PERFORM WITH INTEGRITY^TM

Jim Quigley
CEO Emeritus, Deloitte and Member of the Board, Audit Committee Chair, Risk Committee & Credit Committee, Wells Fargo & Company

Mr. Quigley is a retired partner and CEO Emeritus of Deloitte. Prior to retiring in June 2012, Mr. Quigley served as chief executive officer of Deloitte Touche Tohmatsu Limited (DTTL, the Deloitte global network), from 2007 to 2011, and as chief executive officer of Deloitte LLP, the U.S. member firm of DTTL, from 2003 until 2007. He served as a trustee of the International Financial Reporting Standards Foundation from 2012 until December 2017. Mr. Quigley also is chairman of the board of directors of Hess Corporation and a member of the board of directors of Merrimack Pharmaceuticals, Inc. He previously was co-chairman of the TransAtlantic Business Dialogue, a member of the board of trustees of The German Marshall Fund of the United States, a director of the Center for Audit Quality, a trustee of the Financial Accounting Foundation, a member of the U.S. Securities and Exchange Commission Advisory Committee on Improvements to Financial Reporting, and a member of numerous committees of the American Institute of Certified Public Accountants. Mr. Quigley earned a Bachelor of Science degree and an honorary Doctorates of Business from Utah State University and Bentley College.

Tony Scott
U.S. Chief Information Officer (2015–2017)

Over a 40-year career, Mr.Scott has shaped groundbreaking information technology solutions at some of the world’s most recognizable brands, including Microsoft, General Motors, VMware, and The Walt Disney Company. A cybersecurity and cloud computing pioneer, he has championed and executed strategies that have driven results from the corporate boardroom to the consumer’s living room, changing the way we think about modern data management and open-source advancements. Following a long tenure at Marriott, where he developed the first microcomputer-based forecasting tools and labor management and scheduling tools, he held executive roles at Sun Microsystems, Price Waterhouse, and Bristol-Myers Squibb. As the first chief information officer to manage corporate-wide IT at The Walt Disney Company, he upgraded the company’s infrastructure, developed enterprise-wide risk management and cybersecurity functions, and insured company-wide compliance with regulatory and risk issues. As CIO of Microsoft, he was responsible for all aspects of the company’s IT organization and enterprise digital supply chain, including Microsoft.com and partner-facing websites. In 2015, he was appointed by President Barack Obama to serve as the third Chief Information Officer of the United States. During his tenure, he initiated a 30-day Cybersecurity Sprint and led the government response to a series of cyber intrusions, including an unprecedented breach of personnel data. he implemented a 21st-century approach to digital governance, promoted transparency and innovation, and established partnerships between the public and private sectors. Along the way, he navigated net neutrality policy, managed privacy issues arising from the Apple vs. the FBI legal case, and oversaw federal technology spending, including managing an $85 billion budget. Today, he leads the TonyScottGroup, offering cutting-edge enterprise strategy and solutions. He has a bachelor of science in information systems management from the University of San Francisco and a juris doctorate from Santa Clara University. He has been inducted into the CIO Hall of Fame by CIO magazine and is a two-time winner of FedScoop’s 50 “Golden Gov: Executive of the Year” award.
 

Sylvie Focquet
International team- Insurance and pension unit, European Commission

Sylvie Focquet is making international insurance and pensions policy at the European Commission. Prior to that, she was leading several international crisis teams at the Single Resolution Board (SRB), in order to resolve European banks in case of failure. Before joining the SRB in 2015, Sylvie was Head of the Solvency II project at AXA and of the validation of the internal model.

Sylvie holds an MSc in applied mathematics from the UCL and a degree in Financial and Money markets from IFCA institute. She has a certificate in public leadership from Harvard Kennedy School. Member of the CFA (Chartered Financial Analyst) and of the GARP (Global Association of Risk Professionals), she has more than 14 years of experience in quantitative finance and risk management roles in banking, insurance, and telecom sectors, both in Europe and in the United States. Besides, Sylvie has been a non-executive director of the Boards of Aphelion (Independent Fund) and of the CFA Belgium Society. She was also an independent expert for the European Commission on the H2020 program.
Sylvie is a regular guest speaker on Risk/Insurance and has also published papers in this field.

Ryan Abdel-Megeid
Director - Internal Audit, AARP

Ryan Abdel-Megeid is a Certified Information Systems Auditor (CISA) and is currently the Director of Internal Audit at AARP, the nation’s largest nonprofit, nonpartisan organization dedicated to empowering people 50 and older to choose how they live as they age.

Ryan leads the Internal Audit team at AARP and is responsible for preparing and implementing a risk-based audit plan to assess, report on, and ultimately help improve the association’s key internal controls. Ryan works directly with the Chief Audit Executive to develop Audit Committee reports and works closely with AARP leadership to provide recommendations on how to improve governance.

Prior to working at AARP, Ryan was a Senior Manager in Grant Thornton’s Risk Advisory practice. Ryan led internal audit engagements at public and private clients, including but not limited to; IT risk assessments, audit planning, testing, and reporting. He has worked closely with the C-suite of regional, national, and international companies, not-for-profit organizations & associations, as well as highly-regulated financial services companies, to help them effectively manage technology, operational, and enterprise risks.

In addition to his current role at AARP, Ryan serves on the Board of Governors for the DC Chapter of the Institute of Internal Auditors (IIA).

Ryan earned his Bachelor of Science in Management Information Systems from the Smeal College of Business at The Pennsylvania State University in University Park, PA.

Previous speaking engagements:

• SOC Reporting - IIA Baltimore Annual CPE Conference – 2015

• Future of IA (panelist) - MetricStream GRC Conference – 2019

•  “It’s a Risk-Based Dinner Gathering – Compliance, ERM & Internal Audit” - SCCE Compliance & Ethics Institute – 2019

• Featured on ISACA’s 50^th Anniversary infographic “Global Prestige, Global Influence”

Bruce Edwards
CAE, Department of Transportation

Mr. Bruce Edwards is the Chief Audit Executive for the Department of Transportation Federal Motor Carrier Safety Administration. He has 29 years of managing internal audit operations in the private industry, federal and state governments. In his career, he has established Internal Audit Divisions within the federal government and the state of Maryland, most currently at the Federal Motor Carrier Safety Administration (FMCSA). At FMCSA, Mr. Edwards currently oversees the FMFIA/A123, Internal Audit & Investigations and Audit Liaison functions. HIs scope of audit engagements managed has covered acquisition fraud, government credit card fraud, unearned compensatory/overtime, operational /performance and information systems audits. He holds a degree in Accounting from Morgan State University, Earl Graves School of Business, Master's degree in Public Administration from American University, and he is a Certified Internal Auditor. Additionally, Bruce has received several awards for his work contributions, and has been recognized for his ability to train audit staff while extending 'lessons learned' to his peers.

Jakub Petersson
Director Enterprise Risk Management, CNO Financial Group

Mr. Petersson has over 10 years of risk management experience in audit, supply chain and Enterprise Risk Management in various industries. He has worked on several transformational risk management initiatives and led supply chain M&A activities in the manufacturing and financial services domains.
In his current role at CNO Financial, he is leading strategic planning in Enterprise Risk Management and Business Continuity Management. Along with supporting the maturity of the ERM program and accelerating the risk culture change. Prior to joining CNO Financial, he worked for Allegion as a Global Manager, Strategic Initiatives and Genworth Financial as an Enterprise Supplier Management Leader.
He received his MBA in Finance and is a certified Internal Auditor and Risk Management Assurance professional.

Denyette DePierro
Vice President & Senior Counsel, American Bankers Association (ABA)

Ms. DePierro joined the American Bankers Association in March 2008. Prior to joining ABA, he completed two fellowship terms with the US Department of State at the American Embassy in London, England and the American Consulate in Naples, Italy attached to the Political and Economic Policy Offices. She began her US domestic policy career as Legislative Counsel at the Independent Community Bankers of America (ICBA) in Washington, D.C. and the California Independent Bankers in Newport Beach, California where she was the primary lobbyist for twelve states, including California, focusing on financial privacy, banking powers, and the regulation and licensing of Industrial Loan Company (ILC) charters. While pursuing her J.D. and M.DR from the Pepperdine School of Law, she was a Dean’s Scholarship recipient and fellow at the Straus Institute for Dispute Resolution.  She completed a European Union (EU) Fellowship at the University of Padua in Padua, Italy in Developmental Economics before completing her B.A. at the University of California, Santa Barbara.

At ABA, she focuses on the state, federal, and international regulation of technology, cybersecurity, privacy, information security, data management, and emerging trends in banking, including the EU’s General Data Protection Regulation (GDPR), internet of things (IOT), connected cities, social media, and digital governance and risk management.

Alessia Falsarone
Managing Director, PineBridge Investments

Ms. Falsarone, SASB FSA, is a Managing Director of Portfolio Strategy and Risk with PineBridge Investments in New York, a private, global asset manager focused on active, high-conviction investing. She is responsible for the alignment of portfolio strategy and investment risk with focus on developed markets’ credit. Ms. Falsarone served in the office of the CEO of PineBridge’s predecessor entity, AIG Investments. Prior to AIG, she was part of the Global Investments team at Citigroup as Vice President responsible for international client advisory and an investment banker with Credit Suisse.

Ms. Falsarone is an NACD Governance fellow, a start-up mentor in the Stanford IGNITE accelerator program, and an active contributor to the Financial Management Association. She serves as a Member of the Board of 1787fp, a digital platform focused on consumer finance (TechCrunch Disruptor 2017) and as a FinTech Advisory Board Member of the Center for Financial Professionals (CeFPro). A researcher of behavioral sciences, she is contributing author to “Applying Neuroscience to Business Practice” (October 2016) and to the “The PAYTECH Book” (Wiley, forthcoming).

Ms. Falsarone is an alumna of Stanford University and the MIT Sloan School of Business.

William Mennonna
Chief Risk Officer, PNC Capital Advisors

Mr. Bill was named president and chief executive officer of PNC Capital Advisors in January 2018. In this role, he is responsible for overseeing matters related to administration, compliance, product management, and risk management. He also chairs the firm’s Management Committee.

He joined the firm in 2014 as chief risk officer. As CRO, he led firm-wide risk management efforts related to investment, business, operational, and regulatory risks. He also managed the firm's portfolio trade compliance function.

Prior to joining PNC Capital Advisors, he spent six years as the director of risk management with Pioneer Investment Management (PIM) USA, Inc. In that post, he headed the enterprise-wide risk management framework for PIM USA and its subsidiaries. He also held the position of director of internal audit for seven years at PIM USA. His extensive risk and audit experience in the financial industry began in 1985. He previously served as acting audit director and as audit manager with Investors Bank and Trust Company and as an auditor with New England Financial.

He earned both a Bachelor of Science degree in administration of justice and a Bachelor of Arts degree in political science from Salve Regina University, and a Master of Science in risk management from New York University, Stern School of Business.

Gunjan Sinha
Executive Chairman, MetricStream

Mr. Sinha is responsible for leading MetricStream's overall strategy and execution. He currently serves on the Board of Directors of several Silicon Valley companies, and was appointed in 2010 to the Board of the US-India Science and Technology Research Endowment Fund by the US State Department to promote entrepreneurship and innovation. Additionally, he is the Chairman of CFHI.org which brings transformative healthcare education to under-served communities.

Over the course of his career, he has spent over 20 years in various entrepreneurial, board, and executive positions building innovative businesses. He was the Co-Founder and President of WhoWhere? Inc., a leading Internet directory services company that was acquired by Lycos in 1998, as well as eGain, an online customer service company which he built from inception to post NASDAQ IPO.

He obtained his BS and MS degrees in Computer Science from the Indian Institute of Technology, New Delhi, and UC Santa Cruz, respectively. He also holds an MS in Industrial Engineering and Engineering Management from Stanford University. He has been featured as one of the 50 most successful immigrant entrepreneurs in the US by Silicon India.

Jerry Storey
MD – Regulatory Affairs & Compliance, FedEx Logistics

Mr. Storey is currently the Managing Director for Regulatory Affairs and Compliance at FedEx Logistics.

He has experience in many facets of international regulatory compliance having worked for large importers and exporters such as Footlocker, Woolworth Stores, and Fonterra (The 4^th largest dairy firm in the world) – as well as for some of the largest transportation firms in the world including DHL Global Forwarding, Expeditors International, and now FedEx Logistics.

With over 30 years of experience he deals effectively and creatively with regulatory risks and compliance around the globe including dairy/food products, military aircraft, medical goods, satellite and data communications equipment and installations, and many other factors.

“You can’t audit yourself out of a problem.”

Melissa A. Borrelli
Sr Manager – Compliance, Mazars USA LLP

Ms. Borrelli has more than 15 years’ experience in the healthcare compliance, legal, ethics, and regulatory areas, with specific expertise in managed care, health insurance, and privacy and cybersecurity. In addition to practicing as an attorney in private law firms, she served as a Senior Attorney at the California Department of Managed Health Care, where she worked on health plan and restricted license regulation, including, but not limited to, compliance filings, contracts, network adequacy, new and surrendering licenses, and Affordable Care Act implementation for commercial, government, specialized, and discount plans. She also worked in-house as Senior Attorney and Director of Compliance at a California health plan, overseeing compliance, regulatory affairs, and privacy.

Liza Abad
Head of Enterprise Risk - North America, Paysafe Group

Ms. Abad has over fifteen years of experience in Enterprise Risk, Operational Risk, Credit Risk and Financial Analysis in the financial services and energy industries. At Paysafe Group, Liza heads the Enterprise Risk program for North America responsible for the implementation of Enterprise Risk across the Payment Processing division. Prior to joining Paysafe Group, she worked for Hess Corporation, Mirant Corporation, and Bank of America in a variety of risk leadership roles over Americas, Europe, Middle East, W. Africa, Asia, and Australia. Highlights in her career, she successfully led a team that embedded Enterprise Risk framework, activities, and tools across the organization of a $20 billion E&P company and developed an Earnings at Risk framework, process and model for a Fortune 500 company. Liza has also been actively involved in the risk professional community through leadership roles at Professional Risk Managers' International Association (PRMIA) and at International Energy Credit Association (IECA). and as a speaker (Columbia University' Energy Symposium, McDermott Will & Emery Energy Conference, LEAP, IECA and PRMIA). She received her MBA from Emory University in Atlanta, GA. For her accomplishments, she was recently awarded “Leading Risk Managers – 2018 by Business Insurance America.

Gaurav Kapoor
Co-founder and COO, MetricStream

Gaurav Kapoor serves as the Co-founder and COO of MetricStream. Gaurav has been involved with the company since its inception and as the COO, is responsible for the overall Go-to-Market Strategy, Sales, Marketing, Customer Advocacy, and the Partner and Community Ecosystem. Until 2010, he also served as the CFO of MetricStream.

Previously, Gaurav held executive positions at OpenGrowth and ArcadiaOne. Prior, he spent several years in business, marketing and operations roles at Citibank in Asia and in the U.S.

He also serves on the board of Regalix, a digital innovation and marketing company. Gaurav has a bachelor's degree in Technology (with Honors) from the Indian Institute of Technology (IIT), a degree in Business from FMS, Delhi, and an MBA from the Wharton Business School at the University of Pennsylvania, where he graduated as a Palmer Scholar.

Raven Catlin
Former CAE and Industry Expert in Internal Audit and Risk Management

Ms. Catlin is an internationally recognized expert and speaker in internal auditing. Leveraging her 15 years of auditing, consulting, and training experience, seminar attendees gain valuable skills and motivation to achieve success. 
Ms. Catlin is VCU graduate. Before starting Raven Global Training, she was a consultant at Experis and senior manager for a leading consulting company. She held internal audit positions with Freddie Mac, Bank of America, and Philip Morris. Ms. Catlin is an active member of the IIA and a contributing author to IIA's CIA Learning System.

Jessey Abraham
VP - Technology Risk & Compliance Officer, Federal Home Loan Bank of New York

Ms. Abraham is an accomplished VP with more than 18 years of success across a broad spectrum of areas within risk management and compliance. She has expertise building new and revamping existing risk and compliance departments, programs, frameworks and methodologies across financial service firms. Previously, she served as the Assistant Vice President of Risk Control for Artio Global Investors, where she was essential in the build out their Risk Control Group and rolled out their SOX and Operational Risk Programs. During her time at Federal Home Loan Bank of NY she successfully revamped the company’s Compliance function and led projects that improved control and process-focused initiatives including the incident investigations and training and development. She is currently building out the organization’s Technology Risk Oversight Program that promotes not only confidentially, integrity, and availability but also innovation and agility. Her leadership and proven track record evidences her drive for operational excellence both in and out of the technology spectrum.

Leveraging extensive experience in identifying and assessing current and emerging risks, streamlining operational and IT processes, ensuring regulatory requirements are met while maintaining an adequate cost/benefit – makes her a valuable asset for organizations looking to improve their operational inefficiencies, meet regulatory requirements, while driving up business value. Her broad areas of expertise include Risk Governance, Risk Appetite & Tolerances, Maturity Assessments, Risk Scenario Analysis, Vendor Risk, Risk Assessments, EUCs, SOX, AML, fraud, and training.

She received both her Bachelor of Business Administration in Accounting and her Bachelor of Business Administration in Business Computer Information Systems from Hofstra University. She has served as a volunteer and mentor for the Kids With a Promise Leadership Academy in New York City.

Russ Walsh
Principal Regulatory Compliance, GE

Mr. Walsh is a computer engineer with more than 30 years of experience with Information Technology / Cyber Security Risk and Compliance. He has served at both technical levels and management positions for large global corporations such as GE, IBM, Ernst & Young, and International Paper. He has spent the past 20 years in Silicon Valley and has worked with nearly every technology company of our era, including Uber, Facebook, Google, Apple and Amazon. He currently leads risk and compliance functions for GE Digital and ensures that GE’s software products meet stringent cyber security requirements in support of GE’s 21,000 global customers.  These functions include compliance certifications such as ISO, ITAR, SOC 2, FDA, and Export Control, along with vendor risk management and secure development lifecycle. He has been a featured speaker at numerous technology conferences and webinars. 

Carol Williams
Former Director ERM, Citizens Property Insurance & Founder, ERM Insights

Ms. Williams is an enterprise risk management (ERM) professional with more than 8 years of practical ERM experience. After receiving a Master of Science degree in Risk Management/Insurance from Florida State University, she went on to design and implement the ERM program for Citizens Property Insurance Corporation, one of Florida’s largest property insurers. Her unique combination of both regulatory and industry experience helps her provide management with valuable risk insights. With her hands-on experience and extensive knowledge of ERM principles, she has been able to transform the nebulous idea of risk appetite and tolerance into a useful tool for providing executives with critical information they need for decision-making. She is the founder of ERM Insights by Carol, a boutique ERM consulting firm based in Florida.

Brent Houlahan
Chief Security Architect, Unisys

Mr. Houlahan is the Chief Security Architect for Unisys Federal. He provides cybersecurity thought leadership focusing on mission-oriented cyber resilience and integrating IT Service Management best practices into intelligence driven and proactive cyber defense operations. He has 20+ years of experience in mission critical intelligence operations, security product development, and managed services delivery.

His prior roles include VP Technology at iSIGHT Partners (acquired by FireEye), VP Managed Security Solutions at MCI/VerizonBusiness, and CTO & VP Operations at NetSec, an MSSP acquired by MCI in January of 2005. 

Before NetSec, He worked for other venture-backed startups and launched the hosting and security services business at global internetworking provider Savvis Communications (now CenturyLink). He built the Global Security Product Engineering team at UUNET where his VPN development team won DataCom Magazine's 1998 'Product of the Year'. Brent is an Electronic Warfare graduate of the US Army Intelligence Center and holds several certifications including CISSP, PMP, and ITIL Expert. His information assurance experience includes IC assignments in Japan and England.

Michael C. Redmond
Director, IT & GRC Consultant and Auditor, EFPR Group

Ms. Redmond, PhD, PMP, CEM, FBCI, MBCP, MBA, Major (Retired) is Director, IT & GRC Consulting and Audit for EFPR Group . Ms. Redmond, is a Certified Project Manager, Certified Business Recovery Planner; Certified Emergency Manager; and holds two International Master Level Certifications in Business Continuity. Michael is certified in ISO 22301, ISO 27001, ISO 27035 and many more and is a Certified Instructor. She specializes in Cyber Incident Response (CSIRT), Business Continuity, Disaster Recovery, and Emergency Management. Dr. Redmond is a Consultant, Author, International Speaker and Trainer. She trained both Corporations and Government Agencies in Nigeria and was endorsed by Gen Yakubu Gowon, Past Head of State. She served as the attaché to Chile for Disaster Recovery for a special project at the request of the President of Chile. Ms. Redmond trained Agencies for the New York City Department of Health and Mental Health on Continuity of Operations Training. She spoke in Angola and trained over 50 corporations on Business Continuity and Disaster Recovery.

Philip Aquilino
EVP, Head of Regulatory Relationships & Government Affairs, TD Bank

As Head of Regulatory Relationships and Government Affairs, Mr. Aquilino is responsible for coordinating TD Bank's relationships with bank and holding company primary regulators. He is also responsible for overseeing TD Bank's Government Relations activities, which includes relationships with both state and national legislators as well as regulatory calling programs.

He has more than 23 years of experience working with financial services risk management matters. Most recently, he was a Partner and Managing Director for The Boston Consulting Group's (BCG) North American Risk & Compliance Practice, where he worked on global regulatory matters, including advising clients on preparation for significant regulatory events, and optimization of risk and compliance processes.

Prior to BCG, he was KPMG’s U.S. lead partner of the Safety & Soundness Regulatory Practice with primary responsibility for advising clients on regulatory strategy and remediation efforts. 

Previously, he spent more than 14 years as a senior member of the Banking Supervision and Regulation Divisions at the Federal Reserve Banks of New York and San Francisco, and as an Officer in the Risk Management Group at the Board of Governors of the Federal Reserve System.

He is a graduate of The Fletcher School of Law and Diplomacy and received his undergraduate degree from the University of California at Berkeley with highest honors. He resides in Vienna, VA, with his wife and two sons.

Kenneth Bacon
Member of the Board, Comcast and Co-founder & Managing Partner, RailField Realty Partners

Mr. Bacon is Co-founder and Managing Partner of RailField Partners, an investment management firm that invests in and operates multifamily properties on behalf of institutional investors. Prior to forming RailField, Ken spent 19 years at Fannie Mae, most recently as the Executive Vice President of the Multifamily Mortgage Business. During his tenure, he grew the portfolio from $56 billion to over $195 billion, consisting primarily of multifamily mortgages and over $6 billion of conventional equity, tax credits and mezzanine debt. His organization realized net income was more than $1.5 billion as of 2012. Before joining Fannie Mae, he was Director of the Office of Securitization for the Resolution Trust Corporation (RTC) and held officer positions at Morgan Stanley and Kidder Peabody. 

He currently serves on the Board of Directors of Comcast Corporation, Ally Financial, Welltower, Inc. and Dominium. 

He is active in several non-profit and trade groups, including the Board of the Real Estate Executive Council, the National Multifamily Housing Council and the advisory board of the Stanford Center on Longevity. He is an alum and former trustee of Stanford, where he received his B.A. He also holds a M.Sc. in international relations from the London School of Economics where he studied as a Marshall Scholar, and a M.B.A. from Harvard Business School. In recognition of his service to the Marshall Scholars program, he was awarded an Order of the British Empire (“OBE”) by the British government. A native of Houston, Texas, Ken and his wife Judy reside in Washington, DC.

Stuart Frost
Head of Enterprise Security and Risk Management, Department for Work and Pensions (DWP), UK Government

Stuart Frost, BEM, heads up the DWP Enterprise Security and Risk Management organisation, a multi skilled team of Governance Risk and Compliance (GRC) professionals Security Risk Practitioners and Architects working as one to provide a risk driven security programme across a multi-disciplined large scale and diverse organisation.

He is a proven security professional and leader of security teams and programs within a large scale organisation. Stuart is both a certified GRC Professional and Auditor also holding ISACA’s Risk and Information Systems Control (CRISC) and, Certified Information Systems Auditor (CISA) certifications and is ISO27005 ISMS Risk Management (CIS RM) certified. 

Jane Wilson
Principal Enterprise Security Risk Manager, Department for Work and Pensions

Ms. Wilson is a long standing civil servant working in the UK’s biggest government department, the Department for Work and Pensions. She is a proven security professional with many years’ experience and is also a certified GRC professional. As a member of the DWP’s Enterprise Security and Risk Management Team, her role incorporates Head of Governance Risk & Compliance (GRC) and is responsible for embedding a GRC culture to support the delivery of a risk driven security programme.

Rachel Tressy
SVP - Chief Auditor, Voya Financial

Ms. Tressy (CPA) is chief audit executive for Voya Financial. She is responsible for providing internal audits and advisory services in the evaluation of Voya’s internal control environment. Prior to joining Voya, she spent 15 years at Cigna in both audit and business roles. She has been actively working to build relationships with her partners (either business partners or audit partners) throughout her career, including working to demonstrate the value that strong partnerships bring to companies. She started her career at Ernst & Young in audit and advisory services.

Michael Cover
Director, Blue Cross Blue Shield of Michigan

Michael is a Director within the Office of the General Auditor and Corporate Compliance division at Blue Cross Blue Shield of Michigan. Michael and his team are responsible for designing and implementing technology solutions to support regulatory compliance and risk management efforts.

Scott Baldwin
Director - Enterprise Resiliency, Symantec

Mr.Baldwin is currently the Director of Enterprise Resiliency at Symantec, where he oversees the global Business Continuity and Disaster Recovery programs. He specializes in creating sustainable, risk-based resiliency programs for global, multibillion dollar high-tech companies. Before Symantec, he worked at Bay Area based companies including Safeway, PayPal and Charles Schwab, and most recently, designed and implemented the global resiliency programs for eBay and Synopsys. Additionally, Mr. Baldwin is serving on the national board of the Association of Continuity Professionals (ACP), North America’s largest resiliency professional organization.

Based in Silicon Valley, he has seen first-hand how business has evolved into a 24 hour, global marketplace, and the need for Resiliency to mature from a ‘recovery’ based discipline, to a risk-based, impact avoidance/absorption practice. He is on the forefront of the Organizational Resilience movement to better integrate resilience and operational risk. His current passion is to introduce resiliency’s existing operational practices to other risk discipline’s in order to develop a single, organization-wide and sustainable risk register.

He is certified with both of the industry’s top governing organizations, Disaster Recovery Institute (DRI) and Business Continuity Institute (BCI), a frequent industry speaker and author.

Stephanie Hanson
Privacy Engineering Lead - Americas, OneTrust

Ms. Hanson is the Privacy Engineering Lead of the Americas at OneTrust – the largest and most widely used dedicated privacy management technology platform to operationalize privacy, security and third-party risk management. In her role, she oversees OneTrust’s team of Privacy Engineers across the Americas, working with emerging and enterprise companies on data protection regulation solution implementations, focused on building and scaling global privacy programs. She has publicly spoken on a variety of privacy and security topics, providing deep insight into regulatory issues and practical approaches to compliance. Additionally, she helps facilitate OneTrust's PrivacyConnect workshops across the Americas. Prior to OneTrust, she developed a payment processing platform for hospitals and drove mobile device management retail implementations for many of the world’s Fortune 500 companies. She is a Certified Information Privacy Professional (CIPP/E and CIPM) and holds a B.S. in Computer Science from the Georgia Institute of Technology.

Alex Gacheche
Director Internal Audit - Technology and Data Management, Freddie Mac

Alex Gacheche is a Data Management leader at Freddie Mac. He is responsible for ensuring Data Management processes across Freddie Mac are implemented per regulatory requirements and that the firm is leveraging the full potential of data. His collective experience includes; performing information technology controls assessments in conjunction with management consulting engagements, compliance audits, business audits, privacy audits, cybersecurity audits, model audits, SOX 404 readiness, and financial statement audits.

A veteran of over 20 years in the Financial Services Governance, Risk and Controls space, Alex joined Freddie Mac in 2010 and has held management roles in Freddie Mac’s Single-Family Business, Internal Audit and Enterprise Risk Management Divisions. Prior to joining Freddie Mac, Alex worked with PricewaterhouseCoopers, Ernst and Young and Arthur Anderson.

Alex earned a master’s degree in Accounting from Bowling Green State University (BGSU – Ohio), a B.S. in Accounting from the University of California (UCLA) and Data Science certification from Harvard University. Alex resides in Great Falls, Virginia with his wife and three sons and is an avid runner and tea enthusiast.

Ian Sanchez
Governance Risk & Compliance Manager, FHLB-Chicago

Currently employed at The Federal Home Loan Bank of Chicago as an Audit Analyst. Graduated from Indiana University's Kelley Business School in 2014. Interested in a corporate finance position.

Knute Ohman
VP - GRC Program Manager, TCF Bank

Mr. Ohman has been with TCF Bank for 3 years as the GRC Program Manager. His responsibilities include project management for all current and future MetricStream implementations, advising on process improvement, library development, and support activities including system administration and change management. Prior to joining TCF Bank, Mr. Ohman was with Thomson Reuters (previously Paisley) for 10 years. He started as an implementation consultant on Thomson’s GRC offering, assisting on over 100 implementations. He later transitioned to the Audit and Internal Controls Product Manager for the product suite, working with current and future clients to determine features brought into the applications.

Ileana Canlas
Head of Compliance & Internal Audit, CAE USA Inc.

Ms. Canlas has been with CAE USA for 15 years, in various program management and compliance roles. As Special Projects Manager she developed the strategic plan and structure to identify the diverse organizational legal and voluntary compliance requirements, risk assessment processes, processes for adherence to controls and remediation, and established the group that is currently heading.  She also has an advisory role for general risk management, IT operations, and project management. Prior to CAE USA, she was Division CFO and Finance Manager for Avaya, Sales Operations Manager of Tech Data, and Management Sr. and PE for AEGON. Simultaneous with her corporate career, she was an awarded Associate Professor of International Business & Information Technology at the MBA level for multiple campuses of Schiller International University for almost two decades. She is member of the Executive Board of the PhilAm Chamber of Commerce of Tampa Bay, FL. Ms. Canlas holds two MBAs summa cum laude, in Management of Information Technology (SIU) and Business Management (Saint Leo University), is a PMI/Stanford University Certified Project Manager (SCPM), Certified Associate Government Project Manager (PMI), and Certified Internal Audit Practitioner (The Institute of Internal Auditors).

Jinny Lung
Director, Security GRC, Salesforce

Prior to joining Salesforce in early 2018 Ms. Lung was at Google in a operational and vendor risk role on Finance operations team and at Adobe leading the third party SaaS provider assessment team. In my current role at Salesforce, she was responsible for the creation and maintenance of our enterprise information security standards and the development of operational processes to support the document management lifecycle. This involves collaboration with multiple internal stakeholder groups across security, engineering, legal, and compliance teams to ensure the standards reflect both internal security strategy and external compliance obligations. She also an active member of Salesforce's Women in Security group and Ohana committee. On my free time, I enjoy volunteering at my kid's schools and listening to the waves and collecting shells at the beach. 

Michael Rasmussen
Chief GRC Pundit, GRC 20/20

Mr. Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of enterprise GRC, GRC technology, corporate compliance, and policy management. With 18+ years of experience, he helps organizations improve GRC processes, design and implement GRC architecture, and select technologies that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the 'Father of GRC' - being the first to define and model the GRC market in February 2002 while at Forrester.

He has contributed to U.S. Congressional reports and committees, and currently serves on the Leadership Council of the OCEG and chairs the OCEG Technology Council, OCEG Policy Management Group, and the OCEG GRC Architect Group.

He is quoted extensively in the press and is respected for his commentary on broadcast news channels. He is an Honorary Life Member in The Institute of Risk Management for his contributions to risk management and GRC. In June 2007, Treasury & Risk recognized he as one of the 100 most influential people in finance with specific accolades noting his work in 'Governance and Compliance: Saving the Planet and the Corporation' and as a 'Rising Star in Rocky Times: Corporate America's Outstanding Executives.' 

Prior to founding GRC 20/20 Research, he was a Vice-President and 'Top Analyst' at Forrester Research, Inc. Before Forrester, he led the risk/compliance consulting practice at a professional services firm, and prior to that has specific experience managing compliance and risk within commercial organizations. 

His educational experience consists of a Juris Doctorate in law and a Bachelor of Science in Business. He is currently pursuing a Master of Divinity at Trinity Evangelical Divinity School with a research focus in ethics and church history. He is a GRCP (GRC Professional), CCEP (Certified Compliance and Ethic Professional), and a CISSP (Certified Information Systems Security Professional). OCEG has recognized him as an OCEG Fellow for his contributions and advancement of GRC practices around the world.

Gavin A. Grounds
Executive Director, Information Risk Management & Cyber Security Strategy, Verizon

Gavin Grounds leads Cyber Security Strategy and Enterprise Information Risk Management, as part of the executive leadership team of Verizon’s Corporate Information Security organization.  With 2019 revenues of over US$131.9bn, US$35.7bn in cash flow, and assets in excess of US$291bn, Verizon is a global Fortune 20 company, delivering innovative communications and technology solutions through its various divisions including Verizon Consumer Group, Verizon Business Group, and Verizon Media Group.  Its services and solutions include 5G, 4G LTE Network services & technology, communications services and products, video, and data services, managed security and managed network services, and various Internet of Things (IoT) services and products.

In the leadership of cyber security strategy and transformation and delivery of Enterprise Information Risk Management, Gavin drives the development and execution of the cyber security strategy across the Verizon Corporation.  Additionally, he leads the Enterprise Information Risk Management function and strategy, covering information & cyber risk, policy, standards, governance and compliance management practices, to ensure that Verizon’s information assets are adequately protected throughout the full system lifecycle and ensuring that operations and controls meet Verizon’s policy, legal, regulatory and governance requirements.

Prior to joining Verizon’s leadership team in 2018, Gavin was Sr. Director of Information Security, Risk & Compliance (CISO, Global Delivery) at DXC in its Global Delivery Organization.  Gavin led end-to-end security operations and information risk and compliance management in the delivery of DXC’s broad portfolio of services.  His leadership included defining and executing the DXC Bionix^TM automation strategy for Security, Risk & Compliance on the transformative “Platform DXC.”

DXC was formed in 2017 when Hewlett Packard Enterprise (HPE) spun out its Enterprise Services business and combined it with Computer Sciences Corp.  (CSC).  At HPE, Gavin served as Global Director of Information Risk Management, Enterprise Security Services, where he led a global organization of more than 1,800 security and compliance professionals to underpin HPE’s services with solid Security and Compliance operations and frameworks and drive significant revenue growth by driving strategic direction for clients through C-Level advisory engagement.  In partnership with the Legal department, Gavin served as the primary interface with strategic global clients and with various external agencies and government entities around the globe.

Gavin first joined Enterprise Services (at EDS) in 2000 and has previously held several leadership roles including Director of Global Strategies for Information Assurance and as Client Security Officer for some of the world’s largest Financial, Energy and manufacturing companies.

Gavin has held various leadership roles including CIO of a Business Process Outsourcing company, CEO & Founder of a security consulting firm, security & network strategy leadership for a large off-shore bank and Founder of an industrial plant operations software house.

Gavin is a qualified member of the Institute of Directors, a Chartered Engineer, a Chartered IT Professional and a Certified Information Systems Security Professional.  He serves on the advisory board of security technology companies, is a member of the IoT European Council, and as a Fellow of BCS, the Chartered Institute for IT, he is currently the Chairman of the USA Section.

Gavin is the author of several International and US patents and patent-pending applications, including:
 

• Method and Apparatus for Processing Financial Transactions
  ^{(WO2002079922A3; US20020128917A1; AU2002338252A1; JP2004537088A; MXPA03008054A; ZA200306883B)}
• System, method, and computer program product for taxation of online transactions
  ^{(WO2004081839A2;  US 2004O18147OA1)}
• Systems and Methods for Automated Quantitative Risk and Threat Calculation and Remediation
  ^{(Patent-Pending)}

Born and educated in the UK, Gavin has lived and worked in various countries in Europe, Asia, and the Americas, is fluent in English and Spanish and now lives in the USA.  In his private time, he is a musician and also enjoys various sports activities including fitness, distance running (having raced 4 marathons and 4 half-marathons in the past 15 months) and motor racing.  He is a fundraiser for various charities, particularly focused on benefiting children, suicide prevention and eradicating extreme poverty.

Arpit Shah
Director Audit Data and Reporting, The Depository Trust and Clearing Corporation

Mr. Shah has over a decade of experience in analytics, currently as Director of Audit Data and Reporting at The Depository Trust and Clearing Corporation (DTCC). He leads a multi-dimensional team charged with delivering high profile business intelligence on enterprise issue management to stakeholders across the company. Prior to DTCC, he was responsible for delivering on a multi-year data strategy, including building and maintaining a cutting edge analytics technology stack, with the Advanced Audit Analytics team at a Fortune 50 global insurance powerhouse. He has a degree in Computer Engineering and Computer Science from Rutgers University, and lives in New Jersey with his loving wife and charming toddler.

Thomas Scheppat
Senior Director Policy & Governance, Salesforce

Mr. Scheppat is currently the Senior Director for Security Policy and Governance at Salesforce - A cloud-based customer relationship management (CRM) platform for supercharging every part of your company that interacts with customers — including marketing, sales, commerce, service, and more. At Salesforce he oversees the building and maintaining of Salesforce enterprise security policies, standards, and procedures, security governance at the enterprise level, data Governance a the GRC level, and co-leads the MetricStream M7 implementation. His passion is building integrated risk management processes and systems enabling greater agility in the delivery of products and services. He has worked in the governance, risk management, and compliance industry for more than 20 years and has implemented GRC processes and tools such as SAP eGRC, Archer, and most recently MetricStream M7. He spent his first 20 years with Cargill where his last role was the process transformation of the security controls and compliance function. He moved to the Seattle area to join Microsoft in building out a new GRC team, processes and enabling tools before moving to Nordstrom to do the same. He loves long distance trail running in the pacific northwest and volunteers with the King County Sheriff's Search and Rescue organization.

Marina Adams
Compliance Officer & AVP, Federal Reserve Bank of New York

As Compliance Officer and Assistant Vice President at the Federal Reserve Bank of New York, Ms. Adams helped to create and develop the Compliance Function at the Bank. Ms. Adams’ responsibilities include the development and implementation of the Bank’s Anti-Money Laundering and Sanctions compliance programs, Data Privacy program, and the Bank-wide Compliance Risk Assessment. Ms. Adams is a frequent presenter on compliance at the Bank’s conferences for central bankers as well as at external venues, and has developed a variety of live and e-learning trainings. Prior to working in compliance, Ms. Adams worked as an Attorney and Counsel in the Bank’s Legal Group, and served as a Deputy Ethics Officer. Ms. Adams provided legal support to the Bank’s payments areas and performed transactional work relating to foreign accounts and fiscal agency relationships. She also served as the Vice-Chair of the Payments Subcommittee of the Uniform Commercial Code Committee of the Business Law Section of the American Bar Association and was a frequent contributor to the ABA’s The Business Lawyer. Ms. Adams is a member of the International Association of Privacy Professionals and is certified as CIPP/US. She holds a B.A. degree in Philosophy cum laude from the University of Pennsylvania and J.D and M.B.A. degrees from Boston University. 

The views expressed by Ms. Adams are her own and do not represent the views of the Federal Reserve Bank of New York or the Federal Reserve System.

David Dunn
EVP & Assistant General Auditor, PNC Bank

Mr. Dunn is Assistant General Auditor responsible for leading Internal Audit of PNC’s Information Technology, Information Security, Physical Security, Enterprise Fraud and Third Party Management functions. He is also responsible for leading the Data Analytics, Robotics, and Intelligence Automation function within Internal Audit. 

Prior to joining Internal Audit in November 2016, Dunn served as Senior Vice President and Senior Audit Director of Global Technology and Operations for Bank of America.

He has over 25 years of experience in technology, audit, and financial services. His experience includes The Royal Bank of Scotland where he served as the Head of Operational Risk Management. He spent 10 years at Capital One where he served in various roles including Executive Vice President and Head of Operational Risk Management and Senior Vice President, Senior Technology Executive for Capital One Bank, as well as the Managing Vice President, Director of Information Systems Audit for Capital One Financial Services. In addition, he served as the Director of Quality Assurance at PeopleSoft and as a Financial Systems Project Manager for Corning Incorporated. He began his career in public accounting.

He earned M.B.A.’s in General Management from Cornell University, Johnson School of Management in Ithaca, New York, and in Global Management from Queen’s University, Queen’s School of Business in Kingston, Ontario, Canada.  He earned a Bachelor of Science in Accounting from Excelsior College, Albany, New York. In addition, he is a certified public accountant (CPA), certified internal auditor (CIA), certified information technology professional (CITP) and chartered global management accountant (CGMA).  

He is a frequent speaker at various industry conferences and forums. 

Garrett Smiley
CISO & VP of Information Security, Serco, Inc.

Oversight and governance for all information and cyber related compliance, risk management, and security within Serco, Inc. The major areas of focus thus far have included protecting unclassified federal government data on Serco equipment (e.g., DFARS 252.204-7012/NIST SP 800-171 compliance), helping to maintain our Special Security Agreement (SSA) with the Defense Security Service (DSS), and increasing security for systems under ETSS.

Jacqueline Bukaluk
COO – Internal Audit & Credit Review, Royal Bank of Canada

Ms. Bukaluk is Chief Operating Officer, Internal Audit and Credit Review at RBC. She is responsible for ensuring that the Internal Audit and Credit Review group provides independent and objective risk assessment of the effectiveness of risk management practices, internal controls and governance processes for all areas of RBC. She is also accountable for all the global governance and operational needs of both the Internal Audit function and the Credit Review group. She manages and leads the strategic transformational objectives of the Internal Audit and Credit Review group, including the implementation of all major initiatives and change management. She ensures that all professional standards are adhered to across the two functions in the performance of its accountabilities, as well as ensuring compliance with all regulatory requirements. She joined RBC from Deloitte, where she was a Partner in the Risk Advisory practice. Prior to Deloitte, she was employed with another global financial institution where she held executive positions in the internal audit and the global HR functions. She has a depth of risk and audit expertise gained through extensive financial services experience. She holds an MBA from the Ivey School of Business, B.Com, Accounting from McMaster University and is a CPA, CMA. She also holds the IIA’s CRMA designation. Over the past 15 years she has held numerous executive and board positions with the Toronto Chapter of the Institute of Internal Auditors, including the Vice President of Programs, Chapter President, Board Chair, Governor, Chair of the Nominating Committee and Chair of the Governance Committee. She is currently a Co-Chair of the 2019 IIA Canada National Conference.

John Beeler
EVP and Chief Risk and Assurance Officer, Salesforce

Mr. Beeler has been Executive Vice President and Chief Compliance Officer for Salesforce since August 2015. Previously he served as the company's Senior Vice President and Chief Compliance Officer beginning in July 2013 and prior to that he was Senior Vice President, Internal Audit commencing in January 2008. Prior to Salesforce, he held finance, compliance, and internal audit leadership roles of increasing responsibility at Amgen Inc. and Brunswick Corporation. His began his career at Price Waterhouse. 

He is a CPA (inactive) and received his BS in Accounting at the University of Illinois – Urbana and his MBA from the University of Chicago. He serves on the Board of Governors of the of the Institute of Internal Auditors (IIA) for the San Francisco chapter, previously having served as the President and the Vice President of Programs. He also serves on the Board of Directors for the ARC San Francisco, a non-profit organization focused on improving the lives of individuals with intellectual and developmental disabilities.

Timothy Berichon
Head of Internal Audit, Cooper Tire & Rubber Company

Finance Leader and speaker with diverse, in-depth experience in financial, operational, and compliance activities, including multiple divisions, processes, technologies and international geographies; improving processes, controls, employee engagement, and customer service.

20 years of finance management and leadership experience, including Internal Audit, Operational Finance, and Public Accounting (PwC). Global IA leadership for multi-billion dollar global public companies, and Operational Finance Leadership in both small and larger business units including $250m complex, international assignment.

10 years of global technology industry experience, including strategic/global relationship management, indirect channel marketing, direct selling, configuring, implementing, supporting and training on MRP/ERP and Supply Chain systems.

Akhenaton Marcano
Head Operational Risk and Controls, First Citizens Bank

Mr. Akhenaton Marcano has been employed with First Citizens Bank Limited since July 2014 and currently serves as the Assistant General Manager – Group Operational Risk and Controls.  In this present role, he has overall responsibility for sustaining the Group’s Operational Risk Management Framework as well as directing the Information Security, Business Continuity and Health & Safety functions. Prior to joining First Citizens, he worked at Trinidad & Tobago Unit Trust Corporation for approximately twelve years in various capacities including Investment Analyst, Portfolio Manager, Risk Manager and Assistant Vice President – Risk.  He is a graduate of the London School of Economics & Political Science with a Bachelor’s degree in Actuarial Science and is a certified Financial Risk Manager as well as Associate Business Continuity Professional. He is also a member of the Global Association of Risk Professionals, ISACA and the Disaster Recovery Institute International.

Lynda Witter
Senior Audit Manager, BMO

Ms. Witter (CISA, CBAP) manages Audit Technology at BMO Financial Group – a highly diversified financial services provider and the 8th largest bank, by assets (807bn), in North America.  With more than 25 years of Technology experience (including 13 years in BMO), she leverages her knowledge to Reine, standardize, simplify, and optimize support, change management, and development processes while keeping abreast of new technology opportunities to advance division objectives.  Lynda and her team currently supports over 300 staff spanning multiple countries.

Susan Burkom
Managing Director - Internal Audit, KPMG LLP

Ms. Burkom is a Managing Director in KPMG’s Risk Consulting practice with over 25 years of risk consulting and audit experience. She has a strong background in Sarbanes Oxley Assistance, Internal Audit and Enterprise Risk Management, as well as a strong accounting background. Susan currently acts as our National SOX Innovation Leader, responsible for developing thought leadership and training which reflects the changes in the SOX environment over the last 15 years as well as the value companies’ desire from their SOX program. 
Prior to joining KPMG’s Risk Consulting practice, Susan spent 12 years in KPMG’s external audit practice. This experience allows her to bring the perspective of the external auditor to her clients, which allows her to assist her clients with anticipating external auditor needs. She also spent four years at KPMG in Milan, Italy assisting global companies such as Siemens, Fiat, and Ducati with Sarbanes Oxley Implementation and SEC reporting.
She has substantial experience leading and coordinating global advisory engagements. Her experience crosses industries and has included manufacturing, finance, and healthcare. Her work includes planning and conducting global Internal Audits, Sarbanes Oxley planning, scoping, documentation and testing, as well as Enterprise Risk Management. 
She is a member of the Baltimore Chapter of the IIA and has spoken at IIA chapter events in the areas of SOX, Enterprise Risk Management and the three lines of defense.
She is a Board Member of Junior Achievement of Central Maryland, a non-profit organization focused on assisting schools in incorporating financial literacy, workforce readiness and entrepreneurship into the K-12 curriculum.

Shelagh Larkin
Senior Director - ORM, eGRC Program, Canadian Imperial Bank of Commerce

Ms. Larkin is a Senior Director in Global Operational Risk Management at the Canadian Imperial Bank of Commerce (CIBC) – a leading Canadian based global financial institution. She has overall responsibility for the Enterprise Governance Risk and Compliance program including management of the eGRC Road Map and leading the deployment of multiple use cases across the organization. She is a Professional Chartered Accountant with over 20 years’ experience in multiple industries including retail, corporate real estate and financial services. 

Linda Tuck Chapman
President, ONTALA Performance Solutions Ltd

Ms. Tuck Chapman, President ONTALA; Chair, Sourcing Industry Group (SIG) Thought Leaders Council; Co-Chair RMA Third Party Risk Management Roundtable; Advisory Board member, Shared Assessments Group

Ms. Tuck Chapman, advisor, author, and popular speaker specializes in third-party management, optimization and governance. As a former corporate executive and subject matter expert, she delivers unique insight and develops pragmatic solutions that drive enterprise value. She is passionate about driving enterprise value. She is Risk Management Association’s (RMA) subject matter expert and Co-Chair, Third Party Risk Management Roundtable; and Adjunct Professor, RMA/Wharton Advanced Risk Management Program, Wharton Executive Education. Linda is a long-serving Chair, Sourcing Industry Group (SIG) Thought Leaders Council; an Advisory Board Member, Shared Assessment Group; a long-serving Judge for Outsourcing Center’s Global Outsourcing Excellence Awards; Member, CIO Executive Leadership Council (UK); and Lecturer, Center for Outsourcing Research and Education. She is also a regulator contributor to leading industry publications including the Wall Street Journal and RMA Journal. Her book “Third Party Management –Driving Enterprise Value” is available on Amazon.com. She has received special recognition from RMA, SIG, and Global Sourcing Leaders. She is an ICB Fellow and Medalist, and holds an MBA (Magna Cum Laude) from Dalhousie University School of Business.

John Sidwell
Head of Global Audit, Cypress Semiconductor Corporation

Mr. Sidwell is currently the Head of Global Audit at Cypress Semiconductor, where he oversees the Enterprise Risk Management, Internal Audit and Compliance activities. He has been with Cypress for just over a year while creating and implementing the company’s enterprise risk management program and value-added internal audit activities, as well as streamlining the SOX Compliance Program and updating the ethics governance program. His primary focus in his career has been to move smaller audit shops to create a stronger presence and influence the company to move toward risk-based thinking and decision making. Most of his career has been with tech companies such as SunPower, Electronic Arts, 3COM, Dolby Laboratories, with financial management with PepsiCo and Coca-Cola. 

Based in Silicon Valley, he has memberships with FEI, IAPG and IIA.  He has certifications of CPA, CIA, CRMA.

Andreas Diggelmann
CTO and Managing Director for India, MetricStream

Andy Diggelmann serves as CTO and Managing Director for India at MetricStream. He is responsible for products, engineering, and consulting. He has played a critical role in driving continued product innovation as well as enabling customers to accelerate their adoption of the MetricStream M7 Platform and Applications Cloud. 

Previously, Andy served at SAS Institute, from 1994-2000 in Switzerland, and from 2000-2018 in Cary, NC in various roles. In his most recent role, as VP Planning, Operations and Strategy, he had accountability for planning, operations and strategy across all R&D divisions of SAS. He was also officially designated the second in command to the CTO and Head of R&D, where his responsibilities included overseeing corporate development and planning, performance testing and data architecture, usability, release engineering and deployment, the R&D Data Center, project management, and the R&D centers in India and China. 

His focus areas have been to continue to mature R&D processes, stabilize infrastructure, take corrective action when needed, and continue to evolve a strategic customer engagement program for R&D.

Tatyana Kalita
AVP - Non-Financial Risks, ERM, Great-West Life Assurance Company

Ms. Kalita is an AVP of Risk Governance for Great-West Lifeco, an international financial services holding company with interests in life and health insurance, reinsurance, retirement and investment services and asset management. She is responsible for development and implementation of corporate risk governance, policies and risk culture programs. She also leads the governance and operational readiness work stream for the enterprise Metric Stream implementation.

Formerly, she led efforts on building the oversight function for technology and cyber risk as well as developing the operational risk management practices for Technology and Operations at the Royal Bank of Canada. Before that she consulted the United States Embassy on physical security and political matters. Her started her career working for the biggest national retailer of high fashion and premium cosmetics brands and was the person who brought Max Mara fashion house to Belarus. She also founded two services companies that successfully operate on the international market.

She has an M.B.A. from Rotman school of management and an undergraduate degrees in education and psychology. She is a certified personal trainer passionate about tennis and long leisurely walks. She loves to travel, explore new wines and cuisines and share her discoveries with friends.

Susan DeSantis
Managing Director - Chief Compliance Officer, DTCC

Ms. DeSantis is a Managing Director and Chief Compliance Officer for the Depository Trust and Clearing Corporation (“DTCC”). In addition, she is the AML officer for DTCC.  Susan has been with DTCC for over twenty two years working in various functions in technology, strategy and compliance. Her responsibilities include directing DTCC’s Anti Money Laundering surveillance and Know-Your-Customer programs. She has a degree in Finance from the University of South Carolina and a Masters of Business Administration from New York University Stern School of Business.

Kaih Taylor
Third-Party Management Administrator, AgFirst Farm Credit Bank

Ms. Taylor has been with AgFirst for the past year and is leading the creation, development, enhancement and deployment of the bank’s Third-Party Risk Management program. This program is designed to reduce risk and vulnerability and increase agility and resilience across the organization. Ultimately, it will create accountability and standardized oversight, providing assurance to the bank’s regulator and board of directors that third-party risks are being managed effectively.

Ms. Taylor has nearly a decade of experience in this arena, having previously worked as a business analyst for American Express overseeing compliance, finance, analysis, vendor management and contract management for all European, Middle Eastern and African territories. She also served as lead contract support for Norland Managed Services (now CBRE), overseeing the vendor management program for the London portfolio.

Ms. Taylor holds Business Analyst diploma, and also Business and Administration Level 3 certification. A graduate of the United Kingdom’s Institute of Leadership & Management institute. She is a certified through the Compliance Education institute as a Certified Regulatory Vendor Program Manager III (Advanced).

Jeff Easley
AVP - GRC Programs, USAA

Mr. Easley is responsible for Governance Risk Compliance Programs, delivering solutions and support for USAA’s line of defense community. Program activities include GRC system and line of defense application development and integration, as well as operational support for the user community. He works with line of business and staff agency leadership to enable capabilities in support of key risk and compliance obligations.

Prior to his GRC Programs role, he served as a product management leader for USAA’s Deposits business responsible for financial (P&L), marketing and operational performance. He also led product development for Deposits and delivered several industry firsts.

He began his career at USAA in January, 2002 as a program manager for PeopleSoft HR projects delivering $20M in project improvements annually to HR, Finance and Corporate Service operations through PeopleSoft enterprise systems integration efforts. Prior to joining USAA, Mr. Easley served as a principal consultant with PricewaterhouseCoopers in the PeopleSoft practice. He led global, multi-year systems integration efforts at Ford Motor Company, General Motors and AT&T.

Lynn Fountain
Risk Consultant, Trainer & Author

Ms. Fountain has over 35 years of experience spanning public accounting, corporate accounting and consulting. 20 years of her experience has been working in the areas of internal and external auditing. She is a subject matter expert in multiple fields including internal audit, ethics, fraud evaluations, Sarbanes-Oxley, enterprise risk management, governance, financial management and compliance and she has held two Chief Audit Executive (CAE) positions for international companies. In one of her roles as CAE, she assisted in the investigation of a multi-million-dollar fraud scheme perpetrated by a vendor that spanned 7 years and implicated 20 employees.

Ms. Fountain is currently engaged in her own consulting and training practice and has trained internationally. In addition to her personal training, she also serves as a discussion leader for the AICPA for numerous classes. Topics include fraud and forensic courses for both profit and not-for profit, internal controls for large and small entities, COSO 2013, ethics, and risk management and various leadership courses.

Vidyadhar Phalke
Chief Innovation and Cloud Officer, MetricStream

Mr. Phalke is responsible for MetricStream's technical architecture and strategy. Prior to being promoted to the CTO position, he served as Vice President of Product Management and Engineering at MetricStream where he was responsible for Software Products and Platform Delivery. Starting in 2003, he has been instrumental in transforming the, then nascent, GRC Platform vision into an industry-leading GRC Software.

Over the course of his career, he has held various Senior Product Management and Engineering positions in Bivio Networks, Narus and Network Programs, building enterprise-grade businesses and operations support systems.

Before joining the software Industry, he was an Academic at Rutgers University where he won two SBIR grants for cutting-edge research on Databases and Network Optimization. Besides a PhD in Computer Science from Rutgers University, Vidya holds a Management degree from MIT Sloan and a Bachelor’s degree from IIT, Delhi, India.

Nick Theodorakos
Director - Financial Risk, TD Ameritrade

Mr. Theodorakos is responsible for Market and Credit Risk Management at TD Ameritrade. This includes setting margin requirements, managing account and firm level risks related to financial markets and client transactions.

Prior to joining financial risk management he spent several year in trading and client risk at TD Ameritrade. He spent 6 years as a market maker at the CBOE trading a variety of equity, index, and futures products.

He has been with TD Ameritrade since 2006. He has a bachelor’s degree in finance from St. Bonaventure University in Olean, NY. He holds the Series 3,4,7,24,63, & 66 Securities Licenses, in addition to several Risk Management certifications.

Claudio Antonini
Director of Analytics – Enterprise Risk, Bank of New York Mellon

Nuclear, aerospace, and financial engineer with 10, 12, and 20 years of experience in each industry, respectively. Worked in government, academia, consulting, and industry roles, as part of or creating analytics groups, oftentimes developing risk solutions from ground zero. Established contractual relationships between industry and academia (his alma mater--MIT--and various other universities) to implement or develop well-rounded, state-of-the-art projects. For the last 5 years have been working in developing financial stability and early warning systems. Active in the international forecasting community.

William Onuwa
Chief Audit Executive, Royal Bank of Canada

Mr. Onuwa is RBC’s Chief Audit Executive and prior to this he was the Senior Vice President & Global Head of Wealth Management, Insurance and RBC Georgia risk management groups. He is a member of the RBC Diversity Leadership Council. Before joining RBC, he held various executive leadership positions at General Electric (GE) in the UK and USA. In addition, he also lived and worked in Jamaica.
William is the Chair of the Board of Holland Bloorview Kids Rehabilitation Hospital Foundation Board. He also serves as Chair of the Board of Yonge Street Mission in Toronto. He received the 2015 Transformation Award for Professional Excellence. Mr. Onuwa holds a Doctorate degree in Business Administration from the University of Surrey England, as well as other professional designations in finance and insurance management.

John Forlines
Chief Risk Officer, Fannie Mae

Mr. Forlines is Fannie Mae's Senior Vice President and Chief Risk Officer. Mr. Forlines is responsible for Enterprise Risk Management, which oversees the company’s governance and strategy for global risk management. His team provides independent oversight and guidance for managing risk and ensuring compliance – including the development and implementation of risk management measures across the company. The team leads efforts to build and sustain a strong risk culture in which all employees act on their responsibility to manage strategic, market, credit, liquidity, compliance, operational, reputational, and information security – including cyber risk. Mr. Forlines chairs the Enterprise Risk Committee and is a member of the Management Committee, Fannie Mae's leadership team.

Before assuming his current position in September 2018, Mr. Forlines was the Senior Vice President and Interim Chief Risk Officer. Prior to that, he was Fannie Mae’s Senior Vice President and Deputy Chief Risk Officer. Reporting to the Executive Vice President and Chief Risk Officer, Forlines was responsible for managing aggregate credit, market, and liquidity risks – including setting corporate-level credit policies, limits, and delegations. He led oversight of risk management for the company’s Single-Family and Multifamily businesses, Capital Markets group, and counterparty risks associated with these business areas.

Before assuming the Deputy Chief Risk Officer role in December 2015, he was Fannie Mae’s Senior Vice President and Chief Audit Executive, with responsibility for all internal audit activities throughout the company – including internal controls and operational processes. Prior to that, he was Senior Vice President and Chief Credit Officer for Single-Family, with responsibility for credit policy, underwriting and eligibility standards, quality control, lender approval, and lender selling guide compliance. Earlier, Forlines served in several leadership positions in Single-Family. He started his Fannie Mae career in Internal Audit in 1987.

Sarah Dahlgren
Head of Regulatory Relations - Corporate Risk, Wells Fargo & Company

Executive Vice President Sarah Dahlgren leads the Regulatory Relations group within Wells Fargo’s Corporate Risk organization. In this role, she oversees an organized and cohesive approach to working with the company’s federal regulators and ensures coordinated efforts with regulators in other jurisdictions. Sarah is instrumental in leading the company’s efforts to foster a sustained, proactive dialogue around risk, controls, and compliance. Additionally, she works with teams across Wells Fargo to ensure the company meets its regulatory commitments. 
 
Before joining Wells Fargo in 2018, Sarah served as a partner in the Risk Practice at McKinsey & Company. Prior to that, she had a 25year career at the Federal Reserve Bank of New York, where she started as an examiner and rose to become executive vice president and head of financial institution supervision. In that role, she oversaw many of the largest domestic and foreign banks operating in the U.S. and developed new supervisory approaches.   
 
Sarah earned a bachelor’s degree from Cornell University. She also earned a master’s degree in Public Policy from Duke University,  and a Master of Philosophy from New York University. She is based in New York City.

Yo McDonald
VP – Customer Success and Engagement, MetricStream

Yo McDonald is the Vice President of GRC Solutions at MetricStream and is focused on the company's GRC market leadership. She has over 30 years of experience in Information Technology and Management, with a focus on Governance, Risk, and Compliance over the past 10 years. Ms. Delmar is responsible for MetricStream's Customer Program for over 300 companies world-wide and drives MetricStream's GRC Journey Program which provides expertise in helping companies implement strategies and programs for governance, risk, and compliance (GRC) solutions that add strategic value while delivering dramatic cost savings. Ms. Delmar has led start-ups and business units within system integration and outsourcing companies and provided advisory services to F1000 on the implementation of GRC programs. She holds a B.Sc. (Honors) in Mathematics and Computer Science and an M.B.A. from Dalhousie University in Canada. She is also a Certified Management Consultant (CMC), Certified in Governance of Enterprise IT (CGEIT), and a Certified Information Security Manager (CISM).

Peter Kenow
Audit Director – Data Innovation & Analytics, Wells Fargo & Company

Mr. Kenow is an Audit Director at Wells Fargo. He is responsible for leading the Data Innovation & Analytics team which is responsible for driving audit transformation through innovation and optimization. The team brings advanced analytics solutions to all Line of Business audit teams, remediation activity, and operational processes within WFAS. The team is designed to drive audit toward being more Continuous, Complete, and Leveraged in the way they execute audits and manage risk in the 3rd line of defense. Peter has been with Wells Fargo since 2012, moving from Wholesale to Shared Services in August 2017. 
 
He has 15 years of experience in audit, risk management, and data analytics roles in external and internal audit across the full spectrum of financial services. He spent 7 years with Ernst & Young in Minneapolis. Prior to joining Wells Fargo, Peter served various financial servcies clients in the assurance practice at Ernst & Young. 
 
He is a Certified Public Accountant in the state of Minnesota, and a graduate of Bethel University, majoring in accounting in finance.  
 
He and his family (wife-Tracy, son-Jayden (11), and daughter-Gabrielle (9)) live in Minneapolis. He enjoys coaching his son’s basketball and baseball teams, dancing competitively with his daughter, taking vacations across the country, and playing golf.

Joseph J. Okonek
GRC Administrator & Solution Architect, Globe Life

Currently, Joseph functions as an innovative GRC ecosystem expert. He combines management, innovation, and technology skills to architect, implement, and enhance GRC processes and systems at Globe Life. Prior to joining Globe Life, Joseph was the owner of a small, independent consulting practice.  The majority of Joseph’s career has been focused on serving his customers by delivering and integrating ERP, GRC, ITSM systems across multiple industries. 

Anna Felländer
Co-founder, AI Sustainability Center

Anna Felländer is the co-founder of AI Sustainability Center. Anna is digital economist, affiliated to the Royal Institute of Technology and most recently had that role as chief economist at Swedbank, one of Sweden’s leading banks. She worked in the Swedish Government for 10 years, and is one of Sweden’s leading experts and government advisors on the effects of digitalization on organizations, society, and the economy. 

Steve Waugh
Baltimore State Senator (2014 – 2018)

30 years of Leadership. Maryland State Senator. USMC Combat Veteran Aviator. Senior ProfessionalEngineer. Acquisition Professional. Cleared for TS/SCI. Specialties: Program Management SystemsEngineering Financial Management Operations Management Marketing & Sales Personnel

Maria Devassy
Vice President of Business Development and Alliances, Compliance.ai

Maria Devassy is the Vice President of Business Development and Alliances at Compliance.ai - a modern regulatory intelligence and change solution. She is a GRC, RegTech, Content, and Technology leader with over 20 years of experience helping companies bridge the gap between technology, product, and business. Maria has held leadership positions with MetricStream, KPMG, Oracle Corporation, and other technology companies. She has launched several successful RegTech products, business partnerships, and advised Fortune 100 clients on risk management, audit, advisory, and compliance business across Industries.

Rohit Bedi
Executive Vice President - Partnerships and Alliances, MetricStream

As EVP at MetricStream, Rohit is responsible for leading global partnerships and MetricStream’s ecosystem by enabling the influence, distribution, and delivery capabilities of our partners. Partnerships and alliances are viewed as key drivers of MetricStream’s growth and leadership in the marketplace. Rohit also leads some of MetricStream’s strategic growth markets such as Asia Pacific, Australia, Middle East and Africa. In the past, Rohit has been involved in building dominant software brands and successful companies that include Siebel Systems, PeopleSoft, Cognizant, and Cymbal. Most recently, Rohit led large company partnerships and strategic businesses in enterprise software at Cognizant. Prior to that, he was part of the executive team that built Cymbal, where he managed worldwide sales, marketing, and partnerships leading to a successful acquisition. At Seibel Systems, he was responsible for key product lines, and the expansion of the partner network which played a big role in Siebel’s distribution and delivery channel expansion. He was also in leadership product marketing roles at PeopleSoft during its rise to becoming a top enterprise software provider.