Course Agenda

Agenda

Course Agenda

Day one – October 30, 2019

8:30

Registration and refreshments

            

9:00

            

Non-Financial Risk: Background, Governance and Types

  • Background – NFR framework, drivers of risk management, high levels of enforcement and fines
  • What are the regulators expectations and definitions for governance
  • What are the differences for banks, asset management and/or insurance?
  • Setting out building blocks for effective risk governance
    • Common language around risk
    • Risk management steering committees
    • Roles & responsibilities of board, senior management, support functions, internal audit and compliance, risk management etc.
  • What are the types of non-financial risk? Model risk, operational risk etc.
  • Challenges and opportunities for NFR framework

Speaker: Lois Tullo, EIR Global Risk Institute, CRO/CCO Novera Capital and JVerify, Risk Management Faculty Schulich School of Business, York University

10:30

Morning break

11:00

Enterprise Risk Management

  • Value of ERM
  • Elements of an effective ERM framework
  • Integrating ERM with corporate strategy
  • Setting up a ERM framework
    • Defining scope
    • Mapping risk
    • Action plans
    • Automation
    • Monitoring and measuring
  • Risk insight and transparency

Speaker: Avnish Dhingra, chief risk officer, AST Trust Company

12:30

Lunch

1:15

Risk Governance and Risk Appetite

  • Risk appetite framework
  • Successfully creating and embedding a firm wide risk appetite
    • Top-down, bottom-up approach
    • Integrating risk appetite with business decisions and planning
    • Enhancing the clarity of metrics
    • Establishing reporting and accountability processes
  • Risk appetite approaches for non-financial risks
  • Attention on regulatory compliance and risk governance
  • Finding the balance between managing risk and managing regulations
  • Effective risk assessments – emerging vs strategic

Speaker: Leanne Barnes, director, enterprise and operations risk management, Ontario Teachers’ Pension Plan

2:30

Afternoon break

3:10

Conduct Risk and Risk Culture

  • Focus from regulators
  • What is your firms highest conduct risk going forward?
  • Changing behaviours and increasing front-office accountability
  • Key business benefits of strengthening risk culture
  • Defining and assessing risk culture
  • Changing risk culture – effective methods for delivering messages in a meaningful way
  • Can you effectively measure risk culture?

Speaker: Dennis Winkel, chief risk officer, Exchange Bank of Canada

4:30

End of day one

Day two – October 31, 2019

8:30 

Refreshments

9:00

Outsourcing and Third-Party Risk Management

  • Overview of vendor partnerships and associated risks
  • Selecting a vendor partner
  • Designing the technical and business process interface with the vendor
  • Integrating vendor's risk management procedures and practices
  • Merits of conducting joint incident response exercises
  • Continuous management of the risk profile
  • Risk managing vendor sub-contracting (fourth party risk)

10:30   

Morning break

11:00  

Cyber and IT security

  • Cyber risk, risk management and governance
  • The differences between IT risk, cyber risk, security risk and other related risks
  • How do IT risks fit into the context of the business?
  • Ensuring cyber resilience
  • Engaging the board – who is responsible for cyber?

12:30   

Lunch

1:15

Operational Resilience 

  • What is operational resilience?
  • Regulatory expectations
  • Governance arrangements and overall approach
  • Strengthening existing mitigating frameworks (e.g. BCP)
  • Outsourcing dependency
  • How can you ensure continuing resilience in a cost-cutting environment?
  • How can existing risk frameworks be used to manage resilience risk (e.g. KRIs for impacts)
  • How frequently and to what extent should resilience be tested?

Speaker: Michael Auret, financial services partner, Technology Risk and Resilience, PwC

2:45

Afternoon break

3:00

Quantifying Operational Risks

  • Analyses of critical non-financial risks including critical risks, changing conditions and systemic risks
  • Identifying, assessing, measuring, monitoring and reporting non-financial risk exposures
  • Use of loss data for quantification
  • Heat maps to assess and prioritize risk
  • Subjective assessment of probabilities
  • Considering very large risk registers

4:30

End of Course