monday | october 1, 2018 8:30 9:30 a.m. documents... · monday | october 1, 2018 11:15 a.m. –...

Monday | October 1, 2018 8:30 – 9:30 a.m.

Opening Keynote: A Conversation With Senator Dodd

Facilitator:

Vernon Stafford

Executive Vice President and Chief Audit Executive

First Horizon National Corp.

Speaker:

Senator Chris Dodd

Session Description Being Finalized

Vernon Stafford is responsible for corporate internal audit and credit assurance. Prior to joining First Horizon

in 2013, Stafford served a distinguished 33-year career as a national bank examiner for the Office of the

Comptroller of the Currency (OCC), having served as an assistant deputy comptroller (ADC) in OCC’s Midsize

Bank Supervision since mid-2011. As ADC, Stafford supervised a staff of midsize bank examiners-in-charge

(EIC) and a portfolio of midsize banking companies ranging in assets of $13 billion to $90 billion. After serving

in various positions as a field bank examiner and regional analyst, he served as director for OCC’s Core Policy

Development division (now Operational Risk & Core Policy) for about five years, with responsibility for

developing and implementing supervisory policy for national banks. In 2001, Stafford was appointed director

for large bank supervision, a division responsible for the supervision of the largest banking companies in the

national banking system. In 2006, he was appointed EIC of supervision for First Tennessee Bank, N.A.,

responsible for the day-to-day supervisory activities of the banking company, where he served until 2011.

Senator Chris Dodd Bio Being Finalized

Monday | October 1, 2018 9:45 – 11:00 a.m.

General Session 1: Regulatory Panel

Moderator:

Kevin Ryan, CIA, CFSA

Chief Risk Review Officer and General Auditor

KeyCorp

Panelists:

Tom Crock, CISA

National Bank Examiner

Office of the Comptroller of the Currency

Additional Panelists Being Finalized


Kevin Ryan is responsible for managing all risk review (internal audit and credit risk review) activities at

KeyCorp and is a member of the organization’s executive council and executive leadership team. He began his

career in 1982 at Chase Manhattan Corp. as part of the management associate program in finance. After two

years, he took a position with KeyCorp’s internal audit group. He worked extensively on audits pertaining to

non-banking subsidiaries (lease, mortgage, and insurance) and undertook progressively responsible roles

through departments and management to arrive in his current position. Ryan is a former board member of

The IIA’s International Internal Auditing Standards Board and currently serves as vice chair of The IIA’s

Financial Services Advisory Board (FSAB).

Tom Crock Bio Being Finalized

Monday | October 1, 2018 11:15 a.m. – 12:15 p.m.

CS 1-1: Data Analytics in Internal Fraud Detection

Brian Allen, CPA, CISA, CISSP

Senior Director, Internal Audit Data Analytics

TIAA

Ken Cooper, CFE

Director, Internal Investigations

TIAA

Mike Cowell, CIA, CISA

Executive Vice President and Chief Auditor

TIAA

Internal audit functions consider fraud a component of their auditing responsibilities. Data analytics programs

provide scalable, repeatable, and cost-effective approaches to identifying indicators of potential internal

fraudulent activity across an organization. This course presents strategies, approaches, and techniques for

developing internal fraud detection procedures. In addition, it includes opportunities to apply those tools and

techniques in real-world scenarios and shares insights on the value of collaboration between internal audit

and internal investigation professionals.

In this session, participants will:

Learn actionable strategies for developing a proactive internal fraud identification program that

leverages analytics.

Design approaches for implementing point-in-time and recurring analytics, including development,

consumption, and disposition approaches.

Gain an appreciation of the value added when internal audit and internal investigation collaborate to

identify potential internal fraud and mitigate future occurrences for an organization.

Experience demo(s) of analytics procedures, generating actionable considerations for implementation

at their organization.

Brian Allen Bio Being Finalized

Ken Cooper Bio Being Finalized

Mike Cowell leads the internal audit division at TIAA, a Fortune 100 diversified financial services organization.

In this role, he provides strategic direction to the audit leadership team covering all legal entities and

businesses of TIAA. The internal audit division includes the internal audit team and a dedicated internal

investigation team. Cowell is a former member of the IIA Global Board of Directors, IIA North American Board,

and Board of Governors for the IIA–Charlotte Chapter. He is currently a member of the IIA Financial Services

Advisory Board and the Conference Board’s Council of Chief Audit Executives.

CS 1-2: Creating Business Value Through Effective Third-Party Management Auditing

Abel Clark

CEO

TruSight

Brian Kostek

Managing Director

Protiviti

Jim McDonald

Managing Director

Protiviti

Third-party risk management continues to be a topic of focus for organizations of all sizes, and while programs

continue to be enhanced, the value of real-time, value-based auditing has never been more important.

Evaluating the framework, completing data analysis, and providing support to first and second line risk

management activities can help reduce costs, enhance processes, and drive value for the organization.


• Consider the regulatory landscape.

• Outline key considerations and guiding principles when implementing, refreshing, or auditing a third-

party management program.

• Timeline the rise of “de-risking” vendors.

• Discuss cybersecurity risk management for technology vendors.

Abel Clark Bio Being Finalized

Brian Kostek Bio Being Finalized

Jim McDonald is a managing director in Protiviti’s risk and compliance practice. He has deep knowledge of

financial services regulations and hands-on experience in bank supervision and policy related matters. He

retired from the OCC after 35 years, serving most recently as a senior member of the OCC supervisory team at

a top 5 U.S. bank and as chief of staff for the examiner-in-charge. In this role, he held direct responsibility for

the bank’s risk management, global compliance, and internal audit functions. McDonald drove the OCC’s

efforts to attain effective bank remediation efforts across all matters of regulatory concern, and was

instrumental in guiding the bank to establish and implement an effective risk framework, risk appetite, risk

culture, and global compliance program.

CS 1-3: Internal Audit's Pathway to the Future: CAE Panel Discussion

Monica O'Reilly

Principal

Deloitte & Touche LLP

Many internal audit departments are finding ways to innovate processes to deliver greater assurance, advise

stakeholders, and anticipate risk. What innovations are making the greatest impact, and do internal audit

stakeholders agree? Join a panel of banking, insurance, investment management, and real estate CAEs as we

explore how they’re preparing for the future of internal audit and examine their reactions to recent survey

data from 1,000+ CAEs worldwide.


• Consider the technology-driven developments expected to impact internal audit in the next three to

five years.

• Develop a point of view on a resource model that will meet the needs of the internal audit of the

future.

• Map key areas in the audit lifecycle where they will innovate and add value for their stakeholders.

• Develop ideas of how they want to innovate and identify the technology, skills, budget, and

methodologies needed.

Monica O'Reilly Bio Being Finalized

Monday | October 1, 2018 1:30 – 2:30 p.m.

General Session 2: Session Details Being Finalized

Larry L. Hattix

Senior Deputy Comptroller for Enterprise Governance and Ombudsman

Office of the Comptroller of the Currency


Larry L. Hattix Bio Being Finalized

Monday | October 1, 2018 2:45 – 3:45 p.m.

CS 2-1: Harnessing the Power of Innovation to #DrivePositiveChange

Marc Sabino

Chief Auditor, Innovation

Citigroup

Robotics, analytics, and artificial intelligence are just some of the buzzwords in today’s audit world. But what

do they really mean within the context of audit innovation? And how can audit departments around the globe

truly harness the power of innovation to enhance assurance and improve the stakeholder experience?


• Learn how innovation can enhance the overall stakeholder experience.

• Deep dive into practical, real-life examples demonstrating how implementation of innovative solutions

leads to tangible results.

• Leave with an understanding of how innovation can be used to drive enhanced assurance and greater

insights.

Marc Sabino was appointed chief auditor, head of innovation for audit at Citigroup in August 2017. He is

responsible for the internal audit innovation team, which includes the strategic vision of an innovation

strategy to support the mission of drive positive change and be a game changer in the industry. Sabino leads a

team that identifies and executes innovation, automation opportunities, and performs data analytics to drive

insights and operational efficiency.

CS 2-2: Real-Time Insight: Assurance Over the Organization’s Strategic Plan

Stacey L. Schabel, CPA

Vice President & Chief Audit Executive, Jackson

North American Audit Director, Prudential plc

Executive management, boards, audit committees, and regulators value real-time insight on the most

business-critical areas. This session will focus on how internal audit can align with this expectation through

assessment of the plans, program management activities, and governance driving the organization’s strategic

plan.


• Learn about the types of assurance stakeholders value most.

• Become familiar with an approach that can be used to assess the likelihood of success of their

organization’s strategic plan.

• Experience a real-life example of this type of audit being executed and understand keys to success,

stakeholder reactions, and common pitfalls.

• Receive a sample audit program designed to support the assessment of their organization’s strategic

plan.

Stacey Schabel is responsible for the North American Group-wide Internal Audit team, which examines and

evaluates the key activities and processes supporting the North American operations of Prudential plc, which

includes Jackson National Life Insurance Company. She assists the Board, Audit and Risk Committee members

and executive management in protecting the assets, reputation and sustainability of the organization through

assessment and reporting of the overall effectiveness of risk management, control and governance processes.

Schabel is a member of the IIA’s Global Financial Services Guidance Committee, the IIA chief Audit Executive

Engagement Committee Chair for the Lansing, Michigan Chapter, as well as a CPA and FINRA Series 6

registrant.

CS 2-3: Advancing the Internal Audit Profession

Moderator:

Faizal Chaudhury, CPA, CGMA

Vice President, Internal Audit

Sallie Mae Bank

Panelists:

Star McDade, CPA

Vice President and Portfolio General Auditor

American Express Company

Maggie Phan, CIA, CISA

Senior Vice President and Head of Audit Practices and Operations

Brown Brothers Harriman

Dana Randell, CPA

Senior Vice President and Head of Audit, Professional Practices

Synchrony Financial

IA departments at financial institutions face unique challenges in today’s business climate. Increasing demands

and expectations of stakeholders (regulators, audit committees, management, etc.) are driving the profession

to find ways to evolve and grow. Learn how the professional practice function within IA plays a critical and

integral role in ensuring IA departments meet the evolving demands of key stakeholders while also helping

enhance and maximize the IA value proposition.


• Gain expert insights into recent regulatory exams (horizontal reviews of internal audit).

• Learn about disruption of traditional internal audit processes and how technology, data analytics, and

artificial intelligence/RPA can be leveraged to drive efficiencies.

• Understand the role of professional practices in branding and marketing internal audit to build

strategic relationships internally, throughout the industry, and with regulators.

• Discuss training and talent management, value-added QARs, best practices for professional practice

teams, and how key metrics and stakeholder reporting can drive the profession forward.

Faizal Chaudhury has over 20 years of dedicated experience as an audit professional. Prior to joining Sallie Mae, he held audit leadership positions at TD Bank and Bank of America. Chaudhury’s other experiences include working as an external auditor for EY and Crowe Horwath. He is also a frequent speaker at various national and local professional association conferences related to auditing. Star McDade is a multi-disciplined financial services professional with strong personal values and a diversity of

experience that helps shape her perspective. She is currently responsible for directing internal audit activities

for the global commercial services and the global merchant/network services businesses, as well as for various

oversight functions, including operational risk management, global privacy and enterprise data governance,

and big data. McDade’s earlier AmEx roles included vice president, chief of staff, and head of professional

practices and quality assurance. Previously, she provided audit and advisory services to hedge fund, private

equity, mutual fund, and government investment pool clients at PwC in Houston and New York City.

Maggie Phan has more than 18 years of combined experience in internal audit in the financial services and

banking industries, including audit leadership roles at large financial institutions such as Fidelity, Brown

Brothers Harriman & Co., and Mitsubishi UFJ Trust & Banking. She is fluent in Cantonese, Mandarin, and

Vietnamese.

Dana Randell has over 18 years of experience in audit and assurance activities, with a focus on financial

services. Her extensive background spans consumer lending and bank compliance, including fair lending,

UDAAP, and AML compliance requirements. She leads the Synchrony internal audit professional practices

group and is currently developing a digital audit strategy for the department, focusing on leveraging data

analytics, automation, and technology to develop auditors of the future. Previously, Randell spent 12 years in

public accounting focused on audit and assurance work in the financial services, retail, and construction

industries.

Monday | October 1, 2018 4:15 – 5:15 p.m. CS 3-1: Introduction to Blockchain and Cryptocurrencies, Including Assurance and Compliance

Considerations

A. Michael Smith

Partner

PwC

Rapidly evolving technologies are creating a critical need for business, technology, and compliance functions

to be prepared, adaptive, and agile to emerging challenges. Specifically, blockchain — a distributed ledger

technology underpinning cryptocurrencies and being tested by a variety of companies to track ownership of

assets without a central authority — is now everywhere. Supporters claim it to be a panacea for the high

overhead costs associated with financial services transactions.


• Learn blockchain concepts, what blockchain means for their organization, and the benefits and

unknowns of blockchain applications.

• Delve into industry use cases in financial services and gain assurance for blockchain use cases.

• Understand cryptocurrency and why it requires their attention.

• Discuss the regulatory environment and anticipated regulatory changes.

A. Michael Smith has over 28 years of public and private industry experience, encompassing IT internal audit,

cybersecurity, privacy, IT governance risk and compliance, and national/international regulatory requirements

in the IT space. He has lived and worked in Europe and led teams in EMEA and APAC. Smith is responsible for

PwC’s U.S. internal technology audit services practice for financial services companies and has led projects or

worked in all financial services sectors. He also leads the blockchain assurance practice globally, helping clients

deal with the complexities of risk, control, and assurance in blockchain infrastructures. Smith was previously

global director of technology audit for Bank of New York Mellon.

CS 3-2: Striking a Balance: IA’s Critical Role in Regulatory Issue Remediation

Moderator:

TJ Scallon

Advisory Partner, Internal Audit and Enterprise Risk

KPMG

Panelists:

Gilles Karpowicz

General Auditor

BNP Paribas USA and North America Wholesale

Allyson Kidik

Senior Vice President and Senior Deputy General Auditor

KeyBank

Vincent Pinelli

Chief Operating Officer and Head of Audit Professional Practices

MUFG Internal Audit for the Americas

This discussion on regulatory issue validation will address topics such as demonstrating operational

effectiveness and sustainability, linkage with audit issues and self-identified issues, coordination with business,

and evolving regulatory expectations.


• Understand evolving regulatory expectations related to regulatory issue validation and lessons learned.

• Discuss practices for demonstrating operational effectiveness and sustainability.

• Identify the benefits and practical application of linking regulatory issues with those issues identified by

internal audit and the other lines of defense.

• Share practices for coordinating with the first and second lines of defense during regulatory issue

remediation and validation.

TJ Scallon has 24 years of experience providing audit and advisory services to global financial institutions. As

an advisory partner within KPMG’s internal audit and enterprise risk practice, he works closely with senior

management in areas such as governance, risk and compliance, internal controls and audit frameworks, issue

remediation, and enterprise risk management across all three lines of defense. Prior to joining the advisory

practice, Scallon was an audit partner within KPMG’s financial services audit practice, serving some of the

firm’s largest banking and capital markets clients. He currently serves as the financial services lead for internal

audit and enterprise risk nationally and as KPMG’s New York office banking and capital markets industry

leader.

Gilles Karpowicz Bio Being Finalized

Allyson Kidik Bio Being Finalized

Vincent Pinelli Bio Being Finalized

CS 3-3: Reading the Tea Leaves: Handling Complaints/Concerns

Ayush Agarwal, CA, CFA

Audit Director

SunTrust Bank

Most organizations receive a significant number of complaints/concerns from various sources, but fail to

realize the importance of data and analytics around the information collected, which, if aggregated and

utilized appropriately, could provide senior management, the audit committee, and board of directors with

invaluable information and insights into a company’s culture and potential red flags.


• List the various avenues through which a typical organization receives complaints/concerns.

• Describe regulatory expectations concerning whistleblowing/complaints.

• Understand some of the gaps that currently exist at most organizations, preventing them from using

complaints/concerns information in a meaningful manner.

• Develop ideas for aggregating and analyzing data related to complaints/concerns. Ayush Agarwal has over 20 years of experience in the financial services industry performing internal/external

audits, including 10 years with public accounting firms and 10 ten years of dedicated capital markets

experience. As audit director for corporate functions at SunTrust, he is responsible for evaluating and

recommending improvements in the effectiveness of risk management, control, and governance processes.

Agarwal’s primary areas of audit responsibility encompass finance and accounting, HR, legal, and marketing.

Tuesday | October 2, 2018 8:30 – 9:45 a.m. General Session 3: Details Being Finalized

Tuesday | October 2, 2018 10:00 – 11:00 a.m. CS 4-1: Advancing IT Audit’s Capabilities to Conduct Cyber Security Audits

Jon Coughlin, CISA, CISSP

Technology Audit Director

PNC Bank

David Dunn, CIA, CPA, CITP

Assistant General Auditor, Information Technology

PNC Bank

Lee Williams

Audit Director, Information Technology Audit- Infrastructure and Cyber Security

PNC Bank

Practical tips, examples, and techniques for strengthening audit’s cybersecurity coverage extend beyond

traditional approaches, focusing on what works well, opportunities for improvement, and potential evolution

required to address emerging laws and regulations (cyber ANPR, state privacy laws). Alternate approaches

include leveraging SMEs and data analytics to add incremental value to audit’s output (data protection,

firewall rules, vulnerability assessments). An overview of audit structures will feature dedicated security

testing and ethical hacking components.


• Learn the inherent limitations in applying traditional audit testing techniques to cyber security areas of

focus, and the need to evolve in response to emerging laws and regulations.

• Identify specific areas where alternate testing approaches from audit can increase the value provided

within cyber security audit activities.

• Develop ideas for implementing value-added security testing within their organizations, based on

examples of data loss prevention, firewall rule auditing, and vulnerability management analysis.

• Understand a potential model for successfully building an ethical hacking team directly within the audit

function.

Jon Coughlin leads audit coverage of PNC’s technology infrastructure and security functions. He has had

accountability for leading the audit team’s coverage of infrastructure, security, fraud, technology risk

management, and technology project auditing at various points since 2012. Coughlin previously delivered

technology risk and control services in complex, highly regulated environments as a senior manager within

Deloitte & Touche’s enterprise risk services function. While in public accounting, he served clients with a focus

on technology external/internal audit, technology risk management, and security governance. For 17+ years,

he has delivered technology, risk, and control related services, with broad, global experience in the financial

services, healthcare, retail, and manufacturing industries.

David Dunn leads the internal audit function for PNC’s information technology as assistant general auditor for

The PNC Financial Services Group. Previously, he was senior vice president and senior audit director of global

technology and operations for Bank of America. Dunn’s 24+ years of experience in technology, audit, and

financial services includes The Royal Bank of Scotland, where he served as head of operational risk

management and director of ORM technology and the Basel II program. Dunn’s early roles included executive

vice president, head of operational risk management, technology executive, and director of information

systems audit at Capital One Financial; director of quality assurance at PeopleSoft; and project manager at

Corning.

Lee Williams Bio Being Finalized

CS 4-2: Effectively Assessing a Risk Governance Framework

Julie Scammahorn, CIA, CRMA

Chief Auditor, Citibank, N.A.

Citibank

Assessing a firm’s risk governance framework continues to be a challenge for auditors around the world. What

are the key success factors to ensure an effective assessment? How does an effective assessment tie into the

identification of emerging risk? And when emerging risks are identified, how are they addressed through the

three lines of defense?


• Gain an understanding of key factors to consider when assessing a firm’s risk governance framework.

• Learn tactics that can be employed to identify emerging risks.

• Recognize how identification of emerging risks ties into the three lines of defense model.

Julie Scammahorn is responsible for the ongoing assessment of businesses’ risk and control environment

through evaluation of financial, operational, and administrative controls; governance; and risk management

practices as well as adherence to laws, regulations, and Citigroup and Citibank, N.A. policies. She also is the

regional chief auditor for North America, overseeing the program assurance provided over Citi’s businesses

across the region. Prior to joining Citi in 2014, Scammahorn was the general auditor and senior vice president

of American Express Company, and also served as general auditor at Bank of America Corporation (legacy

Countrywide Financial Corporation). Scammahorn started her career in banking with NationsBank (Bank of

America) and was the senior vice president and audit director responsible for the global audits of Banc of

America Securities. She is a member of The IIA’s Financial Services Advisory Board.

CS 4-3: Focusing on Talent Management Programs for Audit Divisions

Anita Bagg

Senior Vice President and Audit Director

Bank of America

Jason Cahaly


Bank of America

Gouri Veerubhotla


Bank of America

Internal audit is a people business. Our people can make or break the work that we do; no matter how good

our strategic priorities and audit plans can be, they must be executed by people at all levels within the audit

organization. Audit departments must focus on developing strong and diverse talent at all levels. This includes

discussing employee engagement initiatives, training approaches, college hire programs, and rotation

programs throughout the department.


• Explore ways to think about and develop employee engagement programs for their audit shop.

• Discuss integration of training programs, beyond minimal training requirements.

• Learn ways to manage direct college hire programs for their organization.

• Identify opportunities for broader rotation programs throughout their department, including audit

practice-related rotations for business line auditors.

Anita Bagg leads the BOA audit division’s employee development, training, and engagement efforts, and also

oversees the corporate audit analyst program, which recruits college talent and oversees rotations within the

division. She chaired a council focused on driving an inclusive and diverse work environment, simplification of

day-to-day operations, and professional development. Bagg was previously an auditor and business advisor

responsible for independent assessment of the Merrill Lynch brokerage business, and she audited the global

wealth and investment management chief operating office. Upon joining BOA in 1995, she led projects and

strategic initiatives related to risk assessments, audit planning, and audit committee reporting as part of the

practices team. Early in her career, she was with PricewaterhouseCoopers.

Jason Cahaly Bio Being Finalized Gouri Veerubhotla Bio Being Finalized

Tuesday | October 2, 2018 11:15 a.m. – 12:15 p.m. CS 5-1: Unleashing the Power of Continuous Auditing

Christopher Paulison, CPA

Partner

Grant Thornton, LLP

New competitors are using innovative technologies to meet consumer expectations. In response to these

disruptive technologies, financial institutions are rethinking their business models and developing new ways to

provide products and services. As a result, risk profiles at financial institutions are changing. This session will

explore how internal auditors can prepare to audit these technologies and use these technologies to increase

efficiencies within internal audit.


• Identify innovative technologies and their impact on financial institutions.

• Examine the challenges of auditing innovative technologies.

• Discuss what internal audit departments should be doing to address these new risks.

• Explore ways internal audit can use innovation to improve efficiencies in their processes.

Chris Paulison has over 25 years of experience and serves as the leader for Grant Thornton’s financial services

center of excellence for internal audit. He is active in the financial institutions marketplace, providing client

services to banks of varying sizes and complexity, and has led large-scale global process transformations,

benchmarking/cost productivity/organizational design projects in the areas of business operations, internal

audit, regulatory compliance, and risk management; as well as supervision of simultaneous work across five

continents. Prior to Grant Thornton, Paulison served as partner for a Big 4 firm where he led the firm’s internal

audit/risk practice for the midwest region in financial services. He also served as the CAE for a Fortune 20

company. Paulison has worked with clients including HSBC, ABN AMRO, Ally, Bank of America, Bank of China,

BB&T, Citi, Deutsche Bank, Fidelity, Goldman Sachs, JP Morgan Chase, Morgan Stanley, PNC, RBS, US Bank, and

Wells Fargo.

CS 5-2: Co-Sourcing and Outsourcing: Why Do It?

Moderator:

Sabrina Serafin, CISA

Partner and National Practice Leader

Frazier & Deeter

Panelists:

Matthew Burgess, CPA

Executive Vice President and Chief Internal Auditor

First Financial Bancorp

Paul Calhoun, CPA

Executive Vice President and Chief Audit Executive

TowneBank

Bradley Carroll, CIA, QIAL, CFSA, CRMA, CPA, CFF

Senior Vice President and Director, Internal audit

State Bank Financial Corporation

Steve Jameson, CIA, CPA, CFE

Executive Vice President and Chief Internal Audit & Risk Officer

Community Trust Bancorp, Inc.

This will be a panel discussion on why to out/co-source. (Standard 1210; SME for specific areas, HR constraints

in small banks, cost considerations). Participants will learn the characteristics of each, pros/cons (SMEs, direct

report to AC, scope creep, workpaper ownership, workpaper/report consistency), and how each CAE manages

the out/co-source arrangements at their institution (who selects/engages, who manages, multiple partners or

one for all out/co-sourcing needs, effect on QAIP program, meeting SR 13-1 requirements).


• Recognize the difference between co-sourcing and outsourcing; analyze the characteristics of each and

determine which are pros and cons in their model.

• Determine the level to which their department should rely on co-sourcing or outsourcing: strategic

placement to supplement work or complete transfer of the audit plan?

• Develop a plan for seamless integration among multiple SME partners (co-sourced or outsourced) and

in-sourced staff.

Sabrina Serafin Bio Being Finalized

Matthew Burgess Bio Being Finalized

Paul Calhoun Bio Being Finalized

Bradley Carroll began his career in internal audit with Central Bank LA after graduating from college. Upon the

sale of Central Bank, he moved to an internal auditor position for Carter's Childrenswear and Wachovia Bank.

He then pursued public accounting for the next 14 years, starting and then selling a CPA practice. Carroll

transitioned back into internal audit when he was hired as the CAE of a two-year old $3 billion community

bank using outsourced services for internal audit with the challenge of developing and staffing the bank’s own

internal audit function.

Steve Jameson Bio Being Finalized

CS 5-3: How Strong Is Your Ability to Effectively Challenge Management?

Stephen Mills, CIA, CCSA, ACA

Managing Director

Promontory Financial Group

Andrew Jackson, CIA

Chief Audit Executive

TCF Financial Corporation

U.S. bank supervisors have significant underlying concerns regarding internal audit's independence,

objectivity, and true ability to effectively challenge management. This session will discuss common regulatory

criticisms in this area and explore an approach and framework to self-assess and evaluate internal audit

strength and vulnerabilities regarding independence, objectivity, and challenge. The session will outline

tangible steps that can be taken to strengthen and demonstrate effective challenge to bank supervisors and

the audit committee.


• Describe and recognize the relationship between independence, objectivity, and challenge.

• Construct a framework to evaluate strengths and weaknesses relating to effective challenge.

• Formulate tangible actions to improve independence, objectivity, and the ability to truly challenge

management.

Stephen Mills has extensive global experience, having lived and worked in Asia, Europe, and the U.S. As a

managing director in Promontory Financial Group’s New York office, he advises clients in the areas of internal

audit and internal control frameworks, risk management, corporate governance, regulatory relationships,

compliance transformation, quality assurance and compliance testing, and regulatory compliance, including

BSA/AML and sanctions, mortgage servicing and loss mitigation practices, and model validation. Previously,

Mills spent nearly 20 years in global positions with American Express as a senior member of the global internal

audit team. He was general auditor of the company’s major U.S. and international bank subsidiaries, with

responsibility for global internal audit regulatory relationships.

Andrew Jackson has been with TCF Financial since 2012. Previously he served as CAE of First Horizon National

Corporation and executive vice president and corporate auditor in charge of the internal audit function at First

Tennessee Bank. Jackson is a member of The IIA’s Financial Services Advisory Board and the Financial Services

Conference Board.

Tuesday | October 2, 2018 1:15 – 2:30 p.m. General Session 4: CEO Perspectives: Internal Audit’s Value Proposition Facilitator: Christine Katziff Corporate General Auditor Bank of America Panelists Being Finalized In this panel session, chief executive officers representing a wide range of financial institutions will share their

perspectives and discuss the value they seek from internal audit in their organizations, effective

communication with stakeholders, current challenges across the industry, and more.


Hear directly from a panel of CEOs about the value of their audit teams.

Discuss the expectations of the role internal audit plays within their organizations.

Understand effective methods to build ongoing communication and trust with executive management.

Christine Katziff Bio Being Finalized

Tuesday | October 2, 2018 3:00 – 4:15 p.m. Closing Keynote: Creating Impactful Relationships With the C-Suite Margie Bastolla, CIA, CRMA Principal Margie Bastolla Facilitations, LLC In addition to good analytical skills, an understanding of the business, and knowledge of the organization’s key

risks, a great internal auditor should possess a knack for building solid relationships with management and the

C-suite. Not only are internal auditors with strong professional relationships happier and more productive at

work, if they are known and trusted by audit clients and executives, their recommendations are more likely to

be embraced.


Discover seven practical ways to enhance relationships with management and the C-suite.

Identify personal hang-ups that prevent them from building impactful relationships.

Learn what to say — and how to say it — during conversations with executives. Margie Bastolla is a professional trainer and speaker who provides customized, onsite training for internal auditors on both technical and soft skill topics. She has worked in over 40 countries, conducting hundreds of seminars, workshops, and conference sessions for corporations, government entities, U.N. agencies, and IIA chapters and institutes. Bastolla draws on 30 years of leadership experience in internal auditing, international relations, association management, and public accounting. Previously, she was an executive with The IIA’s global headquarters and an auditor with Worthen Banking Corporation and Deloitte.

monday | october 1, 2018 8:30 9:30 a.m. documents... · monday | october 1, 2018 11:15 a.m. –...

Documents