Global Advisory Board
Operational risk global Advisory board memebers
Chief cyber and technology risk officer
MD, chief data officer - Americas
Born and brought up in Mumbai India, Bala Ayyar has worked in the field of Finance & Accounting and Banking for more than thirty years. Bala holds professional accounting qualifications from both India and the United States. He has an undergraduate degree in mathematics from the University of Mumbai.
Since joining SG in 2009, he has held a range of positions. Currently, he is the Chief Data Officer, SG Americas, with responsibility for data management and governance within the Region. This function is responsible for implementing the requirements of BCBS 239, establishing sound data governance framework that meets Group needs and local supervisory expectations and creating a solid platform for the data to be leveraged for strategic business decisions. Prior to that, he headed up the Project Management Office for the SG US Transformation project. Roles before that included Head of Finance Offshoring in SG Bangalore and Deputy CFO of the Americas Region of their Corporate & Investment Bank.
Prior to joining SG, Bala was with the Imperial Bank of Commerce (CIBC) for fourteen years in a range of positions in Toronto and New York. As Senior Vice President of the Wholesale North America Finance, he headed up the controllership function for CIBC's World Markets and Treasury & Risk Management Strategic Business Units within North America. With a total team of about 175 individuals across Toronto and New York, he was responsible for establishing a SOX-compliant industry-leading Finance control environment as well as supporting the efficient execution of business initiatives and managing the Finance related US regulatory relationships during a very demanding period. Prior to that, he also had stints as the business-line controller for the Bank's US origination businesses (Corporate Lending, Investment Banking, Merchant Banking, Structured Finance and High Yield), as well as the 2/ic to the Chief Accountant, with responsibility for consolidated financial, management and regulatory reporting at the corporate level.
Prior to CIBC, he was with the public accounting firm of KPMG for 10 years, mostly in Bahrain in the Middle East. He held a range of positions culminating in Senior Manager. Responsible for assurance and consulting engagements for offshore banks, focused on technical excellence, customer satisfaction and practice profitability. He was the Engagement Senior Manager for the region's second-largest bank and also played a key role in setting up a Treasury consulting specialization within KPMG Bahrain.
Bala Ayyar lives in Basking Ridge, New Jersey, is married with two children and enjoys long-distance running.
Director, head of digital records | control management | records management office
Director, cyber risk
Head of cybersecurity risk, data risk and technology risk
Head of risk information & insurance
Steve Bishop is responsible for developing and implementing the strategy for risk information activities within the ORX, the world’s largest operational risk association. He also leads the ORX insurance service, including managing the global insurance loss data service, and running working groups and events specifically tailored for insurance firms. Risk information includes responsibility for ORX Scenarios – a service that supports organisations with effective scenario development; data standards; developing the ORX Reference Taxonomy; the ORX quality assurance framework (governing loss data services); and the development of ORX services to support the management of material risks, for example the ORX Cyber service that Steve and his team are in the process of launching. Steve has been at ORX for three and a half years and prior to joining held a number of risk management positions in both banking and insurance.
Chief risk officer UK
Non financial risk management chief operating officer
Nikki Covino is the Regional Head of Business Continuity for Credit Suisse (CS). In this role, she is accountable for Business Continuity for all CS offices in North and South America. In her role as part of the risk organization, she is responsible for review and challenge of all business plans for contingency and for governance of Disaster Recovery testing. In addition, she is the lead Crisis Manager for the region and has led many events over the past 12 years including hurricanes, earthquakes, blackouts, fires and IT outages.
Prior to Credit Suisse, Nikki worked at Merrill Lynch in the FX Technology area. As part of that role, she assisted in the development of a Risk system for trade matching.
Nikki earned her bachelor's degree in Economics from University of Massachusetts, Amherst. She currently lives in Manhattan with her husband and 2 teenage daughters.
Managing director, operational risk capital & analytics
Nedim Baruh leads the Operational Risk Capital and Analytics function at J.P. Morgan Chase ("JPMC") and is responsible for the Operational Risk Capital and Stress Testing processes.
Most recently, Nedim has been leading JPMC's effort to enhance its Scenario Analysis program by developing factor based models to assess its material risks. This work will help JPMC bridge the gap between operational risk measurement and management.
Prior to joining JPMC, Nedim was part of the Algorithmics Operational Risk advisory function and led many client engagements in the operational risk space.
Nedim has a B.S. in Economics from the University of Pennsylvania.
Head of model validation
Evan's background is in the measurement and quantification of credit risk and operational risk. His primary focus is currently on supporting institutions in building operational risk modeling for stress testing, developing their risk identification process and developing their model risk management frameworks.
Some of his recent client engagements include:
For a foreign global bank, helped them develop a comprehensive operational risk framework for their US based IHC. Ensured both integration of the framework in their international framework as well as US regulatory compliance.
For a large internationally active US bank: supported major change of course in CCAR operational risk stress estimates a few months prior to submission in reaction to regulatory guidance.
For a large regional bank: built their CCAR loss projection model and wrote the documentation for the full CCAR operational risk submission.
For a global bank conducted a validation of their operational risk modeling framework for CCAR
Prior to joining Oliver Wyman, Evan was the Head of Risk Consulting for Financial Institutions for Aon in Columbia, Maryland. He was in charge of building Aon's risk consulting practice for financial institutions and managed multiple teams based in North America and Europe to deliver services to clients worldwide. Previously, Evan was an Assistant Vice President of the Federal Reserve Bank of Richmond, where he created the center of excellence for operational risk which served the System needs for operational risk related matters. The team was in charge of the supervision of all AMA and CCAR banks in the US and developed the Fed's CCAR model for operational risk.
Evan earned a B.A. and M.A. in Economics from the Université Catholique de Louvain in Belgium. He received an additional M.A. as well as his Ph.D. in Economics from the University of California at Los Angeles.
Head of Operational Risk
Gus Ortega is an accomplished risk management executive with over 20 years of work experience for multi-national global financial institutions. He is currently the Vice President, Head of Technology, Innovation and Operations risk management at Voya Financial. Prior to joining Voya Financial, Gus was the Head of Operational Risk Management at AIG directly responsible for the global Operational Risk program including Business Continuity and Third-Party Risk Governance and Oversight.
Gus also held various senior risk positions at UBS Investment Bank, Dresdner Bank and Morgan Stanley throughout his 20 years of work experience in the industry. He is an active advocate for Operational Risk Management and most recently was the keynote speaker at the World Bank Operational Risk Workshop in Washington D.C., Gus is also the co-author of The Fundamentals of Operational Risk for Insurers, a Risk.net book published in 2017.
Michael J Abriatis
Chief operational risk officer
Michael J. Abriatis serves as PNC's Chief Operational Risk Officer. His is responsible for leading the PNC Operational Risk program. This includes both defining and implementing the PNC's Operational Risk program as well performing independent risk management activities.
He previously served as Chief Operating Officer for Corporate and Institutional Banking. In this role he was responsible for building the C&IB Business Risk Office as well as client analytics, communications, sales reporting, Canada Branch oversight, continuous improvement projects, and client experience initiatives.
Abriatis joined PNC in 2003 and has held numerous positions across PNC. Previous positions include Sr. Basel Program Manager, CFO Corporate Banking, CFO Wholesale Bank (National City Bank), Sr. Sourcing Manager and Business Improvement Consultant.
Michael has an undergraduate degree from Washington & Jefferson College and a MBA from Case Western Reserve's Weatherhead School of Business.
Vice president operational risk asset management and operations multi-family
As Vice President of Operational Risk, Michael leads the first line of defense risk management for financial crimes, privacy and information security, business resiliency, vendor management and compliance with regulatory requirements. Mike and his team establishes the risk direction by aligning the Multifamily Governance Framework with the business operating model. He continually improves governance by understanding the multifaceted drivers that effect risk environment.
Head of analytics and research
Luke is Head of Analytics and Research at ORX where he leads many industry initiatives spanning Operational risk modelling and management. He is also responsible for delivery of a wide range of ORX information and benchmarking including Loss Data, ORX News and the Scenarios Program. Prior to Joining ORX Luke held a variety of positions in Banking, Technology and Academia. Dr Carrivick holds an MBA, PhD and M.A in Mathematics from Cambridge University.
Editor, risk management
Tom Osborn is the desk editor of Risk.net’s risk management coverage. Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Tom holds a bachelor’s degree in English literature from the University of Warwick, UK.
Subject matter expert
Patrick has over 30 years’ experience leading risk management, operational resiliency, compliance, internal audit, third-party management, strategic planning and process improvement in both practitioner and consulting roles. He has developed a unique perspective working with analysts, partners and customers spanning many industries including financial services, healthcare, government, energy, education, and travel and hospitality.
Patrick is a subject matter expert for RSA where he provides strategic input into the development and marketing of the Archer Suite and works with customers on best practices.
Senior Director, Value Creation & Delivery - Product Marketing
Fusion Risk Management, Inc.
Financial Services Management
Ernst and Young
Director operational risk control
Bank of America Merrill Lynch
Mark Schnieder, CAMS
Financial crime risk specialist
Financial crime, AML transaction monitoring , global IB lead (MBA, CAMS)
Group head of operational risk
Global head conduct risk
Tanya joined Credit Suisse in January 2017 from Citi where she spent 16 years in various senior Business, Risk and Compliance roles; her most recent roles included the North America Head of Conduct Risk and Head of Risk Management Practices for the US & Latin America International Private Banking Business.
At Credit Suisse Tanya is the Global Conduct Risk Head focused on the continual development of the Global Conduct Risk Strategy. She is a regular speaker on Conduct Risk at the biannual risk.net training industry training forum. Tanya obtained a Masters in International Affairs from Columbia University in New York, NY in May 2000 and a Bachelor of Arts in International Careers from the Lehigh University in Bethlehem, PA.
Global markets Americas chief controls and conduct officer
Chief risk officer, EMEA & APAC regional head of operational risk management
Mr Frost joined AIG in June 2015, and currently serves as Chief Risk Officer & Regional Head of Operational Risk for EMEA and APAC. Prior to joining AIG, Mr Frost held several roles within Investment Banking, managing Derivative Operations, Middle Office and Prime Brokerage functions. Mr Frost spent nineteen years of his career at Credit Suisse and most recently held the positions of Global Head of Operational Risk for Collateral, Clearing, Valuations & Liquidity and Global Head of Operations New Business / New Product Approval.
Chief executive officer
Ken has held high-level posts in prominent multinational insurance corporations, and acted as a risk management consultant in the financial industry. From 2014 to 2015, he served as the Chief Risk Officer (CRO) of the US and Bermuda operations of Aspen, where he developed and administered a risk management framework and headed multiple global functions, including the operational risk department.
From 1988 to 2014 he held a variety of positions at AIG, ultimately serving as CRO of the Casualty and Global Risk Solutions divisions. Ken holds a B.A. in Mathematics from the University of Dayton, as well as numerous professional designations, including: Professional Risk Manager (PRM), Chartered Property Casualty Underwriter (CPCU), Associate in Risk Management (ARM), and Associate in Surplus Lines Insurance (ASLI).
Ken has also been an active volunteer for PRMIA, holding the following positions: Member of the Board of Directors, Treasurer, Chair of the Finance Committee, Chair of the Ethics Committee and Regional Director of the New York Chapter.
Angela Johnson de Wet
Head of risk for IT change and new technologies, conduct, compliance and operational risk
Lloyds Banking Group
Director, emerging technology risk
Senior operational risk analyst capital management
Eelco van Dijk joined ING Bank in 2008 and started working in the modelling and scenario team of Group Operational Risk.
Since 2013 ING reports operational risk regulatory capital according to the AMA model.
The AMA model uses among other internal loss events. Therefore Eelco deals with many aspects of internal loss events (data quality, completeness, etc)
Prior to moving to ING Eelco worked at ABN AMRO in a variety of risk roles for almost 20 years.
Eelco is member of the Risk Committee of the Dutch VBA CFA chapter
Treasury chief risk officer & climate risk working group
Head of operational risk controls for ICT and third party management for corporate and institutional banking
Amit is a thorough IT Risk and Information Security Leader with a proven track record of leading, developing, designing and delivering wide variety of programs over the span of last 15+ years. Amit has a particular interest in raising information risks at board level and enabling business through mitigation or avoidance of IT risks through industry-accepted and sometimes cutting-edge solutions.
Amit has presented and published a number of research papers, articles and chapters in the Information Security field. His key focus has always been keeping the balance between business, technological and operational issues. In his most recent position at BNP Paribas, Amit leads the IT Risks and Third party risk management practices globally for the Corporate and Institutional Banking business. He has developed and implemented robust methodologies for effective IT risk management and is embedding a strong framework for internal and external vendor risk management.
Global head of conduct transformation and third party risk
Director, third party technology risk (GRC)
Third party risk management, operational risk management, contract management
Sterling National Bank
Jeannie M Pumphrey
Director head of third-party risk management operational risk management
Executive risk consultant
Chris is a member of Milliman’s Cyber Risk Solutions (CRS) practice group. The practice delivers a portfolio of risk consulting services, such as enterprise risk design, cyber risk assessment and quantification, test and build projects, operational risk assessments, enterprise risk management (ERM) education and training, and ERM technology evaluation. The CRS practice uses diagnostic consulting strategies to understand an organization’s enterprise risk goals and challenges and then customize solutions to deliver required business results.
Chris has 15 years of professional experience. His experience includes work in the banking, insurance, capital markets and card sectors helping clients assess and mitigate risk.
Prior to joining Milliman, Chris was a Senior Manager in Accenture’s Finance and Risk Management Consulting practice, delivering work for global financial service clients. Additionally, Chris served as an active duty Naval Officer and has multiple overseas deployments.
Professional experience and subject matter advisory includes:
- Cyber Security metrics and governance
- Financial Service Regulatory and Compliance initiatives
- Risk Management
- Corporate and Risk Governance
- Financial Services operating model and cost reduction
- Regulatory remediation and responses
- Legal department risk and optimization
- Leading large cross functional projects and teams
- BS Political Science, University of Wisconsin–Madison
- MBA, University of Chicago – Booth School of Business
FRM Managing Director
Chris leads Milliman’s Cyber Risk Solutions (CRS). The practice offers clients innovative solutions for quantfying complex risks, including cyber, vendor, conduct and operational risk. CRS uses causal modeling integrating cognitive mapping, complexity science and Bayesian nets to quantify and aggregate risk. The solution can also be applied to cyber underwriting, accumulation risk and non-affirmative (i.e., silent cyber) risk. Lastly, CRS integrates artificial intelligence and machine learning (AI/ML) to construct sentiment analysis, distinguishing “signal” from noise in order to provide clients with an emerging threat framework.
Chris has 20+ years of broad industry experience in banking, insurance and consulting. His international experience spans work in Zurich, London, Athens, Moscow and New York. Previous employment included: UBS, Renaissance Capital, ABN Amro, Frank Russell Securities and AIG.
Prior to joining Milliman, Chris was a Senior Manager in EY’s Enterprise Risk Services (ERS) practice serving banking and insurance clients for 8 years.
Professional experience and subject matter advisory include:
- ERM frameworks, assessments, governance
- Operational and compliance risk
- Preparing for regulatory supervision (FRB, OCC) and conducting regulatory remediation
- Designing Integrated FP&A frameworks
- Complex project management, including leading large teams, interfacing with SMAs executive stakeholders.
- Twenty years of experience in financial services and risk management
- Ten years of experience in fixed income
- Eight years of experience in Emerging Markets with an emphasis on Russia and Eastern Europe.
- BA Foreign Language / International Affairs (FLIA), University of Puget Sound
- MBA, International Finance, Thunderbird, School of Global Management
- FRM, Financial Risk Manager – Certified by GARP
Chris is fluent in German and Russian.
Head of third party sourcing risk profile and governance
Bank of Ireland
Paul is currently the Head of Third Party Sourcing Risk Profile and Governance at the Bank of Ireland, responsible for the governance, oversight and reporting of the overall sourcing profile of the Bank in relation to all third party arrangements, including risk, supplier management and procurement processes.
He has held similar positions at Lloyds Banking Group, building a Supplier assurance programme, defining policy and setting Supplier customer treatment standards. He has also worked as an IT an operations outsourcing programme manager, implemented new global workflow platforms, run investment banking and retail operations teams and been a Head of Internal Audit. He splits his time between the UK and Dublin every week and is not happy that Ryanair don’t have a customer loyalty scheme.