This is just the beginning
Here is the latest edition of the agenda. As we approach the event, we will be adding speakers and sessions to enhance your experience. To stay informed, please register your interest
Select a day using the buttons above, then choose your preferred agenda view: At a Glance, Detailed, or Interactive Sessions.
Day One | June 3
Day Two | June 4
Main Agenda
Interactive Deep-Dive Sessions
8:50 MODERATORS
 | Lisa Kalscheur,Chief Marketing Officer,Weave AI |
9:00 DORA IN PRACTICE: WHAT’S STILL NOT WORKING IN ICT RISK AND THIRD‑PARTY OVERSIGHT? – PANEL DISCUSSION
 | Barbara Hugo-Dilworth,Head of Outsourcing Management & IAM, IKB Deutsche Industriebank AG |
 | Stuart Barnett,Deputy Director Cyber Advisory, BlueVoyant |
 | Tin Lau,Chief Risk Officer, Mirae Asset Securities (UK) |
9:45 DATA QUALITY AND VISIBILITY: BUILDING TRUSTED FOUNDATIONS FOR TPRM AND RESILIENCE – PANEL DISCUSSION
 | Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
 | Mohammed Randeree,VP, Risk Management, Atom Bank |
 | Rosalyn Aryee,Global Head of CIB Resilience & Business Continuity, Santander Corporate Investment Bank |
 | Alongside the main conference, we will be hosting deep-dive,practitioner-led sessions designed to move beyond presentations and into collaborative problem solving with peers facing the same challenges. |
10:30 Morning refreshment break and networking
11:00 HIDDEN AI IN THE SUPPLY CHAIN: EXPOSURE, BLIND SPOTS AND CONTROL CHALLENGES
 | Alex Dorlandt,Head of Supply Chain Risk, Lloyds Banking Group |
11:35 THIRD-PARTY RISK IN A SAAS WORLD: WHO REALLY OWNS THE RISK
 | Natalie Druckmann,VP, Head of EMEA,Certa |
12:10 CYBER RISK IN AN AI-DRIVEN ECOSYSTEM: EXPANDING ATTACK SURFACES ACROSS THIRD AND NTH PARTIES – PANEL DISCUSSION
 | Catalin Cosma,Cyber Regulatory Lead (Director), UBS |
 | Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
 | Justin Kuruvilla,Chief Cyber Security Strategiest, Risk Ledger |
Interactive Deep-Dive Sessions (Limited to 15 Delegates)
10:50 ESG AND THIRD PARTY OVERSIGHT
A practitioner-led, closed-door discussion focused on how ESG requirements are being delivered in practice
Expect open, peer-to-peer exchange on:
- Where regulatory requirements intersect with operational reality
- Supply-chain ESG data challenges
- Readiness for frameworks such as CSDDD and CSRD
- How firms are integrating ESG considerations alongside cyber and resilience requirements rather than treating them as standalone compliance exercises
- Address practical barriers, such as immature data, fragmented tooling, and the difficulty of meeting expectations without robust supplier databases already in place
Designed to move beyond frameworks into practical insights you can take back and apply.
 | Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
12:55 Lunch break and networking
Luncheon Roundtables:
Join interactive, topic-led discussions over lunch to exchange ideas, share experiences, and gain practical insights with peers. Key insights fed into the panel.
Supply Chain Cyber Resilience
At what point does cyber risk in the supply chain require escalation from technical monitoring to third-party risk decisions, and how do firms demonstrate effective mitigation under European supervisory scrutiny?
 | Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
ESG Risk Thresholds
When ESG data from third parties is incomplete or unreliable, how do you decide what risk is acceptable?
| Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
Geopolitical Risk Integration
How do you translate geopolitical risk awareness into third-party decisions before it becomes resilience issue?
 | Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
Intragroup Risk Proportionality
Where do intragroup services receive lighter treatment than external third parties and how do you justify that under supervisory scrutiny?
 | Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
Are We Over-Assessing? Using AI to Reduce Burden and Improve Vendor Risk Effectiveness
Exploring whether current vendor due diligence practices are delivering meaningful risk reduction or simply increasing operational burden.
| Natalie Druckmann,VP, Head of EMEA,Certa |
1:55 AI IN TPRM: NEW SHORTCUT OR LATEST HEADACHE?
 | Chlōe Dellow,Sales Director,Diligent |
 | Jelle Groenendaal,Senior Director, Commercial Strategy,3rd Risk a Diligent Brand |
2:30 GOVERNING GENERATIVE AI IN DECISION-MAKING AND OVERSIGHT
 | Gerry Kounadis,Head of Group Data Privacy, Technology & ESG Compliance Advisory,National Bank of Greece |
3:05 SUPPLY CHAIN COMPLEXITY AND DEPENDENCY: FROM LINEAR VENDORS TO INTERCONNECTED ECOSYSTEMS – PANEL DISCUSSION
| Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
| Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
 | Manish Aggarwal,Chief Risk Officer, ICICI Bank UK PLC |
3:50 Afternoon refreshment break and networking
4.20 CONTRACT REMEDIATION UNDER REGULATORY PRESSURE: FROM GAP ANALYSIS TO EXECUTION
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
4:55 INTRAGROUP ARRANGEMENTS: MANAGING CONCENTRATION, GOVERNANCE AND FALSE COMFORT – PANEL DISCUSSION
 | Lisa Migheli,Head of TPRM EMEA, MUFG |
| Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
5:40 Chair’s Closing Remarks
5:50 End of day one and Networking drinks
Main Agenda
12:35 Lunch break and networking
Luncheon Roundtables:
Geopolitical Risk Integration
How do you translate geopolitical risk awareness into third-party decisions before it becomes resilience issue?
| Carlos Colino Sánchez-Ventura,Managing Director, SCIB Global Head of TPRM, Market Data & Strategic Negotiations, Santander SIB |
Supply Chain Cyber Resilience
At what point does cyber risk in the supply chain require escalation from technical monitoring to third-party risk decisions, and how do firms demonstrate effective mitigation under European supervisory scrutiny?
| Anne McGowan,Head of Supplier Management, Lloyds Banking Group |
ESG Risk Thresholds
When ESG data from third parties is incomplete or unreliable, how do you decide what risk is acceptable?
| Mikko Venermo,Lead Financial Officer, Sustainable Finance and Sustainability Reporting, IFC |
Intragroup Risk Proportionality
Where do intragroup services receive lighter treatment than external third parties and how do you justify that under supervisory scrutiny?
| Paz Alvarez Beneyto,Head of Business Governance & Operational Oversight, Northern Trust Asset Management |
Are We Over-Assessing? Using AI to Reduce Burden and Improve Vendor Risk Effectiveness
Exploring whether current vendor due diligence practices are delivering meaningful risk reduction or simply increasing operational burden.
| Natalie Druckmann,VP, Head of EMEA,Certa |
Interactive Deep-Dive Sessions
Agenda
Interactive Deep-Dive Sessions
8:50 MODERATORS
| Natalie Druckmann,VP, Head of EMEA,Certa |
9:00 TPRM REGULATION IN PRACTICE – KEYNOTE
 | Orlando Fernández Ruiz,Senior Policy Specialist,Bank of England |
9:35 MONITORING & ENHANCING RESILIENCE
 | Joel Brandon,VP Sales, EMEA ProcessUnity |
 | Craig Oliver,Supply Chain Resilience Lead, PA Consulting |
| Alongside the main conference, we will be hosting deep-dive, practitioner-led sessions designed to move beyond presentations and into collaborative problem solving with peers facing the same challenges. |
10:10 Morning Refreshment Break and Networking
10:40 GEOPOLITICAL DISRUPTION & CONCENTRATION RISK: MANAGING SYSTEMIC EXPOSURE ACROSS NTH-PARTY ECOSYSTEMS – PANEL DISCUSSION
| Manish Aggarwal,Chief Risk Officer, ICICI Bank UK PLC |
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
 | Sandeep Suresh,Managing Director, Supply Wisdom |
11:25 RESILIENCE & SCENARIO DISCIPLINE
 | Mihaela Breg,Head of Operational Resilience & Business Transformation, Europe Arab Bank |
 | Imthiaz Chowdhury,Business Transformation, Resilience and Oversight Officer, Europe Arab Bank |
12:00 Lunch break and networking
Luncheon Roundtables:
Join interactive, topic-led discussions over lunch to exchange ideas, share experiences, and gain practical insights with peers. Key insights fed into the panel.
Pooled Audits
When multiple organisations rely on the same vendors, how can pooled audit approaches increase efficiency and assurance without compromising confidentiality or oversight?
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
Cross-Functional Collaboration
How can legal, procurement, cybersecurity, and business units better co-own TPRM outcomes?
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
Vendor Assurance vs Real Resilience
When certifications and assurance reports provide only high-level insight, how can organisations determine whether a vendor is truly resilient in practice?
 | Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
1:00 Embedding TPRM into Governance structures
 | Elena Pykhova,Author, Founder, The Operational Risk Company |
1:35 CYBER GOVERNANCE & AI-ENABLED ASSURANCE – FIRESIDE CHAT
 | Kishan Majithia,Executive Director – Cyber & Technology Controls, JPMorgan Chase & Co |
2:10 CAPABILITY, CAPACITY AND THE ROLE OF THE HUMAN IN MODERN TPRM
| Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
2:45 Afternoon refreshment break and networking
3:15 COMPLIANCE VS COST – PANEL DISCUSSION
 | Catalin Cosma,Cyber Regulatory Lead (Director),UBS |
| Barbara Hugo Dilworth,Head of Third Party Risk Management & IAM,IKB Deutsche Industriebank AG |
 | Ayesha James,Group Head of Resiliency & RRP, Operational Risk,Citi |
4:00 THE FUTURE OF TPRM – PANEL DISCUSSION
| Mohammed Randeree,Head of Operational Resilience & Third-Party Risk Management,Atom Bank |
 | Tobias Scholtis,Senior Director Corporate Procurement & Vendor Management, Hamburg Commercial Bank |
 | Anna Tsopelaki,Outsourcing Officer, Eurobank |
4:45
Chair’s Closing Remarks
4:55
End of day two
Main Agenda
Luncheon Roundtables:
Pooled Audits
When multiple organisations rely on the same vendors, how can pooled audit approaches increase efficiency and assurance without compromising confidentiality or oversight?
| Michal Drohomirecki,Head of Information and Cybersecurity Contract Support – Third Party Security Risk, Standard Chartered Bank |
Cross-Functional Collaboration
How can legal, procurement, cybersecurity, and business units better co-own TPRM outcomes?
| Samikendra Ghosh,Global Head of Third-Party Risk Management, Howden |
Vendor Assurance vs Real Resilience
When certifications and assurance reports provide only high-level insight, how can organisations determine whether a vendor is truly resilient in practice?
| Tobias Scholtis,Senior Director Corporate Procurement &. Vendor Management, Hamburg Commercial Bank |
Interactive Deep-Dive Sessions