Day two of #RISK Digital saw more industry experts unite to debate the issues defining the modern-day risk management landscape.


#RISK Digital - EU Focus: Among highlights in the morning sessions, Solutions Engineering Specialist at OneTrust, Joseph Byrne looked at international data transfers – a contentious subject since the Court of Justice of the European Union (CJEU) ruled on the Schrems II case.

As business communities worldwide adapt to seismic shifts in all sectors, #RISK Digital’s packed content agenda brought clarity on how organisations can remain responsive, innovative and competitive while mitigating risk.

Using compliance as a competitive advantage was among highlight talks in the morning, with panellists Evan Davies, Group Data Protection Officer at YouGov, Laurent Servais, Head of Global Privacy Office - Data Protection Officer at Radisson Hotel Group, and Jeremias Boos, Head of Compliance at Yamaha Motor Europe NV.

Commenting on how to build a culture of compliance in the workplace, Jeremias said:

“I think it starts with being able to understand the business and the challenges that different functions have, and the challenges from colleagues in the head office… to get them on board, you do need to relate to them and the problems they face.”

Jeremias underlined the importance of showing a genuine interest in the various functions and contributions of colleagues – honest discussions should be held to introduce the compliance team and foster meaningful connections with co-workers.

Evan Davies, Group Data Protection Officer, YouGov, said:

“Explaining to people why we’re doing this is really important. At YouGov, we have people in many different countries and they think about doing things differently.

“People in EU countries, in my experience, were a lot more familiar with data privacy laws already. Whereas people in Asia Pacific, may not be. You have to take those factors into account as well – who you’re talking to, and what this actually means for them.

“I think that the most effective thing for me was to start talking about it in ways that people understood, and that it made sense for them.”

Laurent Servais, Head of Global Privacy Office - Data Protection Officer, Radisson Hotel Group, said: 

“It’s important to change people’s perception… if you say “I’m the new DPO”, people get frightened, they see compliance as a burden.

“My role was to make sure people understand the basics, the regulatory compliance and the risks of non-compliance, but really focus on the benefits of a strong compliance programme, and that’s how you can bring in competitive edge.”

Following on, #RISK Digital turned attention to business “purpose” – what the term means, and how developing a sense of corporate purpose can set boundaries and guide an enterprise as it grows.

Emily Balcombe, ESG Manager, YouGov, emphasised how having purpose is important because “it encourages your stakeholders to connect with your company in a meaningful way.”

“A clearly defined purpose helps employees feel fulfilled by their work; it helps clients or consumers understand the value of your business, and it helps investors feel confident in your vision and your potential longevity business.”

Sam Khola, Director of Sustainability, Liberty Global, said:

“Purpose is really the core for business, and it’s what really matters for you, as a person. When you look at the materiality of your business, it’s not always easy to identify what your purpose should be, simply because you have a lot of stakeholders and they may not have the same view of the direction in which your business should go.”

“The pandemic showed us that some business priorities are unshakeable. When you look at things like work/life balance; it is important for employees to have that, and that business provides it so that they can have a healthy social life at home while they can potentially be more productive.”

Anca Plovie, Lead ESG Counsel, Global, said:

“As a lawyer, whenever we think of company purpose, we think of the corporate purpose as stated in all the legal documents, and that’s been influenced by the legal and economic aspects.

“We’ve moved on from that, so we now need to think in much wider terms about corporate purpose.

“Paraphrasing a quote: ‘it’s not your responsibility to heal the world, but you cannot desist from that either – from playing your part.’ I think that sentiment is central to this discussion.”

Emily Balcombe said:

“I think there’s a lot around the need for balancing priorities around purpose. From the ESG perspective, you’re trying to reconcile a lot of different priorities, and then stakeholders who have different priorities.”

In the afternoon, sustainability and environmental responsibility came under the spotlight, with #RISK Digital guest speakers sharing their views on how to balance profit with a sustainable business culture.

Stuart Clout, Chief Commercial Officer, Ansarada, said:

“Every organisation in the world needs to be taking a far more strategic approach to the sustainability principles. Obviously ESG has a much broader framework, as social and governance concepts are in there as well beyond the environmental.

“I think the role that technology will play in terms of standardisation of disclosures is not so much because standardisation is a regulatory issue…I think we will naturally end up in a place where people have some degree of standardisation. I feel software will play a big role in facilitating quick and accessible ways to express information in a format which makes sense and has value.”

Later in the day, diversity and inclusion were the focus themes, with #RISK Digital’s panel of experts examining the key elements and benefits of creating a diverse and inclusive workplace. 

Session host, Sunette Runhaar (Insider Threat Awareness Lead at Uber), set the scene, warning how many organisations run the risk of viewing DEI initiatives as “a nice to have”.

“It’s…a bit of a buzzword these days, but DEI is not necessarily given the level of seriousness that you would give to other programmes related to security, compliance and risk, etc.”

Pointing out the actual risks of not taking DEI seriously, Tam Hanlon, Diversity, Equity, Inclusion and Belonging Manager EMEA at Indeed, said:

“As we continue to see increased compliance and regulation, [DEI] is something that organisations should be deeply understanding, and starting to think about how they can really build this into all of the things that they do within a business.”

Touching upon the development in France and Italy of the requirement to have individuals from protected categories joining organisations, Tam noted how companies failing to meet requirements could face fines for breach of government regulation.

“I think that is perhaps the way this will go in the future, if organisations are not actually complying with this legislation, in terms of reporting, or in terms of starting to show action plans of how they close the pay gap.”

Kelly Hickey, Director and Founder, Strong Women Co, said:

“Ignoring at your own peril is what we’re talking about. Number 1 is ignoring the whole talent pool if you want to grow in a significant way. The reality is that managers tend to hire people who look like and are from similar backgrounds as themselves.

“We need to broaden our horizons. If not, you’ll be missing out on talent…innovation, and specifically, a woman’s experience with online security, all of which could be very different from a man’s experience online.

“We have to think about things differently; just the reality of the patriarchal systems we’re living in. If you have a more diverse work pool for your designers and innovators, you’re going to be able to create manufacture products that are more accessible and needed by more people.”

Elza Ganeeva, Head of Government Relations, Zoom, said:

“So, it’s a fact that the two thirds of men and women prefer hybrid work. But this number comes even higher for non-binary people or representatives of LGBTQ community; they are 14% more likely to choose hybrid working compared to their heterosexual peers. 

“Beyond that, people with different types of mental or physical conditions may favour hybrid working as it’s easier for them to work and succeed in a job market having access to remote work.”

Elza explained how new technologies are being used to create video-call avatars that mimic body language and facial expressions, promoting inclusivity.

“[The software] doesn’t relate to small movements, but the person involved can participate in the meeting and be on camera without worrying about suppressing small body movements.”

Discussing metrics for measuring the effectiveness of DEI measures, Tam Hanlon said:

“I think we often need to take a step back, and understand what we are trying to achieve with this work. And the first step of that is often finding the gaps. 

“We have to take a look at the usual data that we look at from a human talent perspective – what does our employee lifecycle data tell us? Who do we have joining? Who do we have progressing in our organisation? How comfortable are people with employee surveys? And what does our attrition or retention data look like? How do we start to understand what the demographics look like? What are the different communities and groups that we have in our organisation? And where are some of the gaps? 

“Historically, having looked at this type of data for a long time, we often see gaps in leadership of underrepresented groups. So, whether that’s a lower representation of members of the LGBTQ+ community, whether that’s a low representation of women, of people of colour, there’s just this gap and often a ceiling that truly exists. 

“But if you began without the data analysis, without understanding what is actually happening in your organisation, you could throw a lot of money, a lot of time, at what you think is the problem. But in reality, that’s not the problem. 

Missed any of the sessions at #RISK Digital? 

Watch #RISK Digital on demand

Click to discover more fantastic events and curated content available from GRC World Forums throughout 2023.

#risk digital

Risk Amsterdam 2023 Hero

#RISK Amsterdam - 27th & 28th September 2023: Our flagship event series #RISK is where the whole ‘risk’ community comes together to meet, debate, and learn, to break down silos and improve decision-making.

Technology is at the center of every core business process within modern organizations and #RISK Amsterdam is a content rich Expo centred around seven key themes:


#RISK Content Zones include Privacy & Data Protection, ESG, Security, Financial Crime, Fraud, Loss Prevention, and Governance, Risk and Compliance.

At the inaugural #RISK in November 2022 we discovered that our attendees were visiting as groups and even using the event as a meeting point to catch up with colleagues from different departments.

Our mission is to continue to build on the success of #RISK 2022 and provide a platform that allows organizations to address the cumulative nature of risk, unite disparate GRC specialties and create a compelling ‘deep dive’ agenda led by subject matter experts and thought leaders.