- Hear case studies illustrating successful third-party risk management
- Lessons learned from previous incidents include effective incident response planning and communication
14:15 EDT
60 min
Digital Risk Transformation: Embracing Disruptive Technologies in Risk
- Age of disruptive technologies and its challenges and opportunities to organizations risk functions
- Where organizations are investing to improve agility and customer experience within risk
- Analyze and implement the right technology solutions tailored to organizational culture
- Embracing of disruptive technologies and its benefits within risk function transformation
15:15 EDT
60 min
Challenges Faced within Credit Unions New to the Federal Regime
Roxanne Meilleur, Vice President, Enterprise and Operational Risk, Coast Capital Savings
- Learn about the new federal regulations, attending training sessions, and staying updated with the latest changes to ensure a smooth transition
- Implement new systems and technologies to meet the reporting and compliance requirements
- Collaborate with industry experts, consultants, and regulatory bodies
16:15 EDT
Closing Remarks from the Chair
Pre-Conference Workshop: Monday, October 23, 2023
13:00 EDT
180 min
Operational Risk 101
This half-day workshop is for newcomers to operational risk, those wanting a career in operational risk, and for those where operational risk is now a part of their role or responsibilities, and for those who need to have a good understanding of effective operational risk management (ORM) programs.
This workshop will provide you with a meaningful understanding of operational risk management through experiential learning. By the end of the workshop, you will be able to: understand increasing regulatory expectations, discuss your challenges with embedding an effective ORM program, describe ORM building blocks and be an intentional and effective operational risk manager.
- Regulatory landscape
- Operational Risk ecosystem
- ORM value proposition
- Foundational elements of ORM
- Operational Risk Appetite
- Operational Risk Taxonomy
- Operational Risk Events (ORE)
- Risk & Control Self Assessment (RCSA)
- Key Risk Indicators
- Scenario Analysis
- Issue Management
- Operational Risk reporting
- User centric training
- Characteristics of an effective operational risk manager