INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE

NOVEMBER 15, 2018 | THE TIMES CENTER, NYC

AGENDA | SPEAKER BIOGRAPHIES | ATTENDEES

INTERNATIONAL FINANCIAL INSTITUTIONS AGENDA CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 THE TIMES CENTER

8:30AM-8:55AM CONTINENTAL BREAKFAST SPONSORED BY

8:55AM-9AM

WELCOME AND INTRODUCTORY REMARKS

BRIGET POLICHENE CHIEF EXECUTIVE OFFICER INSTITUTE OF INTERNATIONAL BANKERS

9AM-10:15AM DISCUSSION: ADDRESSING CHALLENGES AND ADVANCING CYBER RESILIENCE A discussion on how FBOs are meeting today’s cybersecurity challenges and some of the unique aspects of being part of a large international .

ALICJA CADE CISO AMERICAS, GLOBAL MARKETS, & CAPITAL MARKETS,

LARRY TRITTSCHUH CHIEF SECURITY OFFICER - AMERICAS

MATTHIEU VAILLANT DEPUTY CISO AND HEAD OF CYBER SECURITY BNP , CIB AMERICAS

10:15AM-10:35AM COFFEE BREAK AND NETWORKING INTERNATIONAL FINANCIAL INSTITUTIONS AGENDA CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 THE TIMES CENTER

10:35AM-11:30AM

TRENDS AND OUTLOOK: INFORMATION SECURITY COMPLIANCE

Industry advisors discuss compliance trends and provide insights on emerging issues.

KRISTA ELLIS DIRECTOR AND COUNSEL (Moderator) CREDIT AGRICOLE CIB

AVI GESSER PARTNER DAVIS POLK & WARDWELL LLP

JEFFREY KING PRINCIPAL PROMONTORY FINANCIAL GROUP

HARDIK METHA DIRECTOR, CYBER SECURITY, PRIVACY AND RISK RSM US LLP

11:30AM-12:20PM

REGULATORY-SUPERVISORY PERSPECTIVES ON CYBERSECURITY Regulators discuss current and future initiatives both in the regulatory and supervisory space.

PAUL BEGEY DIRECTOR OF GOVERNMENT RELATIONS (Moderator) INSTITUTE OF INTERNATIONAL BANKERS

NIDA DAVIS ASSOC. DIRECTOR, SUPERVISION AND REGULATION FEDERAL RESERVE BOARD OF GOVERNORS

PATRICK KELLY DIRECTOR FOR CRITICAL INFRASTRUCTURE POLICY OFFICE OF THE COMPTROLLER OF THE CURRENCY

RICH HANNIBAL ASST. DIRECTOR, OCIE, TECHNOLOGY CONTROLS PROG. SECURITIES AND EXCHANGE COMMISSION INTERNATIONAL FINANCIAL INSTITUTIONS AGENDA CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 THE TIMES CENTER

12:20PM-1:30PM LUNCHEON SPONSORED BY

1:30PM-2:30PM

INCREASING SCRUTINY OF THIRD-PARTY RISK

The focus on third-party providers continues to increase as both regulators and institutions intensify their efforts. Panelist will discuss regulatory changes and supervisors’ focus on this issue, and what firms are doing and can do in response.

KEN WOLCKENHAUER VP VENDOR MANAGEMENT BANKING & CAPITAL (Moderator) BANK ABP

MATTHEW MOOG PRINCIPAL ERNST & YOUNG LLP

JEFF ROWLEY PRINCIPAL CONSULTANT ACA APONIX

JEFFREY TAFT PARTNER MAYER BROWN LLP

2:30PM-2:50PM COFFEE BREAK AND NETWORKING

2:50PM-3:55PM

BRINGING YOUR INSTITUTION TOGETHER TO FIGHT INSIDER THREATS

Effectively fighting insider threats is a multi-department effort, including Human Resources, Legal and others. Panelist will discuss how your institution can better combat this threat.

DAVID HOMOVICH INFORMATION SECURITY MANAGER (Moderator) CREDIT SUISSE INTERNATIONAL FINANCIAL INSTITUTIONS AGENDA CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 THE TIMES CENTER

STEPHEN FULLINGTON SUPERVISORY SPECIAL AGENT FEDERAL BUREAU OF INVESTIGATION

BRIAN KOLO DIGITAL EXPERT MCKINSEY & CO.

ALAN RAUL PARTNER SIDLEY AUSTIN LLP

3:55PM-5:00PM

CYBER RISK: ASSESSING AND REPORTING TO MANAGEMENT AND THE BOARD

Panelist will discuss techniques to assesses your cyber risk, effectively report those risks to management and the Board and how you can better leverage the reporting function within your firm.

MARK DRESZLER SR. DIRECTOR, CYBER & TECH. RISK MGMT., (Moderator) US IHC & GLOBAL CAPITAL MARKETS

STEVEN CHABINSKY PARTNER WHITE & CASE LLP

ASH KHAN MANAGING DIRECTOR TRELIANT, LLC

PAUL MEE PARTNER OLIVER WYMAN

5PM ADJOURNMENT INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 THE TIMES CENTER

THANK YOU TO OUR SPONSORS INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

PAUL BEGEY Director of Government Relations Institute of International Bankers

Paul Begey is the Director of Government Relations for the Institute of International Bankers. For over 20 years, he has worked in and with government, including over 8 years on Capitol Hill, and has focused his career on and technology policy. Prior to joining IIB, he spent several years at the Financial Services Roundtable. Paul earned his MBA from the Robert H. Smith School of Business, University of Maryland, and holds two undergraduate degrees from the University of Maryland, College Park.

ALICJA CADE CISO Americas, Global Markets, Investment Banking & Capital Markets Credit Suisse

Alicja Cade is the CISO of Americas and global divisions: GM, IBCM, GOSD & R&F at Credit Suisse. Information Security and Technology Risk Management specialist with 20 years of international experience of designing and implementing risk management strategies and frameworks. Prior to joining Credit Swiss, Alicja worked at PwC in the USA and UK, as a Director in IT Risk and Cybersecurity practice, assisting clients in identifying and managing risks to achieve an effective balance of control and business value whilst ensuring regulatory compliance. Alicja received M.A. European Business from University of the West of England, Bristol, UK. She is a Certified Information Security Manager (CISM, ISACA) and obtained Qualification in Computer Internal Audit (QICA, IIA, UK).

STEVEN CHABINSKY Partner White & Case LLP

Steven Chabinsky is the global chair of White & Case’s international Data, Privacy & Cybersecurity practice. He also is the Cyber Tactics columnist for Security magazine. Prior to joining White & Case, Steven served as General Counsel and Chief Risk Officer for an international cybersecurity technology firm, and was Presidentially appointed to the White House Commission on Enhancing National Cybersecurity. Steven’s prior government service includes his having served as Deputy Assistant Director of the FBI's Cyber Division, after having organized and led the Bureau’s Cyber Intelligence program and after having served as the FBI's top cyber lawyer. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

NIDA DAVIS Associate Director, Supervision and Regulation Federal Reserve Board of Governors

Dr. Nida Davis, an Associate Director in the Federal Reserve’s Division of Supervision and Regulation (S&R), is responsible for providing oversight and guidance on business operational resiliency, information technology, cybersecurity, and emerging technologies. In particular, Nida oversees and leads S&R’s efforts on cybersecurity and develop strategies to ensure that operational resiliency and information technology policies improve the safety and soundness of regulated entities in the financial sector.

Nida has served as the Associate Director and S&R Chief Technology Officer (CTO), responsible for aligning and integrating the application of technology to facilitate the S&R business goals and objectives across the System. In addition, she has been in charge of S&R architecture strategy and technology needs, evaluating new technologies, leading the formulation of application and data architecture blueprints, as well as extending S&R thought leadership and building collaborative relationships across the System. She also has acted as the SR National Coordinator for the Partnership for Progress program which is created to preserve and promote minority-owned institutions and enhance their ability to thrive in an increasingly competitive banking environment.

Prior to joining S&R, Nida served as the American Red Cross Chief Technology Officer (CTO). Nida joined the American Red Cross to lead organizational technology direction and develop enterprise technology and security technology strategies. Prior to joining the American Red Cross, Nida served as the Chief Architect and Assistant Vice President of the Enterprise Architecture Program at the Federal Reserve Information Technology organization, serving as technology thought leader and executive consultant to help set architectural and security standards and manage the Enterprise Architecture Program of the Federal Reserve System.

Nida has received her Doctor of Liberal Studies from Georgetown University. She holds a Master of Business Administration (MBA) from the American University in Cairo, a graduate degree from the ABA Stonier Graduate School of Banking, as well as a Bachelor of Science in Chemical engineering from Jordan University.

MARK DRESZLER Sr. Director, Cyber & Tech. Risk Mgmt., US IHC & Global Capital Markets Royal Bank of Canada

Mark is a Senior Director at the Royal Bank of Canada. His primary responsibility is governance and oversight of Cyber and Technology Risk Management for the US IHC and Global Capital Markets. He is also responsible for all regulatory engagements in the US. Experienced in establishing IT Risk Frameworks across diverse global business units INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

and communicating governance processes to senior business management, Mark has held senior management positions at Credit-Suisse, JP Morgan, and Arthur Andersen. Certifications include CISA, CRISC and the FINRA Series 99 license.

KRISTA ELLIS Director and Counsel Credit Agricole Corporate & Investment Bank

Krista serves as Director and Counsel and Head of Litigation for the Americas at Crédit Agricole Corporate and Investment Bank. In this role, she manages a cross-border docket that includes prelitigation matters, complex commercial litigations, governmemt investigations and enforcement actions, internal investigations, Human Resources matters, workout files, and subpoenas. Krista sits on the Bank’s Security Governance, Cybersecurity, Vendor Management, Data Loss Prevention, and Disciplinary Committees. Prior to joining CA-CIB, Krista worked in the Litigation Departments of Dewey & LeBoeuf LLP and Arent Fox LLP and clerked for The Honorable James E. Bradberry in the United States District Court for the Eastern District of Virginia. Krista is admitted in New York as well as the Roll of Solicitors of England and Wales.

STEPHEN FULLINGTON Supervisory Special Agent Federal Bureau of Investigation

Stephen Fullington is the FBI Supervisory Special Agent with responsibility for investigation of criminal cyber-attacks targeting the financial sector in the New York area. Mr. Fullington has been an FBI Agent for over 16 years. Mr. Fullington spent his first 13 years with the FBI investigating and then leading a team that investigated complex counterintelligence and espionage cases. Mr. Fullington now leads a team of 20 Special Agents, Task Force Officer and Intelligence Division personnel who focus on the investigation of computer intrusions and complex cyber fraud. Mr. Fullington also served over 7 years as a Team Leader of an FBI Evidence Response Team. In this capacity Mr. Fullington lead evidence collection teams that responded to several domestic and international terrorist attacks. Mr. Fullington has received the Attorney General’s Award and the Director of National Intelligence – Director’s Award for his contributions to the National Security of the United States. Prior to joining the FBI, Mr. Fullington was a Manager for Compliance and Risk Management at Prudential Financial. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

AVI GESSER Partner Davis Polk & Wardwell LLP

Mr. Gesser is a partner in Davis Polk’s Litigation Department. He represents clients in a wide range of cybersecurity and data privacy issues, white collar criminal defense matters and investigations, as well as complex commercial litigation.

Recently, Mr. Gesser has represented several companies who have experienced cyber events in coordinating with experts and conducting investigations; communicating with regulators, law enforcement, insurers and auditors; assessing various federal, state and international regulatory disclosure obligations; and representing the companies in related civil litigation and regulatory investigations.

Mr. Gesser has also been advising several companies on their compliance with various cybersecurity and data privacy regulations, cybersecurity governance issues, cloud migration, data minimization, and cybersecurity risk disclosures.

From 2010 to 2012, Mr. Gesser was the Counsel to the Chief of the Justice Department, Criminal Division’s Fraud Section.

From early 2011 through August 2013, Mr. Gesser was the Deputy Director of the Justice Department, Criminal Division’s BP Oil Spill Task Force.

Mr. Gesser is a frequent speaker on cybersecurity and data privacy issues, the primary author of the Davis Polk Cyber Blog, and the creator of the Davis Polk Cyber Portal.

RICH HANNIBAL Assistant Director, United States Securities and Exchange Commission Office of Compliance Inspections and Examinations Technology Controls Program

Mr. Hannibal has been an Assistant Director in the SEC’s Office of Compliance Inspections and Examinations for 19 years and has been with the Commission for 23 years. After serving 18 years in the Broker-Dealer Examination Program, he moved over to OCIE’s Technology Controls Program in 2016. Previously, he was a branch chief conducting inspections of the Self-Regulatory Organizations. Prior to coming to the Commission, Mr. Hannibal spent five years at the Legal Services Corporation (government funded legal aid) in a senior regulatory position and seven years as a litigator with a small DC law firm. Mr. Hannibal is a graduate of Wheaton College (Illinois) and Georgetown University Law Center (JD). INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

DAVID HOMOVICH Information Security Manager Credit Suisse

David M. Homovich is an information security manager at Credit Suisse with 10 years of experience developing and implementing security policies, protecting information assets, and testing cyber incident response strategies. At Credit Suisse, he is responsible for implementing CISO’s information security governance strategy and leading the CISO division’s cybersecurity sector engagement activities.

Prior to joining Credit Suisse, Mr. Homovich spent nearly 8 years at Booz Allen Hamilton where he supported the Chief Information Officer at the U.S. Department of Defense and the Office of Cybersecurity and Communications at the U.S. Department of Homeland Security.

PATRICK KELLY Director for Critical Infrastructure Policy Office of the Comptroller of the Currency

Patrick J. Kelly is the Director for Critical Infrastructure Policy in the Operational Risk Division at the Office of the Comptroller of the Currency (OCC).

In this role, Mr. Kelly leads the agency’s cyber security and resilience efforts for its supervised and serves on the Federal Financial Institutions Examination Council’s Cybersecurity and Critical Infrastructure Working Group. He joined the OCC in 2014.

From 2011 to 2014, Mr. Kelly served as the Senior Official for Privacy and Information Security Branch Chief at the Office of Inspector General for the Department of Health and Human Services where he oversaw the privacy and information security assessment and compliance programs for the agency. Prior to that, he served in the Reserve Bank Operations and Payment Systems Division at the Board of Governors of the Federal Reserve System.

Mr. Kelly holds a bachelor’s degree in political science from Florida State University and a master’s degree in public policy from George Washington University where he was a recipient of the CyberCorps: Scholarship for Service through the National Science Foundation.

ASH KHAN Managing Director Treliant, LLC

Ash Khan, Managing Director of Treliant, has over 20 years of experience in information security, technology risk management, enterprise architecture, and technology infrastructure. His expertise spans a diverse range of industries including banking, insurance, pharmaceuticals, and government. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

Prior to joining Treliant, Ash has held progressively senior leadership roles, most recently as the Chief Information Security Officer of the Global Consumer Banking division of Citigroup. In this role, he was accountable for ensuring the security of the Global Consumer Banking portfolio of products, services, applications, and customer data spanning the online, mobile, voice, branch, and ATM channels. During his tenure, he helped the business securely deploy innovative banking products utilizing leading-edge security capabilities, reducing risk while improving customer experience. He was also responsible for driving the Citi Payment Card Industry (PCI) Data Security Standard Program and represented Citi on the PCI Council Board of Advisors for several consecutive terms.

Ash has hands-on experience managing the Information Security risk of complex . He has built security programs from inception through execution, augmenting traditional security program management with business continuity, disaster recovery, and IT compliance.

Ash is a graduate in Physics from University College and holds an advanced degree in Computing from Imperial College London. In the Security discipline, he has numerous certifications including Certification in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP/US), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), PCI Internal Security Assessor (PCI-ISA), and PCI Professional (PCIP).

JEFFREY KING Principal Promontory Financial Group

Jeffrey King is a Principal in Promontory’s Global Cybersecurity Practice where he works with banks to conceptualize, design, and implement intelligence-led, threat-focused information security programs that comply with domestic and international regulations. He is an expert in operational cybersecurity, with nearly 20 years of experience working in advanced technical environments. Before joining Promontory, Jeffrey was a senior security advisor at the Department of the Treasury, where he played a critical role in the formulation and execution of the Treasury's comprehensive internal and external cybersecurity strategy. Prior to Treasury, Jeffrey was an associate in Booz Allen Hamilton’s cybersecurity practice, where he helped build offensive and defensive capabilities for clients in the defense and intelligence communities. He holds a Bachelors of Science in Analytical Finance from Wake Forest University.

BRIAN KOLO Digital Expert McKinsey & Co.

Dr. Brian Kolo is a Digital Expert with McKinsey Digital Labs, a team enabling organizations to capture new value from digital. For over 23 years, Brian has helped Fortune 100/500 companies and government agencies to solve business problems using higher level applied mathematics and artificial intelligence. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

He specializes in applying Natural Language Processing (NLP) and data analytics to high performance distributed systems, holding five patents in this space. Leveraging these capabilities, he has helped clients create business solutions in areas such as cybersecurity, finance, computational linguistics, product sentiment, portfolio management, consumer prediction, and national security. For the past several years Brian has applied NLP to identify people on the critical pathway for insider threat. Brian holds a Ph.D. in Computational Physics from the University of Virginia and a J.D. from George Mason University, specializing in intellectual property and privacy. Brian is a registered patent agent and seasoned author of publications and patents that impact the academic mathematics and software community.

PAUL MEE Partner Oliver Wyman

Paul is a Senior Partner and the North America Cyber Practice lead for Oliver Wyman. For over 20 years, Paul has consulted on a wide range of Cyber related areas, including Op Risk, IT Strategy, Operations & Governance, Cyber/Information Security Cyber Risk Quantification and large-scale change management.

Paul has specialist subject matter expertise in risk related data, IT architecture, and operations management, and is a member of the IIF Risk & Regulatory Affairs working group.

Paul is the co-author of “Deploying a Cyber Risk Strategy: Five Key Moves Beyond Regulatory Compliance”, “Embedding Cyber Defences Where They Matter”, “Large Scale Attacks on the Financial Services System: A Case For Better Coordinated Response and Recovery” and “The Equifax Breach and its implications.”

Paul studied Computer Science at Hertfordshire University, UK, and later and Business Administration at Kellogg Business School, Chicago.

Paul lives in Lower where he notes that the next most significant structure in front of his building is a green lady holding a torch.

HARDIK METHA Director, Cyber Security, Privacy and Risk RSM US LLP

Professional Objective and Summary: To assist global corporations in architecting and maturing Information Security, Privacy and Risk programs. Core focus is integration with business leadership to remove ambiguity and prioritize high profile initiatives to analyze and reduce risks. Hardik has more than 12 years of experience in architecting security and privacy frameworks around new products and services within Fortune 100 organizations. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

He is an advisor in the Cyber Risk Management specialty areas assisting clients to establish holistic technical stack and information security governance frameworks like FFIEC, CSF, ISO 27001, NIST 800-53, HITRUST, NYDFS. He also focusses on delivering global communications around change management and adoption of cyber security to various business areas as part of implementing multi-year Cyber Security roadmaps.

Experience is concentrated on: ~Enterprise Cyber Security - Program Road Map and Strategy • Cyber Policy and Enterprise Procedures design and implementation • Building and Executing High performing cyber response teams • Risk Reporting – KPI’s, KRI’s and various Risk Metrics for leadership • Governance Risk & Cyber Security communication and strategy

Education & Professional Certificates: • Masters in Computer Science – Stevens Institute of Technology, 2008 • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • Certified Information Privacy Professional (CIPP/IT/ US/ EU), • Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH) • COSO and COBIT 5.1 advisor and instructor for ISACA, NJ and NY Chapter

Awards and Accolades: • Mentor of the Year – Nominee, EY Risk - Americas, 2015 • ISACA Volunteer of the Year – North East, 2015 • Best Critical Incidence Response Centers Program, CSO40 Magazine • Best Automation Idea Award, ADP CSO (Presidential Award), 2011

MATTHEW MOOG Principal Ernst & Young LLP

Professional experience summary: Matthew is a New York-based Principal with Ernst & Young’s Advisory practice in the Financial Services Office (FSO). Matthew is the Global leader for Third-party Risk Management for Financial Services and brings over 15 years of experience working in the financial services industry, specifically in Banking & Capital Markets and Insurance. Matthew has spent the last 8 years fully dedicated to Third-party Risk Management and has experience working with large financial institutions on risk management tools and processes, sourcing/third-party risk management, analytics and regulatory and compliance (i.e. FED/OCC) projects. He has worked on global projects and assisted in international coordination with multiple engagement teams. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

Engagement experience • Matthew has managed the redesign and implementation of numerous third-party risk management programs in both financial and non-financial institutions within the US and Australia, specifically focused on: Risk modeling (Inherent through residual); Detailed process & procedures; Policy design; Assessment execution design; Service Management; Oversight and governance; Issue and exception management; Data Governance and Technology Enablement • Matthew has managed third-party risk assessment execution (both on-site and remote) for several global clients in the banking and capital markets and insurance industries. He has managed delivery teams based in the US and India and local resources throughout the globe, averaging 6,500 - 8,000 assessments a year. Components of execution include: Third-party identification; Third-party risk ranking/segmentation; Site visits (domestic and international); Third-party evaluations with respect to client frameworks/questionnaires; Issue Management • Matthew has advised several clients in relation to third party management regulatory guidance and assisted several clients in responses to MRAs and Consent Orders. • Matthew has managed several internal audits of the third-party risk management and procurement functions. • Matthew currently assists in global coordination of regional leads for the third-party risk management service line and is actively involved with teams in Central and South America, , Japan, Australia and our Global Talent hub in India.

Education B.S. in Management with a concentration in Information Systems – Rensselaer Polytechnic Institute. Certification(s) CISA, ISACA Member. Technical skills Platform: Windows, UNIX, AS400, Mainframe, Cisco IOS Language: HTML, SQL, ACL, Monarch Database: MS Access, Oracle, SQL Security: Active Directory, NIS, RACF, RADIUS and TACACS Regulatory Requirements: FIL 44-2008, OCC 2001-47, APS 115

BRIGET POLICHENE Chief Executive Officer Institute of International Bankers

Briget Polichene is Chief Executive Officer of the Institute of International Bankers. The IIB’s mission is to help resolve the many special legislative, regulatory, tax and compliance issues confronting internationally headquartered financial institutions that engage in banking, securities and insurance activities in the United States. Collectively, the U.S. operations of internationally headquartered banks contribute significantly to the U.S. economy and to the depth, liquidity and vitality of the U.S. financial markets. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

Prior to joining the IIB on April 23, 2018, Briget was Vice President and Head of Federal Government Relations at MetLife, where she developed and executed MetLife’s federal advocacy strategy. From July 2015 to March 2017, Briget was a Director at Promontory Financial Group, advising clients on all aspects of regulatory compliance and risk management. She joined Promontory from Citigroup, where she was Managing Director and General Counsel, State and Local Government Relations, from February 2002 to July 2015. Earlier in her career, Briget served as General Counsel to the House Banking Committee (now the Financial Services Committee) from 1990 to 1995, and before that, as General Counsel to the Financial Institutions Subcommittee.

Briget received a B.A. in economics from Johns Hopkins University and a J.D. with honors from Duke University School of Law.

ALAN RAUL Partner Sidley Austin LLP

Alan Raul is a partner at Sidley Austin LLP and the founder and leader of Sidley’s highly ranked Privacy and Cybersecurity practice. Alan represents companies on federal, state and international privacy and cybersecurity issues. He advises companies and boards regarding cyber and digital governance and preparedness, and helps them address crisis management for data security incidents. His practice also involves litigation and counseling regarding consumer class actions and investigations, enforcement actions and policy development by the FTC, State Attorneys General, SEC, DOJ and other government agencies. Alan provides clients with perspective gained from extensive government service. He previously served as Vice Chairman of the Privacy and Civil Liberties Oversight Board, General Counsel of the Office of Management and Budget, General Counsel of the U.S. Department of Agriculture and Associate Counsel to the President. He received his J.D. from Yale Law School and an M.P.A. from the Harvard Kennedy School of Government and A.B. from Harvard College.

JEFF ROWLEY Principal Consultant ACA Aponix

Jeff Rowley is a Principal Consultant at ACA Aponix, the cybersecurity and IT risk division of ACA Compliance Group. Jeff has over twenty years of experience in technology and risk in the financial sector. Most recently, Jeff served as Vice President for Bank of America Merchant Services where he was responsible for designing, implementing, and sustaining OCC compliant third party programs. Jeff earned his Bachelor of Science from the University of North Texas and has accumulated advanced studies in Accounting and Computer Science from the University of Hartford and Rensselaer Polytechnic Institute, respectively. Jeff is a Certified Third Party Risk Professional (CTPRP). INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

Prior to joining the IIB on April 23, 2018, Briget was Vice President and Head of Federal Government Relations at MetLife, where she developed and executed MetLife’s federal advocacy strategy. From July 2015 to March 2017, Briget was a Director at Promontory Financial Group, advising clients on all aspects of regulatory compliance and risk management. She joined Promontory from Citigroup, where she was Managing Director and General Counsel, State and Local Government Relations, from February 2002 to July 2015. Earlier in her career, Briget served as General Counsel to the House Banking Committee (now the Financial Services Committee) from 1990 to 1995, and before that, as General Counsel to the Financial Institutions Subcommittee.

Briget received a B.A. in economics from Johns Hopkins University and a J.D. with honors from Duke University School of Law.

JEFFREY TAFT Partner Mayer Brown LLP

Jeffrey Taft is a financial services regulatory attorney whose practice focuses primarily on bank regulation, bank receivership and insolvency issues, payment systems, consumer financial services, cybersecurity/privacy issues and anti-money laundering laws. He has extensive experience counseling financial institutions, merchants, technology companies and other entities on various federal and state banking and consumer credit issues, including compliance with the Bank Holding Company Act, National Bank Act, International Banking Act, Consumer Financial Protection Act, Truth-in-Lending Act, the Fair Credit Reporting Act, the Electronic Fund Transfer Act, the Equal Credit Opportunity Act, the Fair Debt Collection Practices Act, the Real Estate Settlement Procedures Act, state unfair or deceptive acts or practices statutes, CFPB's UDAAP authority, the USA PATRIOT Act, and other anti-money laundering laws; and the creation and implementation of privacy and information security programs under Title V of the Gramm-Leach Bliley Act and state privacy laws.

Jeff regularly represents banks, finance companies, trust companies and other financial service providers on regulatory matters, including the development and operation of multi- state fiduciary, deposit and lending programs.

He has also advised banks, merchants, technology companies and financial services companies on issues relating to credit cards, debit cards, gift cards, virtual currency, wire transfers and ACH transactions and other mobile payment products.

Jeff joined the Washington DC office of Mayer Brown in 1998. INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

LARRY TRITTSCHUH Chief Security Officer - Americas Barclays

Larry Trittschuh is the Managing Director, CSO, Americas for Barclays, a British multinational bank and financial services company headquartered in London. It is a with global reach, offering products and services across personal, corporate and investment banking, credit cards and wealth management. It has operations in over 40 countries and employs approximately 120,000 people. Larry is responsible for all aspects of the Chief Security Office (cyber security, physical security, investigations/forensics, and resilience) across the Americas region, including responsibility for managing the Americas Joint Operations Centre (JOC).

Prior to his current role, Larry was a Senior Vice President in the information security organization at Synchrony, the 32nd largest financial institution in the US and the largest provider of private label credit cards. During his time at Synchrony, Larry was responsible for a variety of security operations functions, including: cyber intelligence, the Computer Security Incident Response Team (CSIRT), Security Operations Center (SOC), cyber forensics, insider threat, and vulnerability management.

Larry joined Synchrony (formerly GE Capital Retail Finance) from General Electric, where he held roles in the Information Technology and IT Security organizations supporting GE Corporate, GE Aviation, GE Energy (Oil & Gas, Power & Water, and Energy Management), and GE Transportation.

Larry has been an active participant in shaping cybersecurity partnership strategies in both industry and government. Additionally, he has worked closely with regulators and legislators on security strategy and regulation. Larry serves on the Board of Advisors for Boost Technologies, Digital Times Transformation, and Digital Shadows. He was a founding Board member of the Defense Security Information Exchange (DSIE) and served on the Board of Directors of the Internet Security Alliance. He has participated in numerous Information Sharing and Analysis Center (ISAC) partnerships and information sharing communities. He is an active community volunteer, serving on the Board of Dayton Contemporary Dance Company (DCDC).

Prior to joining GE, Larry served as a pilot in the U.S. Air Force and Senior Consultant for BearingPoint, a management and technology consulting firm. He holds a Bachelors Degree in Political Science from the United States Air Force Academy and the FAA Airline Transport Pilot (ATP) certificate with nearly 3,000 total flight hours. (Aircraft flown: T-37, T- 38, KC-10, C-21) INTERNATIONAL FINANCIAL INSTITUTIONS SPEAKER CYBERSECURITY CONFERENCE, NOVEMBER 15, 2018 BIOGRAPHIES THE TIMES CENTER

MATTHIEU VAILLANT Deputy CISO and Head of Cyber Security BNP Paribas, CIB Americas

Matthieu has been working in the Information Security field for 17 years, mostly within the financial sector.

He spent the past 14 years with the BNP Paribas bank, where he operated in France, Japan and USA, serving in multiple Information Security roles both at the operational and management levels. Most recently he joined the group’s New York platform in 2014, where he created the Cyber Security function and now serves as the Deputy Chief Information Security Officer for BNP Paribas Americas.

Prior to working at BNP Paribas, he was a security consultant specialized in penetration testing and security assessments.

KEN WOLCKENHAUER VP Vendor Management Nordea

Ken Wolckenhauer is the head of Vendor Management at Nordea Bank’s New York branch and additionally supports Nordea’s international branches for third party risk management. Leading up to this position, Ken was as a subject matter expert, trainer, solutions provider, and consultant for FIS, the world’s largest global provider dedicated to banking and payments technologies. With FIS, Ken specialized in financial industry regulatory risk and compliance, mostly in the area of anti-money laundering and watchlist compliance. Nordea Bank leveraged Ken’s risk and compliance knowledge to build out the vendor management program for the New York branch, developing a program that would properly manage risk as well as gaining acceptance to the US regulators. The success of the US served as a model to develop Nordea’s TPRM program. Prior to financial services, Ken was in the telecommunications industry for 18 years in various sales and marketing management roles. Ken is a graduate of Bucknell University and is a Certified Anti-Money Laundering Specialist. INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE November 15, 2018

ATTENDEES ABN AMRO Bank N.V. Linda Coxon ABN AMRO Bank N.V. Karen Dahl ABN AMRO Bank N.V. Christine Lau ACA Aponix Jeffrey Rowley Accume Partners Sanjay Marwaha Accume Partners David Roath Agricultural Chian Fielding Agricultural Bank of China Karlene Maynard Agriculture Bank of China Wei Si Allied Irish Bank, p.l.c. Marek Trela Allied Irish Bank, p.l.c. Ross O'Kelly Arnold & Porter LLP Michael Mancusi Arnold & Porter LLP Kevin Toomey Aspen Insurance Michael Caruso Australia and New Zealand Banking Group, Ltd. Philip Barr Banco Bradesco John Christie Banco de la Nacion Argentina Mario Funes Banco de la Republica Oriental del Uruguay Sergio Kalil Banco del Estado de Chile Joseph Acosta Banco del Estado de Chile Raul Churion Banco del Estado de Chile Maria Ramos Bangkok Bank Public Company Limited Kitti Thanapuasuwan Bank Hapoalim B.M. David Hertz Bank of Baroda Kamlesh Arya Bank of Baroda B. Elango Bank of Baroda Satpal Mehra Bank of China Xi Chen Bank of China Sharon Lin Bank of Communications Co., Ltd. Shelley He Bank of Communications Co., Ltd. Henry Jia Bank of Communications Co., Ltd. David Liu Bank of Communications Co., Ltd. Jian (James) Zhou Bank of India Subiman Roy Bank of India Jyothi Venkatachalam Diarmuid Lowry Bank of Taiwan Ta Chih Yang Banque de France Julien Dotter Barclays Larry Trittschuh BBVA Thomas De Simone INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE November 15, 2018

ATTENDEES BNP Paribas Jessica Uziel BNP Paribas Matthieu Vaillant Board of Governors of the Federal Reserve System Nida Davis CaixaBank, S.A. Peter Fernandez Canadian Bankers Association Neil Parmenter Canadian Imperial Bank of Commerce Phil Garrelhas Canadian Imperial Bank of Commerce Elie Haymovitz Canadian Imperial Bank of Commerce Mirita Hunter Canara Bank Abhay Kumar Canara Bank M.N. Rao Canara Bank Kaushal Singh Capco Julien Bonnay China Merchants Bank Chengyue Jiao China Merchants Bank Joseph Loffredo China Merchants Bank Sharon Song China Merchants Bank Hongtao Wu Clearstream Banking Tina Carnesi Clearstream Banking John Taylor Credit Agricole Corporate & Investment Bank John Li Credit Agricole Corporate & Investment Bank Anne Girard Credit Agricole Corporate & Investment Bank Krista Ellis Credit Industriel et Commercial Jacob Mogray Credit Industriel et Commercial Yves Pire Credit Industriel et Commercial Tajammul Rafique Credit Suisse Alicja Cade Credit Suisse David Homovich Davis Polk & Wardwell LLP Avi Gesser Department of Finance Canada Marie-France Loranger Credit Local Rod Aday DNB Bank ASA Patrick Egan DNB Bank ASA Fran Kobren DZ Bank AG Emile Kattan DZ Bank AG Jonathan Peng Ernst & Young LLP Matthew Moog Bank AG Dinesh Patadia Erste Group Bank AG Sandra Peterson Federal Bureau of Investigation Stephen Fullington FTI Consulting Mark Capolupo Governor Software Damien Forde INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE November 15, 2018

ATTENDEES GRC Solutions Randhir Kalia GRC Solutions Theodore Kawoczka Habib Bank Lawrence Pereira Hua Nan Commercial Bank, Ltd. Yi Hua Chao Hua Nan Commercial Bank, Ltd. David Hung Industrial and Commercial Bank of China Bruce Wang ING Financial Services LLC Mariana Almeida ING Financial Services LLC Timothy Gianfreda ING Financial Services LLC Jan-Peter Keizer ING Financial Services LLC Konstantine Kuperman Institute of International Bankers Paul Begey Institute of International Bankers Briget Polichene Institute of International Bankers Stephanie Webster Japanese Bankers Association Masayuki Saegusa KBC Bank N.V. Alexa Orellana KEB Hana Bank Jae Ik Choi KfW IPEX-Bank Bela Onken Land Bank of Taiwan Hung-Chih Li Landesbank Hessen-Thueringen Girozentrale Nancy Lorenzo Gavin Golbourn Lloyds Bank Gerald Goldbaum Lloyds Bank Patrick Irwin Lloyds Bank Pravin Patel Bank Mehboob Merchant Mashreq Bank Marguerite Tiberia Mayer Brown LLP Jeffrey Taft McKinsey & Co. Brian Kolo , Ltd. Eugene Shpilsky National Bank of Canada Michael Albertson National Bank of Canada Sylvain Berger National Bank of Canada Dominic Cote National Bank of Canada Lyne D'Amico National Bank of Canada Wilson Kung National Bank of Canada Rino Lagace National Bank of Canada Anik Lapointe National Bank of Canada Max-Philippe Sodogandji National Bank of Egypt Delina Dhamo National Bank of Egypt Khaled El Ghorab National Bank of Egypt Errol Jean National Bank of Pakistan Syed Ahmad National Bank of Pakistan Nasir Qureshi INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE November 15, 2018

ATTENDEES Nord/LB Raphael Lamar-Becker Nord/LB Kathrin Rauschnabel Nord/LB Sandra Roever Nord/LB Marco Zivkovic Nordea Bank Abp Kren Holm-Jorgensen Nordea Bank Abp Frank Richards Nordea Bank Abp Ken Wolckenhauer Office of the Comptroller of the Currency Patrick Kelly Oliver Wyman Paul Mee P&G Associates Joel Dunn Polsinelli Dan Flanigan Promontory, an IBM Company Jeffrey King RBC Capital Markets, LLC C. Sonia Persaud RBC Capital Markets, LLC John Thurlow Royal Bank of Canada Mark Dreszler Royal Bank of Canada David Provost Royal Bank of Canada Svetlana Zlobina RSM US LLP Mike Harbut RSM US LLP Hardik Metha Scotiabank Mark Engel Scotiabank Dan Gordon Scotiabank Joseph Tso Securities and Exchange Commission Rich Hannibal Shanghai Commercial Bank Ltd. Chiu Nam Wu Sia Partners Roman Ozimko Sidley Austin LLP Alan Raul Skadden, Arps, Slate, Meagher & Flom LLP James Perry Skandinaviska Enskilda Banken Mats Beausang Skandinaviska Enskilda Banken Michael Monteverde Societe Generale Americas David Khalily Bank Patricia Fuster State Bank of India Manoj Kumar State Bank of India Sudhakar V. Sumitomo Mistui Banking Corporation Xun Dai Sumitomo Mistui Banking Corporation Anushree Singh Sumitomo Mitsui Trust Bank, Limited Charles Coker Svenska Federico Paulino The Norinchukin Bank Hamida Haque The Norinchukin Bank Jumpei Kodama INTERNATIONAL FINANCIAL INSTITUTIONS CYBERSECURITY CONFERENCE November 15, 2018

ATTENDEES Treliant, LLC Waldo Abbot Treliant, LLC Richard Hudson Treliant, LLC Ash Khan Treliant, LLC Frank Meister Treliant, LLC Ryan Reichenbach Bank AG Edward Ackerly UniCredit Bank AG Constance Sims United Bank for Africa Clive Edmondson United Bank for Africa Michael Nwosu United Overseas Bank Limited Christina Chai United Overseas Bank Limited Kenny Chan United Overseas Bank Limited Russell Grant United Overseas Bank Limited Kin Li White & Case LLP Steven Chabinsky

Sponsors