This is just the beginning
Here is the latest edition of the agenda. As we approach the event, we will be adding speakers and sessions to enhance your experience. To stay informed, please register your interest
Select a day using the buttons above, then choose your preferred agenda view: At a Glance, Detailed, or Interactive Sessions.
Day One | June 3
Day Two | June 4
Main Agenda
Interactive Deep-Dive Sessions
8:50 MODERATORS
 | Lisa Kalscheur,Chief Marketing Officer,Weave AI |
9:00 TPRM REGULATION IN PRACTICE
 | Orlando Fernández Ruiz,Senior Policy Specialist,Bank of England |
9:35 DORA IN PRACTICE: WHAT’S STILL NOT WORKING IN ICT RISK AND THIRD‑PARTY OVERSIGHT? – PANEL DISCUSSION
 | James Ellery-Gower,Global Head of TPM Country Governance, Citi Bank |
 | Barbara Hugo-Dilworth,Head of Outsourcing Management & IAM, IKB Deutsche Industriebank AG |
 | Stuart Barnett,Deputy Director Cyber Advisory, BlueVoyant |
 | Tin Lau,Chief Risk Officer, Mirae Asset Securities (UK) |
 | Alongside the main conference, we will be hosting deep-dive,practitioner-led sessions designed to move beyond presentations and into collaborative problem solving with peers facing the same challenges. |
10:20 Morning refreshment break and networking
10:50 HIDDEN AI IN THE SUPPLY CHAIN: EXPOSURE, BLIND SPOTS AND CONTROL CHALLENGES
 | Alex Dorlandt,Head of Supply Chain Risk, Lloyds Banking Group |
11:25 THIRD-PARTY RISK IN A SAAS WORLD: WHO REALLY OWNS THE RISK
 | Natalie Druckman,VP, Head of EMEA,Certa |
12:00 CYBER RISK IN AN AI-DRIVEN ECOSYSTEM: EXPANDING ATTACK SURFACES ACROSS THIRD AND NTH PARTIES – PANEL DISCUSSION
 | Catalin Cosma,Cyber Regulatory Lead (Director), UBS |
 | Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
 | Shashika Edwards,Head of Third-Party Risk Management, NatWest |
Interactive Deep-Dive Sessions (Limited to 15 Delegates)
10:50 ESG AND THIRD PARTY OVERSIGHT
A practitioner-led, closed-door discussion focused on how ESG requirements are being delivered in practice
Expect open, peer-to-peer exchange on:
- Where regulatory requirements intersect with operational reality
- Supply-chain ESG data challenges
- Readiness for frameworks such as CSDDD and CSRD
- How firms are integrating ESG considerations alongside cyber and resilience requirements rather than treating them as standalone compliance exercises
- Address practical barriers, such as immature data, fragmented tooling, and the difficulty of meeting expectations without robust supplier databases already in place
Designed to move beyond frameworks into practical insights you can take back and apply.
 | Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
12:35 Lunch break and networking
Luncheon Roundtables:
Join interactive, topic-led discussions over lunch to exchange ideas, share experiences, and gain practical insights with peers. Key insights fed into the panel.
Supply Chain Cyber Resilience
At what point does cyber risk in the supply chain require escalation from technical monitoring to third-party risk decisions, and how do firms demonstrate effective mitigation under European supervisory scrutiny?
 | Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
ESG Risk Thresholds
When ESG data from third parties is incomplete or unreliable, how do you decide what risk is acceptable?
| Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
Geopolitical Risk Integration
How do you translate geopolitical risk awareness into third-party decisions before it becomes resilience issue?
 | Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
Intragroup Risk Proportionality
Where do intragroup services receive lighter treatment than external third parties and how do you justify that under supervisory scrutiny?
 | Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
1:35 ROUNDTABLE PANEL DISCUSSION
| Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
| Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
| Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
| Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
2:05 GOVERNING GENERATIVE AI IN DECISION-MAKING AND OVERSIGHT
 | Gerry Kounadis,Head of Group Data Privacy, Technology & ESG Compliance Advisory,National Bank of Greece |
2:40 DATA QUALITY AND VISIBILITY: BUILDING TRUSTED FOUNDATIONS FOR TPRM AND RESILIENCE – PANEL DISCUSSION
 | Mohammed Randeree,VP, Risk Management, Atom Bank |
 | Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
Interactive Deep-Dive Sessions (Limited to 15 Delegates)
1:10 DESIGNING CYBER RESILIENCE ACROSS THE THIRD-PARTY ECOSYSTEM
A practitioner-led, closed-door discussion focused on how cyber resilience is being designed and delivered across third-party ecosystems and not just defined in policy.
Expect open, peer-to-peer exchange on:
- Defining cyber impact tolerances for critical services in real disruption scenarios
- Aligning resilience priorities with enterprise risk appetite and regulatory expectations
- Deciding when to rely on vendor controls vs. exercising step-in rights and oversight
- Managing concentration risk across shared cloud and critical infrastructure providers
- Balancing resilience investment with cost while maintaining credible capabilities
Designed to move beyond frameworks into practical approaches you can take back and apply.
3:25 Afternoon refreshment break and networking
3.55 CONTRACT REMEDIATION UNDER REGULATORY PRESSURE: FROM GAP ANALYSIS TO EXECUTION
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
4:30 INTRAGROUP ARRANGEMENTS: MANAGING CONCENTRATION, GOVERNANCE AND FALSE COMFORT – PANEL DISCUSSION
 | Lisa Migheli,Head of TPRM EMEA, MUFG |
| Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
5:25 Chair’s Closing Remarks
5:35 End of day one and Networking drinks
Main Agenda
12:35 Lunch break and networking
Luncheon Roundtables:
Geopolitical Risk Integration
How do you translate geopolitical risk awareness into third-party decisions before it becomes resilience issue?
| Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
Supply Chain Cyber Resilience
At what point does cyber risk in the supply chain require escalation from technical monitoring to third-party risk decisions, and how do firms demonstrate effective mitigation under European supervisory scrutiny?
| Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
ESG Risk Thresholds
When ESG data from third parties is incomplete or unreliable, how do you decide what risk is acceptable?
| Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
Intragroup Risk Proportionality
Where do intragroup services receive lighter treatment than external third parties and how do you justify that under supervisory scrutiny?
| Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
Interactive Deep-Dive Sessions
Agenda
Interactive Deep-Dive Sessions
8:50 MODERATORS
| Natalie Druckman,VP, Head of EMEA,Certa |
9:00 SUPPLY CHAIN COMPLEXITY AND DEPENDENCY: FROM LINEAR VENDORS TO INTERCONNECTED ECOSYSTEMS – PANEL DISCUSSION
 | Manish Aggarwal,Chief Risk Officer, ICICI Bank UK PLC |
| Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
| Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
9:45 MONITORING & ENHANCING RESILIENCE
 | Joel Brandon,VP Sales, EMEA ProcessUnity |
 | Craig Oliver,Supply Chain Resilience Lead, PA Consulting |
| Alongside the main conference, we will be hosting deep-dive, practitioner-led sessions designed to move beyond presentations and into collaborative problem solving with peers facing the same challenges. |
10:20 Morning Refreshment Break and Networking
10:50 GEOPOLITICAL DISRUPTION & CONCENTRATION RISK: MANAGING SYSTEMIC EXPOSURE ACROSS NTH-PARTY ECOSYSTEMS – PANEL DISCUSSION
| Manish Aggarwal,Chief Risk Officer, ICICI Bank UK PLC |
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
 | Sandeep Suresh,Managing Director, Supply Wisdom |
11:35 STEP-IN RISK & STRESSED EXIT PLANNING
 | Mihaela Breg,Head of Operational Resilience & Business Transformation, Europe Arab Bank |
Interactive Deep-Dive Sessions (Limited to 15 Delegates)
10:50 ADVANCED CONTINUOUS MONITORING AND AGENTIC AI
A practitioner-led, closed-door discussion focused on how continuous monitoring is evolving through agentic AI, automation, and integrated risk intelligence.
Expect open, peer-to-peer exchange on:
- How agentic AI and automation are being infused into continuous monitoring workflows
- How data from across the extended supply chain is consumed, prioritised, and acted upon
- How different risk domains are connected; and how firms avoid siloed, cyber-only views of risk
- Vendor sprawl, fragmented data landscapes, and workflow orchestration would be central themes, reflecting real operational challenges raised during the discussion
Designed to move beyond theory into practical approaches for building monitoring programmes that actually drive action.
| Alex Dorlandt,Head of Supply Chain Risk, Lloyds Banking Group |
12:05 Lunch break and networking
Luncheon Roundtables:
Join interactive, topic-led discussions over lunch to exchange ideas, share experiences, and gain practical insights with peers. Key insights fed into the panel.
Pooled Audits
When multiple organisations rely on the same vendors, how can pooled audit approaches increase efficiency and assurance without compromising confidentiality or oversight?
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
Cross-Functional Collaboration
How can legal, procurement, cybersecurity, and business units better co-own TPRM outcomes?
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
Vendor Assurance vs Real Resilience
When certifications and assurance reports provide only high-level insight, how can organisations determine whether a vendor is truly resilient in practice?
 | Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
1:05 AI FAILURE IN PRACTICE
| Shashika Edwards,Head of Third-Party Risk Management, NatWest |
1:40 ROUNDTABLE PANEL DISCUSSION
| Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
2:15 CAPABILITY, CAPACITY AND THE ROLE OF THE HUMAN IN MODERN TPRM
| Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
2:50 Afternoon refreshment break and networking
3:20 COMPLIANCE VS COST – PANEL DISCUSSION
 | Catalin Cosma,Cyber Regulatory Lead (Director),UBS |
| Barbara Hugo Dilworth,Head of Third Party Risk Management & IAM,IKB Deutsche Industriebank AG |
4:05 THE FUTURE OF TPRM – PANEL DISCUSSION
| Mohammed Randeree,Head of Operational Resilience & Third-Party Risk Management,Atom Bank |
 | Tobias Scholtis,Senior Director Corporate Procurement & Vendor Management, Hamburg Commercial Bank |
 | Anna Tsopelaki,Outsourcing Officer, Eurobank |
4:50
Chair’s Closing Remarks
5:00
End of day two
Main Agenda
Luncheon Roundtables:
Pooled Audits
When multiple organisations rely on the same vendors, how can pooled audit approaches increase efficiency and assurance without compromising confidentiality or oversight?
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
Cross-Functional Collaboration
How can legal, procurement, cybersecurity, and business units better co-own TPRM outcomes?
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
Vendor Assurance vs Real Resilience
When certifications and assurance reports provide only high-level insight, how can organisations determine whether a vendor is truly resilient in practice?
| Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
Interactive Deep-Dive Sessions