Agenda

#RISK QT, hosted by Nick James, is your chance to put your most pressing questions directly to a panel of leading industry experts. #RISK QT tackles the topics that matter most to risk, compliance, and governance professionals, from regulatory shifts and emerging threats to the practical challenges of getting things done inside complex organisations.

No slides, no scripts, just straight answers from people who have been there.

Moderator

• Nick James, Founder, #RISK Europe

Panelist

• Stefan Gershater, Strategic risk thinker, provocative on risk orthodoxy, practitioner
• Justin Crump, CEO at Sibylline
• Emma Price, Former Big 4 Partner and NED, Pioneer at BRAVE

As artificial intelligence accelerates and geopolitical tensions reshape global markets, organisations are facing a convergence of risks that are faster, less predictable, and more interconnected than ever before. This panel will set the strategic tone for the day, exploring how AI disruption, economic fragmentation, and political instability are redefining enterprise risk.

Moderator

• Vivek Bedi, Chief Product Officer | Board Member | Digital Leader | AI Advisor

Panelist

• Marilia Aires, Legal Counsel and Data Protection Officer, Nova Compliance Lab
• Michael Sparks, Founder & Managing Director, SparrowHawk Risk Advisory
• Sarah Van Sicklen, Global Privacy Counsel, Thermo Fisher Scientific
• Corina Shika Kwami PhD MPH, Senior Strategy Director & Head of Office, EMEA Purpose

The 2024 update to the UK Corporate Governance Code, and Provision 29 specifically, represents a marked shift to explicit accountability, requiring boards to provide a formal declaration on the effectiveness of material controls.

With this comes a demand for reliable, regular and transparent reporting on controls, to provide the board with the comfort and confidence needed to make a declaration. This heightened expectation elevates the role for controls self assessment. A structured, repeatable and scalable mechanism for gathering the assurance, insights and documentation needed to support the board’s declaration. However, the role of controls self assessment extends far beyond this and once established, a mature CSA becomes a powerful enabler across the broader governance, risk and controls landscape.

This 30 minute thought leadership webinar provides insights on how to develop and evolve your control self-assessment methodology and process. We will also showcase how CSA insights can be used across the broader governance, risk and control ecosystem. Attendees will earn how to transform controls self assessment from a periodic compliance exercise into a data-driven organisation-wide capability that enhances transparency, confidence and decision making.

1. Understand how Provision 29 reshapes governance expectations: Gain clarity on why the shift to a formal board declaration increases the need for consistent, transparent and well‑evidenced control reporting, and how CSA provides the foundation for a credible evidence base behind that declaration.
2. Learn how to design and enhance a modern CSA framework: Explore practical ways to build a structured and scalable CSA process, including defining scope, setting reliable assessment criteria, embedding effective evidence capture, and streamlining workflows to minimise administrative burden.
3. Discover how CSA drives value across the wider GRC ecosystem: Understand how CSA strengthens first‑line ownership, informs targeted assurance planning, highlights emerging control weaknesses, and generates actionable data and insights that enable organisations to monitor control trends and improve decision‑making.

Moderator

• TBA

Panelist

• Adam Tomkewycz, Senior Manager Risk Consulting, EY
• Kara Killingsworth, Product Marketing Manager, SOXHUB

While many organisations have made progress in aligning cyber, risk, and compliance teams, true integration remains elusive. The next phase is not just shared language—but shared intelligence and decision-making.

Moderator

• TBA

Panelist

• Adrian Leung, Global Head of Privacy, Informa
• Oluwasolape Akinde, Global Cybersecurity & Digital Trust Leader | AI, Privacy, Resilience & IT GRC
• Matthew Crane, Enterprise, Technology & Resilience Risk Oversight, Cboe Global Markets
• Marc Pharoah, Doctor of Business Administration (DBA) — Risk Culture, AI Governance & Org. Resilience at Swiss School of Business and Management
• Deborah J Wall, PhD MBA
• Ben Burnet, Global Ethics, Governance, Risk & Compliance Technology Strategist, SAI360

Operational resilience is being stress-tested by AI-driven processes, cloud concentration risk, and deep third-party ecosystems. This panel will examine how organisations can move beyond compliance frameworks like DORA and UK resilience rules to build continuity-first operating models. Topics include service substitution, resilience-by-design architectures, and how AI both strengthens and introduces new vulnerabilities into critical services.

Moderator

• Pilar Baltar Abalo, Global Head of Consulting, Amdocs

Panelists

• Shashishekhar Vyas, Senior Cyber Security Architect, Novonesis
• Federico Marengo, Partner (AI Governance), White Label Consultancy
• Sarah Klein, Corporate Legal Privacy Counsel & AI Officer, yoummday

As organisations deploy more autonomous systems, addressing agentic AI risks, from oversight and accountability to unintended outcomes, is becoming critical. At the same time, constant transformation is putting pressure on people. This session explores how to manage emerging AI risks while turning workforce challenges into a source of resilience.

Moderator

• André H. Paris, Advisory Council Member, Harvard Business Review

Panelist

• Dr. Anandhi Vivek Dhukaram, Chief Responsible AI & Data Officer & EU AI Act Adoption & Compliance Strategist, Esdha - Responsible AI Literacy Training for EU AI Act
• Slawomir Soszynski, CEO, Ailleron Group
• Professor Bogdan Ghita, Professor of Network Security, Performance, and Trust, University of Plymouth

As risks become increasingly interconnected, driven by geopolitical uncertainty, regulatory complexity, and the rapid adoption of AI, many organisations are still managing risk through fragmented systems, siloed teams, and disconnected data. At the same time, AI is not only amplifying existing risks but also introducing new challenges around governance, transparency, and control. This session explores the growing gap between the complexity of today’s risk landscape and the way risk is operationalised within firms.

Drawing on current industry challenges, including limitations in scenario modelling, cross-risk visibility, and regulatory response, this session will also consider how organisations can effectively govern and harness AI within their risk frameworks. It will introduce the concept of a connected risk and control ecosystem, examining how firms can move towards a more integrated operating model that links data, processes, and controls across all lines of defence. The session will highlight how this approach can enable more informed decision-making, strengthen resilience, and support the responsible use of emerging technologies like AI in risk management.

Moderator

• TBA

Panelist

• Gary Lynam, Managing Director, EMEA, Protecht

This panel celebrates the contributions of women driving innovation and leadership in governance, risk, and compliance. Panellists will share insights on breaking barriers, fostering inclusive cultures, and advancing diversity at all levels of risk management. Attendees will hear practical strategies for mentoring, leadership development, and creating more equitable and effective GRC teams.

Moderator

• Lucy Montague, Marketing Director, CoreStream

Panelist

• Sharon Sharples, Op Risk & Risk Oversight Chief of Staff, Barclays
• Victoria Guilloit, Senior Director | Business Technology, Capgemini Invent UK
• Rebecca Mclean, Risk Director, AXA Commercial

Supply chain risk is no longer limited to direct vendors—hidden dependencies across digital and operational ecosystems are creating systemic vulnerabilities.

This panel will focus on how organisations can map and monitor extended supply chains, integrate sub-tier risk into governance frameworks, and respond to cascading failures. Attendees will gain practical strategies for moving toward continuous, intelligence-led supply chain risk management.

Moderator

• Susanne (Zuzana) BITTER, Head of Regional Strategic Alliances (United Kingdom) at Cyber Security Forum Initiative

Panelist

• Gabriel Alabi, Manager, Security Risk Management, CVS Health
• Michael Kurzer, Shareholder, Vedder Price
• Xenia Bogomolec, CEO, Quant-X Security & Coding GmbH

As the United States enters a period of political uncertainty and intensifying competition over AI, its decisions are increasingly shaping the global risk landscape. For UK and European organisations, the “US factor” now influences everything from regulation and sanctions to technology supply chains and cyber risk.

This closing panel will examine how shifts in US policy—across AI regulation, export controls, and industrial strategy—are impacting global business. Panellists will explore divergence between US and EU approaches, the role of Big Tech in shaping risk exposure, and the implications of US–China tensions for cybersecurity and data governance.

Moderator

• Jill Heinze, AI Trust Architect and founder, Saddle-Stitch Consulting

Panelist

• Dr. Nathalie Moreno, Partner, Kennedys
• Nicola Cain LLB (Hons), LLM, CIPP/E, AIGP, CAIP CEO & Principal Consultant, Handley Gill Limited
• Joel Schwarz, Privacy, Cybersecurity and Emerging Tech Attorney, Law Professor, Author, Managing Partner, Schwarz Group LLC Consultants, and Student Data Privacy Advocate