Global Advisory Board

Evan's background is in the measurement and quantification of credit risk and operational risk.  His primary focus is currently on supporting institutions in building operational risk modeling for stress testing, developing their risk identification process and developing their model risk management frameworks.
Some of his recent client engagements include:
For a foreign global bank, helped them develop a comprehensive operational risk framework for their US based IHC. Ensured both integration of the framework in their international framework as well as US regulatory compliance.
For a large internationally active US bank: supported major change of course in CCAR operational risk stress estimates a few months prior to submission in reaction to regulatory guidance.
For a large regional bank: built their CCAR loss projection model and wrote the documentation for the full CCAR operational risk submission.
For a global bank conducted a validation of their operational risk modeling framework for CCAR
  Prior to joining Oliver Wyman, Evan was the Head of Risk Consulting for Financial Institutions for Aon in Columbia, Maryland. He was in charge of building Aon's risk consulting practice for financial institutions and managed multiple teams based in North America and Europe to deliver services to clients worldwide. Previously, Evan was an Assistant Vice President of the Federal Reserve Bank of Richmond, where he created the center of excellence for operational risk which served the System needs for operational risk related matters. The team was in charge of the supervision of all AMA and CCAR banks in the US and developed the Fed's CCAR model for operational risk.
Evan earned a B.A. and M.A. in Economics from the Université Catholique de Louvain in Belgium. He received an additional M.A. as well as his Ph.D. in Economics from the University of California at Los Angeles.

Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Osborn holds a bachelor's degree in English literature from the University of Warwick.

Gus Ortega is an accomplished risk management executive with over 20 years of work experience for multi-national global financial institutions. He is currently the Vice President, Head of Technology, Innovation and Operations risk management at Voya Financial. Prior to joining Voya Financial, Gus was the Head of Operational Risk Management at AIG directly responsible for the global Operational Risk program including Business Continuity and Third-Party Risk Governance and Oversight.

Gus also held various senior risk positions at UBS Investment Bank, Dresdner Bank and Morgan Stanley throughout his 20 years of work experience in the industry. He is an active advocate for Operational Risk Management and most recently was the keynote speaker at the World Bank Operational Risk Workshop in Washington D.C., Gus is also the co-author of The Fundamentals of Operational Risk for Insurers, a Risk.net book published in 2017.

As Vice President of Operational Risk, Michael leads the first line of defense risk management for financial crimes, privacy and information security, business resiliency, vendor management and compliance with regulatory requirements. Mike and his team establishes the risk direction by aligning the Multifamily Governance Framework with the business operating model. He continually improves governance by understanding the multifaceted drivers that effect risk environment.

Thomas Kaiser has been working on risk management for more than 25 years. He is the founder of Professor Kaiser Risk Management Consulting and teaches Risk Management as an honorary professor at Goethe University as well as at other institutions. He is also active in executive education at Goethe Business School in Frankfurt and elsewhere and is organizing and leading conferences and seminars as well as speaking at conferences nationally and internationally. In his long-time affiliation with KPMG, he was responsible for advising leading banks and insurance companies globally on Non-Financial Risk Management. Thomas has also worked for Deutsche Bank, Commerzbank and HypoVereinsbank on Operational Risk and with WestLB on market risk topics. Thomas is the editor of the latest RiskBooks title „Non-Financial Risk Management: Emerging stronger after COVID-19“ and is co-author/editor of the RiskBooks titles “An Introduction to Operational Risk” and “Reputational Risk Management in Financial Institutions” and has written numerous articles and several further books. He is a member of the advisory board of FIRM (Frankfurt Institute of Risk Management and Regulation) and various other industry associations. Thomas holds a master’s degree in business administration from Saarbrücken University and a PhD in financial econometrics from Tübingen University. 

Nedim Baruh leads the Operational Risk Capital and Analytics function at J.P. Morgan Chase ("JPMC") and is responsible for the Operational Risk Capital and Stress Testing processes.

Most recently, Nedim has been leading JPMC's effort to enhance its Scenario Analysis program by developing factor based models to assess its material risks. This work will help JPMC bridge the gap between operational risk measurement and management.

Prior to joining JPMC, Nedim was part of the Algorithmics Operational Risk advisory function and led many client engagements in the operational risk space.

Nedim has a B.S. in Economics from the University of Pennsylvania.

Mark Hofberg is an accomplished risk management leader with over 20 years of industry experience.  He previously served as a leader in a variety of audit, risk and compliance management functions within retail, wealth, and investment banking at Bank of America.  Mark currently serves customers as Risk Solutions Executive within ServiceNow’s financial services division.  Prior to joining ServiceNow, Mark served as RSA Archer’s field risk officer for US and Canada.

Mark has held various senior leadership roles at Accenture, Bank of America, RSA and now guides customers on their integrated risk transformation journeys with ServiceNow.  He is passionate about the evolution of risk management, emerging risks, and the utilization of technology to optimize business outcomes.  Mark has co-authored white papers on impacts of technical debt, digital risk, and has a patent on optimization of technology decisions (US 8,321,363 · Issued Nov 27, 2012) along with a patent pending process risk prioritization model.  Mark holds a bachelor’s degree in engineering from North Carolina State University.

Amit Lakhani is a thorough IT risk and information security leader with a proven track record of leading, developing, designing and delivering wide variety of programs over the span of last 15+ years. He has a particular interest in raising information risks at board level and enabling business through mitigation or avoidance of IT risks through industry-accepted and sometimes cutting-edge solutions.

Lakhani has presented and published a number of research papers, articles and chapters in the information security field. His key focus has always been keeping the balance between business, technological and operational issues. In Lakhani's most recent position at BNP Paribas, he leads the IT risks and third party risk management practices globally for the corporate and institutional banking business. Lakhani has developed and implemented robust methodologies for effective IT risk management and is embedding a strong framework for internal and external vendor risk management.

Eelco van Dijk joined ING Bank in 2008 and started working in the modelling and scenario team of Group Operational Risk.

Since 2013 ING reports operational risk regulatory capital according to the AMA model.

The AMA model uses among other internal loss events. Therefore Eelco deals with many aspects of internal loss events (data quality, completeness, etc)

Prior to moving to ING Eelco worked at ABN AMRO in a variety of risk roles for almost 20 years.

Eelco is member of the Risk Committee of the Dutch VBA CFA chapter  

 

Penny Cagan is the Americas Head of Operational Risk Control with UBS, where she currently manages the function for the combined US entities.

Operational Risk & Regulation magazine awarded Penny three awards for her contribution to the field of operational risk, including a special industry award in 2011. Penny has published widely, including authoring the chapter on Risk and Control Self Assessments for the PRMIA Operational Risk Manager Handbook.

Penny sits on the boards of PRMIA and Workforce Professional Training Institute.

Penny has more than 40 years of risk management, compliance, controls, and research experience, including managing risk and compliance functions in large financial institutions. Penny has experience with both developing and implementing risk and control frameworks, including convergence among risk disciplines.

Philip Alexander is the risk management and regulation editor for Risk.net, overseeing a team of journalists in the UK, US and Asia. He was previously senior editor at The Banker magazine, covering financial regulation, capital markets, derivatives, and central and eastern Europe.

Prior to entering journalism, Philip edited sovereign credit research for rating agency Standard & Poor’s in London. He was awarded a PhD in modern history by the University of Cambridge for a thesis on Britain and European integration.

Michele was appointed to Americas head of operational risk in July 2016 reporting to the chief risk officer. Responsible for defining the goals, missions, day-to-day management of the overall operational risk management framework including data, technology and business continuity risk, cyber security risk management, third-party risk management, control testing and global risk monitoring teams.

Michele’s career at Société Générale began in 1993 and has worked in all three lines-of-defense. Her career began as a manager in internal audit. In 1999, Michele moved to San Francisco and worked in the investment banking division. She has held various positions in operations including: control manager responsible for accounting, system administration and managementreporting; chief of staff and head of operational risk management; head of structured finance operations, as well as responsible for the oversight of all operations in Brazil and Canada.

Michele received a Master’s in Finance from St. Joseph's University, Philadelphia, and a B.S. in Accounting from St. Joseph's University. Michele has successfully obtained series 99 regulatory license.

Adam Ennamli is the current chief risk officer at General Bank of Canada, overseeing the evolution and management of all enterprise-wide risks. He leverages over 15 years of risk management, compliance and operations leadership experience at major financial and technology institutions globally, including Thomson Reuters, Canada Mortgage and Housing Corporation, Morgan Stanley and National Bank of Canada.

In his prior roles, Adam spearheaded the development of risk management, governance and compliance programmes driving strategic decision-making and prudent growth. He holds an MBA from HEC Montreal as well as multiple ESG certifications, complementing his expertise across ERM, cyber security, operational resilience and technology. Adam is recognised for enabling companies to build durable competitive advantages through world-class capabilities.

Madiha Fatima is an executive director - operational and outsourcing risk management at JP Morgan, where she leads the second line of defence function for operational and outsourcing risk overseeing third-party risk management, sourcing, procurement and inter-affiliate management. Previously, Madiha was the head of the third-party risk management department at Angelo Gordon, where she was responsible for developing a third-party risk management framework while enabling businesses to achieve their strategic objectives by utilising vendors. Before joining Angelo Gordon, Madiha Fatima was the head of third-party risk governance & oversight at DTCC. Madiha is a certified third-party risk professional (CTPRP). Madiha earned a Bachelor of Science in financial and capital markets from Rutgers Business School.

Tripp Rex is the operational risk framework executive at U.S. Bank, which encompasses the RCSA, internal control and control testing, product delivery risk, operational loss, scenario analysis and issue management.  Since joining U.S. Bank in 2014, Tripp has led functions within technology risk, control testing, and technology strategy for risk management. Prior to U.S. Bank, he held prior roles in risk and programne management at Bank of America. Prior to that, Tripp worked at Accenture in management consulting supporting various financial institutions. Tripp is an alumni of Clemson University and received his MBA from the University of South Carolina.

Fazal Mohammed is the head of operational risk management – asset management at Phoenix Group. He has 15 years of financial services industry experience working across investment banking and insurance domains covering global businesses i.e., public and private markets. Focused on supporting first line functions in making sound business decisions on a risk adjusted basis is a key motivation for success.

In his spare time, Mohammed enjoys football, movies and the company of a good book.

Since joining SG in 2009, he has held a range of positions.  Currently, he is the Chief Data Officer, SG Americas, with responsibility for data management and governance within the Region.  This function is responsible for implementing the requirements of BCBS 239, establishing sound data governance framework that meets Group needs and local supervisory expectations, and creating a solid platform for the data to be leveraged for strategic business decisions. Prior to that, he headed up the Project Management Office for the SG US Transformation project.  SG roles before that included Deputy CFO of the Americas Region of their Corporate & Investment Bank and Head of Finance Offshoring in SG Bangalore. 

Prior to joining SG, Bala was with the Canadian Imperial Bank of Commerce (CIBC) for fourteen years in a range of positions in Toronto and New York.  As Senior Vice President of the Wholesale North America Finance, he headed up the controllership function for CIBC’s World Markets and Treasury & Risk Management Strategic Business Units within North America. With a global team across Toronto and New York, he was responsible for establishing a SOX-compliant industry-leading Finance control environment as well as supporting the efficient execution of business initiatives and managing the Finance related US regulatory relationships during a very demanding period. Prior to that, he also had stints as the business-line controller for the Bank's US origination businesses (Corporate Lending, Investment Banking, Merchant Banking, Structured Finance, and High Yield), as well as the 2/ic to the Chief Accountant, with responsibility for consolidated financial, management and regulatory reporting at the corporate level.

Born and brought up in Mumbai India, Bala has a degree in mathematics from the University of Mumbai and holds professional accounting qualifications from both India and the United States.  He lives in Montclair, New Jersey is married with two children, and enjoys long-distance running.

Fred Harris is the managing director, global head of risk and compliance for enterprise technology and operations at Citi. Before that he was with Société Générale Americas. Fred is an accomplished technology executive with more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Fred was in a similar role at Bank of America and before that he was with Deloitte for 16 years in a variety of roles.

Filippo is a financial economist in the Quantitative Supervision and Research (QSR) unit of the Federal Reserve Bank of Richmond. Filippo joined the Richmond Fed in 2014 after earning his doctorate in Finance at the University of Arizona. Prior to moving to the US, Filippo worked one year for Toro Assicurazioni S.p.a. (now Assicurazioni Generali S.p.a.) and obtained his master degree in Actuarial and Statistical Science from the University of Turin. Since he started working for the Richmond Fed he has been heavily involved in Operational Risk as both modeler and examiner.

Philip Alexander is the risk management and regulation editor for Risk.net, overseeing a team of journalists in the UK, US and Asia. He was previously senior editor at The Banker magazine, covering financial regulation, capital markets, derivatives, and central and eastern Europe.

Prior to entering journalism, Philip edited sovereign credit research for rating agency Standard & Poor’s in London. He was awarded a PhD in modern history by the University of Cambridge for a thesis on Britain and European integration.

Mark has over 30 years’ experience in global capital markets, consulting and associated technologies, focusing on risk management, front- and middle-office platforms and data management. Before Chartis he held executive positions in large global financial institutions, consultancies and FinTechs, in various roles including platform and software development, solution architecture, large-scale program management, vendor selection and implementation, and strategy development and execution.

With a background covering the front, middle and back office, Mark brings to Chartis a holistic view of business, technology and regulatory issues across the enterprise, and how these issues can be addressed by leveraging appropriate technology solutions. His primary focus has been risk technology, and his work in this area includes: leading the global teams for risk technology at RBS Capital Markets and AIG; working with middle- and front-office technology teams at Barclays Capital; extensive consulting experience with major consulting organizations including EY and Deloitte; and extensive vendor experience, including time at Algorithmics and Misys (now Finastra). Mark has an MA from Oxford University and is a Fellow of the Institute of Chartered Accountants in England and Wales.

Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Osborn holds a bachelor's degree in English literature from the University of Warwick.

Chris is a member of Milliman’s Cyber Risk Solutions (CRS) practice group.  The practice delivers a portfolio of risk consulting services, such as enterprise risk design, cyber risk assessment and quantification, test and build projects, operational risk assessments, enterprise risk management (ERM) education and training, and ERM technology evaluation. The CRS practice uses diagnostic consulting strategies to understand an organization’s enterprise risk goals and challenges and then customize solutions to deliver required business results. 

EXPERIENCE

Chris has 15 years of professional experience.  His experience includes work in the banking, insurance, capital markets and card sectors helping clients assess and mitigate risk. 

Prior to joining Milliman, Chris was a Senior Manager in Accenture’s Finance and Risk Management Consulting practice, delivering work for global financial service clients.   Additionally, Chris served as an active duty Naval Officer and has multiple overseas deployments. 

Professional experience and subject matter advisory includes: 

• Cyber Security metrics and governance
• Financial Service Regulatory and Compliance initiatives
• Risk Management 
• Corporate and Risk Governance
• Surveillance 
• Financial Services operating model and cost reduction
• Regulatory remediation and responses
• Legal department risk and optimization
• Leading large cross functional projects and teams

EDUCATION

• BS Political Science, University of Wisconsin–Madison
• MBA, University of Chicago – Booth School of Business

Mark Hofberg is an accomplished risk management leader with over 20 years of industry experience.  He previously served as a leader in a variety of audit, risk and compliance management functions within retail, wealth, and investment banking at Bank of America.  Mark currently serves customers as Risk Solutions Executive within ServiceNow’s financial services division.  Prior to joining ServiceNow, Mark served as RSA Archer’s field risk officer for US and Canada.

Mark has held various senior leadership roles at Accenture, Bank of America, RSA and now guides customers on their integrated risk transformation journeys with ServiceNow.  He is passionate about the evolution of risk management, emerging risks, and the utilization of technology to optimize business outcomes.  Mark has co-authored white papers on impacts of technical debt, digital risk, and has a patent on optimization of technology decisions (US 8,321,363 · Issued Nov 27, 2012) along with a patent pending process risk prioritization model.  Mark holds a bachelor’s degree in engineering from North Carolina State University.

Lester Joseph is the Manager of the Global Financial Crimes Intelligence Group at Wells Fargo & Company. The primary mission of this Group is to provide intelligence on money laundering activity and financial crime trends to all parts of the company. Les joined Wells Fargo in March 2010 as the International Investigations Manager.

Prior to joining Wells Fargo, Les worked for the U.S. Department of Justice from 1984 to February 2010. From 2002-2010, he was the Principal Deputy Chief of the Asset Forfeiture and Money Laundering Section (AFMLS). He was a Deputy Chief in the Section since October 1991.

Les began his career with the Department of Justice in 1984 as a Trial Attorney in the Organized Crime and Racketeering Section. From 1981-1984, he was an Assistant State's Attorney in Cook County (Chicago), Illinois. He received his J.D. from The John Marshall Law School in Chicago and his B.A. from the University of Michigan.

Tanya joined Credit Suisse in January 2017 from Citi where she spent 16 years in various senior Business, Risk and Compliance roles; her most recent roles included the North America head of conduct risk and head of risk management practices for the US & Latin America International Private Banking Business. 

At Credit Suisse Tanya is the global conduct risk head focused on the continual development of the Global Conduct Risk Strategy. She is a regular speaker on Conduct Risk at the biannual risk.net training industry training forum. Tanya obtained a Masters in International Affairs from Columbia University in New York, NY in May 2000 and a Bachelor of Arts in International Careers from the Lehigh University in Bethlehem, PA. 

Danny Frost joined Legal and General in 2023 and currently serves as global head of operational risk. 

Before joining Legal and General, Frost joined AIG in June 2015 and served as chief risk officer and regional head of operational risk for Emea and Apac. Before joining AIG, he held roles in investment banking, managing derivative operations, the middle office and prime brokerage functions. Frost spent 19 years at Credit Suisse and most recently held the positions of global head of operational risk for collateral, clearing, valuations and liquidity, and global head of new business and new product approval.

Stefana Brown is chief risk officer, UK protection and fintech, and director, IT and data protection risk, at Legal & General Retail. She spent 10 years at Lloyds Banking Group and four at M&G Investments before joining Legal & General Retail.

Senior Risk and Compliance professional with experience covering various business divisions (Asset Management, Wealth Management, and Personal and Corporate Banking) and back office support functions, as well as both designing and implementing frameworks and supporting tools for Operational Risk and Conduct Risk across all divisions and regions. Six Sigma Black Belt certified (Aveta Business Institute), Project Management Professional (PMP), and certified Financial Risk Manager (GARP). Management experience with high competency in communicating to senior management and managing diverse stakeholders to deliver complex and high level messages effectively and convincingly.

Rajat Baijal is the Managing Director – Global Head of Enterprise Risk at Cantor Fitzgerald. In this role, he is responsible for designing and embedding a robust Risk Framework across the firm. This includes articulating and implementing a robust Risk & Control Self-Assessment (RCSA), Risk Event Management, Key Risk Indicators etc. and ensuring that the Board is suitably informed about all material issues.

Rajat has an MBA in Finance and has previously worked for Kensington Mortgages, Lloyds Banking Group and Aviva specialising in global implementation of their Risk Framework. Rajat is a regular speaker at risk conferences across London and New York and has authored a number of articles for risk journals/textbooks.

Ken Radigan is currently the CEO of the Professional Risk Managers’ International Association (PRMIA).  Ken also teaches Insurance Risk Management at Columbia University’s Master of Professional Studies in Insurance Management.  

Ken served as the Chief  Risk Officer (CRO) for US and Bermuda platforms of Aspen.  Prior to this, Ken was the CRO for the Casualty and Global Risk Solutions Divisions of AIG.  Ken had worked at AIG for over 25 years and during this time he had the following responsibilities:

CRO Casualty and Global Risk Solutions

• Director of corporate catastrophe modeling
• Product line manager for the Environmental Protection Programs
• Product line manager for the Cleanup Cost Cap programs
• Actuarial analyst for the corporate actuarial department

Ken was the inventor of two US Patents on Nuclear Decommissioning Insurance. 

Ken has a Bachelor of Arts degree with a major in Mathematics from the University of Dayton and has the following professional designations:

• Professional Risk Manager, PRM
• Chatered Property Casualty Underwriter, CPCU
• Associate in Risk Management, ARM
• Associate in Surplus Lines Insurance, ASLI
• FINRA Series Certifications: 6,63,66, and 7

Eelco van Dijk joined ING Bank in 2008 and started working in the modelling and scenario team of Group Operational Risk.

Since 2013 ING reports operational risk regulatory capital according to the AMA model.

The AMA model uses among other internal loss events. Therefore Eelco deals with many aspects of internal loss events (data quality, completeness, etc)

Prior to moving to ING Eelco worked at ABN AMRO in a variety of risk roles for almost 20 years.

Eelco is member of the Risk Committee of the Dutch VBA CFA chapter  

 

Fred Harris is the managing director, global head of risk and compliance for enterprise technology and operations at Citi. Before that he was with Société Générale Americas. Fred is an accomplished technology executive with more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Fred was in a similar role at Bank of America and before that he was with Deloitte for 16 years in a variety of roles.

As Vice President of Operational Risk, Michael leads the first line of defense risk management for financial crimes, privacy and information security, business resiliency, vendor management and compliance with regulatory requirements. Mike and his team establishes the risk direction by aligning the Multifamily Governance Framework with the business operating model. He continually improves governance by understanding the multifaceted drivers that effect risk environment.

Amit Lakhani is a thorough IT risk and information security leader with a proven track record of leading, developing, designing and delivering wide variety of programs over the span of last 15+ years. He has a particular interest in raising information risks at board level and enabling business through mitigation or avoidance of IT risks through industry-accepted and sometimes cutting-edge solutions.

Lakhani has presented and published a number of research papers, articles and chapters in the information security field. His key focus has always been keeping the balance between business, technological and operational issues. In Lakhani's most recent position at BNP Paribas, he leads the IT risks and third party risk management practices globally for the corporate and institutional banking business. Lakhani has developed and implemented robust methodologies for effective IT risk management and is embedding a strong framework for internal and external vendor risk management.

Rodney Campbell is a recognized industry leader in Third-Party Risk Management (TPRM), Enterprise Risk Management (ERM), Relationship Management & Contract Management. Rodney is a business champion, dedicated to empowering organizations and business leaders with industry insights and best practices to establish both regulatory compliance and organizational success. Experienced in developing global programs, organizational frameworks, and business processes that spans Asia-Pacific, Latin America, United Kingdom and North America regions, Rodney creates a high-impact, collaborative environment that eliminates silos and cross borders.  

Additionally, Rodney serves on Seton Hall University Customer Experience Program Advisory Council and The Board of Directors for HANDS Housing and Neighborhood Development.

Shelly, in her role as VP Operational Risk at Daily Pay, is responsible to establish an operational risk framework from ground up, evaluate and mitigate emerging risks, and create a risk informed culture in a hyper growth business. Daily Pay is a leader in the On Demand Pay industry and Shelly is enabling business growth by continually improving  its operational processes and Institutionalizing risk management by design. Prior to DailyPay, Shelly spent 10 years at American Express in various first and second line roles. In her last role at Amex, she led global operational risk for Travel Lifestyle Services (TLS) business in 22 markets, responsible to evaluate and mitigate business risks and risk oversight functions like Compliance Risk Assessment, Process Risk Self Assessment, Third Party Lifecycle management, Business Self Testing etc. She also spearheaded the build of control framework, oversight in emerging markets like China and Manila, and Global Business Travel, an AXP critical joint venture. She also had solid experience in Privacy Laws having worked in Privacy organization and partnering closely with Privacy, compliance and Legal on a regular basis.  Shelly has a Technology background and is hands on to work with technology in assessing technology processes for risks or working on enhancements to risk management processes and programs.

Shelly likes to volunteer her time at St Joseph’s Center and Community Food Bank of NJ. She also volunteers to teach elementary kids math and coding.