Financial Services Internal Audit Forum 26 November 2015 Sheraton on the Park 161 Elizabeth St, Sydney Balancing risk and opportunity
Program overview The financial services sector continues to embrace change, with advances in technology; new product innovations to keep up with customer needs; continued demands from regulators; and delivering value for stakeholders. This dynamic environment places the internal auditor in a unique and exciting position to add real strategic value in assisting their organisations in keeping the right balance between risk and opportunities. Taking the theme of balancing risk and opportunity, our annual Financial Services forum will focus on addressing this key challenge. Key areas to be covered include, understanding risk from the Board perspective; preparing for digital delivery of financial services; managing third party outsourced arrangements; practicalities in preparing for an APRA visit; auditing conduct risk; using data analytics to effectively manage governance, risk and controls; integrating the 3 Lines of Defence; assessing effectiveness and adequacy of risk management; as well as regulator updates from Austrac and APRA. The program will be presented through a variety of technical and interactive discussion sessions which will be delivered by senior financial services sector executives, audit committee members, industry regulators, practitioners and technical experts. It will deliver strategic insights and practical strategies for all internal audit, risk and compliance professionals to assist them in providing more value in strategically underpinning organisational risk management. I encourage you and your team to attend our 7th annual Financial Services Internal Audit forum and take this unique industry opportunity for the internal audit profession to learn and share knowledge on the critical audit, risk and compliance issues shaping the financial services sector. Lee Sullivan PMIIA President IIA-Australia Principal Sponsor Sponsor The Partners and Supporters Program supports IIA-Australia s strategy to increase the influence and recognition of the internal audit profession. Our supporter: Major Sponsor Cocktail Sponsor 2 Financial Services Internal Audit Forum
Thursday 26 November 2015 8.10am 8.30am 8.30am 8.40am 8.40am 9.20am KEYNOTE 1 REGISTRATION AND ARRIVAL REFRESHMENTS WELCOME ADDRESS AND OPENING REMARKS Risk from the Board perspective - Meeting the challenge of balancing risk and opportunity The continued myriad of economic, market, technological and regulatory changes is driving the need for the financial services sector to be agile in its approach to risk management to effectively adapt to and make the most of opportunities in this dynamic sector. In this session we will explore: Defining acceptable risk, risk ownership and responsibility Seeing the value in risk Knowing how to spot bad risk Developing a practical risk appetite framework Reporting and engagement expectations of the internal audit function from Boards and Audit Committees Brian Long, Independent Non-Executive Director, Commonwealth Bank 9.20am 10.00am KEYNOTE 2 APRA expectations of managing risk Key focus areas, expectations and future challenges With CPS220 and CPS510 standards now in full effect, this session will explore the regulator s work across risk management and governance, focusing on: Update on standards implementation and feedback from the sector State of play in financial services risk management Where does Australia sit on global scale? Ensuring effective reporting and governance Expectations from the internal audit and risk functions Key issues on APRA s agenda going forward Keith Chapman, Executive General Manager, APRA 10.00am 10.30am MORNING TEA 10.30am 11.20am KEYNOTE 3 Keeping your funds on the right track Austrac Update With Austrac issuing its biggest fine to date, compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF ACT) is firmly on the regulator s agenda. Key points to be covered include: Global to local, update on the latest AML requirements and how Australia compares internationally Case studies in non-compliance of AML legislation Breaches issued and lessons learned Update on draft AML/CTF Rules relating to account-based money transfer system Key issues being put forward in Austrac s stakeholder consultation paper Emerging risks and trends in criminal activity in relation to AML/CTP Overview of Austrac s guidance and expectations and areas of focus going forward Paul Jevtovic APM, Chief Executive Officer, Austrac 11:20am 12.10pm KEYNOTE 4 Going digital Delivering financial services of the future As the financial services sector embraces technology to meet consumer demands, organisations need to achieve the right balance between governance, controls and good customer service. Key points to be covered in this session include: Digital disruption friend or foe? Understanding the IT priorities in 2015 and beyond Mobile money and the future of cashless transactions Addressing the challenge of achieving a balance between service excellence, compliance and cost of service delivery Assessing how to make the right technology decisions that meet business and compliance challenges Pete Steel, Executive General Manager, Digital, Commonwealth Bank 12.10pm 1.10pm LUNCH 1.10pm 2.00pm CONCURRENT SESSIONS 1 1A Information security risk Protecting your most valuable asset As technology enables organisations to collect, hold and use more customer information, protecting this data is a now more than ever a critical priority. This session will investigate: Overview of the emerging information risk landscape What are the key risk areas? Addressing the challenge of balancing risks, compliance and business / customers needs Expectations of the internal audit and wider assurance function in managing information security John O Driscoll, Senior Manager, Information & Technology Risk, ANZ OR Financial Services Internal Audit Forum 3
1B CPS220 Assessing effectiveness and adequacy of risk management The health and maturity of risk management structures within financial services organisations continues to be the main priority of regulators. This session will explore the key aspects of CPS220 compliance, including: Benchmarking your risk management framework Understanding the maturity of your framework Defining risk responsibilities across the organisation Integrating the 3 Lines of Defence into CPS220 compliance model Undertaking independent reviews What is required and how should they be conducted? Getting the documentation requirements right Embedding the Risk Management Framework into day to day business the Use test. Addressing implications with overseas subsidiaries Liam Buckley PMIIA, Group Head of Internal Audit, QBE 2.00pm 2.50pm CONCURRENT SESSIONS 2 2A Are you tax ready? The role of internal audit in the financial services sector In July The Australian Taxation Office (ATO) released the Tax Risk Management & Corporate Governance guide. This guide places extensive expectations on Boards and Management including oversight of a documented and tested internal control framework for tax and clearly sets out what the ATO expects to see as good tax risk management and corporate governance from both a strategic and operational perspective. Key areas to be covered include: Changing tax landscape the current trends which are exposing firms to tax risk Social media, the battleground for the tax avoidance and tax morality debate Understanding the tax transparency measures and country by country reporting ATO corporate governance guide the call for robust tax risk management framework Identifying significant tax risks and how to incorporate these into internal audit plans Stacey Berkman, Senior Manager, Tax Management Consulting, KPMG James Griffin, Director, Digital Consulting, KPMG OR 2B Preparing for an APRA visit (Panel discussion) This discussion session is designed to share insights on how to prepare for an APRA visit, so come prepared to share your experiences and ideas. Key topics to be discussed include: Understanding the APRA brief and making adequate preparations Establishing communication channels, before, during and after the visit Preparing your team for the visit Addressing some of the practical challenges of accommodating the visit Managing follow-ups and the reporting process Panel Members: David Barry, PFIIA CRMA, Director, Internal Audit, AMP Services Limited Stephen Owens PMIIA CIA, Head of Group Assurance, Bank of Queensland Ashutosh Kapse, Head of Information Security, Technology Risk & Audit, IOOF Holdings Ltd Facilitator: Mike Purvis, Director, Protiviti 2.50pm 3.20pm AFTERNOON TEA 3.20pm 4.10pm CONCURRENT SESSIONS 3 3A Auditing conduct risk This session will explore the internal audit approach to assess conduct risk within an organisation and the value it can bring to the organisation. Key points to be covered include: Developing a structured approach to systematically assess conduct and behaviours through internal audit reviews Determining the factors that influence the conduct and behaviours within an organisation Internal audit s involvement in defining and measuring conduct and ethical behaviour within an organisation Developing mechanisms to effectively interpret and communicate the results Looking beyond compliance Realising the value of undertaking conduct reviews Craig Anderson, Division Director - Internal Audit, Macquarie Group Limited OR 3B Getting smart with data analytics to effectively manage governance, risk and controls This session will explore how technology is challenging the traditional roles and approach to governance, risk and controls within the financial services sector. Key areas of focus will be: Understanding the power of Continuous Controls Monitoring and data analytics in real-time fraud management Defining news types of controls Which controls are relied upon and who or what tests them? How have the fundamentals of GRC changed in the technology enabled control environment - Who is using it, what has changed and what results are being achieved The role of internal audit and other Lines of Defence in managing GRC in the future Gavin Steinberg MIIA(Aust), Managing Director, Satori 4 Financial Services Internal Audit Forum
4.10pm 5.10pm KEYNOTE 5 5.10pm 5.15pm 5.15pm 6.00pm The 3 Lines of Defence working together Giving the Board comfort This panel session will discuss the essential requirements in taking an integrated approach to effectively manage risk and compliance whilst improving business process. Key points to be discussed include: Mapping and aligning the providers of assurance Understanding the responsibilities, expectations and interactions between assurance providers - The relationship between risk, compliance, control and operations Addressing the challenges of roadblocks, duplication and reliance between the assurance functions Resourcing structural models to deliver effective assurance What is required to give the Board comfort that all the bases are covered Panel members: Cameron Dickson, Senior Operational Assurance Manager, Personal insurance, Insurance Australia Group (IAG) Kevin McCabe, General Manager, Group Assurance, Westpac Banking Corporation Sasika Goedhart, Chief Risk Officer, AMP Facilitator: Damien O Meara MIIA(Aust), Partner, Financial Services, EY CLOSING REMARKS NETWORKING DRINKS Pre-forum Workshop Wednesday, 25 November 2015 1:45pm 2.00pm 2.00pm 5.00pm REGISTRATION POST-FORUM WORKSHOP RISK CULTURE THE CRITICAL ROLE OF INTERNAL AUDIT Driven by continuing high-profile conduct failings and growing pressure from regulators to tighten controls on risk behaviour, there is a global industrywide effort to more effectively manage risk culture. Addressing risk culture requires a structured way to target a broad range of issues across an organisation. Depending on their experiences with conduct and related cultural issues, organisations are at markedly different stages of developing comprehensive initiatives to address culture. The aim of this masterclass is to enhance participants understanding of risk culture and its role in upholding a firm s values and embedding effective risk management. EY will facilitate the discussion regarding the heightened expectations for defining, assessing and changing risk culture and the critical role that internal audit can play. We will do this in an interactive way that makes a subjective, esoteric topic more tangible. The workshop will cover: A discussion on global industry practices and regulatory expectations Defining risk culture and conduct Defining attributes of a sound risk culture in the context of financial services organisations Discussing the elements of a robust assessment process, both qualitative and quantitative, and tailoring these for your organisation Informing and engaging with executives and the Board Presenters: Rob Walsh, EY Financial Services Risk Partner Rob leads EY s Financial Services Risk Management practice in Australia. He has over 20 years experience in responding to the challenges of regulatory change. Rob has led a number of significant investigations and remediation programs in the wake of conduct and compliance failures for some of the world s largest organisations and is a member of EY s global risk culture team. Caroline McCombe, EY Financial Services Risk Director Caroline is a financial services risk and compliance specialist with industry and professional services experience. Caroline has designed and delivered risk culture and conduct assessment and improvement programs for major Australian and global banks, insurers and wealth management businesses and is a member of EY s global risk culture team. Financial Services Internal Audit Forum 5
How to register Online Registration Register online at www.iia.org.au and follow the prompts. Each delegate must complete a separate online registration form. Please note this is a secure website. FInancial Services Internal Audit Forum 2015 Fees Early Bird register before 07/11/2015 Early Bird Member $670 Early Bird Non-Member $790 Early Bird Group Member* (per delegate) $625 Early Bird Group Non-Member* (per delegate) $725 Registration forms Alternatively registration forms can be returned by fax +61 2 9264 9240, email: conferences@iia.org.au, or mailed to: PO Box A2311, Sydney South, NSW 1235, Australia. IIA-Australia members must be financial at the time of registration to be eligible for the member rate. Please complete and return the registration form along with full payment. Each delegate must complete a separate registration form. Conference fees All fees are quoted in Australian Dollars and are inclusive of the 10% compulsory goods and services tax (GST). Standard register after 07/11/2015 Standard Member $720 Standard Non-Member $840 Standard Group Member* (per delegate) $675 Standard Group Non-Member* (per delegate) $775 Pre-forum Workshop Forum Attendee Member $300 Forum Attendee Non-Member $400 Workshop only Member $350 Workshop only Non-Member $450 * Three or more delegates from the same organisation booking and paying at the same time. Relevant member / non-member rates apply with group a group booking. Each delegate must complete a separate registration form. Schedule and General Changes IIA-Australia endeavours to ensure that accurate information is contained in this brochure at time of printing, however program content, speakers and information within this brochure are subject to change without notice. At times it might be necessary to cancel or reschedule a Forum after receipt of the confirmation letter. IIA-Australia will provide advance notice of such changes, and in doing so will not be responsible for penalties related to the cancelling or rescheduling of airfares, lodging, etc. Liability/Disclaimer To the extent permitted by law, IIA-Australia is not responsible for the actions, advice or representations of delegates and speakers of the Financial Services Internal Audit Forum. In completing the registration form, the delegate indemnifies IIA-Australia for any direct, indirect or consequential loss or damage in connection with any personal accidents, losses or damage to the personal property of delegates and any later substitutes. It is strongly recommended that delegates take out adequate medical, travel and personal insurance prior to commencement of the forum and travel. 6 Financial Services Internal Audit Forum
Financial Services Internal Audit Forum 2015 Registration form and tax invoice Thursday, 26 November 2015, Sheraton on the Park Hotel, 161 Elizabeth St, Sydney 1. PROVIDE PERSONAL DETAILS Please use block letters Title Prof Dr Mr Mrs Ms Miss Other Family name Given name Postnominal PMIIA CIA CCSA CGAP CFSA CRMA Other Position Organisation Address for correspondence 3. INDICATE SESSION PREFERENCES DAY 1 Thursday, 26 November 2015 Concurrent Sessions 1.10pm 2.00pm 2.00pm 2.50pm 1A 1A Information security risk Protecting your most valuable asset 1B CPS220 Assessing effectiveness and adequacy of risk management 2A 2A Are you tax ready? The role of internal audit in the financial services sector City/State Country Postcode Telephone ( ) Facsimile ( ) Mobile 3.20pm 4.10pm 2B Preparing for an APRA visit (Panel discussion) 3A Auditing conduct risk 3B Getting smart with data analytics to effectively manage governance, risk and controls Email Name as you wish it to appear on name badge Please indicate your membership number IIA Member 2. CONFIRM REGISTRATION TYPE AND FEES Early Bird register before 07/11/2015 Early Bird Member $670 Early Bird Non-Member $790 Early Bird Group Member* (per delegate) $625 Early Bird Group Non-Member* (per delegate) $725 Standard register after 07/11/2015 Standard Member $720 Standard Non-Member $840 Standard Group Member* (per delegate) $675 Standard Group Non-Member* (per delegate) $775 Pre-forum Workshop Forum Attendee Member $300 Forum Attendee Non-Member $400 Workshop only Member $350 Workshop only Non-Member $450 TOTAL REGISTRATION FEES $ * Three or more delegates from the same organisation booking and paying at the same time. Relevant member / non-member rate apply with a group booking. Each delegate must complete a separate registration form. 4. REGISTER FOR PRE-FORUM WORKSHOP Pre-forum workshop Wednesday, 25 November 2015 2.00pm 5.00pm 5. SPECIAL REQUIREMENTS Risk culture The critical role of internal audit Dietary requirements Please specify if you have any meal requirements. Please note that some special meals will incur an additional change. You will be notified if this is the case for the food type you have indicated. Special assistance Please indicate if you have a disability or require assistance to participate fully. Please list the type of assistance you require. NOTE: All fees are quoted in Australian dollars (AUD) inclusive of GST. This document will be a tax invoice/receipt for GST when you make payment ABN 80 001 797 557 Financial Services Internal www.iia.org.au Audit Forum 7
6. PAYMENT DETAILS Method of payment I wish to pay by credit card* *3% surcharge for Amex/Diners 1.5% surcharge for Visa/MasterCard Please complete the following: Visa MasterCard Amex Diners Total amount in AUD $ Credit Card Number Expiry Date Name of Card Holder Signature 7. RETURNING FORM Please return form and payment to Financial Services Internal Audit Forum 2015 Institute of Internal Auditors Australia PO Box A2311 Sydney South NSW 1235 Australia Fax +61 2 9264 9240 conferences@iia.org.au Each delegate must complete a separate registration form General enquiries conferences@iia.org.au Tel +61 2 9267 9155 Tel Toll free (within Australia) 1800 236 366 www.iia.org.au Level 7, 133 Castlereagh Street Sydney NSW 2000 Australia I will transfer the above sum to the Financial Services Internal Audit Conference 2015 bank account (details below) Account Name: The Institute of Internal Auditors Australia Bank: Westpac Banking Corporation Address: 84 King Street, Sydney NSW 2000 Branch (BSB): 032003 Account Number: 478233 Swift code: WPACAU2S When sending payment by telegraphic transfer from overseas, please add AUD$20.00 for bank fees. The delegate is responsible for all fees associated with the transaction. To enable us to identify your payment, please ensure that your name and Financial Services Internal Audit Conference 2015 appear on the transfer. Please email a record to accounts@iia.org.au. I have enclosed an Australian cheque (cheques should be made payable to The Institute of Internal Auditors Australia) Cancellation Policy Cancellations must be notified in writing to IIA-Australia. Cancellations received 30 days prior to the conference will receive a full refund. Cancellations received from 30 days to 15 days prior to the conference will receive a refund less AUD $200.00 administration fee, cancellations received within 14 days of the conference will forfeit the registration fee paid. A substitute delegate will be accepted at no extra charge, subject to membership status, if advised in writing. Transfer of monies to any other IIA product or service is not permitted. Privacy Statement I, or a later substitute hereby consent to my/their name, position and organisation being included in the Conference Delegate list and contact details forwarded by IIA-Australia to related third parties including sponsors and exhibitors. I understand that if I do not provide consent my name will not be published in the list of participants that is distributed to each conference delegate upon registration. I acknowledge that details will be used to confirm my membership status at IIA-Australia. If you do not indicate your preference it will be assumed that we may use your details as described. Consent Do not consent IIA-Australia will handle any personal information collected on this form in accordance with its Privacy Policy. Liability/Disclaimer On completing this registration form, I accept that to the extent permitted by law IIA-Australia is not responsible for the actions, advice or representations of delegates and speakers of Financial Services Conference 2015. In completing the registration form I indemnify the IIA-Australia for any direct, indirect or consequential loss or damage in connections with any personal accidents, losses or damage to personal property of myself and any later substitutes. Office Use Only Cheque $ Credit card $ Entered Date Comments