This is just the beginning
Here is the latest edition of the agenda. As we approach the event, we will be adding speakers and sessions to enhance your experience. To stay informed, please register your interest
Day One | June 9
Day Two| June 10
Main Agenda
Interactive Deep-Dive Sessions
Chair’s Opening Remarks
 | Lisa Kalscheur,Chief Marketing Officer,Weave.AI |
9:00 THIRD-PARTY RISK IN 2026: WHY TRADITIONAL TPRM MODELS ARE NO LONGER FIT FOR PURPOSE – PANEL DISCUSSION
 | Michael Ciacciarelli,Head of Third Party Risk Management, Markets Group,Federal Reserve Bank of New York |
 | Kayla Davis,Vice President of the Enterprise Vendor Management Office,Keesler Federal Credit Union |
 | Alex Hammam-Howe,Director, Head of Third Party Risk Management,SMBC |
 | Clarence Chio,CEO and Founder,Coverbase |
9:50 REGULATORY EXPECTATIONS: NAVIGATING SHIFTING TPRM PRESSURE IN THE US AND GLOBALLY
 | Philip Gledhill,Supervising Examiner, Operational Risk and Resilience,Federal Reserve Bank of New York |
 | Alongside the main conference, we will hosting deep-dive, practitioner-led sessions designed to move beyond presentations and into collaborative problem solving with peers facing the same challenges. |
10:25 Morning Refreshment Break and Networking
10:55 TPRM BY EXCEPTION: GOVERNING AI-ENABLED THIRD PARTIES IN A REGULATED ENVIRONMENT
 | Brian Shaw,VP, Head of North America,Certa |
11:30 CRITICAL THIRD PARTIES: POWER IMBALANCES WITH CRITICAL THIRD PARTIES– PANEL DISCUSSION
 | Trina Dubose,Executive Director, Head of Third Party Risk Audit,Morgan Stanley |
 | Amanda Sang,Director, Risk Analysis and Policy, Financial Enterprise Risk Department,Bank of Canada |
 | Rajat Bhatnagar,Head of Third Party Risk, BBVA |
 | Sandeep Bhide,VP Product Management,ProcessUnity |
Interactive Deep-Dive Session (Limited to 15 Delegates)
10:55 DORA FOR US FIRMS: MANAGING EU ICT RISK EXPECTATIONS FROM A US GOVERNANCE FRAMEWORK
A practitioner-led, closed-door discussion focused on how US firms are operationalising DORA requirements within existing governance frameworks — not just interpreting regulation.
Expect open, peer-to-peer exchange on:
- Where DORA applies in practice for US-headquartered firms with EU exposure
- Managing dual expectations across US, UK, and EU regulators
- Reconciling DORA with existing US third-party risk and ICT risk frameworks
- Governing critical ICT providers supporting both US and EU entities
- Designing proportional oversight without over-engineering US programmes
- Navigating contractual, subcontracting, and cross-border obligations
- Ensuring board reporting reflects cross-border digital resilience exposure
Designed to move beyond frameworks into practical approaches you can take back and apply.
12:20 Lunch Break and Networking Roundtables
Join small, topic-led discussions over lunch to exchange ideas, share experiences, and gain practical insights with peers. Key insights fed into the panel.
Performance Management – Turning Vendor Performance Into a Risk
 | Charmi Patel,Third Party Vendor Risk Manager,Columbia Bank New Jersey |
Vendor Risk vs Business Reality
When commercial pressure overrides risk discipline.
 | Chelsea Tieken,Business Strategy and Planning Director, TPRM Strategy and Initiatives,USAA |
Testing Resilience When Exit Is Not an Option
Designing resilience strategies for irreplaceable vendors
 | Megan Speranza,Vice President, Global Head of Resiliency Risk Management,American Express |
Exit Strategies That Don’t Work
Why most vendor substitution plans collapse under real stress.
| Trina Dubose,Executive Director, Head of Third Party Risk Audit, Morgan Stanley |
Will AI and Quantum Make your TPRM Programs Obsolete?
What to know, where to start
 | Brian Shaw,VP, North America, Certa |
1:20 RANSOMWARE AND CYBERSECURITY: THIRD-PARTY CYBER INCIDENTS AND ACCOUNTABILITY – PANEL DISCUSSION
 | Anthony Muhammad,Director, Deputy Head of US Operational Risk Capital, Stress Testing & Scenario Analysis,Barclays |
 | Thomas Kartanowicz,CISO, Europe and Americas,Standard Chartered Bank |
 | Steve Thomas,CEO,HackNotice |
2:10 The Invisible Perimeter: Why your $100M Resilience Plan Fails at Tier-3 Vendors
 | Jonathan Bald,VP,Black Kite |
2:45 WHEN AI GOVERNS AI: VALIDATION, OVERSIGHT AND THE “CHECK THE CHECKER” PROBLEM – PANEL DISCUSSION
 | Sabeena Ahmed Liconte,Head of Legal and Chief Compliance Officer,ICBC Standard Bank Group |
 | Sri Intan,Head of Third Party Risk Management for North America, CommerzBank AG |
Interactive Deep-Dive Session | Simulation Lab (Limited to 15 Delegates)
1:20 RESILIENCE UNDER STRESS: DESIGNING SEVERE BUT PLAUSIBLE THIRD-PARTY FAILURE SCENARIOS – SIMULATION LAB
A practitioner-led, closed-door simulation focused on how firms design and test severe-but-plausible third-party failure scenarios — not just document them.
Expect open, peer-to-peer exchange on:
- Designing joint testing exercises with critical vendors and key service providers
- Stress-testing shared infrastructure and cloud dependencies under realistic conditions
- Validating recovery timelines, fallback options, and manual workarounds
- Simulating disruption across extended ecosystems beyond Tier 1 dependencies
- Challenging assumptions that fail under real stress and identifying hidden vulnerabilities
Designed to move beyond frameworks into practical approaches you can take back and apply.
 | Megan Speranza,Vice President, Global Head of Resiliency Risk Management,American Express |
 | Olga Voytenko,Head of Operational Risk and Chief Auditor,Russell Investments |
3:35 Afternoon Refreshment Break and Networking
4:05 CONTINUOUS MONITORING: MOVING BEYOND SCORES, SIGNALS AND DASHBOARDS
| Trina Dubose,Executive Director, Head of Third Party Risk Audit,Morgan Stanley |
4:40 EXIT PLANNING: CAN YOU ACTUALLY WALK AWAY FROM YOUR VENDORS?
 | Wayne Scott,Global Regulatory Compliance Solutions Lead,Escode , Part of NCC Group |
5:10 Chair’s Closing Remarks
5:15 End of Day One and Networking Drinks Reception
Main Agenda
12:20 Lunch Break and Networking Roundtables
Performance Management – Turning Vendor Performance Into a Risk
| Charmi Patel,Third Party Vendor Risk Manager,Columbia Bank New Jersey |
Vendor Risk vs Business Reality
When commercial pressure overrides risk discipline.
| Chelsea Tieken,Business Strategy and Planning Director, TPRM Strategy and Initiatives,USAA |
Testing Resilience When Exit Is Not an Option
Designing resilience strategies for irreplaceable vendors
| Megan Speranza,Vice President, Global Head of Resiliency Risk Management,American Express |
Exit Strategies That Don’t Work
Why most vendor substitution plans collapse under real stress.
| Trina Dubose,Executive Director, Head of Third Party Risk Audit, Morgan Stanley |
Will AI and Quantum Make your TPRM Programs Obsolete?
What to know, where to start
| Brian Shaw,VP, North America, Certa |
Interactive Deep-Dive Sessions
Main Agenda
Interactive Deep-Dive Sessions
8:50 Chair’s Opening Remarks
 | Brian Shaw,VP, Head of North America,Certa |
9:00 OPERATIONAL RESILIENCE BEYOND BUSINESS CONTINUITY – PANEL DISCUSSION
| Megan Speranza,Vice President, Global Head of Resiliency Risk Management,American Express |
 | Saba Zahid,Managing Director, Head of Operational Risk,Morgan Stanley Wealth Management |
 | Spruille Braden,Head of Enterprise Resilience,MassMutual |
 | Rich Alber,Managing Director,EY |
 | Cyril Korenbeusser,Head of Operational Resilience,Mizuho |
9:50 AGENTIC AI IN THE THIRD-PARTY ECOSYSTEM
| Alongside the main conference, we will hosting deep-dive, practitioner-led sessions designed to move beyond presentations and into collaborative problem solving with peers facing the same challenges. |
10:25 Morning Refreshment Break and Networking
11:00 INCIDENT RESPONSE ACROSS ORGANIZATIONAL SILOS: WHEN CYBER, LEGAL AND TPRM DON’T ALIGN
 | Fusako Nitta,Director, Operational Risk and Third Party Manager,Daiwa Capital Markets |
11:35 FROM VENDOR MANAGEMENT TO ECOSYSTEM RISK: MANAGING COMPLEX THIRD, FOURTH AND N-TH PARTY NETWORKS
 | Ritu Jethani,Head of Risk and Compliance,Plootus |
Interactive Deep-Dive Session (Limited to 15 Delegates)
11:00 AI IN THE THIRD-PARTY ECOSYSTEM: CONTINUOUS MONITORING, AUTONOMOUS RISK & RESILIENCE IMPLICATIONS
A practitioner-led, closed-door discussion focused on how AI is reshaping third-party ecosystems, continuous monitoring, and resilience — not just adding complexity to existing frameworks.
Expect open, peer-to-peer exchange on:
- Closing the gap between real-time monitoring data and decisive management action
- Designing escalation frameworks beyond static scores to enable defensible intervention
- Governing shadow AI and automation embedded within critical third-party platforms
- Validating AI-generated risk outputs and defining clear human accountability
- Building kill-switches, guardrails, and oversight models that hold under disruption
- Managing AI-driven concentration, model drift, and systemic resilience risk
Designed to move beyond frameworks into practical approaches you can take back and apply.
| Amanda Sang,Director, Risk Analysis and Policy, Financial Enterprise Risk Department,Bank of Canada |
12:10 Lunch Break and Networking Roundtables
Join small, topic-led discussions over lunch to exchange ideas, share experiences, and gain practical insights with peers. Key insights fed into the panel.
The Hyperscaler Dilemma
Are financial institutions now too dependent on cloud providers to fail over?
 | Polina Ryabko,Sourcing and Third Party Risk Manager, Bayview Asset Management LLC |
The Fourth-Party Visibility Problem
How far into the supply chain can firms realistically see?
| Rajat Bhatnagar,Head of Third Party Risk,BBVA |
Geopolitical Risk in Vendor Ecosystems
Preparing for Supply Chain Fragmentation and Regulatory Shock
| Ritu Jethani,Head of Risk and Compliance, Plootus |
When the Vendor Breach Becomes Your Breach
Managing accountability when incidents originate in the supply chain.
| Fusako Nitta, Director, Operational Risk and Third Party Manager, Daiwa Capital Markets |
The Vendor Power Shift
What happens when critical vendors simply refuse oversight?
 | Joel Ipe, Director, Third Party Risk Management, U.S. Internal Control,, Scotiabank |
1:10 OFFSHORING RISK AND RESILIENCE: COST SAVINGS VERSUS CONTROL – PANEL DISCUSSION
| Chelsea Tieken,Business Strategy and Planning Director, TPRM Strategy and Initiatives,USAA |
| Olga Voytenko,Head of Operational Risk and Chief Auditor,Russell Investments |
2:00 WHEN THINGS GO WRONG: POST-INCIDENT LESSONS FROM THIRD-PARTY FAILURES
 | Michael Bochniarz,Head of Enterprise Risk Management & Third Party Risk,Cross River Bank |
Interactive Deep-Dive Session (Limited to 15 Delegates)
1:10 CLOUD CONCENTRATION & SYSTEMIC VENDOR RISK: GOVERNING THE UNAVOIDABLE
A practitioner-led, closed-door discussion focused on how firms are governing cloud concentration and systemic vendor risk where exit is often unrealistic and dependencies are unavoidable.
Expect open, peer-to-peer exchange on:
- Mapping hidden fourth- and N-th party infrastructure dependencies
- Identifying where multi-region and redundancy assumptions fail under stress
- Designing credible concentration risk reporting for boards and senior leadership
- Building escalation frameworks when critical vendors resist oversight
- Developing collective and industry-level leverage strategies
Designed to move beyond frameworks into practical approaches you can take back and apply.
| Charmi Patel,Third Party Vendor Risk Manager,Columbia Bank New Jersey |
2:35 Afternoon Refreshment Break and Networking
3:05 GOVERNANCE, REPORTING AND MI THAT SENIOR LEADERSHIP TRUSTS
 | Sonia Verbeeck,Head of Third Party Risk at UNJSPF Office of Investment Management,United Nations |
3:40 THE FUTURE OF TPRM LEADERSHIP: SKILLS, STRUCTURE AND STRATEGY – PANEL DISCUSSION
 | Joel Ipe,Director, Third Party Risk Management, U.S. Internal Control,Scotiabank |
| Polina Ryabko,Sourcing and Third Party Risk Manager,Bayview Asset Management LLC |
| Charmi Patel,Third Party Vendor Risk Manager,Columbia Bank New Jersey |
4:35 End of Vendor and Third Party Risk USA 2026
Main Agenda
12:10 Lunch Break and Networking Roundtables
The Fourth-Party Visibility Problem
How far into the supply chain can firms realistically see?
| Rajat Bhatnagar,Head of Third Party Risk,BBVA |
The Hyperscaler Dilemma
Are financial institutions now too dependent on cloud providers to fail over?
| Polina Ryabko,Sourcing and Third Party Risk Manager, Bayview Asset Management LLC |
Geopolitical Risk in Vendor Ecosystems
Preparing for Supply Chain Fragmentation and Regulatory Shock
| Ritu Jethani,Head of Risk and Compliance, Plootus |
When the Vendor Breach Becomes Your Breach
Managing accountability when incidents originate in the supply chain.
| Fusako Nitta, Director, Operational Risk and Third Party Manager, Daiwa Capital Markets |
The Vendor Power Shift
What happens when critical vendors simply refuse oversight?
| Joel Ipe, Director, Third Party Risk Management, U.S. Internal Control,, Scotiabank |
Interactive Deep-Dive Sessions