Programme

Chris Waring
Deputy Director of Regulatory Compliance
BT

Managing regulatory and commercial risk in a new regulatory era for the telecommunications industry

• Developing your regulatory compliance strategy, framework and stakeholder plan
• Determining regulatory compliance risk including practical examples of regulatory risk management
• Implementing your training strategy
• Delivering demonstrable regulatory compliance to the regulator, competitors, commentators and industry
• Ensuring the internal control frameworks are established to mitigate business risks given increasingly complex regulation
• Evaluating priorities and what the organisation needs to do to meet future challenges
• Managing a new era in regulation
  

Panel Discussion: Managing the commercial risks associated with the highly regulated communications industry

• Ensuring the internal control frameworks are established to mitigate the business risks given the increasingly tight regulations
• A close look at the effects on competitive risks, pricing risks and cost modelling for new products and services
• Practical examples of the associated regulatory risks and consolidating them with the group compliance function
• Evaluating the current priorities and what the organisation needs to do for future challenges

Kurt Meyer
Chief Risk Office
Swisscom Mobile

Key elements of value creation for a Risk Management function: an operator’s perspective

• Customer focus and value
• Ingredients: soft and hard focus
• Tasks: orchestrating risk management activities
• Harvest: value measurement, optimisation and synergies with other functions (i.e. audit, revenue assurance and fraud management)

Case study: How the TDC group in Denmark put together a plan to control ‘Customer Exposure’

• Reasons behind, and events leading up to, the establishment of TDC’s ‘Customer Exposure’ project, an initiative designed to give the company a comprehensive view of the financial risk posed by its customers
• The scope of the cross-organisational project which encompasses organisation, exposure policy and subscription terms, business procedures and IT-systems
• An explanation of how the joint fraud and credit management IT system was developed and its functionality
• Benefits that the Customer Exposure project is bringing TDC
  

Shabbir Jawadwala Director, Internal Audit Oman Telecommunications

Understanding the challenges and solutions of building an Internal Audit department

• Evaluating the difficulties and obstacles when creating a new functional business unit within your current corporate environment
• Practical realities of creating an Internal Audit department from scratch - sourcing the necessary financial, logistic and skills resources
• Specific staff training and guidance tools – what skill-sets are required for the IA function?
• Setting up a competent team and ensuring inter-departmental communication to maximise the potential of the internal audit unit
  

Lunch

Clarifying the relationship between Risk Management, Internal Audit and other business units

• How the corporate risk management function was born inside the Internal Audit function
• How it positions itself with respect to the other risk managements that existed before
• How it strives to embed risk management into management, starting from the top
• How its interface with Internal Audit keeps evolving
• How it was concerned by the Sarbanes Oxley issue
  

The challenges of aligning risk and audit approaches

• Differences and similarities between the risk universe and the audit universe
• Aligning risk and audit cultures between various companies in one group
• From auditing technical processes to auditing decision processes (operational risk to management risk)
• Communicating on risk and audit alignment to the audit committee and to top management

Assessing which proactive Revenue Assurance strategies will help minimise risk profile

• What is Revenue Assurance and how can it help minimise risk
• Applying an end-to-end Revenue Assurance strategy to manage, monitor and improve risk management
• Lessons learnt - where are the revenue risks and what should you be doing about them
• Measuring the risk of potential revenue leakage from business processes
  

Risk management from the CFO's point of view: how streamlining and structuring the enterprise-wide risk management has helped financial performance

• Prioritising the audit and risk activities and realising their impact on company profitability: managing risk-threat or opportunity in a changing business environment
• The value of understanding the potential of risk management and highlighting core value drivers
• Does the traditional Risk Management model need to change to ensure optimum performance? Risk management from an investor’s perspective

Jump to start of Day One

Registration

Mike Rudberg
Senior Manager,
Assurance Services
Ernst & Young

Risto Matilainen
Department Manager,
Risk Management
TeliaSonera

ERM: the key to implementing a successful and efficient Risk Management system – an operator’s perspective

• Assessing the complexities and ongoing impediments when incorporating a functional risk system
• Realising the practical realities of setting up an Enterprise Risk Management system
• What are the internal requirements for establishing an efficient department?
• Practical lessons learned – a TeliaSonera case study
  

Gerard Gallagher
Communications Advisory Services
Ernst & Young

The ten commandments for implementing an ERM framework

• What your organisation needs to implement an efficient ERM framework
• What to do and what not to do: ten practical examples
• From implementation to creating added value: practical lessons learned
  

Reducing the Day Sales Outstanding (DSO) using the Revenue Operations Centre (ROC)

• Collaboration between fraud and risk mangement
• Defining the ROC
• Aligning departmental strategies with the corporate strategy
• How the ROC enables you to reduce the DSO and more efficiently prioritise cases
• Means and to benefits of collaboration between Fraud and Risk Management teams
  

Threat intelligence & practical analysis threat model

• Learning how to develop a calculative threat analysis and threat modelling methodology
• Enabling effective management of operational and security risks in complex computerised systems – maintaining dynamic threat models capable of reacting to changes in the system’s assets and vulnerabilities
• Realising how an effective threat intelligence is necessary to integrate the model
• Understand how countermeasure’s priorities are a function of the system’s asset values, level of potential damage, threat probabilities and degrees of mitigation provided by countermeasures
• Discussing the disciplines of security management and the threat management components
• A customer case study of a threat analysis for a next generation call accounting solution
  

Early and accurate identification of credit and debt fraud

• Recognising the importance of differentiating early on the fraudsters from the bad debtors – working with the billing and credit security departments
• What risk management tools can help to control and eradicate fraudsters
• Understanding what has to happen internally (i.e. departmental training) to avoid this
• Can the industry put into action an effective strategy to reduce fraud across Europe?
  

Working against increasingly sophisticated frauds such as Internet dumping, modem hijacking, and rogue diallers

• Realising the types of attacks, the network vulnerabilities and types of incidences that draw in Premium Rate Service (PRS) fraudsters
• Understanding the complex actions of rogue diallers on a victimised PC – practical examples
• Learning the detection methods, countermeasures and prevention techniques available
• What does this mean to the business? Evaluating the potential impact and the financial losses for your organisation

Revenue Assurance procedures as part of an internal audit to enhance business performance and to improve bottom-line results

• Assessing the current and future situation as well as the priorities of Revenue Assurance from a historical perspective
• Identifying, defining, monitoring and measuring the key business processes
• Detecting failures to comply with company policies and procedures
• Maintaining historic data about revenue leakage and audit evidence
• Leveraging internal control for business performance improvements
  

PANEL DISCUSSION: Re-assessing the relationship between SOX, Risk Management and Internal Audit

• Revealing the end-to-end processes when filing SOX documentation and looking at the practical lessons learned
• Reduce your compliance costs, establish cohesive business unit relationships and achieve a sustainable post-SOX audit environment
• Establishing a sustainable post-SOX audit environment
• Understanding the significance of the Risk Management and Internal Audit roles in relation to SOX
• What steps can each function take to ensure and achieve compliance?
  

Closing remarks from the Chair and Champagne prize draw