ABA Risk Management Forum

April 15 - 17, 2015 • Hyatt Regency at the Arch • St. Louis, Missouri


Overview  |  Registration/Fees  |  Program  |  Venue  |  Sponsors/Exhibitors | Optional Pre-Forum Workshop |
CE Credits

Who Should Attend:

Bank Risk Professionals in risk management divisions and within business lines, Auditors, and Bank Risk Consultants


Every Year, Attendees Benefit From:

Programming focused for the risk manager - created by bankers for bankers.

Don't miss this chance to strengthen your risk management program
  • Enhance how you identify and monitor evolving risks
  • Discover new technologies and leading practices for managing the risk function
  • Benefit from peer networking opportunities
  • View the latest products, services and technologies with industry suppliers
  • Earn Continuing Education Credits - including CRCM, CFSSP, CSOP and CPE credits.

2015 Advance Program*

*This program will continued to be refined in the next few months and will be subject to minor changes.  Please bookmark this page for continuing updates, including the addition of speakers as they are confirmed.

Tuesday, April 14
8:45 am  – 5:00 pm

This is a separately priced full-day pre-forum workshop
Designed for managers who are directly or indirectly responsible for model risk management, this workshop will cover the elements of strong model governance, including organizational structure; roles and responsibilities of modelers, model validators and auditors; model risk management policies and procedures; model documentation and monitoring systems; model tiering (with non-models) and risk rating models; expectations for validations and the validation report; and following up on problems detected in validations. This workshop will address a modeler’s responsibility to document the model, but otherwise will not address how to develop a model or conduct a validation; it will provide an overview in the management of the entire process.

Wednesday, April 15
​8:00 am - 6:00 pm FORUM REGISTRATION OPEN
9:45 am – 11:15 am
DEEP DIVE SESSIONS (Select from three options.)
Select your asset category and dig deep into the elements of a successful ERM Governance Structure as it aligns with your risk appetite statement.  Hear leading practices surrounding risk ownership, accountabilities, controls, measuring, monitoring and reporting.  In addition, you will walk away from this deep dive knowing the difference between risk appetite and risk tolerance!

#1:  Aligning ERM Governance with Risk Appetite Statements - Community Banks

#2:  Aligning ERM Governance with Risk Appetite Statements
 - Mid-Size/Regional Banks

#3:  Aligning ERM Governance with Risk Appetite Statements - Large Banks

Confirmed Speakers:
Jennifer Gemma, Director, P&C US Operational Risk Officer, BMO Harris Bank, NA
11:15 am – 12:30 pm




Invitations to Innovation Showcase will be issued to all attendees rimmediately prior to  the Forum but an RSVP will be required to attend.

12:45 - 2:00 pm

Integrating Operational Risk Management More Fully Within the Enterprise Risk Management Framework:  A Conversation with Senior Risk Management Executives
Senior risk management executives will provide their perspectives on organizational design strategies that successfully integrate operational risk more fully into the overall enterprise risk framework.  It is a conversation about risk relative to control and where lines blur and where they must separate.

Ryan Rasske, Vice President, Risk and Compliance, American Bankers Association (as of 2/2/15)

Confirmed Speakers:
Jason L. Painley, Chief Risk Officer, Park National Bank 
Rod Sloan, Executive Vice President, Chief Risk Officer, Heartland Financial USA, Inc.
Brian C. Williams, Executive Vice President Chief Risk Officer, FirstMerit Bank 

2:10 pm – 3:25 pm
CONCURRENT SESSIONS - Series 1 (Select from four options.)

Retail Physical Security Risk Trends (Single Session)
Many bank lobbies are evolving from the traditional teller-line model to an open self-serve architecture. How do these changes in design and staffing affect your ability to enhance the customer experience and increase your effectiveness in serving the customer – all while protecting them and your employees? Experts with experience in designing these new banks of the future models will discuss their challenges and lessons learned when developing these new concept branches and implementing procedures to ensure security.

1B:  Roles and Responsibilities in Model Risk Management (Repeated in 2B)
How should the three lines of defense – model developer/owners, validators and auditors – split up the responsibilities for model risk management? This session will delve into the full range of issues and you will walk away with a clearer understanding of the governance issues surrounding model risk management.

1C:  New Payments Risks (Repeated in 2C)
This is your annual (and critical) overview of the emerging payments technology risks.  We’ll touch on everything from cardless options such as Apple Pay and Digital Debit Cards as well as Host Card Emulation (HCE), Mobile Wallets and more. 

Confirmed Speakers:
Rayleen Pirnie, AAP, Director, Payments Risk and Fraud, EPCOR

1D:  Leading Practices in Risk Metrics and KRIs: How to Measure, Monitor and Report
(Repeated in 3D)
Compare how you currently measure, monitor and report key risks with leading industry practices.  Walk away with a new view on the difference between Key Risk Indicators and Key Performance Indicators, as experts share their thoughts on appropriate controls for key risks as well as how to create a system of accountability and risk remediation.   This session will cover tactics for all sizes of institutions.


Bryan Nash, Chief Information Officer, McHenry Savings Bank 

Confirmed Speakers:
Bill Tucker, CRCM, Director of Compliance and Operational Risk Management, State Bank & Trust Company
3:35 - 4:50 pm CONCURRENT SESSIONS - Series 2 (Select from four options.)

2A:  Management of Market Risk Considering the Interdependence of Rate and Liquidity Risks (Repeated in 3A)
Interest rate and liquidity risk metrics can be important factors in measuring market risk, establishing joint risk tolerance limits, and controlling exposure within those limits. This session will consider these topics, as well as metrics that can be used to control the risk exposure.

2B:  Roles and Responsibilities in Model Risk Management (Repeated from 1B)

2C:  New Payments Risks (Repeated from 1C)

2D:   Lessons Learned from Data Breaches, Threat Analytics and Information Sharing for Future Fraud Prevention (Single Session)
Learn the root causes behind high profile breaches affecting financial services and other industries, as well as tactics and sources of information that banks of all sizes can use to understand the threats and reduce the likelihood and impact of cyber intrusions into your financial institution.

Linley B. Abbott, CISM, Vice President, Operational Risk Manager, FirstMerit Bank, NA  


Ken Stasiak, CEO and Founder, SecureState

6:15 pm​


Optional Event
Wednesday Night Baseball:  St. Louis Cardinals vs. Milwaukee Brewers

ABA has reserved a small block of baseball tickets for the Risk Management Forum attendees.  You may purchase your tickets when you register online for the Forum, or use the Ticket Reservation Form if you have already registered for the Forum. See full details on Special Event page. Note - we will only purchase a limited number of tickets, so we urge you to act quickly!

First pitch - 7:05 pm - we'll depart the hotel and walk to the stadium at 6:15 pm.
Thursday, April 16
7:00 am – 6:00 pm REGISTRATION OPEN
7:00 am – 7:50 am POWER BREAKFAST (Tentative)
8:00 am – 9:15 am GENERAL SESSION
Incident Response and Recovery:  Is the Response Worse than the Attack?
Experience the dilemmas and decision points of the online security battlefield during a realistic cyber breach scenario.  The exercise will illuminate leading practices and the complex issues that accompany cyber-attacks as panelists reveal how they would confront various sides of the hypothetical scenario.
Doug Johnson, Senior Vice President and Senior Advisor, Risk Management Policy, Office of the Chief Economist, American Bankers Association, Washington, DC

Confirmed Speakers:
Linley B. Abbott, CISM, Vice President/Operational Risk Manager, FirstMerit Bank, NA  
Sidney Corbett “Chip”, First Vice President, Hoyne Savings Bank
Merrie Spaeth, Founder and President, Spaeth Communications
LeAnne B. Staalenburg, Senior Vice President, Security Administration, Capital City Bank 
Nathan D. Taylor, Partner, Morrison & Foerster LLP
9:25 am – 10:40 am CONCURRENT SESSIONS - Series 3  (Select from four options.)
3A: Management of Market Risk Considering the Interdependence of Rate and Liquidity Risks  (Repeated from 2A)

3B:  Check up on COSO:  A Risk Analysis Model (Repeated in 7B)
Have you implemented the 2013 COSO changes into your risk management processes?  If not, are you required to implement the changes?  We will walk you through the changes and their potential impact on internal audit processes, SOX processes and third party risk management program.  We’ll also share tools that could assist in effectively managing your risk posture.
Joanne T. Campbell, CRCM, Executive Vice President of Risk Management, Camden National Corporation 

Confirmed Speakers:
Yolanda P. Dutton “Landy”, Vice President and Internal Auditor, Summit Bank NA
Dawnella Johnson, CPA, Partner, Crowe Horwath LLP

3C:  Cyber Governance:  Managing the New Risks (Repeated in 5A)
This session is a check-up on how you are managing your cyber governance program from a life cycle perspective.  You will hear the latest expectations and leading practices from contracting to monitoring and controls to exiting the relationship.

3D:  Leading Practices in Risk Metrics and KRIs: How to Measure, Monitor and Report (Repeated from 1D)
11:10 am – 12:10 pm PEER EXCHANGE SESSION - Series 4 (Select from four options.) - Bankers Only
After last year’s successful peer exchange session, we are taking our peer exchange to a new level.  We are asking each bankers-only peer group to focus on one topic:  Resource allocation: managing risk with resource constraints.  From talent management to issues with outsourcing to senior management buy-in, we want you to cover the gamut of related concerns.
4A:  $50B and higher
4B:  $10B-$50B 
4C:  $1B - $10B 
4D:  Below $1B 
12:10 pm – 1:45 pm LUNCHEON WITH SPEAKER
2:15 pm – 3:30 pm CONCURRENT SESSIONS - Series 5 (Select from four options.)
5A:  Cyber Governance: Managing the New Risks (Repeated from 3C)

5B:  New Ways to Apply Risk Control Self-Assessment (RCSA) and Scenario Analysis
(Repeated in 7C)
After you complete your Risk Control Self-Assessment (RSCA) are you using it to identify new and emerging risks or manage them with your bank’s risk tolerance and strategic goals?  Is your Scenario Analysis being put to good use?  Experts will explore new ideas surrounding RCSA and Scenario Analysis to provide ideas that you can implement. 

5C:  Enterprise Risk Governance (as it ties to three lines of defense) (Repeated in 6C)
An effective enterprise risk governance framework is critical to successfully managing your institution’s risk and it is a key hot button issue for the regulators.  This session will walk through roles and responsibilities as it ties to the three lines of defense.  We’ll also discuss communications expectations and strategies as well as mitigating the risks of redundancy.

Confirmed Speakers:
Eric Holmquist, Managing Director, Enterprise Risk Management, Accume Partners

5D:  Use of Stress Tests to Set Risk Appetite and Tolerance Limits
- for banks $10B and larger  (Single Session)
Now that institution-wide stress testing is in place, what can it do aside from satisfy DFAST or CCAR standards? This session will consider the qualitative aspects of identifying key risks and the overall process for establishing early warning indicators, with an end goal of using stress testing to set risk appetite and tolerance limits.
3:40 pm – 4:55 pm
CONCURRENT SESSIONS - Series 6 (Select from four options.)
6A:  Risk Data:  Collection and Use of the Data with Performance Indicators to Gauge Effectiveness (Single Session)
How can bankers leverage the data they have been collecting on earnings, losses, and revenue volatility? Banker panelists will discuss principles for and experiences in establishing a robust and sustainable risk database, use of this data for reporting and benchmarking, and use of performance indicators to evaluate the effectiveness of the data.

6B:  Validation of a Vendor Model:  A Case Study  -For DFAST Institutions $10-$50B
(Single Session)
This year, we’re focusing our model validation session on vendor models.  You can expect the how-tos of identifying, grading and treating model validation issues as well as leading practices in documentation and follow-up to assure corrections occur. 

Confirmed Speakers:
Piero Monteverde, Vice President, Model Validation Group, Capital One Financial Corporation  

6C:  Enterprise Risk Governance (as it ties to three lines of defense)
(Repeated from 5C)

6D:  Life Cycle in the Security World (Single Session)
From café-style lounges with free WiFi to 24-hour teller-less branches, many banks are moving to an express or “bank of the future” model. However, changing your in-branch customer interactions can also open you up to liabilities.  Join us for a discussion outlining these new services and the safety and liability issues you should consider before offering them.
Friday, April 17
8:00 am – 9:15 am

.Bank:  A Case Study in Enterprise Change Management
Using a real-life case study on implementing the new .bank domain name change, our presenters will showcase leading practices surrounding effective change management.  More importantly, you will hear all of the critical issues surrounding the .bank change, including roles and responsibilities, potential impacts and how to address them.

9:45 am – 11:00 am
CONCURRENT SESSIONS - Series 7  (Select from four options.)
7A:  Responding to Unexpected Events from Wild Weather to Pandemics to Cyber Threats:  Incident Response Planning (Single Session)
Notwithstanding the myriad of incident response planning meetings you’ve attended, the question remains:  how ready are you for the next unexpected event?  How flexible, responsive and adaptable is your plan to threats not even imagined?  This session will help you focus your incident response planning towards a broader spectrum of concerns, using recent events as a guide for future planning.

7B:  Check up on COSO:  A Risk Analysis Model (Repeated from 3B)

7C:  New Ways to Apply Risk Control Self-Assessment (RCSA)  and Scenario Analysis (Repeated from 5B)

7D:  Monitoring Court Cases and Enforcement Actions to Manage Your Scope of Risk (Single Session)
Do you have a monitoring system for reviewing potential risk impacts stemming from court cases and enforcement actions?  Join us for a review of key court cases and enforcement actions that may impact your risk program.  We’ll also discuss how to incorporate these lessons-learned into your enterprise risk management strategy.
11:10 am – 12:15 pm CLOSING GENERAL SESSION
Regulatory Update
Hear from senior agency representatives as they outline their hot button risk issues, emerging risk concerns and examination expectations.  We’ll also hear a discussion on what they are seeing in terms of evolving risk management frameworks, governance and reporting practices.


​Program Questions? Please contact Dorothy Friedlander for more information.