Day One | November 10
Here is the latest edition of the agenda. As we approach the event, we will be adding speakers and sessions to enhance your experience. To stay informed, please register your interest
(Private – Limited to the first 30 attendees)
![]() | Andreas Simou,CEO,CeFPro |
![]() | Julie Giaschi,CEO & Cofounder,Third Party Risk Association |
![]() | Terri Duhon,Board Member,Wise and Rathbones |
Key topics
- Where regulation is driving meaningful change versus creating additional complexity
- Why many organisations continue to struggle between compliance and execution
- Managing overlapping expectations across DORA, NIS2, AI regulation, operational resilience and outsourcing frameworks
- What regulators are increasingly expecting to see beyond policies and documentation
- Turning regulatory pressure into stronger risk management and resilience outcomes
![]() | Chris Knox,Director, Global FS Regulatory & Strategy Policy,Microsoft |
![]() | Orlando Fernandez Ruiz,Senior Policy Specialist,Bank of England |
![]() | James Ellery-Gower,Global Head of Country Assessments Oversight, Third Party Oversight,Citi |
Key topics
- Moving from manual tracking to structured risk segmentation across a complex supplier base
- Integrating third-party risk data into procurement workflows and supplier reviews
- Managing real escalations: what happens when high-risk suppliers refuse to engage
- Aligning sustainability, procurement, and operational resilience into a single framework.
- Navigating fragmented global standards: managing suppliers across different countries, regulatory regimes, and accreditation frameworks where no single platform covers everything
- What we got wrong, what we fixed, and what we would do differently
![]() | Martin Mirimo,Head of Supplier Management,Travelodge |
Key topics
- Automating due diligence, monitoring, and risk assessment processes at scale
- Integrating internal and external data sources for continuous risk insight
- Improving efficiency and coverage across large, complex third-party ecosystems
- Managing trade-offs between speed, scale, and control
- Identifying where AI delivers value vs where human intervention remains critical
![]() | Joseph Harrison,Head of Procurement Operations and Third Party Risk,The AA |
Key topics
- Interpreting overlapping regulatory intent across frameworks
- Identifying where requirements converge vs conflict
- Understanding systemic risk expectations across supply chains
- Anticipating regulatory expansion beyond financial services
Key topics
- Assessing exposure to dominant, irreplaceable, and “too critical to exit” providers
- Strengthening oversight, controls, and performance management for critical vendors
- Building resilience through contingency planning, substitution options, and fallback strategies
- Defining escalation and governance approaches when vendor risk cannot be reduced
![]() | Gary Lock,Director, Global Head of Third Party Supplier Assurance,Fidelity International |
![]() | Carlos Sanchez-Ventura Carlos,Global Head of TPRM, Maket Data, Strategic Negotiations,Santander |
Key topics
- Using AI and continuous monitoring tools to identify emerging supplier risks
- Integrating internal and external data for real-time risk visibility
- Reducing false positives through intelligent prioritisation and analytics
- Automating escalation and response workflows for critical risk events
- Linking monitoring insights directly to operational and business decisions
![]() | Basem Mahmoud,Information Security Manager/Third Party Risk Manager,PepsiCo |
Key topics
- Designing a unified regulatory operating model across functions
- Embedding compliance into business and procurement workflows
- Streamlining controls, testing, and assurance across frameworks
- Scaling compliance alongside business growth and change
![]() | Stefan Zima,Head of Regulatory Compliance,Raffeisen Bank |
- Extended networking lunch
- Meetings with peers, speakers and sponsors
- Networking lounge and exhibition area
- Limited to 20 attendees per table
- Advance sign-up required
- Interactive peer-to-peer discussion format
![]() | Anne McGowan,Head of Supplier Management,Lloyds Banking Group |
![]() | Gemma Stewart,Global Head Third Party Risk Management,Zurich Insurance |
![]() | Verity Billson,Global Head of Third Party Risk,Experian |
![]() | Jia Fu,Head of Cybersecurity (CISO),British Film Institute |
Key topics
- Aligning critical services with supporting third-party providers
- Embedding third-party scenarios into resilience planning
- Defining criticality and impact across internal and external services
- Integrating third-party risk into resilience frameworks
Key topics
- Reducing manual effort in supplier onboarding and assessments
- Using automation to validate responses and identify inconsistencies
- Using automation to validate responses and identify inconsistencies
- Balancing automation with human review and accountability
- Ensuring consistency across large supplier populations
![]() | Michel Tueghels,Process Operations Product Manager,ExxonMobil |
Key topics
- Applying stringent compliance frameworks to supplier oversight
- Managing sensitive data and operational dependencies
- Balancing regulatory requirements with operational efficiency
- Translating sector-specific practices into cross-industry insights
![]() | Rohit Nag,Group Head of TPRM,Bupa |
Key topics
- Aligning testing programmes with regulatory expectations and impact tolerances
- Prioritising systemic and concentration risk exposure
- Using outputs to drive investment and board-level decision-making
- Expanding testing maturity across business functions and supplier tiers
![]() | Kehinde (Kenny) Otto,Head of Supply Chain Management,Royal Papworth Hospital, NHS |
Key topics
- Understanding AI-driven vulnerabilities and attack vectors
- Assessing exposure from AI-enabled suppliers
- Embedding AI risk into existing frameworks
- Developing mitigation strategies
Key topics
- Moving beyond static questionnaires to dynamic assessment models
- Ensuring consistency and completeness in supplier evaluations
- Integrating due diligence with ongoing monitoring processes
- Demonstrating compliance through robust documentation and evidence
![]() | Paul McLaughlin,Head of Controls Transformation,Costain |
Key topics
- Integrating cyber resilience into enterprise and third-party risk frameworks
- Aligning cyber and operational resilience into a unified strategy
- Moving from control-based models to resilience-based approaches
- Strengthening collaboration with critical suppliers to manage systemic cyber risk
![]() | Sean Wright,Head of Oversight Group Operational Risk – Third Party Risk & Operational Resilience,Nationwide Building Society |
![]() | Heath Drew,Global Third Party Risk Manager,Philip Morris International |
![]() | Jia Fu,Head of Cybersecurity (CISO),British Film Institute |
Key topics
- Reducing manual effort across onboarding and due diligence workflows
- Streamlining approvals, assessments, and escalation processes
- Improving consistency across large supplier populations
- Embedding governance and accountability into automated workflows
- Enhancing operational efficiency across cross-functional teams
![]() | Shamial Afzal,Global TPRM Lead,Beazley |
Details coming soon…
![]() | Verity Billson,Global Head of Third Party Risk,Experian |
Networking Drinks Reception























