Cyber and Operational Risk Management
April 30 - May 1, 2019 · Vancouver, BC
Featuring These Industry Experts
Andrew Richardson, Principal, SImplified Risk Management Inc.
Andrew has over 25 years’ experience developing, implementing, and leading Risk Management Programs in financial services. Roles with BMO Financial Group, Meridian Credit Union, and Coast Capital Savings focused on enhancing strategic management processes at the Board and Chief Executive level and optimizing key operational processes to identify opportunities and issues. He has experience with regulatory and legal compliance programs, cyber and criminal risk management, process optimization including effective internal controls, third party supplier and project risk management, and human resource risk programs. He is passionate about enabling strategic success through enhanced risk awareness as part of overall corporate culture, and passionate about implementing targeted value-added programs enhancing the capabilities of individuals and teams. In 2018, with Gennine Richardson, they formed Simplified Risk Management Inc, based in Vancouver, a consulting firm dedicated to providing simple risk management solutions to small and medium sized businesses.
Saad Ali, Director, Governance, Controls and Operational Risk, CIBC
As the leader of the Governance, Controls and Operational Risk team in CIBC Finance, Saad Aliis responsible for ensuring the bank has a robust governance framework which meets regulatory standards, industry best practices, and complies with the enterprise’s risk appetite. He plays a multi-dimensional role with managing risk arising from business transformation processes and identifying enhancement opportunities within a Shared Services model. Saad has over 10 years of experience from various Financial Institutions with roles in Internal Audit for Capital Markets, Regulatory Risk and Finance. He is also a CPA and CA from PwC with a specialization in financial institutions and asset management. Saad is also involved in teaching roles with York University and CPA Ontario.
Norman Baldwin, Managing Partner, DDR Brasil Risk Consulting
Norman is a pioneer in the field of operational risk consulting in Brazil, where he worked for over twenty years, advising organizations such as Banco Itaú, HSBC, Uber, Accor Hotels, upLexis, and the World Childhood Foundation. He specializes in detecting and mitigating operational risks, particularly in relation to due diligence projects. Norman is a graduate of the University of British Columbia, and holds an MBA in Strategic Management from the Federal University of Paraná.
Doug Eveneshen, Chief Executive Officer, Stabilization Central Credit Union
Doug is the CEO of Stabilization Central Credit Union – a Central Credit Union in statute with the provincial mandate of supporting and strengthening the British Columbia Credit Union system through improvements in risk management and operational best practices. Previously, Doug held the position of President & CEO of a mid-sized B.C. credit union for 7 years and over 26 years with Schedule 1 chartered banks and trust companies in a variety of senior roles. His academic credentials include an MBA and a professional accounting designation. Doug is a Board of Governor for BC Institute of Technology and Chairs the Governance Committee for the institution. He has also been the Chair of the Board of Directors for the Royal Columbian Hospital Foundation for the past 5 years, being active in the communities he serves. Doug devotes his down time to his two grandchildren, Oliver and Milo, who was recently born.
Michael Leung, Principal & Management Consultant, CANADIAN CYBERSECURITY INC.
Michael Leung is an experienced leader of governance and risk management in cyber/information security with more than 15 years of senior level management responsibility. He is the principal of CANADIAN CYBERSECURITY INC. and a management consultant – helping businesses and organizations identify, prepare for and mitigate cyber risks by providing counsel and expertise in risk management, strategy, and tactics. Michael was previously the head of Information Security at a Canadian financial institution for over 11 years, and also an active volunteer and a leader within the local, national and international cyber/information security, IT governance and risk community. He has volunteered on a number of task forces, working groups, and committees for ISACA International, and is also a member of the Institute of Corporate Directors. As a past President and Board chair of the ISACA Vancouver Chapter, he was responsible for the oversight and direction of chapter operations in promoting the practices and the development of professionals in IT risk, governance of enterprise IT, information security management, and IT assurance within the local business and academic community, and chapter membership. ISACA is a non-profit, global membership association for IT and information systems professionals, and consists of more than 450,000 engaged professionals, more than 135,000 members in 188 countries, including 217 chapters worldwide and offices in both the United States and China.
Clement King, Chief Control Officer, HSBC Canada
Clement King is the Chief Control Officer for HSBC Bank Canada based in Toronto, and has over 10 years of experience from various Financial Institutions. Clement worked in multiple cities including New York, London, and Toronto, and brings a diverse background to risk and control management. Clement continually brings a practical lens to the management of non-financial risk, and encourages positive outcomes for customers.
Manish Khera, Associate Partner, Forensic and Integrity Services, Ernst & Young LLP
Manish Khera is an Associate Partner in Ernst & Young LLP’s Forensic Integrity Services practice. Nationally, he leads Cyber Investigations, Digital Forensics and Data Analysis for Canada. This group assists clients in responding to, investigating and remediating cyber and security incidents, as well as investigating and solving cybercrime with a focus on strategic consulting, identification, preservation, collection, extraction of electronic records in support of litigation and investigation.
Prior to joining the firm, he was the Vice President, Chief Information Security and Privacy Officer at Sentry Investments. Manish has also led the Merchant Compliance and Data Breach Investigation team for JP Morgan Chase globally, where he oversaw complex high-profile global cyber breaches of large merchant companies within the JPMC portfolio. Manish also formerly led the Data Protection, Consulting, 3rd party assessment and Application Security programs at RBC globally. In several situations, Manish was injected in high profile Fortune 500 company breaches where his role was to oversee the crisis and maintain stability in the midst of newsworthy incidents. Manish has led the IT Security program at the post-breach TJX Companies, and earlier in his career, was both a computer forensic and security assessment consultant conducting complex investigations and leading both full penetration tests and vulnerability assessments.
Manish has significant expertise in responding to all forms of computer crimes, attacks and abuses. He has led as well as supported complex cyber investigations involving crisis & incident management, corporate espionage, advanced computer intrusions, denial of service, insider attacks, malware outbreaks, internet fraud and theft of trade secrets.
As a former CISO and CPO in financial services, Manish has a wealth of experience in guiding the protection of computer assets, policies, and intellectual property. He has worked in financial services environments with both automated and manual fraud detection controls and enabled the integration of programmed enforcement mechanisms to disallow the external sharing of fraud data and policies.
Manish recently led a large scale Cyber incident investigation at a major US retailer whereas the adversary was able to exfiltrate 3rd party authorized gift cards. The adversary leveraged phishing, Office 365 user and admin credential compromise, and remote connection/control IT admin tools while performing anti-forensics to remove audit trails. Manish and team found the points of entry and persistence, and working with the client, methodically closed the gaps and allowed for a return to business as usual while detailing a remediation plan to subvert future nefarious actors and chronicling a client/partner external report for 3rd party concerns.
Dan Heaman, Vice President, Enterprise Risk Management, Peoples Trust
Dan leads the implementation and management of the Enterprise Risk Management program for Peoples Group supported by an expert team of financial regulatory analysts. Peoples Group is a boutique financial institution based in Vancouver providing banking services across Canada. The three core operations are: Peoples Trust, specializing in Commercial Lending as well as other banking services; Peoples Card Services, the leading issuer of Prepaid cards in Canada; and Peoples Payment Solutions specializing in payment options through business programs and merchant acquiring services. Before joining the Peoples Group team, Dan worked at FICOM as Managing Director of Credit Union Supervision and at Central 1 as Director, Risk and Insurance.
Katherine Macpherson, Senior Manager & Operational Risk National Leader, Financial Services Advisory, Ernst & Young LLP
Katherine is a Senior Manager in the Financial Services Advisory practice of Ernst & Young. She leads the Operational Risk practice in Canada, helping clients build and transform their operational risk management programs to maximize stakeholder value. With over 12 years of experience at the Office of the Superintendent of Financial Institutions (OSFI), and over 6 years of operational risk experience in the banking and insurance industries, Katherine has deep first-hand practical understanding of leading industry ORM practices.
Mehrdad Rastan, Executive Director, Regulation and Financial Institutions Commission, Ministry of Finance
Currently an Executive Director, Mehrdad has worked at FICOM for the past seven years and has over ten years of risk management experience. He holds graduate degrees in finance and physics and taught at Simon Fraser University for over fifteen years.
Franco Oboni, President & Principal Consultant, Oboni Riskope Associates Inc.
Franco is an Engineer (Ph.D.) with over 35 years experience, specializing in Quantitative Risk Assessment (QRA) since 25 years. He leads Riskope, a Vancouver based practice active internationally in QRA and decision support. Clients include Global 1000 companies, large insurances, natural resources (mining, etc.), railroads, wharves, governments, and suppliers.
Franco advises risk and crisis mitigation projects, risk and security audits and geo-environmental hazard mitigation studies on four continents.
He has authored of over fifty papers and was co-author a book entitled: “Improving Sustainability through Reasonable Risk and Crisis Management” (2007) and The Long Shadow of Human‐Generated Geohazards: Risks and Crises (2016).
Franco delivers customized seminars (in English, French, Italian and Spanish) to industrial audiences world-wide. Franco was co-recipient of the Italian Canadian Chamber of Commerce (Canada West) 2010 Innovation Award.
Dan Oprescu, Managing Director, BC Financial Institutions Commission (FICOM)
Dan has 25 years of financial services experience, out of which 10 as a regulator in the UK and Canada. This has given him a privileged vantage point on risk management. Dan trained as a scientist, learning what data can do for us and how to manage this resource. This enables him to address issues such as whether finance is a data business or the net profitability of a specific risk. Dan enjoys tackling the emerging risks in modern finance and discussing the regulator’s perspective on risk and technology.