Agenda

8:00 – 8:50

Registration and breakfast

8:50 – 9:00

Chair’s opening remarks

9:00 – 9:45

REGULATIONS – PANEL DISCUSSION
Reviewing current and future trends in regulation around technology use across third parties

View Session Details

  • Expectations of changes on the horizon and impact on programs
  • Reviewing global changes and implications
  • Understanding the importance of technology compliance
  • Reviewing the impact of EU DORA
    • Synergies between resilience and TPRM
    • Preparatory steps for implementation
  • Incorporation of business continuity plans
  • Responding to emerging regulations and adapting to change

9:45 – 10:20

CRITICAL THIRD PARTIES
Managing complexities in types of supplier relationships

View Session Details

  • Managing FMIs and cloud service providers
  • Challenges managing critical third parties who cannot be influenced
  • Risks of dependency on critical yet uncontrollable services
  • Managing regulatory pressure to include in risk assessments
  • Monitoring concentration risk of major cloud service providers
  • Managing complex relationships with smaller fintech vs large conglomerates
  • Increased security and concentration challenges

10:20-10:50

Morning refreshment break and networking

10:50 – 11:25

AI OVERSIGHT
Developing internal policies and training requirements for oversight of AI

View Session Details

  • Developing internal and external policies
  • Ensuring robust policies and oversight to remain competitive
  • Reviewing the role of AI and oversight for third party relationships
  • Managing unique relationships with law firms and security challenges
  • Developing structured educational programs
  • Managing increased model risk using AI provided by third parties

11:25 – 12:00

AI GOVERNANCE
Governance of AI uses within financial institutions and across third parties

View Session Details

  • Managing unknowns of AI governance
  • Developing and defining AI governance models
  • Ensuring advanced oversight of third party use of AI
  • Streamlining third party oversight leveraging AI
  • Managing ethical concerns and regulatory expectations
  • Real-time and continuous monitoring using AI
  • Developing effective AI governance and compliance frameworks

12:00 – 12:45

CONTROL AND MAINTAIN – PANEL DISCUSSION
Developing effective controls and principles around third parties leveraging AI

View Session Details

  • Ensuring AI systems used by third parties are controlled effectively
  • Managing challenges with limited historical input
  • Increasing employee education to manage the risk
  • Including contract clauses recognizing AI
  • Establishing principles and standards to incorporate AI into TPRM
  • Identifying AI use in third party services
  • Effective oversight and human monitoring of AI

12:45-1:45

Lunch break and networking

1:45 – 2:20

VENDOR MODELS
Managing and mitigating potential bias in vendor models

View Session Details

  • Managing bias in AI models used by vendors
  • Transparency and compliance training data sets
  • Reviewing legal and compliance considerations
  • Ensuring transparency of data set
  • Managing associated reputation and business risks
  • Ensuring compliance of vendor data sets with cross border laws and regulations
  • Maintaining audit trails within model risk frameworks

2:20 – 2:55

MITIGATING NTH PARTY RISKS
Managing technology risks across the entire chain from third to nth parties

View Session Details

  • Integration of different risk types, including cyber, data, and technology
  • Enforcing policies across the supply chain
  • Managing ecosystems, including multiple third parties
  • Accountability and oversight of AI use

2:55 – 3:30

ENHANCING TPRM
Leveraging technology to enhance a third party risk management program

View Session Details

  • Integration of AI in enhancing TPRM
  • Reviewing opportunity and uses of cloud and AI
  • Program development and technology integration
  • Integrating AI to improve risk processes and reduce assessment times
  • Enhancing documentation and control environments
  • Reviewing internal vs. external solutions

3:30-4:00

Afternoon refreshment break and networking

4:00 – 4:45

PROCESS IMPROVEMENT – PANEL DISCUSSION
Augmenting AI in third party risk management and leveraging to improve processes

View Session Details

  • Challenges and benefits of integrating AI
  • Improving processes and creating efficiencies
  • Leveraging to monitor SLAs across the contract lifecycle
  • Enhancing documentation and control environment
  • Opportunities and challenges leveraging AI for TPRM
  • Onboarding AI tools and betting them

4:45 – 5:20

DUE DILLIGENCE
Establishing effective due diligence processes for emerging technologies

View Session Details

  • Reviewing best practice requirements for technology due diligence
  • Future regulatory expectations for due diligence
  • Inclusion of AI in due diligence internally and across third parties
  • Leveraging AI for third party due diligence process efficiency
  • Understanding the potential of AI as a cost-saving investment
  • Developing technology partnerships to evolve programs
  • Leveraging AI and ML to optimize due diligence

5:20-5:30

Chairs closing remarks

5:30

End of day one and networking drinks reception

8:00 – 8:50

Registration and breakfast

8:50 – 9:00

Chair’s opening remarks

9:00 – 9:45

GEOPOLITICS – PANEL DISCUSSION
Exploring the impact of geopolitical events and country-specific risks on third party risk management

View Session Details

  • Reviewing the impact of recent geopolitical events on supply chains
  • Understanding and managing geopolitical risk vs. country risk
  • Managing the impact of sanctions and continued changes
  • Impact of elections on third party risk management
  • Managing the increased cybersecurity threat

9:55-10:20

MARKET VOLATILITY
Adopting cutting edge technologies to remain competitive and agile in a volatile market

View Session Details

  • Making informed decisions on technology implementation
  • Tailoring to company needs and size
  • Competitive advantage keeping up with technology advances
  • Collaboration opportunities to advance programs
  • Aligning business and customer needs
  • Enhancing due diligence processes with AI and ML
  • Automating tasks such as reading questionnaires and policies

10:20-10:50

Morning refreshment break and networking

10:50-11:25

OUTSOURCING
Outsourcing options: Reviewing what could be outsourced and risks to consider

View Session Details

  • Managing outsourcing risks with technology advances
  • Outsourcing critical functions
  • Uses of outsourcing and technology in customer interactions
  • Enhancing fraud, KYC and AML controls through external technology
    • Fraud detection, voice cloning and deepfake videos
  • Integration of TPRM across risk functions

11:25-12:00

ONGOING MONITORING
Conducting ongoing monitoring and reviews for vendors to ensure compliance with security standards

View Session Details

  • Establishing continuous monitoring capabilities
  • Proactive enforcement of security standards
    • Contract management and clauses
  • Setting clear expectations to ensure security across third parties

12:00-12:35

CYBERSECURITY
Monitoring the evolution of cybersecurity risks and managing the increased number of incidents

View Session Details

  • Cybersecurity as a fundamental to any TPRM program
  • Understanding the evolving nature of cyber risk
  • Keeping ahead of the increasing number of incidents
  • Forming cyber incident response teams
  • Developing comprehensive and documented response protocols
  • Managing excessive data in cybersecurity and TPRM
  • Identifying risk posed by fourth parties in data protection
    • Control limitations over fourth-party security
    • Developing contractual protections
  • Increased ransomware risks in third parties and beyond

12:35-1:35

Lunch break and networking

1:35-2:10

DATA
Balancing innovation with data privacy and security across third parties

View Session Details

  • Managing risks associated with security and privacy
  • Ensuring transparency in data sets to ensure compliance
  • Reviewing international laws including GDPR
  • Challenges using cross-border data for training AI models
  • Ensuring compliance with local and international laws
  • Implications of the EU AI Act

2:10-2:45

VENDOR TRANSPARENCY
Managing the use of open source technology and ensuring vendor transparency

View Session Details

  • Transparency requirements in security and licensing practices
  • Monitoring uses of open source software security
  • Verifying security and licensing of software used by vendors

2:45-3:15

Lunch break and networking

3:15-4:00

COLLABORATION – PANEL DISCUSSION
Engaging the board and senior management in TPRM to increase awareness

View Session Details

  • Strategies to engage management
  • Developing clear communication lines
    • Communication across risk functions and the board
  • Understanding the RoI of TPRM
  • Education on the importance of TPRM
    • Communicating implications and risks

4:00-4:35

TOOLING
Incorporating effective and integrated solutions for third party risk management

View Session Details

  • Challenges incorporating software solutions
  • Integration challenges with existing GRC tools
  • Reviewing benefits of single integrated solutions vs multiple isolated options
  • Enhancing cost efficiency and managing legacy solutions
  • Integration across the TPRM program
  • Streamlining processes and improving efficiency

4:35-4:45

Chairs closing remarks

4:45

End of Vendor and TPRM: AI and Tech