Program | Risk and Compliance Conference

7:00 AM – 5:30 PM

Registration Open

7:30 AM – 8:15 AM

Industry Insights Breakfast Sessions

Make the most of your conference experience by joining one of our expert corporate partners for an informative breakfast session on how you can overcome your everyday challenges with the use of their products and/or services. These sessions are designed to deliver practical insights while you enjoy your morning meal. A breakfast buffet will be available from 7:15 am – 7:45 am for attendees participating in these sessions.

8:00 AM – 8:30 AM

Coffee and Conversations in the Foyer

8:30 AM – 10:00 AM

General Session

Risk and compliance in a time of transformation – An industry outlook

The conference will open with a keynote address from ABA President and CEO Rob Nichols, setting the stage for the most pressing issues shaping the risk and compliance environment today. This opening session also launches a conference-long case study that will evolve over the next three days, allowing participants to explore how risk and compliance considerations play out across the enterprise in real time.

• Rob Nichols, President and CEO, American Bankers Association

10:00 AM – 10:30 AM

Move to next session

10:30 AM – 11:15 AM

Concurrent Series 1
Repeated in series 2

1A Human + AI integration = Faster decisions, fewer errors, stronger outcomes
Repeated in 2A

With AI adoption accelerating across the industry and talent demands shifting faster than job descriptions can keep up, the urgency is clear: banks that fail to pair AI integration with strengthened human competencies will face higher error rates, slower decisions, and widening performance gaps compared to their peers. At the same time, risk and compliance teams are under pressure to process more data and decisions than ever, and poorly integrated AI can introduce new risks—from over reliance on machine output to erosion of expertise and accountability. In this session, you’ll hear how banks are redesigning workflows to combine AI capabilities with the unique human skills that drive trust, judgment, leadership, and sound decision-making. We’ll explore use cases in communication, issues management, change management, data analysis, and daily workflow integration. You’ll walk away with a clearer understanding of where AI can meaningfully improve team performance, as well as practical ideas for investing in the human skills your team must elevate to thrive in an AI enabled environment.

• Shayna Hutchins Arrington, JD, MBA, Chief Risk Officer, ServBank
• Shannon Thomason, CRCM, CERP, Director of Regulatory Compliance, QCR Holdings, Inc.
• Moderator: Cara Williams, CERP, CRCM, CCEP-I, Chief Compliance Officer, Cornerstone Capital Bank

1B Agile governance redesign
Repeated in 2B

As business transformation accelerates, governance models built for linear processes and periodic oversight are increasingly mismatched to today’s operating realities. Senior risk and compliance leaders now face a strategic inflection point to redesign governance to enable speed, precision, and adaptability—while preserving institutional trust and control. Experts will walk through the key elements of a modernized, agile, intelligence driven governance framework within the 2nd line of defense. Expect discussions on: AI’s impact on governance—how automated monitoring, predictive analytics, and decision support tools are reshaping committee workflows, challenge functions, and escalation pathways; transforming Operational Risk Management through streamlined operating rhythms, clearer roles, smarter performance measures; and finally, building governance that is both efficient and effective by using optimization strategies that shorten cycle times and reduce friction without weakening oversight. You will walk away better able to improve your governance framework and models.

1C Fintech and crypto risks
Repeated in 2C

1D Updating risk assessments in the current environment
Repeated in 2D

Banks are facing a rapidly shifting risk landscape—driven by fraud, accelerating AI adoption, regulatory scrutiny and changing customer behaviors. However, some institutions are still using risk assessment frameworks and risk metrics that no longer reflect today’s exposure or emerging patterns, resulting in blind spots that could impact resource allocation and control effectiveness. The big question: when was the last time you refreshed your KPIs and KRIs? This session will help you assess your risk assessment process. including real life examples to help you assess the quality of your risk assessment process and determine if you are still measuring the right things. You will walk away with a better understanding of new risks and what new risk metrics are needed to reflect threats in the current environment.

• Daniel Birbal, Vice President, Head, Risk and Control Self Assessments, Product Group Lead, TD Bank
• Bill Tucker, CRC, CAF, CER, CIA, Chief Compliance Officer, First Carolina Bank

1E Debunking debanking risks
Repeated in 2E

Few issues generate as much heat—and as much misunderstanding—as “debanking.” Are institutions truly denying access, or are risk-based decisions being misinterpreted? And where do the Administration and federal regulators actually stand in the current environment? This session cuts through the noise by breaking down what debanking is and isn’t, highlighting where inconsistent practices can create regulatory or litigation exposure, and outlining what leaders can do to strengthen governance. Attendees will leave with a clearer view of the risks, the expectations, and the practical steps needed to ensure account actions are well supported, transparent, and defensible.

• David Monteiro, Partner, Sidley Austin, LLP
• Moderator: Kitty Ryan, Senior Vice President/Senior Counsel, Fair and Responsible Banking, American Bankers Association

1F CRA: It is time for a reset
Repeated in 2F

1G The other side of the house: What non-risk leaders wish risk officers knew about credit risk visibility
Repeated in 2G

Effective credit-risk management requires perspectives from across the institution. This session brings together non-risk voices who routinely encounter credit-risk indicators from customer behavior, operational processes, and market signals. Hear how their insights can help risk officers enhance risk detection, improve monitoring frameworks, and build stronger feedback loops that elevate enterprise-wide credit-risk awareness.

• Scott Nardi, Senior Vice President, Chief Risk and Compliance Officer, Republic Bank
• Moderator: Tiffany P. Temple, Senior Vice President, Director, Credit Risk Analytics, Hancock Whitney Bank

1H Third-party risk and fraud: Managing vendor and partner exposures
Repeated in 2H

11:15 AM – 11:30 AM

Move to next session

11:30 AM – 12:15 PM

Concurrent Series 2
Repeated from series 1

2A Human + AI integration = Faster decisions, fewer errors, stronger outcomes
Repeated from 1A

With AI adoption accelerating across the industry and talent demands shifting faster than job descriptions can keep up, the urgency is clear: banks that fail to pair AI integration with strengthened human competencies will face higher error rates, slower decisions, and widening performance gaps compared to their peers. At the same time, risk and compliance teams are under pressure to process more data and decisions than ever, and poorly integrated AI can introduce new risks—from over reliance on machine output to erosion of expertise and accountability. In this session, you’ll hear how banks are redesigning workflows to combine AI capabilities with the unique human skills that drive trust, judgment, leadership, and sound decision-making. We’ll explore use cases in communication, issues management, change management, data analysis, and daily workflow integration. You’ll walk away with a clearer understanding of where AI can meaningfully improve team performance, as well as practical ideas for investing in the human skills your team must elevate to thrive in an AI enabled environment.

• Shayna Hutchins Arrington, JD, MBA, Chief Risk Officer, ServBank
• Shannon Thomason, CRCM, CERP, Director of Regulatory Compliance, QCR Holdings, Inc.
• Moderator: Cara Williams, CERP, CRCM, CCEP-I, Chief Compliance Officer, Cornerstone Capital Bank

2B Agile governance redesign
Repeated from 1B

As business transformation accelerates, governance models built for linear processes and periodic oversight are increasingly mismatched to today’s operating realities. Senior risk and compliance leaders now face a strategic inflection point to redesign governance to enable speed, precision, and adaptability—while preserving institutional trust and control. Experts will walk through the key elements of a modernized, agile, intelligence driven governance framework within the 2nd line of defense. Expect discussions on: AI’s impact on governance—how automated monitoring, predictive analytics, and decision support tools are reshaping committee workflows, challenge functions, and escalation pathways; transforming Operational Risk Management through streamlined operating rhythms, clearer roles, smarter performance measures; and finally, building governance that is both efficient and effective by using optimization strategies that shorten cycle times and reduce friction without weakening oversight. You will walk away better able to improve your governance framework and models.

2C Fintech and crypto risks
Repeated from 1C

2D Updating risk assessments in the current environment
Repeated from 1D

Banks are facing a rapidly shifting risk landscape—driven by fraud, accelerating AI adoption, regulatory scrutiny and changing customer behaviors. However, some institutions are still using risk assessment frameworks and risk metrics that no longer reflect today’s exposure or emerging patterns, resulting in blind spots that could impact resource allocation and control effectiveness. The big question: when was the last time you refreshed your KPIs and KRIs? This session will help you assess your risk assessment process. including real life examples to help you assess the quality of your risk assessment process and determine if you are still measuring the right things. You will walk away with a better understanding of new risks and what new risk metrics are needed to reflect threats in the current environment.

• Daniel Birbal, Vice President, Head, Risk and Control Self Assessments, Product Group Lead, TD Bank
• Bill Tucker, CRC, CAF, CER, CIA, Chief Compliance Officer, First Carolina Bank

2E Debunking debanking risks
Repeated from 1E

Few issues generate as much heat—and as much misunderstanding—as “debanking.” Are institutions truly denying access, or are risk-based decisions being misinterpreted? And where do the Administration and federal regulators actually stand in the current environment? This session cuts through the noise by breaking down what debanking is and isn’t, highlighting where inconsistent practices can create regulatory or litigation exposure, and outlining what leaders can do to strengthen governance. Attendees will leave with a clearer view of the risks, the expectations, and the practical steps needed to ensure account actions are well supported, transparent, and defensible.

• David Monteiro, Partner, Sidley Austin, LLP
• Moderator: Kitty Ryan, Senior Vice President/Senior Counsel, Fair and Responsible Banking, American Bankers Association

2F CRA: It is time for a reset
Repeated from 1F

2G The other side of the house: What non-risk leaders wish risk officers knew about credit risk visibility
Repeated from 1G

Effective credit-risk management requires perspectives from across the institution. This session brings together non-risk voices who routinely encounter credit-risk indicators from customer behavior, operational processes, and market signals. Hear how their insights can help risk officers enhance risk detection, improve monitoring frameworks, and build stronger feedback loops that elevate enterprise-wide credit-risk awareness.

• Scott Nardi, Senior Vice President, Chief Risk and Compliance Officer, Republic Bank
• Moderator: Tiffany P. Temple, Senior Vice President, Director, Credit Risk Analytics, Hancock Whitney Bank

2H Third-party risk and fraud: Managing vendor and partner exposures
Repeated from 1H

12:15 PM – 1:30 PM

Partner Game Changers Luncheon

1:30 PM – 1:45 PM

Move to next session

1:45 PM – 2:30 PM

Concurrent Series 3
Repeated in series 4

3A Leveraging your model risk management program to incorporate AI
Repeated in 4A

Remember that unsettling feeling when Model Risk Management was new? That same alarm is ringing as AI usage creeps deeper into our organizations, including our MRM program. As the saying goes, there’s nothing new under the sun! But don’t panic - AI is just the next logical step! If your MRM program is robust, join us as we walk you through how many of the pieces necessary to manage AI risk already exist within your bank. You will learn how to reexamine and retool key components of your MRM strategy to support AI without reinventing the wheel.

• Sara Flores, CISS, CISM, CISA, CIPP/US, VP – Operational & Technology Risk, First National Bank of Omaha
• Mike Guglielmo, Managing Director, Darling Consulting Group
• Bill Tucker, CRCM, CAFP, CERP, CIA, Chief Compliance Officer, First Carolina Bank
• Moderator: Erika Ross, CERP, Senior Vice President, Chief Risk Officer, Isabella Bank

3B: Fast lanes and guardrails: Using AI across the mortgage lifecycle
Repeated in 4B

AI has the potential to accelerate every phase of the mortgage process, but speed without control can create risk. This session will explore the possibilities for using AI at various stages of the mortgage lifecycle—from lead generation and borrower engagement to underwriting, closing, QC, secondary market activities, and more—while also addressing use cases, regulatory oversight, and governance. Learn how to innovate responsibly without spinning out. Takeaway a list of potential intersections where AI could directly impact the mortgage lending cycle. Can’t get enough? Join us for a victory lap in Learning Lab #3 where we will conduct an even deeper diagnostic of each stage.

• Rod Alba, Senior Vice President, Real Estate Finance, Mortgage, American Bankers Association
• Moderator: Elizabeth (Betsy) Fredrickson, CRCM, Compliance Director, Wells Fargo Bank NA

3C Integrating AI into your enterprise risk framework
Repeated in 4C

3D Third-party risk gaps: Balancing AI innovation with appropriate controls
Part 1: Initial lifecycle and AI-ready due diligence
Repeated in 4D; Part 2 can be found in series 5A/6A

As AI adoption accelerates across third party providers, new—and often unexpected—risks are emerging throughout the vendor lifecycle, requiring clearer controls, updated due diligence, and stronger monitoring practices. In this two part deep dive into third party risk, Part 1 focuses on the early stages of the vendor lifecycle, where AI driven risks often surface first. This session examines how vendor selection, scoping, inherent risk assessment, and pre contract due diligence must evolve as more providers incorporate generative AI, machine learning, and automated decisioning into their services. Attendees will explore how to evaluate a vendor’s AI governance maturity, what new documentation and evidence requests should be considered, and how contractual controls must adapt to address data usage, model transparency, training data boundaries, and subcontracting or offshoring implications. Participants will leave with practical tools for identifying early lifecycle vulnerabilities and specific, actionable updates to their third party due diligence process. Be sure to attend Part 2, which builds on this foundation and provides a full lifecycle informed approach to strengthening ongoing supervision and updating the third party risk management (TPRM) framework.

• Lori Garcia, Director of Third-Party Risk Management, First National Bank of Texas
• Carol Trull Pittman, AIGP, Founder and CEO, RedKnot Resource Group
• Moderator: Aaron Rykowski, Executive Vice President and Chief Compliance Officer, WesBanco Bank, Inc.

3E Thinking about AI use cases: A discussion
Repeated in 4E

3F Rethinking monitoring and testing: Powered by AI and automation
Repeated in 4F

Banks are under increasing pressure to deliver faster insights, reduce manual workloads, and contain rising operating costs—yet many monitoring and testing programs remain slow, resource intensive, and increasingly misaligned with enterprise expectations. Institutions that continue to rely on legacy approaches risk higher costs, delayed detection, and a reduced ability to influence business decisions as risks evolve. This session explores how AI and automation can transform monitoring and testing by improving speed, accuracy, and efficiency across risk and compliance functions. Speakers will highlight practical opportunities to begin or enhance AI enabled monitoring, including use cases that reduce manual effort, expand coverage, and generate meaningful time and cost savings—while also addressing the governance and oversight considerations needed for responsible adoption. Attendees will leave a leadership perspective on where AI and automation can most effectively enhance monitoring and testing. They will also take away actionable perspectives on practical ways to apply AI and automation to accelerate monitoring and testing while expanding coverage.

• Nicole Anderson, Principal, PwC US Consulting LLP
• Scott Irwin, Executive Vice President and Chief Technology and Consumer Operations Officer, Security National Bank
• Moderator: Krysti Cunningham, CRCM CAMS CERP, Executive Vice President and Chief Risk Officer, Security National Bank

3G Next gen complaint intelligence: Stop collecting. Start leveraging.
Repeated in 4G

Banks don’t lack complaint data—what some lack is a smarter way to turn it into real intelligence. This session cuts through legacy processes to show how modern governance and AI can transform complaints into early warning signals, operational insights, and better customer experiences. If your current process generates reports instead of results, it’s time to rethink how complaint data can truly move the needle.

• Andy Steinbaugh, Director of Regulatory Change Management, First National Bank of Omaha
• Laurie Swiggett, CRCM, CERP, Senior Vice President, Director of Compliance, UDAAP Oversight, KeyBank
• Moderator: Elizabeth Snyder Dalzell, CRCM, Risk and Compliance Consultant

2:30 PM – 2:45 PM

Move to next session

2:45 PM – 3:30 PM

Concurrent Series 4
Repeated from series 3

4A Leveraging your model risk management program to incorporate AI
Repeated from 3A

Remember that unsettling feeling when Model Risk Management was new? That same alarm is ringing as AI usage creeps deeper into our organizations, including our MRM program. As the saying goes, there’s nothing new under the sun! But don’t panic - AI is just the next logical step! If your MRM program is robust, join us as we walk you through how many of the pieces necessary to manage AI risk already exist within your bank. You will learn how to reexamine and retool key components of your MRM strategy to support AI without reinventing the wheel.

• Sara Flores, CISS, CISM, CISA, CIPP/US, VP – Operational & Technology Risk, First National Bank of Omaha
• Mike Guglielmo, Managing Director, Darling Consulting Group
• Bill Tucker, CRCM, CAFP, CERP, CIA, Chief Compliance Officer, First Carolina Bank
• Moderator: Erika Ross, CERP, Senior Vice President, Chief Risk Officer, Isabella Bank

4B Fast lanes and guardrails: Using AI across the mortgage lifecycle
Repeated from 3B

AI has the potential to accelerate every phase of the mortgage process, but speed without control can create risk. This session will explore the possibilities for using AI at various stages of the mortgage lifecycle—from lead generation and borrower engagement to underwriting, closing, QC, secondary market activities, and more—while also addressing use cases, regulatory oversight, and governance. Learn how to innovate responsibly without spinning out. Takeaway a list of potential intersections where AI could directly impact the mortgage lending cycle. Can’t get enough? Join us for a victory lap in Learning Lab #3 where we will conduct an even deeper diagnostic of each stage.

• Rod Alba, Senior Vice President, Real Estate Finance, Mortgage, American Bankers Association
• Moderator: Elizabeth (Betsy) Fredrickson, CRCM, Compliance Director, Wells Fargo Bank NA

4C Integrating AI into your enterprise risk framework
Repeated from 3C

4D Third-party risk gaps: Balancing AI innovation with appropriate controls
Part 1: Initial lifecycle and AI-ready due diligence
Repeated from 3D; Part 2 can be found in series 5A/6A

As AI adoption accelerates across third party providers, new—and often unexpected—risks are emerging throughout the vendor lifecycle, requiring clearer controls, updated due diligence, and stronger monitoring practices. In this two part deep dive into third party risk, Part 1 focuses on the early stages of the vendor lifecycle, where AI driven risks often surface first. This session examines how vendor selection, scoping, inherent risk assessment, and pre contract due diligence must evolve as more providers incorporate generative AI, machine learning, and automated decisioning into their services. Attendees will explore how to evaluate a vendor’s AI governance maturity, what new documentation and evidence requests should be considered, and how contractual controls must adapt to address data usage, model transparency, training data boundaries, and subcontracting or offshoring implications. Participants will leave with practical tools for identifying early lifecycle vulnerabilities and specific, actionable updates to their third party due diligence process. Be sure to attend Part 2, which builds on this foundation and provides a full lifecycle informed approach to strengthening ongoing supervision and updating the third party risk management (TPRM) framework.

• Lori Garcia, Director of Third-Party Risk Management, First National Bank of Texas
• Carol Trull Pittman, AIGP, Founder and CEO, RedKnot Resource Group
• Moderator: Aaron Rykowski, Executive Vice President and Chief Compliance Officer, WesBanco Bank, Inc.

4E Thinking about AI use cases: A discussion
Repeated from 3E

4F Rethinking monitoring and testing: Powered by AI and automation
Repeated from 3F

Banks are under increasing pressure to deliver faster insights, reduce manual workloads, and contain rising operating costs—yet many monitoring and testing programs remain slow, resource intensive, and increasingly misaligned with enterprise expectations. Institutions that continue to rely on legacy approaches risk higher costs, delayed detection, and a reduced ability to influence business decisions as risks evolve. This session explores how AI and automation can transform monitoring and testing by improving speed, accuracy, and efficiency across risk and compliance functions. Speakers will highlight practical opportunities to begin or enhance AI enabled monitoring, including use cases that reduce manual effort, expand coverage, and generate meaningful time and cost savings—while also addressing the governance and oversight considerations needed for responsible adoption. Attendees will leave a leadership perspective on where AI and automation can most effectively enhance monitoring and testing. They will also take away actionable perspectives on practical ways to apply AI and automation to accelerate monitoring and testing while expanding coverage.

• Nicole Anderson, Principal, PwC US Consulting LLP
• Scott Irwin, Executive Vice President and Chief Technology and Consumer Operations Officer, Security National Bank
• Moderator: Krysti Cunningham, CRCM CAMS CERP, Executive Vice President and Chief Risk Officer, Security National Bank

4G Next gen complaint intelligence: Stop collecting. Start leveraging.
Repeated from 3G

Banks don’t lack complaint data—what some lack is a smarter way to turn it into real intelligence. This session cuts through legacy processes to show how modern governance and AI can transform complaints into early warning signals, operational insights, and better customer experiences. If your current process generates reports instead of results, it’s time to rethink how complaint data can truly move the needle.

• Andy Steinbaugh, Director of Regulatory Change Management, First National Bank of Omaha
• Laurie Swiggett, CRCM, CERP, Senior Vice President, Director of Compliance, UDAAP Oversight, KeyBank
• Moderator: Elizabeth Snyder Dalzell, CRCM, Risk and Compliance Consultant

3:30 PM – 4:00 PM

Move to next session

4:00 PM – 5:00 PM

General Session

The future is here: Adoption of AI into everyday risk and compliance functions

5:00 PM – 6:15 PM

Opening Reception in The Hub

New in The Hub: AI Lab Experience

This innovative lab showcases practical, real-world AI applications for risk and compliance professionals every time the exhibit hall is open. You’ll be able to see real-time how you can utilize AI to improve your workflows and productivity—live!

6:30 PM – 8:00 PM

ABA Certifications Reception for current CRCMs, CERPs and CAFPs only

7:30 AM – 5:30 PM

Registration Open

7:30 AM – 8:15 AM

Industry Insights Breakfast Sessions

Make the most of your conference experience by joining one of our expert corporate partners for an informative breakfast session on how you can overcome your everyday challenges with the use of their products and/or services. These sessions are designed to deliver practical insights while you enjoy your morning meal. A breakfast buffet will be available from 7:15 am – 7:45 am for attendees participating in these sessions.

Sponsored by Grant Thornton, Kadince, nContracts and Plaid

8:00 AM – 8:30 AM

Coffee and Conversations in the Foyer

8:30 AM – 9:45 AM

General Session

Reset and rethink – Moving into a growth and profitability mindset

Part 1: Navigating compliance as growth-oriented strategy

Part 2: Shift Enterprise Risk to Broaden Business Opportunities

Risk and compliance functions have long partnered with the first line to provide oversight, challenge, and risk assessments. Now, with regulatory pullback and rapid advances in technology, is the time to reassess how these functions can contribute to profitability beyond traditional efficiency gains. Risk and compliance leaders are increasingly using their data and insights to inform business line strategic decisions and identify new revenue opportunities, resulting in a strengthened partnership across the institution. This session features two panels—first compliance executives, then risk executives—from banks of varying sizes. They will share practical examples of how they are positioning their teams as proactive partners in shaping business strategy and supporting growth.

Compliance Panel:

• Lisa Grigg, Chief Compliance Officer, US Bank
• Renee Huffaker, CRCM, Executive Director Enterprise Risk and Compliance, Arvest Bank
• Aaron Rykowski, Executive Vice President and Chief Compliance Officer, WesBanco Bank, Inc.
• Daniel D. Soto, CAMS, Chief Compliance Officer, Ally Financial

Risk Panel:

• Nick Baxter, Executive Vice President, Chief Risk Officer, First National Bank of Omaha
• Krysti Cunningham, CRCM, CAMS, Senior Vice President, Chief Risk Officer, Security National Bank
• Seth Goldkrantz, Senior Vice President, Bank Chief Risk Officer, USAA Federal Savings Bank

• Session moderator: Ryan Rasske, Senior Vice President, Risk and Compliance Markets, American Bankers Association

9:45 AM – 10:45 AM

Coffee Break in The Hub

10:45 AM – 11:30 AM

Concurrent Series 5 Repeated in series 6

5A Third-party risk gaps: Balancing AI innovation with appropriate controls
Part 2: Oversight, monitoring and resilience Repeated in 6A; Part 1 can be found in series 3D/4D

As AI adoption accelerates across third-party providers, new—and often unexpected—risks continue to emerge throughout the vendor lifecycle, requiring stronger oversight, clearer controls, and more dynamic monitoring practices. Part 2 of this two-part exploration shifts the focus to ongoing oversight, where AI-driven third-party risks can expand rapidly if not continuously monitored. This session examines how the use of AI reshapes expectations around data access, implementation oversight, change management, operational resilience, model updates, and concentration risk once a vendor is live. Attendees will discuss the monitoring signals institutions should be tracking, how to validate vendor assurances related to data isolation and model changes, and what effective resilience and exit strategies look like when AI capabilities are embedded in critical workflows. After participating in both sessions, attendees will leave with a lifecycle-informed approach to strengthening ongoing supervision and updating their third-party risk management (TPRM) frameworks to reflect the speed and complexity of AI-enabled third-party environments.

• Lori Garcia, Director of Third-Party Risk Management, First National Bank of Texas
• Carol Trull Pittman, AIGP, Founder and CEO, RedKnot Resource Group
• Moderator: Aaron Rykowski, Executive Vice President and Chief Compliance Officer, WesBanco Bank, Inc.

5B Stablecoins and tokenized deposits: Risks, rewards and reality Repeated in 6B

This presentation provides bank compliance officers with a practical, regulator-informed framework for understanding stablecoins and tokenized deposits, collectively referred to as tokenized money, and their implications for regulated financial institutions. It explains how these instruments operate, the commercial and strategic drivers behind their adoption, and how they intersect with core banking activities, including payments, deposits, settlement, and custody. The session examines the evolving U.S. regulatory landscape and outlines key compliance risks, including AML and sanctions exposure, counterparty and reserve risk, consumer protection obligations, operational resilience, cybersecurity, and third-party vendor oversight. It concludes with a forward-looking assessment of how tokenized money may reshape bank funding, payments infrastructure, and balance sheet strategy, and identifies concrete actions compliance functions should take now to prepare.

• Ben Hailey, Head of Risk and Compliance, Stablecore
• Moderator: Kaye Lynch-Sparks, Senior Director & Counsel, Innovation Policy, Office of Innovation, American Bankers Association

5C Pit stops, pace laps and the final lap: Navigating risk and compliance considerations throughout the M&A lifecycle Repeated in 6C

Mergers and acquisitions don’t happen in a single lap—they are a full race. This session will cover the full range of both key and emerging risk and compliance considerations involved in each “lap.” We’ll explore the latest concerns in due diligence, regulatory approval, legal day 1 readiness, and post-closing integration. By the end of the session, you will be a pit crew member, ready to respond to changes in the race and apply your upgraded M&A playbook from start to finish. Expect specific items you can add to your current playbook to reflect new and emerging risks.

• Chris Spellman, Chief Compliance Officer, Capital Bank
• Lynn A. Tarantino, CRCM, CAMS, Senior Vice President, Deputy Chief Risk Officer, Fulton Bank
• Cara Williams, CERP, CRCM, CCEP-I, Chief Compliance Officer, Cornerstone Capital Bank
• Moderator: Thomas Williams, CRCM, CCBIA, Executive Vice President, ACT Specialist Compliance Director, United Bank

5D Cloud migration strategies: Balancing innovation and vendor risk Repeated in 6D

5E Underwriting approaches (Fair lending approach) Repeated in 6E

5F Providing credible challenge to credit risk reporting Repeated in 6F

5G AI and cybersecurity: Leveraging AI risk management frameworks to address cyber risks Repeated in 6G

As cyber threats accelerate and AI reshapes the attack surface, risk leaders are increasingly accountable for explaining, governing, and defending cyber risk at the board and regulatory level. This session examines how banks are using the NIST Risk Management AI Framework as well as the Cyber Risk Institute (CRI) CRI AI Profile to translate cybersecurity and AI-related risks into a consistent, enterprise-wide risk framework. Featuring insights from CRI and bankers actively implementing the Profile, the discussion will focus on lessons learned, governance challenges, and what risk officers need to understand to ensure cyber resilience is more than a compliance exercise. Designed for CROs, enterprise risk leaders, and compliance executives, this session will provide concrete examples of how cyber risk intersects with operational resilience, third-party risk, and AI governance—and how to ensure effective implementation becomes an enterprise-wide priority.

• Emily Beam, Managing Director & Chief Operating Officer, Cyber Risk Institute
• Matt Henderson, CISA, CISM, CRISC, CISSP, Senior Vice President, Chief Information Security Officer, Capital City Bank
• Moderator: John Carlson, Senior Vice President, Cyber Security Regulation and Resilience, American Bankers Association

5H Closing supervisory gaps and setting standards for AI validation Repeated in 6H

Keeping up with AI policy is a challenge in itself—this session will make it easier. We’ll walk through the most important developments shaping the regulatory landscape, starting with practical solutions for addressing gaps in existing model risk management supervisory guidance, especially as technology and operational practices have evolved since 2011. We’ll also explore the emergence of standard setting organizations focused on AI validation methodologies and discuss what increased agency reliance on these external standards could mean for banks. This includes how deference to such standards may influence due diligence expectations for AI service providers and reshape future oversight. Attendees will come away with a clearer understanding of where AI policy is heading and how to prepare their risk and compliance programs accordingly.

• Medha Bankhwal, Associate Partner, Co-leader, AI Trust Practice, QuantumBlack, AI by McKinsey
• Viktor Tsyrennikov, Vice President, Charles River Associates
• Moderator: Ryan T. Miller, CIPP/US, Vice President & Senior Counsel, Innovation Policy, American Bankers Association

11:30 AM – 11:45 AM

Move to next session

11:45 AM – 12:30 PM

Concurrent Series 6 Repeated from series 5

6A Third-party risk gaps: Balancing AI innovation with appropriate controls
Part 2: Oversight, monitoring and resilience Repeated from 5A; Part 1 can be found in series 3D/4D

As AI adoption accelerates across third-party providers, new—and often unexpected—risks continue to emerge throughout the vendor lifecycle, requiring stronger oversight, clearer controls, and more dynamic monitoring practices. Part 2 of this two-part exploration shifts the focus to ongoing oversight, where AI-driven third-party risks can expand rapidly if not continuously monitored. This session examines how the use of AI reshapes expectations around data access, implementation oversight, change management, operational resilience, model updates, and concentration risk once a vendor is live. Attendees will discuss the monitoring signals institutions should be tracking, how to validate vendor assurances related to data isolation and model changes, and what effective resilience and exit strategies look like when AI capabilities are embedded in critical workflows. After participating in both sessions, attendees will leave with a lifecycle-informed approach to strengthening ongoing supervision and updating their third-party risk management (TPRM) frameworks to reflect the speed and complexity of AI-enabled third-party environments.

• Lori Garcia, Director of Third-Party Risk Management, First National Bank of Texas
• Carol Trull Pittman, AIGP, Founder and CEO, RedKnot Resource Group
• Moderator: Aaron Rykowski, Executive Vice President and Chief Compliance Officer, WesBanco Bank, Inc.

6B Stablecoins and tokenized deposits: Risks, rewards and reality Repeated from 5B

This presentation provides bank compliance officers with a practical, regulator-informed framework for understanding stablecoins and tokenized deposits, collectively referred to as tokenized money, and their implications for regulated financial institutions. It explains how these instruments operate, the commercial and strategic drivers behind their adoption, and how they intersect with core banking activities, including payments, deposits, settlement, and custody. The session examines the evolving U.S. regulatory landscape and outlines key compliance risks, including AML and sanctions exposure, counterparty and reserve risk, consumer protection obligations, operational resilience, cybersecurity, and third-party vendor oversight. It concludes with a forward-looking assessment of how tokenized money may reshape bank funding, payments infrastructure, and balance sheet strategy, and identifies concrete actions compliance functions should take now to prepare.

• Ben Hailey, Head of Risk and Compliance, Stablecore
• Moderator: Kaye Lynch-Sparks, Senior Director & Counsel, Innovation Policy, Office of Innovation, American Bankers Association

6C Pit stops, pace laps and the final lap: Navigating risk and compliance considerations throughout the M&A lifecycle Repeated from 5C

Mergers and acquisitions don’t happen in a single lap—they are a full race. This session will cover the full range of both key and emerging risk and compliance considerations involved in each “lap.” We’ll explore the latest concerns in due diligence, regulatory approval, legal day 1 readiness, and post-closing integration. By the end of the session, you will be a pit crew member, ready to respond to changes in the race and apply your upgraded M&A playbook from start to finish. Expect specific items you can add to your current playbook to reflect new and emerging risks.

• Chris Spellman, Chief Compliance Officer, Capital Bank
• Lynn A. Tarantino, CRCM, CAMS, Senior Vice President, Deputy Chief Risk Officer, Fulton Bank
• Cara Williams, CERP, CRCM, CCEP-I, Chief Compliance Officer, Cornerstone Capital Bank
• Moderator: Thomas Williams, CRCM, CCBIA, Executive Vice President, ACT Specialist Compliance Director, United Bank

6D Cloud migration strategies: Balancing innovation and vendor risk Repeated from 5D

6E Underwriting approaches (Fair lending approach) Repeated from 5E

6F Providing credible challenge to credit risk reporting Repeated from 5F

6G AI and cybersecurity: Leveraging AI risk management frameworks to address cyber risks Repeated from 5G

As cyber threats accelerate and AI reshapes the attack surface, risk leaders are increasingly accountable for explaining, governing, and defending cyber risk at the board and regulatory level. This session examines how banks are using the NIST Risk Management AI Framework as well as the Cyber Risk Institute (CRI) CRI AI Profile to translate cybersecurity and AI-related risks into a consistent, enterprise-wide risk framework. Featuring insights from CRI and bankers actively implementing the Profile, the discussion will focus on lessons learned, governance challenges, and what risk officers need to understand to ensure cyber resilience is more than a compliance exercise. Designed for CROs, enterprise risk leaders, and compliance executives, this session will provide concrete examples of how cyber risk intersects with operational resilience, third-party risk, and AI governance—and how to ensure effective implementation becomes an enterprise-wide priority.

• Emily Beam, Managing Director & Chief Operating Officer, Cyber Risk Institute
• Matt Henderson, CISA, CISM, CRISC, CISSP, Senior Vice President, Chief Information Security Officer, Capital City Bank
• Moderator: John Carlson, Senior Vice President, Cyber Security Regulation and Resilience, American Bankers Association

6H Closing supervisory gaps and setting standards for AI validation Repeated from 5H

Keeping up with AI policy is a challenge in itself—this session will make it easier. We’ll walk through the most important developments shaping the regulatory landscape, starting with practical solutions for addressing gaps in existing model risk management supervisory guidance, especially as technology and operational practices have evolved since 2011. We’ll also explore the emergence of standard setting organizations focused on AI validation methodologies and discuss what increased agency reliance on these external standards could mean for banks. This includes how deference to such standards may influence due diligence expectations for AI service providers and reshape future oversight. Attendees will come away with a clearer understanding of where AI policy is heading and how to prepare their risk and compliance programs accordingly.

• Medha Bankhwal, Associate Partner, Co-leader, AI Trust Practice, QuantumBlack, AI by McKinsey
• Viktor Tsyrennikov, Vice President, Charles River Associates
• Moderator: Ryan T. Miller, CIPP/US, Vice President & Senior Counsel, Innovation Policy, American Bankers Association

12:30 PM – 2:00 PM

Lunch in The Hub

2:00 PM – 2:45 PM

Concurrent Series 7 Repeated in series 8

7A The payments risk balancing act: Speed, safety and customers Repeated in 8A

Electronic payments are now the customer expectation—but when network rules, third party risk, and change management fall out of sync, the friction is immediate and felt: failed payments, delayed funds availability, customer complaints, and regulatory exposure. Each breakdown carries a real economic cost—measured in dollars per transaction, days of cash flow delay, increased servicing expense, and escalating compliance risk. As payment rails evolve faster than many risk programs, the gap is widening. This session examines the convergence of payment network rules, TPRM, risk assessments, and regulatory consumer compliance, equipping attendees with practical, actionable insights to identify, prioritize, and mitigate these risks before they impact customers, revenue, or regulators.

• Devon Marsh, APRP, Managing Director, ACH Network Rules and Risk Management, NACHA
• Raji Sathappan, CPA, MBA, CRCM, CAMS, CISA, Managing Director, Mercadien Group
• Moderator: Scott H. Pope, CRCM, Senior Vice President, Payments CRO Risk and Compliance Senior Manager - Consumer and Small Business Payments, US Bank

7B Get off the bench! Time to update your KRIs!!! Repeated in 8B

Managers of all teams change and evolve and strive for continuous improvement. Now is the time to update, refresh and recalibrate the bank’s Key Risk Indicator Program. In this session, you’ll rethink all you know as you hear about the latest practices in updating and adding new KRIs, reviewing thresholds and tolerances, and recalibrating your KRI breach procedures.

• Mary Clouthier, Executive Vice President, Chief Risk Officer, Cornerstone Capital Bank, SSB
• Stephanie Noble, MBA, CERP, Chief Risk Officer, Sunflower Bank
• Marion Quaye Brown, MBA, Senior Vice President, Deputy Business Unit Chief Risk Officer, Truist

7C A strategic reset for your fair and responsible banking program: Modernizing without overhauling Repeated in 8C

With shifting regulatory priorities, now’s the time to refresh your fair and responsible banking program. This session will discuss approaches to streamlined monitoring, provide tools to help fine tune your SPCP to withstand review, and identify AI tools that enhance analytics while keeping you compliant.

• Maureen E. Carollo, CRCM, CAMS, Fair Lending Manager, Assistant Vice President - Compliance, MidFirst Bank
• Andrea K. Mitchell, Managing Partner, Mitchell Sandler PLLC
• Kitty Ryan, Senior Vice President/Senior Counsel, Fair and Responsible Banking, American Bankers Association
• Moderator: Sandy Knight, CAFP, CRCM, Senior Vice President, Chief Compliance Officer, Director of Fair and Responsible Banking, First National Bank Texas

7D Speaking the business language: Advancing risk and compliance through influence Repeated in 8D

Effective risk and compliance leaders rarely operate with direct authority—but they are expected to influence decisions across the enterprise. This panel discussion explores practical strategies for communicating up, across, and beyond traditional reporting lines, with a focus on influence, relationship building, and credibility. Panelists will discuss how to frame risk and compliance conversations to encourage engagement rather than resistance, including techniques for translating complex regulatory and risk concepts into clear, plain language that resonates with business partners and senior leadership. The session will also examine how tools such as AI can support this translation process—helping teams tailor messages, anticipate questions, and communicate more effectively at scale. Attendees will leave with tactical tools for strengthening cross functional communication, better understanding different communication styles, and advancing compliance objectives through influence rather than authority.

• Moderator: Elizabeth (Beth) A. Reister, Chief Compliance Officer, Fulton Bank

7E Customer journey friction vs. risk: Finding the sweet spot in customer verification Repeated in 8E

7F Strengthening oversight: Credible challenge in portfolio risk analytics Repeated in 8F

7G CRE markets are improving, but credit risk continues to require due diligence Repeated in 8G

Join us for a fireside chat with an economist and a chief credit officer as they review sub asset classes that are improving, but what areas still require focus for credit risk.

• Warren B. Hrung, Head of Research, Banking and Economic Policy Research, American Bankers Association
• Moderator: Sharon Whitaker, Vice President, CRE & Mortgage Finance, American Bankers Association

7H Managing BaaS risks: Next-level TPRM Repeated in 8H

Banking as a Service can be an opportunity for banks to digitize and modernize. If done well, BaaS benefits can be multifaceted, bringing customers (and revenue streams) to your bank. But there are risks in these relationships - compliance, BSA, third-party and financial to name a few. Join us as we discuss the oversight and service responsibilities to manage BaaS relationships in a safe and sound manner.

• Erica De La Zerda, CFE, CCBX, Senior Vice President, Director of Risk, Coastal Bank
• Daniel P. Stipano, Partner, Davis Polk
• Moderator: Ann Marie Tarantino CRCM, CRP, AMLP, Senior Vice President, Chief Compliance Officer and Risk Officer, Esquire Bank, N.A.

2:45 PM – 3:45 PM

Dessert Break in The Hub

3:45 PM – 5:15 PM

General Session

Art of the scam: Lessons from the front lines

Step inside the world of scammers and fraudsters during an interactive general session that blends live demonstration and expert insight. Renowned scam baiter Kitboga will showcase real tactics used by scammers to manipulate victims, followed by a candid fireside chat on solutions. Expect to hear insights into the anatomy of common scams and learn about emerging threats. Attendees will leave with a deeper understanding of how scammers think—and actionable ideas to strengthen defenses.

• Kitboga, Scam education content creator, fraud prevention expert, software engineer and CEO of Seraph Secure
• Moderator: Paul Benda, Executive Vice President, Risk, Fraud and Cyber Security, American Bankers Association

5:30 PM – 7:30 PM

Reception: An evening of NASCAR history and fun

Join your industry peers and colleagues for an exclusive night of networking and fun at our reception in the NASCAR Hall of Fame — a shrine to the history and heritage of one of America’s favorite sports. You won’t want to miss this dynamic and immersive experience that blends the excitement of racing with first-class hospitality.

• Enjoy more than 50 interactive exhibits and legendary race cars
• Get behind the wheel of an iRacing simulator on your favorite track
• See if you have what it takes to make the team in our Pit Crew Challenge

7:30 AM – 5:30 PM

Registration Open

7:30 AM – 8:15 AM

Industry Insights Breakfast Sessions

Make the most of your conference experience by joining one of our expert corporate partners for an informative breakfast session on how you can overcome your everyday challenges with the use of their products and/or services. These sessions are designed to deliver practical insights while you enjoy your morning meal. A breakfast buffet will be available from 7:15 am – 7:45 am for attendees participating in these sessions.

Sponsored by Abrigo, Continuous, Mitratech and Wolters Kluwer

8:00 AM – 8:30 AM

Coffee and Conversations in the Foyer

8:30 AM – 9:15 AM

Concurrent Series 8
Repeated from series 7

8A The payments risk balancing act: Speed, safety and customers
Repeated from 7A

Electronic payments are now the customer expectation—but when network rules, third party risk, and change management fall out of sync, the friction is immediate and felt: failed payments, delayed funds availability, customer complaints, and regulatory exposure. Each breakdown carries a real economic cost—measured in dollars per transaction, days of cash flow delay, increased servicing expense, and escalating compliance risk. As payment rails evolve faster than many risk programs, the gap is widening. This session examines the convergence of payment network rules, TPRM, risk assessments, and regulatory consumer compliance, equipping attendees with practical, actionable insights to identify, prioritize, and mitigate these risks before they impact customers, revenue, or regulators.

• Devon Marsh, APRP, Managing Director, ACH Network Rules and Risk Management, NACHA
• Raji Sathappan, CPA, MBA, CRCM, CAMS, CISA, Managing Director, Mercadien Group
• Moderator: Scott H. Pope, CRCM, Senior Vice President, Payments CRO Risk and Compliance Senior Manager - Consumer and Small Business Payments, US Bank

8B Get off the bench! Time to update your KRIs!!!
Repeated from 7B

Managers of all teams change and evolve and strive for continuous improvement. Now is the time to update, refresh and recalibrate the bank’s Key Risk Indicator Program. In this session, you’ll rethink all you know as you hear about the latest practices in updating and adding new KRIs, reviewing thresholds and tolerances, and recalibrating your KRI breach procedures.

• Mary Clouthier, Executive Vice President, Chief Risk Officer, Cornerstone Capital Bank, SSB
• Stephanie Noble, MBA, CERP, Chief Risk Officer, Sunflower Bank
• Marion Quaye Brown, MBA, Senior Vice President, Deputy Business Unit Chief Risk Officer, Truist

8C A strategic reset for your fair and responsible banking program: Modernizing without overhauling
Repeated from 7C

With shifting regulatory priorities, now’s the time to refresh your fair and responsible banking program. This session will discuss approaches to streamlined monitoring, provide tools to help fine tune your SPCP to withstand review, and identify AI tools that enhance analytics while keeping you compliant.

• Maureen E. Carollo, CRCM, CAMS, Fair Lending Manager, Assistant Vice President - Compliance, MidFirst Bank
• Andrea K. Mitchell, Managing Partner, Mitchell Sandler PLLC
• Kitty Ryan, Senior Vice President/Senior Counsel, Fair and Responsible Banking, American Bankers Association
• Moderator: Sandy Knight, CAFP, CRCM, Senior Vice President, Chief Compliance Officer, Director of Fair and Responsible Banking, First National Bank Texas

8D Speaking the business language: Advancing risk and compliance through influence
Repeated from 7D

Effective risk and compliance leaders rarely operate with direct authority—but they are expected to influence decisions across the enterprise. This panel discussion explores practical strategies for communicating up, across, and beyond traditional reporting lines, with a focus on influence, relationship building, and credibility. Panelists will discuss how to frame risk and compliance conversations to encourage engagement rather than resistance, including techniques for translating complex regulatory and risk concepts into clear, plain language that resonates with business partners and senior leadership. The session will also examine how tools such as AI can support this translation process—helping teams tailor messages, anticipate questions, and communicate more effectively at scale. Attendees will leave with tactical tools for strengthening cross functional communication, better understanding different communication styles, and advancing compliance objectives through influence rather than authority.

• Moderator: Elizabeth (Beth) A. Reister, Chief Compliance Officer, Fulton Bank

8E Customer journey friction vs. risk: Finding the sweet spot in customer verification
Repeated from 7E

8F Strengthening oversight: Credible challenge in portfolio risk analytics
Repeated from 7F

8G CRE markets are improving, but credit risk continues to require due diligence
Repeated from 7G

Join us for a fireside chat with an Economist and a Chief Credit Officer as they review sub asset classes that are improving, but what areas still require focus for credit risk.

• Warren B. Hrung, Head of Research, Banking and Economic Policy Research, American Bankers Association
• Moderator: Sharon Whitaker, Vice President, CRE & Mortgage Finance, American Bankers Association

8H Managing BaaS risks: Next-level TPRM
Repeated from 7H

Banking as a Service can be an opportunity for banks to digitize and modernize. If done well, BaaS benefits can be multifaceted, bringing customers (and revenue streams) to your bank. But there are risks in these relationships - compliance, BSA, third-party and financial to name a few. Join us as we discuss the oversight and

• Erica De La Zerda, CFE, CCBX, Senior Vice President, Director of Risk, Coastal Bank
• Daniel P. Stipano, Partner, Davis Polk
• Moderator: Ann Marie Tarantino CRCM, CRP, AMLP, Senior Vice President, Chief Compliance Officer and Risk Officer, Esquire Bank, N.A.

9:15 AM – 10:15 AM

Coffee Break in The Hub

10:15 AM – 10:45 AM

Reg Bursts Series 1– Your quick takeaways from Washington
(offering eight options – repeated next series)

Reg Burst #1: Reg pressure points: The AML/CFT & OFAC changes driving your 2026 risk priorities
Repeated in next series

As financial crimes evolve, regulators are tightening their focus on the pressure points where banks face the greatest exposure — from beneficial ownership and high-risk customer activity to sanctions vulnerabilities. In this fast-paced briefing, we’ll pinpoint the AML/CFT and OFAC changes most likely to drive your 2026 risk priorities, reshape budgets, and influence exam readiness. Leave with a clear view of looming deadlines, operational impacts, and the cross-team steps required to stay ahead without overspending.

• Heather Trew, Senior Vice President and Counsel, BSA, AML, Sanctions Compliance and Policy, American Bankers Association

Reg Burst #2: Improving your cybersecurity resilience in today’s environment
Repeated in next series

As government agencies recalibrate their resources and enforcement priorities, financial institutions are carrying a larger share of responsibility for maintaining cybersecurity resilience. This session provides a concise, practical overview of what that shift means for the industry and how banks can strengthen their defenses amid rising residual risk. This session will highlight areas where banks may experience greater operational pressure or risk exposure. Additionally, participants will hear top recommendations for anchoring their programs in proven cybersecurity and operational risk frameworks, sound vendor risk governance, and strong incident response planning—regardless of changes in government oversight. Attendees will leave with a short list of high value resources, must do practices, and key questions to raise with internal stakeholders. This 30-minute briefing is exactly what you need to help your institutions remain resilient, adaptive, and well prepared in any supervisory or threat landscape.

• John Carlson, Senior Vice President, Cybersecurity Regulation and Resilience, American Bankers Association
• Moderator: Matt Henderson, CISA, CISM, CRISC, CISSP, Senior Vice President, Chief Information Security Officer, Capital City Bank

Reg Burst #3: Monitoring and mitigating state enforcement and legislative activity
Repeated in next series

With the change in federal enforcement priorities under the Trump Administration, state regulators, attorneys general, and legislators are ramping up oversight of financial service providers. This session will help compliance and risk officers navigate an increasingly complex and varied patchwork of state supervisory and enforcement priorities. You will come away with information and tools to help you identify the states that present the greatest risk, the authorities they wield, and their enforcement priorities so you can inform your bank and help mitigate the risks.

• Eric T. Mitzenmacher, Partner, Mayer Brown, LLP
• Ginny O’Neill, Executive Vice President, Compliance Policy, American Bankers Association

Reg Burst #4: Credit score modernization – Understanding the current landscape
Repeated in next series

Credit scoring models continue to evolve as policymakers, mortgage market participants, credit bureaus, and lenders assess how best to support accuracy, consistency, and access to credit. Recent reviews, market developments, and modernization efforts have brought renewed attention to how credit scores are developed, validated, and used across the mortgage and consumer lending ecosystem. This session provides a high level look at the current state of credit scoring implementation, including ongoing discussions around data availability, industry adoption considerations, and the operational implications of potential model changes. We will explore how different stakeholders are approaching these issues, what banks should understand about the changing landscape, and how to prepare for potential shifts in scoring methodologies used in the marketplace.

Reg Burst #5: Section 1071 and Reg B: Quick review of latest developments and impacts
Repeated in next series

Even in periods of regulatory quiet, fair lending compliance expectations continue to evolve. This session provides a clear, practical update on two closely connected areas: Section 1071 small business data collection and Regulation B’s fair lending requirements.

• John Coleman, Partner, Orrick
• Moderator: Kitty Ryan, Senior Vice President/Senior Counsel, Fair and Responsible Banking, American Bankers Association

Reg Burst #6: Redefining safety and soundness: What the new “Material Financial Risk” standard means for your next exam
Repeated in next series

Supervisors are redefining how they evaluate safety and soundness, prioritizing material financial risks over concerns related to policies, process, documentation, and other nonfinancial risks with a new approach to issuing Matters Requiring Attention (MRAs). This regulatory pivot is already shaping exam expectations—particularly for risk, audit, and enterprise-wide control teams. In this fast-moving Reg Burst, an ABA risk policy expert will explain what this shift means in practice, how exam teams are applying the updated MRA framework, and where banks may see deeper supervisory scrutiny. The session will also outline practical considerations for preparing for upcoming safety and soundness examinations and responding to appropriately challenging MRAs under the new standard.

• Steven Hubbard, Vice President, Policy, Prudential Regulation and Asset Management, American Bankers Association

Reg Burst #7: Mortgage lending hot topics
Repeated in next series

Mortgage lending continues to evolve as market conditions shift, technology advances, and regulatory expectations adjust. That's why this session is a must attend! You will hear a fast-paced overview of the key issues, trends, and developments shaping mortgage lending today. Attendees will leave with a concise snapshot of what’s new, what’s changing, and what to watch in the mortgage lending landscape—offering practical takeaways that can be adapted to institutions of all sizes and business models.

• Rod Alba, Senior Vice President, Real Estate Finance, Mortgage, American Bankers Association
• Moderator: Elizabeth (Betsy) Fredrickson, CRCM, Compliance Director, Wells Fargo Bank NA

Reg Burst #8: Consumer reporting policymaking trends and what they mean for banks
Repeated in next series

The consumer reporting landscape is shifting as states introduce new requirements, consumer behaviors evolve, and dispute activity increases. This fast-paced Reg Burst offers a high-level briefing on the direction of consumer reporting law and regulation, including the latest developments on medical debt and coerced debt, the intersection with efforts to govern online data collection, and the growing impact of credit repair activity, high volume dispute submissions, and credit-washing attempts. The session will provide an objective look at what banks should understand about emerging patterns, how these issues intersect with compliance and operational responsibilities, and where institutions may see increased scrutiny and other risks. Attendees will leave with a concise snapshot of key issues to monitor, internal questions to consider, and practical takeaways for strengthening complaint management programs in a changing environment.

10:45 AM – 11:00 AM

Move to next session

11:00 AM – 11:30 AM

Reg Bursts Series 2– Your quick takeaways from Washington
(offering eight options – repeated from previous series)

Reg Burst #1: Reg pressure points: The AML/CFT & OFAC changes driving your 2026 risk priorities
Repeated from previous series

As financial crimes evolve, regulators are tightening their focus on the pressure points where banks face the greatest exposure — from beneficial ownership and high-risk customer activity to sanctions vulnerabilities. In this fast-paced briefing, we’ll pinpoint the AML/CFT and OFAC changes most likely to drive your 2026 risk priorities, reshape budgets, and influence exam readiness. Leave with a clear view of looming deadlines, operational impacts, and the cross-team steps required to stay ahead without overspending.

• Heather Trew, Senior Vice President and Counsel, BSA, AML, Sanctions Compliance and Policy, American Bankers Association

Reg Burst #2: Improving your cybersecurity resilience in today’s environment
Repeated from previous series

As government agencies recalibrate their resources and enforcement priorities, financial institutions are carrying a larger share of responsibility for maintaining cybersecurity resilience. This session provides a concise, practical overview of what that shift means for the industry and how banks can strengthen their defenses amid rising residual risk. This session will highlight areas where banks may experience greater operational pressure or risk exposure. Additionally, participants will hear top recommendations for anchoring their programs in proven cybersecurity and operational risk frameworks, sound vendor risk governance, and strong incident response planning—regardless of changes in government oversight. Attendees will leave with a short list of high value resources, must do practices, and key questions to raise with internal stakeholders. This 30-minute briefing is exactly what you need to help your institutions remain resilient, adaptive, and well prepared in any supervisory or threat landscape.

• John Carlson, Senior Vice President, Cybersecurity Regulation and Resilience, American Bankers Association
• Moderator: Matt Henderson, CISA, CISM, CRISC, CISSP, Senior Vice President, Chief Information Security Officer, Capital City Bank

Reg Burst #3: Monitoring and mitigating state enforcement and legislative activity
Repeated from previous series

With the change in federal enforcement priorities under the Trump Administration, state regulators, attorneys general, and legislators are ramping up oversight of financial service providers. This session will help compliance and risk officers navigate an increasingly complex and varied patchwork of state supervisory and enforcement priorities. You will come away with information and tools to help you identify the states that present the greatest risk, the authorities they wield, and their enforcement priorities so you can inform your bank and help mitigate the risks.

• Eric T. Mitzenmacher, Partner, Mayer Brown, LLP
• Ginny O’Neill, Executive Vice President, Compliance Policy, American Bankers Association

Reg Burst #4: Credit score modernization – Understanding the current landscape
Repeated from previous series

Credit scoring models continue to evolve as policymakers, mortgage market participants, credit bureaus, and lenders assess how best to support accuracy, consistency, and access to credit. Recent reviews, market developments, and modernization efforts have brought renewed attention to how credit scores are developed, validated, and used across the mortgage and consumer lending ecosystem. This session provides a high level look at the current state of credit scoring implementation, including ongoing discussions around data availability, industry adoption considerations, and the operational implications of potential model changes. We will explore how different stakeholders are approaching these issues, what banks should understand about the changing landscape, and how to prepare for potential shifts in scoring methodologies used in the marketplace.

• Sharon Whitaker, Vice President, CRE & Mortgage Finance, American Bankers Association
• Moderator: Joseph Pigg, Senior Vice President, Sustainable Finance and Mortgage Policy, American Bankers Association

Reg Burst #5: Section 1071 and Reg B: Quick review of latest developments and impacts
Repeated from previous series

Even in periods of regulatory quiet, fair lending compliance expectations continue to evolve. This session provides a clear, practical update on two closely connected areas: Section 1071 small business data collection and Regulation B’s fair lending requirements.

• John Coleman, Partner, Orrick
• Moderator: Kitty Ryan, Senior Vice President/Senior Counsel, Fair and Responsible Banking, American Bankers Association

Reg Burst #6: Redefining safety and soundness: What the new “Material Financial Risk” standard means for your next exam
Repeated from previous series

Supervisors are redefining how they evaluate safety and soundness, prioritizing material financial risks over concerns related to policies, process, documentation, and other nonfinancial risks with a new approach to issuing Matters Requiring Attention (MRAs). This regulatory pivot is already shaping exam expectations—particularly for risk, audit, and enterprise-wide control teams. In this fast-moving Reg Burst, an ABA risk policy expert will explain what this shift means in practice, how exam teams are applying the updated MRA framework, and where banks may see deeper supervisory scrutiny. The session will also outline practical considerations for preparing for upcoming safety and soundness examinations and responding to appropriately challenging MRAs under the new standard.

• Steven Hubbard, Vice President, Policy, Prudential Regulation and Asset Management, American Bankers Association

Reg Burst #7: Mortgage lending hot topics
Repeated from previous series

Mortgage lending continues to evolve as market conditions shift, technology advances, and regulatory expectations adjust. That's why this session is a must attend! You will hear a fast-paced overview of the key issues, trends, and developments shaping mortgage lending today. Attendees will leave with a concise snapshot of what’s new, what’s changing, and what to watch in the mortgage lending landscape—offering practical takeaways that can be adapted to institutions of all sizes and business models.

• Rod Alba, Senior Vice President, Real Estate Finance, Mortgage, American Bankers Association
• Moderator: Elizabeth (Betsy) Fredrickson, CRCM, Compliance Director, Wells Fargo Bank NA

Reg Burst #8: Consumer reporting policymaking trends and what they mean for banks
Repeated from previous series

The consumer reporting landscape is shifting as states introduce new requirements, consumer behaviors evolve, and dispute activity increases. This fast-paced Reg Burst offers a high-level briefing on the direction of consumer reporting law and regulation, including the latest developments on medical debt and coerced debt, the intersection with efforts to govern online data collection, and the growing impact of credit repair activity, high volume dispute submissions, and credit-washing attempts. The session will provide an objective look at what banks should understand about emerging patterns, how these issues intersect with compliance and operational responsibilities, and where institutions may see increased scrutiny and other risks. Attendees will leave with a concise snapshot of key issues to monitor, internal questions to consider, and practical takeaways for strengthening complaint management programs in a changing environment

11:30 AM – 11:45 AM

Move to next session

11:45 AM – 1:15 PM

Seated Luncheon with Speaker

Building bridges in a fractured landscape

In today’s environment—where political complexity, social tension, and rapid organizational change shape daily interactions—risk and compliance professionals are increasingly called upon to lead with clarity, composure, and connection. “Building bridges in a fractured landscape” explores practical, human centered approaches to strengthening relationships and advancing shared goals, even when stakeholders bring vastly different viewpoints to the table. Drawing on real-world leadership experiences and offering research-based insights and proven communication techniques, Ellen Poole will focus on how to enhance connectedness across teams, business partners, and other stakeholders—each with differing priorities, pressures, and perspectives. Attendees will walk away with actionable tactics for bridging gaps, and building stronger, more resilient partnerships that improve collaboration and outcomes across the enterprise.

• Ellen Poole, Esq., Principal, Ellen Poole, PLLC, Author, Attorney, Government Relations and Public Affairs Strategist, Relationship Architect

1:15 PM – 2:15 PM

Sip and Win: Prize Bonanza in The Hub

2:15 PM – 3:45 PM

Concurrent Series 9

Master Class Learning Labs with Libations
Single Sessions – No Repeats and In-Person Only(No Recordings)

Choose from five dynamic options — but choose wisely! These sessions are offered just once and will not be recorded. This series has become the most popular event of the conference — and for good reason. Learning Labs offer a 90-minute-deep dive into emerging trends, practical solutions, and peer-driven insights tailored for senior-level risk and compliance professionals. Expect a lively, interactive format focused on real-world challenges and collaborative problem-solving.

Note: Grab a libation on the way to your master class session which will provide a deep dive on how to tackle complex operational issues. These sessions are exclusive to in-person attendees and will not be available virtually.

LL#1 Optimizing fair lending programs with automation

• Renee Huffaker, CRCM, Executive Director Enterprise Risk and Compliance, Arvest Bank
• Tela G. Mathias, Chief Nerd and Mad Scientist, CTO, PhoenixTeam
• Kitty Ryan, Senior Vice President, Fair and Responsible Banking, American Bankers Association

LL#2 Improving your flood program: Operational scenarios, benchmarks and real-world answers

This session is where all of your flood questions get answered! This interactive 90-minute session is designed to give you clarity and confidence by walking through key operational scenarios that commonly arise in the “flood zone.” You’ll benchmark your institution’s practices against current industry thinking, explore how peers are handling complex requirements, and surface practical strategies to strengthen your flood program. With ample time built in for Q&A and peer discussion, this session is the perfect opportunity to get your toughest questions answered and leave with insights you can put into practice immediately.

• Teshale Smith, Senior Counsel, Consumer Regulations and Compliance Solutions, American Bankers Association
• Heather Wright, Partner, Buchalter

LL#3 Under the hood: AI in practice - A deep dive into implementing AI at each stage of the mortgage lifecycle

Whether you joined us for concurrent sessions 3B/4B or missed out on attending, join us for this victory lap learning lab. This interactive session will take a deeper dive into how AI is being explored at each stage of the mortgage lifecycle. We will break-down front-end, middle, and back-end use cases, sharing what is already working, what banks should be preparing for next, and how to approach implementation, resourcing, and governance throughout these stages: marketing and lead generation, interfacing with customers, processing and data collection, underwriting, quality control and assurance, settlement processes, post-settlement and secondary marketing, along with the risk and compliance considerations along the way. Attendees will leave with timely, practical insights they can take back for implementation. 

LL#4 Just say no to the data black box

As banks accelerate their use of analytics and AI, many compliance and risk leaders find themselves increasingly removed from the data decisions that matter most. Whether your institution relies on an embedded analytics team or a centralized enterprise unit, how do you know you’re getting the right insights—and not just polished outputs? This 90-minute session is designed for experienced compliance, risk and data governance leaders who are accountable for outcomes but without consistent visibility. We’ll examine where unclear roles, opaque data “cleaning,” and over‑abstracted models can quietly introduce blind spots—causing institutions to miss emerging risks, weaken challenge processes, or over‑rely on analytics they don’t fully understand. Participants will explore practical governance strategies for the AI era, including clarifying roles and responsibilities between compliance, risk, and data teams; identifying when data normalization or filtering may obscure risk signals; establishing expectations for transparency, explainability, and effective challenge; and strengthening governance without slowing innovation. This highly interactive, off‑the‑record discussion emphasizes peer exchange and real‑world experience. To encourage candid conversation, the session will not be recorded, and no attribution will be made to individual participants.

• Xin (Cindy) Tu, Vice President, Head of Technology and Cyber Security Compliance LPL Financial
• Moderator: Ryan T. Miller, CIPP/US, Vice President and Senior Counsel, Innovation Policy, American Bankers Association

LL#5 Regulatory reset: Balancing new approaches to oversight

Regulatory oversight is shifting — guidance is evolving, examiner teams look different, and expectations are changing. At the same time, emerging risks such as generative AI are advancing faster than regulatory frameworks can keep pace. In this interactive 90-minute learning lab, participants will work through real world scenarios that reflect today’s rapidly evolving supervisory environment. Through facilitated discussion, polling, and collaborative problem solving, attendees will explore how to operate within this regulatory reset while maintaining strong risk management. Participants will leave with peer validated strategies for maintaining a proactive over reactive posture, strengthening regulatory relationships, sustaining internal governance, improving exam readiness, and communicating more effectively with senior leadership and the board. This session will not be recorded to encourage open discussion and candid peer exchange.

• Nick Baxter, Executive Vice President, Chief Risk Officer, First National Bank of Omaha
• Jennifer L. Gemma, Director, Operational Risk, Key Bank
• Thomas Williams, CRCM, CCBIA, ACT Specialist, Executive Vice President, Compliance Director, United Bank

3:45 PM – 4:00 PM

Move to next session

4:00 PM – 5:00 PM

Closing General Session

Case study in risk and compliance

Make sure your travel plans allow you to stay for this final and important session.

5:00 PM – 5:45 PM

Thank You Reception

After three action‑packed days, it’s hard to say goodbye. Join us for one final drink as you reconnect with friends, exchange farewells and make plans for one last dinner out in Charlotte.