We are pleased to invite you to "Raising the Bar: How EU Inspections are Redefining Risk, Audit & Governance" on Wednesday 1st April, 19:00 - 20:30 Luxembourg time held in partnership with the ISACA London Chapter. Up to 1.5 CPE for attendance.
Live Zoom webinar, After registration via Eventbrite.
Synopsis
EU inspections over 2025–2028 will increasingly probe how financial institutions manage macro financial, cyber/ICT, third-party and climate risks in practice, with a strong push from “risk identification” to risk remediation. For risk and audit professionals, this means more intense onsite reviews, deeper scrutiny of governance and data, and higher expectations on timely closure of findings
The panel will explore the most pressing supervisory and regulatory shifts shaping the 2025–2028 landscape. Speakers will unpack practical implications for risk, audit, ICT, and governance teams.
Key Questions include:
- How EU supervisors are changing inspection approaches and what this means for risk and internal audit teams (tone, intensity, expectations).
- Deep dives on DORA, ICT/cyber resilience and third-party (cloud/CTPP) oversight, including what “good” looks like in practice.
- Evolving expectations on risk data, models and reporting quality (IT/DORA, stress testing scenarios).
- Integration of climate and ESG risks into strategy, risk appetite, credit decisions and capital planning, beyond pure disclosure compliance.
- Governance and remediation discipline: board engagement, ownership of findings, and how to prepare for tougher follow-up inspections and SREP consequences
Agenda
- 19:00 pm - Introduction by ISACA London and Luxemburg Chapter
- 19:10 pm - 20:10 pm – Debate Discussion with Kenny Walker and Sandeep Panday
Key Takeaways
1. Regulatory Shift in Action
2. What “Good” Looks Like in 2025–2028
3. Preparing for Deeper Scrutiny
4. Beyond Compliance to Credible Execution
Speaker Details
Speaker 1: Kenny Walker Global Information Security Officer & DPO Banking Circle
Kenny Walker serves as the Global Information Security Officer at Banking Circle, where he stewards the organisation’s end-to-end information security and resilience strategy. He leads the Information Security team within the Risk Function, ensuring the highest standards of protection across the business.
With a 25-year career spanning technology delivery, consultancy, and risk management across the UK, Ireland, and most recently Luxembourg, Kenny brings deep, multidisciplinary expertise to his role. He plays a pivotal part in safeguarding Banking Circle’s ICT risk posture while enabling the innovation that underpins the company’s cross border payments and financial infrastructure solutions.
Prior to Banking Circle, in addition to his corporate career, Kenny previously founded and built a technology company that he successfully exited in 2018 through its acquisition by Cloudstream Technology.
Speaker 2: Sandeep Gangaram Panday is the Co-founder and Security Advisor at Brightlyn
Sandeep is the Co-founder and Security Advisor at Brightlyn. With a strong foundation in cybersecurity, IT auditing, and modern software delivery practices, he operates at the intersection of risk management and high-velocity technology. He serves as Chair of both the NOREA DevOps Working Group and the NOREA DORA Taskforce. Sandeep is the (co-)author of several influential NOREA reports, including DevOps in Control, Ransomware in Control, DORA in Control and NIS2/CWB in Control.
In addition to his advisory and authorship work, Sandeep is a regular guest lecturer at universities, where he shares insights on topics such as DevSecOps, ransomware readiness, and cybersecurity regulation. His sessions are known for bridging theory and practice, making complex topics accessible to both technical and non-technical audiences.
Any questions? Please contact admin@isaca-london.org