Day One: Tuesday, October 7, 2025
10:30 EDT
15 min
Welcome and Opening Remarks from the Chair
Katherine Macpherson, Founder and Principal, KM Risk Consulting
10:45 EDT
60 min
OSFI in Focus: Navigating Regulatory Expectations in 2025 and Beyond
Elspeth Bowler, Managing Director, Operational Risk Division, OSFI
- Analyze the latest OSFI regulatory updates and their implications for operational risk management
- Interpret new guidance and supervisory expectations through real-world case studies
- Align your organization’s risk practices with evolving compliance requirements
- Implement proactive strategies to address upcoming regulatory changes effectively
- Engage with industry experts on how to prepare for and respond to OSFI’s 2025 priorities
11:45 EDT
60 min
Building Business Resilience through Effective Risk Assessment
- Identify critical business vulnerabilities through comprehensive risk assessments.
- Implement proactive mitigation strategies to minimize potential disruptions.
- Strengthen organizational resilience by regularly reviewing and adapting risk management plans.
12:45 EDT
45 minBreak
13:30 EDT
60 min
Empowering Operational Risk Management with AI: A Case Study on Transforming RCSA Reviews with an AI Solution
- Pinpointing RCSA pain points: The catalysts for an AI-driven solution.
- Agile innovation: Demonstrating AI’s RCSA potential via a rapid Proof-of-Concept.
- Bridging analytics and ORM expertise: The critical role of SME collaboration.
- The AI solution in action: Boosting RCSA review efficiency and consistency. Setting up evaluation metrics.
- Key lessons from project inception to implementation, and the future roadmap.
14:30 EDT
60 min
Building a Cyber-Resilient Culture: Training, Awareness, and Governance - A Cybersecurity Expert's Perspective
Emeka P. Nwigwe, Information Security Manager, Assiniboine Credit UnionAssiniboine Credit Union
- Design engaging training programs to improve employee awareness and response to cyber threats.
- Establish governance structures that integrate cybersecurity into company-wide decision-making.
- Promote a resilient culture by aligning leadership, policies, and daily practices with security priorities.
15:30 EDT
60 min
Operational Resilience as a Strategic Imperative: From Risk Frameworks to Enterprise Value
Michael Adeboyejo, Director Enterprise Risk Management, Securian Canada
- Embed resilience into enterprise risk frameworks to proactively manage disruptions and maintain business continuity.
- Align operational risk strategies with long-term organizational goals to drive value and stakeholder trust.
- Strengthen internal systems and processes to withstand shocks across supply chains, technology, and personnel.
- Leverage data and scenario planning to anticipate threats and inform resilient decision-making.
- Demonstrate how operational resilience contributes to enterprise-wide performance, reputation, and competitive advantage.
16:30 EDT
End of Day One
Day Two: Wednesday, October 8, 2025
10:30 EDT
10 min
Welcome and Opening Remarks from the Chair
Katherine Macpherson, Founder and Principal, KM Risk Consulting
10:40 EDT
50 min
Going Beyond the Checklist for Effective RCSA Identification and Execution
Amir Rahmani, Chief Risk Officer (CRO), Gore Mutual Insurance
- Uncover hidden risks by moving past surface-level assessments and check-the-box exercises.
- Engage stakeholders across functions to gain a holistic view of risk and control environments.
- Customize RCSA approaches to reflect business-specific processes and risk appetites.
- Execute RCSA programs with precision through clear workflows and defined ownership.
- Enhance risk visibility and decision-making with actionable insights from RCSA outcomes.
11:30 EDT
60 minImplementing a Comprehensive Permanent Control Framework
- Translate risk policies into actionable, day-to-day control activities across the organization
- Design a robust permanent control framework that aligns with regulatory and operational expectations
- Embed controls into core business processes to ensure consistency and accountability
- Measure control effectiveness through performance indicators and regular assessments
- Enhance organizational discipline by reinforcing a culture of continuous monitoring and improvement
12:30 EDT
45 minGoing Beyond the Checklist for Effective RCSA Identification and Execution
- Uncover hidden risks by moving past surface-level assessments and check-the-box exercises
- Engage stakeholders across functions to gain a holistic view of risk and control environments
- Customize RCSA approaches to reflect business-specific processes and risk appetites
- Execute RCSA programs with precision through clear workflows and defined ownership
- Enhance risk visibility and decision-making with actionable insights from RCSA outcomes
13:15 EDT
60 min
Building an Operational Resilience Program that Effectively Supports Addressing Operational Risk and Drives Resiliency
- Establish a cross-functional framework to identify, assess, and prioritize critical operational risks.
- Integrate resilience planning into existing business continuity and risk management functions.
- Implement proactive monitoring systems to detect vulnerabilities and minimize disruption.
- Foster a culture of resilience through leadership engagement, training, and continuous improvement initiatives.
14:15 EDT
60 min
Managing the Regulatory Landscape: Strategies for Compliance and Risk Mitigation
Saad Ali, Assistant Vice President, Validation Centre of Excellence, Internal Audit, CIBC
- Interpret evolving legislation and regulatory changes to ensure organizational alignment.
- Implement practical frameworks to strengthen internal controls and reduce compliance risks.
- Assess exposure to legal and financial penalties through proactive risk analysis.
- Develop response plans for audits, investigations, and enforcement actions.
- Collaborate with cross-functional teams to embed compliance into day-to-day operations.
15:15 EDT
60 min
Smart Compliance: How AI is Redefining Information Risk Management
Sameer Lal, Associate Director, Enterprise Information Management Risk, RBC
- Transform complex regulations like BCBS 239 and GDPR into dynamic, AI-powered compliance playbooks.
- Build enterprise-grade prompt libraries to standardize safe and consistent AI use across teams.
- Leverage AI dashboards for real-time risk detection, data classification, and policy breach alerts.
- Automate regulatory reporting with prompt-driven summaries, trend analysis, and audit-ready insights.
- Foster a culture of responsible AI by embedding ethical guidelines, human oversight, and AI literacy into training.
16:15 EDT
End of Day Two
Pre-Conference Workshop : Monday, October 6, 2025
10:00 EDT
180 min
Operational Risk 101
Katherine Macpherson, Founder and Principal, KM Risk Consulting
This half-day workshop is for newcomers to operational risk, those wanting a career in operational risk, and for those where operational risk is now a part of their role or responsibilities, and for those who need to have a good understanding of effective operational risk management (ORM) programs.
This workshop will provide you with a meaningful understanding of operational risk management through experiential learning. By the end of the workshop, you will be able to: understand increasing regulatory expectations, discuss your challenges with embedding an effective ORM program, describe ORM building blocks and be an intentional and effective operational risk manager.
- Regulatory landscape
- Operational Risk ecosystem
- ORM value proposition
- Foundational elements of ORM
- Operational Risk Appetite
- Operational Risk Taxonomy
- Operational Risk Events (ORE)
- Risk & Control Self Assessment (RCSA)
- Key Risk Indicators
- Scenario Analysis
- Issue Management
- Operational Risk reporting
- User-centric training
- Characteristics of an effective operational risk manager