Cybersecurity & Risk Track

Sessions focus on emerging threats and ways to recognize risks to prevent loss, as well as provide the necessary surety for transactions.

Sponsored by  


Monday, April 20, 2020


CYBER = Change Your Behavior, Educate & Respond

9:30 AM-10:20 AM | Room: Maryland A

The threat landscape has changed significantly since the FFIEC issued its Supplemental Guidance on Internet Banking Authentication. As criminals become more creative and effective, we must take steps to enhance our cybersecurity programs. Some say cybersecurity is the illusion of preventing human mistakes by technical means. Join this interactive session as industry experts share proactive measures you should consider implementing to minimize the risk and impact of a breach. Speakers share the key components that should be included in a cybersecurity risk assessment and incident response plan, as well as best business practices for educating customers on cybersecurity.

Questions answered in this session:

  1. What are the key components of a cybersecurity incident response plan?
  2. What are suggested best business practices for educating customers on cybersecurity?


Russ Horn
President, CoNetrix

Pamela T. Rodriguez, AAP, CIA, CISA
President & CEO, ePayAdvisors, ePayResources

Ask the Experts About Business Email Compromise

11:20 AM-12:10 PM | Room: National Harbor 12-13

Business Email Compromise (BEC) continues to be a serious threat to financial institutions and their customers. These attacks are conducted by sophisticated international fraud rings and have resulted in billions of dollars in losses around the globe. Attendees are encouraged to ask questions about BEC fraud such as, but certainly not limited to, who is behind them, who is targeted, how to engage and interact with law enforcement, how the fraudsters like to move money through the financial system, and what can be done to prevent them?    

Questions answered in this session:

  1. What is BEC fraud?
  2. What can be done to recover funds lost during a BEC attack?


Eric James Huber, CFE
Vice President, Fraud Strategy, J.P. Morgan

Mary Rosendahl
Director, Digital Channels, Bank of America Merrill Lynch

Fighting the New Threat of Synthetic Identity Fraud

1:25 PM-2:15 PM | Room: National Harbor 2-3

Synthetic identity fraud is increasing within the payments space as a method of laundering stolen funds through multiple financial institutions. Losses associated with synthetic IDs can be significant, and detecting them even more difficult as FIs must figure out how to conduct additional checks of new customers without alienating them or and complicating the onboarding process. Learn how using basic tools and research can help determine whether the ID is potentially synthetic.

Questions answered in this session:

  1. How and why are synthetic IDs created to open a bank account?
  2. What can institutions do to prevent unrecoverable losses associated with synthetic IDs?


Andrew Davies
VP Global Market Strategies, Financial Crime Risk Management, Fiserv

David E. Richardson
Senior Manager Fraud and ATM Operations, First National Bank of Omaha

A View From the FDIC

2:30 PM-3:20 PM | Room: Maryland D

Hear from the FDIC about current operational, fraud and cybersecurity risks facing payments participants. Current and emerging payment systems activity are increasing the complexity of preventing, detecting and responding to fraud including business email compromise and account takeover. Faster payments increase the operational complexity involved in managing payments-related risks. Join the conversation on how assessments and procedures by payments participants can assist with mitigating the risks related to current and emerging payments system activity.

Questions answered in this session: 

  1. How can the FDIC assist with mitigating against business email compromise attacks?
  2. How is the FDIC working with payments participants to help advance faster payments?


Michael Benardo
Chief, Cyber-Crime and Financial Crimes Section, FDIC

Deborah L. Shaw, AAP, CTP
Senior Technology Specialist Risk Management Supervision, FDIC

Leveraging Partnerships to Combat IRS & Federal Payments Fraud

2:30 PM-3:20 PM | Room: Maryland 1-3

The U.S. Treasury Department's Bureau of the Fiscal Service is the single largest originator in the ACH Network with more than 1 billion payments delivered each year to recipients of tax refunds, social security and veterans benefits, and other federal payments. Hear how the federal government is strengthening its use of data analytics and long-standing relationships among federal agencies, law enforcement, and the financial community to prevent, detect and deter fraud in the federal payment system.    

Questions answered in this session:

  1. How has the Bureau of the Fiscal Service partnered with the IRS to combat fraudulent tax refunds?
  2. What successes has the Treasury's Office of the Inspector General had in prosecuting federal payment fraud?


Michael E. Connolly, CFE
Special Agent, Office of the Inspector General, U.S. Department of the Treasury

Eric J. Inkrott
Chief Risk Officer, Green Dot Corporation

Kristen Landreth
Senior Analyst, Wage & Investment, Internal Revenue Service

Moderated by: Kevin J. McDaniels
Program Manager, Bureau of the Fiscal Service, Philadelphia Financial Center

Tuesday, April 21, 2020

Spotlight Speaker Series: Turning the Tables on Fraud

10:30 AM-11:20 AM | Room: National Harbor 10-11

From the C-Suite to accounting practitioners, payment fraud is one of the gravest concerns in the industry today. The threat from fraud grows even more ominous as payment processes speed up with the increased adoption of real-time transactions. In this panel discussion, examine new innovations that combine fraud mitigation tools and machine-learning to improve end-to-end protections in the battle against fraud. Attendees take a closer look at API-driven real-time solutions with real-time updates that are well-suited for higher volume payments processes.    

Questions answered in this session: 

  1. How are fraud mitigation tools being successfully deployed within the payments workflow? 
  2. What are some real-world use cases that illustrate adoption of fraud mitigation tools across the industry?


Miles Johnson
Manager, Treasurer, Liberty Mutual Insurance Company

Hector E. Sandoval, CTP
Industry Expert

Moderated by: Steven E. Bernstein
Executive Director, ACH, Global ACH Marketing & Product, J.P. Morgan

The Truth & Nothing But the Truth About Cybercrime

1:15 PM-2:05 PM | Room: Maryland 1-3

Cybercrime opens the door to payments fraud. Understanding the current risks and how to protect your institution through awareness and risk mitigation is crucial for your financial institution, business and consumers. This session features real examples of cybercrime as witnessed by law enforcement and risk operations staff. Learn how to recognize and prevent cyberrisk.    

Questions answered in this session: 

  1. What are some of the most prevalent cyber risks and how do they impact payments?
  2. What are some tips to reduce risk?


Kim A. Bruck, AAP
Origination Program Manager, Operations Processing, Desert Financial Credit Union

Jeanette A. Fox, AAP
Senior Director, Risk Investigations, ACH Network Risk Management, Nacha

Amanda Fritz
Special Agent, Federal Bureau of Investigation

Mapping Fraud: The Road to Safer Payments

1:15 PM-2:05 PM | Room: National Harbor 2-3

The lack of an industry standard for categorizing payment fraud losses has created difficulties in capturing and interpreting fraud trends. To help address these challenges, the Federal Reserve established the Fraud Definitions Work Group that includes an array of payments stakeholders. These experts have worked to craft a recommended Fraud Classification Model defining ACH, wire and check fraud. Hear how the Model adds value to the payments industry and how speakers have taken steps to adopt the framework into their organizations’ fraud prevention methods.  

Questions answered in this session:

  1. How was the Fraud Classification Model developed and what does the road to adoption look like?
  2. Where do industry experts see the value in this Fraud Classification Model for the entire payments industry?


Gasan Awad
Vice President of Fraud and Anti-Money Laundering, Fiserv

Chris Guard, CUCE, NCCO, AFC
Vice President, E-Services Compliance & Fraud, State Employees' Credit Union

Eric Tran-Le
VP, Product Management, Guardian Analytics

Moderated by: Michael Timoney
Vice President, Federal Reserve Bank of Boston

Synthetic Identity: Hello My Name Is

2:20 PM-3:10 PM | Room: Maryland A

With innovative technology comes innovative threats to the U.S. payments system. The Federal Reserve has continued its role as a leader-catalyst with a multi-layered approach to tackling payment security challenges. Synthetic identity fraud is currently the fastest-growing type of financial crime in the United States, with $6 billion in losses in 2016 alone. During this session, discuss the causes of synthetic identity fraud, the potential gaps and challenges contributing this fraud, and how the industry could potentially mitigate this risk.    

Questions answered in this session:

  1. What is synthetic identity payments fraud and how does it differ from traditional types of fraud? 
  2. What are the causes and contributing factors of synthetic identity payments fraud and how is the industry responding?


Paul Benda
Senior Vice President of Risk and Cybersecurity Policy, American Bankers Association

Justin Davis
Fraud and BSA Manager, Digital Federal Credit Union

Kirk Stockton
Senior Vice President of Enterprise Fraud Management and Controls, Bank of America

Moderated by: Jim Cunha
Senior Vice President, Treasury & Financial Services, Federal Reserve Bank of Boston

Faster Payments Fraud: Exaggerated or Understated?

2:20 PM-3:10 PM | Room: National Harbor 2-3

How will fraud and tactics to perpetrate fraud evolve with new faster payments developments and advancements? In this session, break through the hype as speakers provide data points and statistics on the prevalence of fraud with different faster payments solutions and predictions for the future. Speakers also discuss the measures organizations are taking to combat fraud in a faster payments environment and safeguard the users of faster payments solutions.

Questions answered in this session:

  1. How prevalent is fraud in different faster payments solutions, and what does the future look like?
  2. What products or services are available to organizations seeking to minimize fraud in a faster payments environment?


John Drechny
President, Merchant Advisory Group

Matthew R. Friend
Vice President, Head of Product Strategy & New Product Dev., Visa Inc.

Lee Kyriacou
Vice President, RTP Rules Enforcement, The Clearing House

Wednesday, April 22, 2020

Real-Time SSN Verification: What You Need to Know

8:00 AM-8:50 AM | Room: National Harbor 10-11

As synthetic and modified identity fraud continues to skyrocket, efforts are under way to launch the first-ever electronic Consent Based Social Security Number Verification (eCBSV) service, which will allow financial institutions and service providers to verify in real time if a person’s SSN, name, and date of birth combination matches Social Security records. As one of only 10 participants selected for the SSA’s initial roll-out for eCBSV, Early Warning is working with several of the country’s largest financial institutions to launch a pilot in which inquiries for deposit, credit card, lending and investment accounts can be processed. This session covers what’s being done to bring the historic eCBSV service to market, and discuss what you need to know about this new tool to help curb the synthetic and modified identity problem across the industry.

Questions answered in this session:

  1. Where is Early Warning in the pilot process?
  2. What is being done to bring this service to market?


Jakub Petri
Senior Director, Product Management, Early Warning

Cybersecurity Your Way: Straight Talk About Risk & Security

8:00 AM-8:50 AM | Room: National Harbor 12-13

Questions regarding cybersecurity should be answered, not left unspoken. Here is your chance to throw out those burning cybersecurity questions that relate to payments, regulation, your institution, as well as hiring, training, new laws, or general best practices. No topic is off limits while we share knowledge and learn together. A fun game of buzzword bingo will be played during the Quiz Bowl with at least one winner at the end.

Questions answered in this session:

  1. What will be the three things in cybersecurity that financial institutions need to concentrate on in the short term?
  2. What are three things that every FI can do to make themselves and their payments system more secure, and what are the major roadblocks to cybersecurity?


Anne Benigsen, CISSP
CISO, Bankers' Bank of the West

Educate, Respond, Recover: ERR on the Side of Cybersecurity

9:05 AM-9:55 AM | Room: National Harbor 12-13

Phishing attacks are on the rise and are more sophisticated than ever. The average cost of a phishing attack for a medium size company is $1.6 million and can potentially damage a company’s reputation. This session features subject matter experts who will bring awareness on phishing attacks as well as discuss strategies on how to prepare and defend against such vicious attacks on your organization. Speakers will use quizzes to generate an interactive discussion between the presenters and attendees. Don’t let your organization fall victim to a phishing attack, join us for this lively discussion.

Questions answered in this session:

  1. What makes an organization vulnerable to a phishing cyber attack?
  2. How can you recover from the attack?


Eileen Crochet, CBCP, CFE
Business Continuity Coordinator, Federal Reserve Bank of Atlanta

Ryan Ricks, CISSP
Information Security Team Lead, Federal Reserve Bank of Atlanta

Demystifying Cyber Insurance

10:10 AM-11:00 AM | Room: Maryland A

Your organization’s security is only as good as the weakest link in the payment chain. A network failure can shut down your business operations for an extended period of time. A data breach can expose your customers’ information to third parties and subject you to class action litigation or regulatory penalties. Cyber insurance can provide coverage for these losses, but policyholders should be aware of the pitfalls and gaps in coverage.

Questions answered in this session:

  1. How can you ensure your cyber insurance provides both the right amount of coverage and focuses on the most vulnerable areas?
  2. What steps should your organization take to make sure the policy remains up-to-date and most effective?


Cameron Argetsinger
Special Counsel, Kelley Drye & Warren, LLP