Data Protection and Privacy
The Data Protection and Privacy theme saw speakers tackling everything from core topics to current challenges and emerging issues in data protection.
The event began with a review of the data protection risk landscape hosted by James Wong, Digital Lawyer at Clifford Chance, and then moved to an exploration of the UK’s data protection reforms hosted by Robert Bateman of GRC World Forums.
Panellists considered key changes proposed under the Data Protection and Digital Information Bill. They concluded that while some of the proposals might present opportunities for businesses operating exclusively in the UK, the reforms were unlikely to benefit enterprises operating across both the UK and Europe.
Another highlight was a look at the risks of privacy litigation hosted by Stewart Room of DWF Law. The panel concluded that the likelihood of a given business being sued for privacy violations was relatively low—but focusing on “doing the right thing” was nonetheless essential.
Max Schrems, famous for having brought down two international data transfer treaties between the US and the EU, gave a keynote presentation to a packed-out audience.
In a compelling talk, Schrems highlighted the numerous legal issues with the new US/EU agreement passed last month—including that victims of unjustified surveillance by US authorities would get very limited information about their case following a challenge.
“In surveillance cases, you always get the same answer, ‘will neither confirm nor deny’. The new data protection ‘court’ provides exactly the same answer,” Schrems said when discussing his plans to challenge the framework’s redress system before the EU courts.
→ Interested In Exhibiting & Sponsorship at #RISK 2023?Get in touch and schedule a call to secure your spot!
Governance, Risk and Compliance (GRC)
The GRC theme was chaired by Michael Rasmussen, the “Father of GRC”, and explored high-level topics around corporate ethics, risk reduction and compliance management.
The event began with a debate on where to draw the line between risk appetite and risk tolerance. Later in the morning, Manuela Sedvartaite of Santander hosted a panel on third-party risk.
Other sessions explored the benefits of risk management as a “business enabler”, and a look at the intersection between risk tolerance and enterprise agility hosted by Ayesha James, Group Third-Party Risk Steward at HSBC.
Scott Bridgen, Global GRC Lead, OneTrust—which also exhibited at the event—gave a presentation about scaling IT risk across technology and stakeholders, providing key insights from infosec leaders on managing technology risk.
A keynote from Michael Rasmussen cut to the heart of the #RISK ethos: “aligning the scattered silos of risk”, exploring how to build a culture of trust and transparency among your team to reduce risk and achieve business objectives.
“Risk is like fire,” said Rasmussen, quoting Theodore Roosevelt. “If controlled it will help you; if uncontrolled, it will rise up and destroy you.”
To succeed in the modern risk landscape, Rasmussen said, organisations must be able to see both the tree (individual risk) and the forest (the interconnectedness of risk and objectives).
Environmental, Social and Governance (ESG)
The ESG theme explored the forefront of environmental, social and governance challenges, with broad philosophical discussions accompanied by hands-on guidance about the realities of ESG data and reporting requirements.
Several sessions centred around the B-Corp movement, an ethical certification scheme led by businesses seeking to demonstrate their commitment to sustainability and social justice.
Ian Spaulding, Chief Growth Officer with LQRA—which also exhibited at the event—gave an enlightening presentation on the vital importance of trust and transparency in achieving an organisation’s ESG objectives.
Headlining ESG was Rory Stewart, the ex-government minister turned academic and social commentator, who brought a huge crowd, with people standing several rows deep behind the seating area.
Rory discussed geopolitics, the rise of populism and the emergence of war in Europe.
“2014 is the moment where the age of populism begins,” Stewart suggested, “where the Islamic state seizes Mosul, when Narendra Modi becomes the first major populist leader, when Vladimir Putin forcibly takes Crimea—the first time a nation has done this since World War II.”
“Between 2014 and 2016, populism becomes a global phenomenon: Bolsanaro, Trump, Erdogan, the Brexit referendum.”
Another fascinating ESG session was an interview of Elizabeth Peyton-Jones of Models Trust, who discussed the exploitation of models in the advertising industry. The talk was a reminder of the importance of ensuring ethical and legal conduct among all actors in a company’s supply chain.
The Cyber Security theme was chaired by BBC Cyber Correspondent Joe Tidy, and speakers covered the biggest challenges facing organisations in the current threat landscape, from ransomware to social engineering and insider threats.
Ex-MI5 whistleblower Annie Machon gave a keynote exploring the intersection between security, privacy and the maintenance of the democratic order.
“If you feel watched, this is the beginning of the end of democracy,” Machon said.
“Protect your friends, societies and communities by encrypting your communications—and get help from organisations that could help close back doors from hackers.”
In another session, Kir Nuthi from the Center for Digital Innovation provided guidance on preparing for the Cyber Resilience Act, a landmark piece of EU legislation that will impose sweeping new security requirements on hardware and software providers.
Nuthi highlighted some key uncertainties in the current draft of the act, including definitions and overlapping reporting requirements, that will need to be closely examined by businesses and legislators.
Mark Bower, VP Product at Anjuna—one of #RISK’s exhibitors—provided a fascinating presentation on confidential computing, providing five high-impact use cases of this leading-edge privacy-preserving technology.
The Financial Risk theme provided commentary and analysis of developments in anti-money laundering, know-your-customer, fraud, and other key considerations for financial institutions.
The first day began with a panel exploring the current financial crime outlook, followed by a keynote from the headline Financial Risk speaker, journalist and author Oliver Bullough.
Bullough’s writings on the UK’s role in facilitating money laundering by Russian oligarchs could not be more pertinent, given the current climate, and the session brought a large crowd of financial compliance professionals eager to hear Bullough speak.
Andy Slater, Commercial Director at FACT360, also exhibiting at #RISK, gave a presentation on fraud, financial crime, risk and compliance anomaly detection, where he highlighted the importance of forensic analysis of communication to preventing fraud.
Kateryna Boguslavska of the Basel Institute for Governance also gave an overview of the latest Basel AML Index report.
The talk highlighted the “depressing” lack of global progress on tackling money laundering worldwide—but gave some grounds for optimism as regulation and detection techniques improve.
Other sessions featured discussions on the value of data in financial crime investigations and a look ahead to changes in the anti-money laundering regulatory landscape in 2022.
#RISK in 2023
Following the success of the launch event, the #RISK series will continue next year across Dubai, Amsterdam and London.
→ #RISK MENA: Dubai — 10th & 11th May 2023
→ #RISK EU: Amsterdam — 27th & 28th September 2023
→ #RISK London — 18th & 19th October 2023