ABA Risk Management Forum

April 15 - 17, 2015 • Hyatt Regency at the Arch • St. Louis, Missouri


Overview  |  Registration/Fees  |  Program  |  Venue  |  Sponsors/Exhibitors

Who Should Attend:

Risk Managers and Officers, Business Line Risk Managers, Operational Risk Managers, Cyber Security Officers,
Physical Security Officers, Internal Auditors

Every Year, Attendees Benefit From:

Programming focused for the risk manager - created by bankers for bankers.

Don't miss this chance to strengthen your risk management program
  • Enhance how you identify and monitor evolving risks
  • Discover new technologies and leading practices for managing the risk function
  • Benefit from peer networking opportunities
  • View the latest products, services and technologies with industry suppliers
  • Earn Continuing Education Credits - including CRCM, CFSSP, CSOP and CPE credits.

2015 Advance Program*

*This program will continued to be refined in the next few months and will be subject to minor changes.  Please bookmark this page for continuing updates, including the addition of speakers as they are confirmed.

Tuesday, April 14
1:00 – 5:00 pm

This is a separately priced full day pre-conference workshop - registration to be open soon!

Designed for managers who are directly or indirectly responsible for model risk management, this workshop will cover the elements of strong model governance, including organizational structure; roles and responsibilities of modelers, model validators and auditors; model risk management policies and procedures; model documentation and monitoring systems; model tiering (with non-models) and risk rating models; expectations for validations and the validation report; and following up on problems detected in validations. This workshop will address a modeler’s responsibility to document the model, but otherwise will not address how to develop a model or conduct a validation; it will provide an overview in the management of the entire process.

Wednesday, April 15
​8:00 am - 6:00 pm FORUM REGISTRATION OPEN
9:30 am – 11:30 am
DEEP DIVE SESSIONS (Select from three options.)
Select your asset category and dig deep into the elements of a successful ERM Governance Structure as it aligns with your risk appetite statement.  Hear leading practices surrounding risk ownership, accountabilities, controls, measuring, monitoring and reporting.  In addition, you will walk away from this deep dive knowing the difference between risk appetite and risk tolerance!

#1:  Aligning ERM Governance with Risk Appetite Statements - Community Banks
#2:  Aligning ERM Governance with Risk Appetite Statements - Mid-Size/Regional Banks
#3:  Aligning ERM Governance with Risk Appetite Statements - Large Banks
11:00 am – 12:30 pm LUNCH ON YOUR OWN
Integrating Operational Risk Management More Fully Within the Enterprise Risk Management Framework:  A Conversation with Senior Risk Management Executives
Senior risk management executives will provide their perspectives on organizational design strategies that successfully integrate operational risk more fully into the overall enterprise risk framework.  It is a conversation about risk relative to control and where lines blur and where they must separate.
2:00 pm – 3:15 pm
CONCURRENT SESSIONS - Series 1 (Select from four options.)

Retail Physical Security Risk Trends (Single Session)
It is no longer news that bank lobbies have become more retail centers than transaction venues.  The question is – have you migrated your physical security plan to meet the new retail environment.  Our experts will run through some innovative ideas to help you maintain a customer-centric environment without compromising security.

1B:  Roles and Responsibilities in Model Risk Management (Repeated in 2B)
How should the three lines of defense – model developer/owners, validators and auditors – split up the responsibilities for model risk management? This session will delve into the full range of issues and you will walk away with a clearer understanding of the governance issues surrounding model risk management.

1C:  New Payments Risks (Repeated in 2C)
This is your annual (and critical) overview of the emerging payments technology risks.  We’ll touch on everything from cardless options such as Apple Pay and Digital Debit Cards as well as Host Card Emulation (HCE), Mobile Wallets and more. 

1D:  Leading Practices in Risk Metrics and KRIs: How to Measure, Monitor and Report
- for Mid-Size/Large Banks

(Single Session
Note that the Community Bank Session Can be found in 3D)
Compare how you currently measure, monitor and report key risks with leading industry practices.  Walk away with a new view on the difference between Key Risk Indicators and Key Performance Indicators, as experts share their thoughts on appropriate controls for key risks as well as how to create a system of accountability and risk remediation.  
3:30 - 4:45 pm CONCURRENT SESSIONS - Series 2 (Select from four options.)

2A:  Management of Market Risk Considering the Interdependence of Rate and Liquidity Risks (Repeated in 3A)
Interest rate and liquidity risk metrics can be important factors in measuring market risk, establishing joint risk tolerance limits, and controlling the exposure within those limits. This session will consider these topics, as well as metrics that can be used to effectively control the risk exposure.

2B:  Roles and Responsibilities in Model Risk Management (Repeated from 1B)

2C:  New Payments Risks (Repeated from 1C)

2D:   Lessons Learned from Big Data Breaches and Use of Big Data Analytics for Future Fraud Prevention (Single Session)
Learn tactics that will help you make the best use of data analytics to get to the root of fraud exposures and gaps.  Using recent breaches as case studies, speakers will discuss issues such as segregation of systems as well as response and recovery issues.
​7:05 pm Optional Baseball Outing - St. Louis Cardinals
When group tickets are available for sale, we will be reserving a small block of baseball tickets for the Risk Management Forum attendees that you can purchase through the ABA.  We will post purchasing information on our venue page, along with other details and a link will be placed here.  Note - we will only purchase a limited number of tickets so once they are available for sale, we urge you to act quickly!
Thursday, April 16
7:00 am – 6:00 pm REGISTRATION OPEN
7:00 am – 8:00 am (Tentative) INNOVATION SHOWCASE
8:00 am – 9:15 am GENERAL SESSION
Incident Response and Recovery:  Is the Response Worse than the Attack?
Experience the dilemmas and decision points of the online security battlefield during a realistic cyber breach scenario.  The exercise will illuminate leading practices and the complex issues that accompany cyber-attacks as panelists reveal how they would confront various sides of the hypothetical scenario.
Doug Johnson, Senior Vice President and Senior Advisor, Risk Management Policy, Office of the Chief Economist, American Bankers Association, Washington, DC

Confirmed Speakers:
Yolanda (Landy) P. Dutton, CIA, Vice President and Internal Auditor, Summit Bank, NA
9:30 am – 10:45 am CONCURRENT SESSIONS - Series 3  (Select from four options.)
3A: Management of Market Risk Considering the Interdependence of Rate and Liquidity Risks  (Repeated from 2A)

3B:  Check up on COSO:  A Risk Analysis Model (Repeated in 7B)
The new COSO framework is now fully implemented in banks of all sizes.  However, are you certain what you implemented is working?  Join our experts as we walk through a risk analysis model that complies with COSO, review other leading practices and provide your organization with options to effectively manage your internal controls.

Confirmed Speakers:
Dawnella Johnson, CPA, Partner, Crowe Horwath LLP

3C:  Cyber Governance:  Managing the New Risks (Repeated in 5A)
This session is a check-up on how you are managing your cyber governance program from a life cycle perspective.  You will hear the latest expectations and leading practices from contracting to monitoring and controls to exiting the relationship.

3D:  Leading Practices in Risk Metrics and KRIs: How to Measure, Monitor and Report:  For Community Banks (Single Session - note that the Mid-Size/Large Bank Session Can be found in 1D)
Compare how you currently measure, monitor and report key risks with leading industry practices.  Walk away with a new view on the difference between Key Risk Indicators and Key Performance Indicators, as experts share their thoughts on appropriate controls for key risks as well as how to create a system of accountability and risk remediation.  
11:15 am – 12:30 pm PEER EXCHANGE SESSION - Series 4 (Select from four options.) - Bankers Only
After last year’s successful peer exchange session, we are taking our peer exchange to a new level.  We are asking each bankers-only peer group to focus on one topic:  Resource allocation: managing risk with resource constraints.  From talent management to issues with outsourcing to senior management buy-in, we want you to cover the gamut of related concerns.
4A:  $50B and higher
4B:  $10B-$50B 
4C:  $1B - $10B 
4D:  Below $1B 
12:30 pm – 1:45 pm LUNCHEON WITH SPEAKER
2:15 pm – 3:30 pm CONCURRENT SESSIONS - Series 5 (Select from four options.)
5A:  Cyber Governance: Managing the New Risks (Repeated from 3C)

5B:  New Ways to Apply Risk Control Self-Assessment (RCSA) and Scenario Analysis
(Repeated in 7C)
After you complete your Risk Control Self-Assessment (RSCA) are you using it to identify new and emerging risks or manage them with your bank’s risk tolerance and strategic goals?  Is your Scenario Analysis being put to good use?  Experts will explore new ideas surrounding RCSA and Scenario Analysis to provide ideas that you can implement. 

5C:  Enterprise Risk Governance (as it ties to three lines of defense) (Repeated in 6C)
An effective enterprise risk governance framework is critical to successfully managing your institution’s risk and it is a key hot button issue for the regulators.  This session will walk through roles and responsibilities as it ties to the three lines of defense.  We’ll also discuss communications expectations and strategies as well as mitigating the risks of redundancy.

5D:  Use of Stress Tests to Set Risk Appetite and Tolerance Limits
- for banks $10B and larger  (Single Session)
Now that institution-wide stress testing is in place, what can it do aside from satisfy DFAST or CCAR standards? This session will consider the qualitative aspects of identifying key risks and the overall process for establishing early warning indicators, with an end goal of using stress testing to set risk appetite and tolerance limits.
3:45 pm – 5:00 pm
CONCURRENT SESSIONS - Series 6 (Select from four options.)
6A:  Risk Data:  Collection and Use of the Data with Performance Indicators to Gauge Effectiveness (Single Session)
How can bankers best leverage the data they have been collecting on earnings, losses, and revenue volatility? Banker panelists will discuss principles for and experiences in establishing a robust and sustainable risk database, use of this data for reporting and benchmarking, and how to use performance indicators to evaluate the effectiveness of the data.

6B:  Validation of a Vendor Model:  A Case Study  -For DFAST Institutions $10-$50B
(Single Session)
This year, we’re focusing our model validation session on vendor models.  You can expect the how-tos of identifying, grading and treating model validation issues as well as leading practices in documentation and follow-up to assure corrections occur. 

6C:  Enterprise Risk Governance (as it ties to three lines of defense)
(Repeated from 5C)

6D:  Life Cycle in the Security World (Single Session)
An effective physical security plan ties into a life cycle view of your products, services and customer interactions.  Join us as we walk through an effective way to manage your physical security program by examining interdependencies and enterprise-wide changes that impact your program.
Friday, April 17
8:00 am – 9:15 am

.Bank:  A Case Study in Enterprise Change Management
Using a real-life case study on implementing the new .bank domain name change, our presenters will showcase leading practices surrounding effective change management.  More importantly, you will hear all of the critical issues surrounding the .bank change, including roles and responsibilities, potential impacts and how to address them.

9:45 am – 11:00 am
CONCURRENT SESSIONS - Series 7  (Select from four options.)
7A:  Responding to Unexpected Events from Wild Weather to Pandemics to Cyber Threats:  Incident Response Planning in the Modern Era (Single Session)
Notwithstanding the myriad of incident response planning meetings you’ve attended, the question remains:  how ready are you for the next unexpected event?  How flexible, responsive and adaptable is your plan to threats not even imagined?  This session will help you focus your incident response planning towards a broader spectrum of concerns, using recent events as a guide for future planning.

7B:  Check up on COSO:  A Risk Analysis Model (Repeated from 3B)

7C:  New Ways to Apply Risk Control Self-Assessment (RCSA)  and Scenario Analysis (Repeated from 5B)

7D:  Monitoring Court Cases and Enforcement Actions to Manage Your Scope of Risk (Single Session)
Do you have a monitoring system for reviewing potential risk impacts stemming from court cases and enforcement actions?  Join us for a review of key court cases and enforcement actions that may impact your risk program.  We’ll also discuss how to incorporate these lessons-learned into your enterprise risk management strategy.
11:15 am – 12:15 pm CLOSING GENERAL SESSION
Regulatory Update
Hear from senior agency representatives as they outline their hot button risk issues, emerging risk concerns and examination expectations.  We’ll also hear a discussion on what they are seeing in terms of evolving risk management frameworks, governance and reporting practices.


​Program Questions? Please contact Dorothy Friedlander for more information.