With DORA (Digital Operational Resilience Act) just being formally adopted by the EU Council, it is yet again time for the financial service industry’s governance, risk and compliance (GRC) battle-hardened professionals to get ready for the interpretation, implementation and integration work of another piece of legislation. They have seen this all before, for we are now counting decades of steady streams of rules and regulations. Meeting new compliance requirements has simply become a way of living, and the financial service industry will remain a regulatory quagmire for the foreseeable future. Whilst the aspiration to establish a robust and resilient financial system, can only be acknowledged as a most admirable accomplishment, and we should duly credit lawmakers and politicians for their well-meaning intentions, however the implementation and maintenance of such frameworks are not without headaches, something that any CISO or CRO et al can testify to. At times, the red tape can simply be overwhelming, highlighting deep cracks in the edifice due to governance structures as well as risk- and control frameworks not being nimble enough to adapt.

So, how then to best implement DORA? This and much more will be addressed at the DORA seminar!

• Did you know that DORA will force a considerable rethink on the effectiveness of the 3 lines-of-defense model as it is currently deployed? The speed, stealth and agility with how digital risks unfold require a governance model that not only matches but surpasses these characteristics. Let us explain how!
• Did you know that internal audit’s assessment of related controls will be a critical part of a successful implementation of DORA but that it will require a different tempo and a different mechanism than what currently is being practiced? Let us explain how!
• Do you know what functionality an ISMS (information security management system) will need to decisively speed-up firmwide responses to suddenly emerging issues and incidents? Let us show you how!

This seminar will provide you with insights on how to achieve the shortest path to DORA compliance, and you will also hear seasoned practitioners' tangible and proven best-in-class methods and tools on how to successfully navigate in this proverbial jungle of rules and regulations to establish and maintain not only compliant but also truly cost-efficient management of risks and controls.

Speaker’s biographies

Pelle Kokholm Andersen, Avanade, Nordics Security Solution Area Lead
Pelle has more than 30 years of experience as infrastructure and security lead architect specializing in Microsoft Cloud and complex hybrid IT environments with integration and collaboration between many different systems and platforms. He is typically called in for large and complex projects where long-term knowledge and experience is required to understand and design the right security solution to support and align to modern cyber security standards and principles. Pelle has experience with security and regulatory requirements from a variety of different industries, public, health care, manufacturing & financial services, including interim CISO SME advisory support. Latest work has been advising around the new upcoming NIS2 regulations for “critical infrastructure” companies and DORA targeted as a more uniform security and compliance framework for the majority of the FSI business. Pelle’s specialty is advising and guiding companies into more abstract thinking around security and embrace the new way of looking at security with more focus on risk management and pervasive secure principles and zero trust mindset. Pelle has a saying. “It’s not about preventing getting breached. It’s all about accepting you’re already breached and how well you’re prepared and ready for this.”
e-mail: [email protected]

Niklas Hageback, Avanade, Financial Services Industry Network
Niklas Hageback brings with him two decades of experience and in-depth expertise in all aspects of Governance, Risk & Compliance (GRC) from both the financial risk management and information security perspectives. He has held regional risk leadership roles at Goldman Sachs, UBS, Deutsche Bank and KPMG working across Asia and Europe. Part of his remit has included leading interactions with financial regulators across jurisdictions, responding to regulatory queries and inspections covering a wide range of operational risk matters, notably relating to financial crime & information security. Niklas has also been in charge of the articulation and establishment of enterprise-wide risk management frameworks, affiliated with the regulatory capital regime, and governed through a 3-lines-of-defense model. This has included co-ordinating the draft and launch of overarching risk strategies, with subordinate risk policies, for credit, market & operational risks with associated risk appetites, tolerances and limits. He is widely engaged as a problem-solver, engaging and leading issue resolutions for all matters pertaining to GRC.
e-mail: [email protected]

Martin Sværen, Nordic Security Financial Services Lead, Accenture
Martin is a part of Accenture’s Nordic Security leadership team. Throughout his almost 12-year long career in Accenture, he has focused on providing business value through different areas within security. He has experience with defining and improving security organizations, and supporting clients establish and implement their security strategies and roadmaps for improvements. He also has in-depth experience assisting companies in migrating to cloud platforms and procuring SaaS solutions. Martin has extensive experiences from several banking and other financial services client and supporting them in understanding the impact of and implementations to support adherence to regulatory requirements.
e-mail: [email protected]

Anna Lööv, Partner, Kompass Advokat
Anna is specialized in corporate governance law in the financial sector and is a valued lecturer and educator in the field of outsourcing, among other things. She has helped several companies to implement new regulatory ICT requirements from EBA and EIOPA. She works daily with financial regulatory issues, often in connection with cloud services. She represents both financial entities and financial service providers, e.g. fintech companies. Anna also specializes in data protection and is an advisor to several financial actors in that area. She has a great interest in technology and worked as an electronics engineer for the Swedish defense before her law graduate studies. [email protected]

Mathias Strand, Senior Advisor, Lawyer and Partner, AI Lab
Mathias Strand comes from Microsoft where he has been the Assistant General Counsel and Head of Legal for Western Europe. In his role as senior advisor, speaker and panelist, Mathias focuses on cloud computing, responsible AI, datacenter and sustainability, privacy and security, compliance, accessibility and public/government affairs. He is a frequent guest lecturer at law schools and a member of the New York Bar. Mathias has a background from law firms in Stockholm, New York and Washington DC, and he holds Masters of Laws from Uppsala University and from Georgetown University Law Center. [email protected]

Register now: