Australian Prudential Regulation Authority (APRA)
Andre Kreicers is Head of APRA’s IT Risk team, comprised of IT risk specialists responsible for assessing the management of IT risk (including cyber security) by APRA-regulated entities. In this capacity, Andre led APRA’s work in consulting on, designing and implementing CPS 234, APRA’s new information security prudential standard. Prior to joining APRA in 2003, Andre had 18 years of financial services experience, and was responsible for delivering and supporting IT solutions for superannuation, investment management and client servicing.
As the former Head of GPI at BNP Paribas CIB Australia and New Zealand, he led the
Security, Operational Risk and Governance teams of the Bank. His career in Financial
Institutions spans over 15 years and two continents, delivering excellence and driving risk
management in Information Technology.
Jean-Baptiste holds a Masters in Computer Science from the University of Belfort-
Montbeliard in France.
Greg has over 30 years in the technology industry in a career that has spanned the globe and encompassed working as a Supplier and a Customer. A financial services specialist he has implemented core system replacements in Asia, the UK, and the United States and has worked on 13 different Financial Services M&A activities.
From an early career in Australian Financial services Greg joined IBM and spent a number of years travelling the world as a Financial Services specialist with his highlight being the lead architect in the growth of a fledgling Minnesota based First Bank systems into the 5th largest bank in the United States, US Bancorp. Since 2000 Greg has worked largely within Australia filling General management and CIO roles at St George Bank, ING Australia, ANZ Bank, and now most recently at RACQ. Greg has a Masters of Management, an MBA, and is a graduate of the Australian Institute of Company Directors. He is married to Ruth and has three sons; Kane, Luke, and Finn.
Wilson Chiu leads Police Bank’s cyber security team. He has nearly 20 years’ experience in Security and have worked in a number of industries including financial, retail, media and outsourcing. Wilson holds a number of certifications including Certified Information Security Manager (CISM), Certified Information System Auditor (CISA) and Certified Information Privacy Manager (CIPM). Currently he is involved in the Open Banking technical working groups and also responded to the draft (now current) APRA CPS234 standard.
Endeavour Mutual Bank
As the Chief Risk Officer for an ADI, Mal likes to make things a little less “risky”.
He oversees the banks Capital Adequacy processes (ICAAP), AML processes as the AML/ CTF Officer, and he also is the Enterprise Risk Management system manager.
Responsible for Managing the Risk and Control Framework to align with prudential requirements, Mal aims to build a robust and effective platform that can manage business risk and ultimately assure its performance.
He is currently a member of CSIRO’s Data 61 Open Banking Advisory Committee that is steering change in the way customer data is shared in the banking industry in accordance with the “Consumer Data Right”, and lists Information Technology and Credit Risk as his main areas of interest.
Bank of Queensland
Cyber Security Assurance Manager Responsible for assurance over:
- Cyber security controls the Bank manages
- 3rd party cyber security controls relied upon for services the bank receives
- On boarding of new vendors from a cyber security perspective
- Ongoing oversight of vendor cyber security control testing
Sydney Credit Union
Basil is currently Chief Risk Officer for Sydney Credit Union and has worked in the financial sector for 30 years having previously led risk and internal audit teams in both Australia (AMP, MLC and MMI) and the UK (Co-op, Allianz & Royal Ins). He trained with Deloitte in Sydney and London and led computer audit and advisory teams in Manchester and Perth prior to joining the sector. Basil sees cybercrime as one of the key issues currently facing the financial services sector with cps234 reinforcing the requirement for risk and audit teams to be actively involved in mitigating this risk.
Queensland Investment Corporation (QIC)
Grant is the Chief Information Security Officer for Queensland Investment Corporation, a global investment
manager specialising in diversified alternatives. In this role Grant is responsible for the Security, Cloud
Infrastructure, Technology Service and Support, and leads the organisations approach to managing
information technology risks.
Grant has a Bachelor in Information Technology and a Post Graduate Diploma in Business, and is an
experienced consultant; risk and security manager; CIO/CTO; technology leader; software developer;
published author; contributor to open source software; divergent thinker; and pragmatic innovator.
Previously, Grant has worked as the Head of Technology for several retail banking institutions; as the
Manager for Risk & Compliance for one of Australia’s largest superannuation institutions; as CIO for an
Australian/QLD Top 400 telecommunications integrator and supplier; and various national consulting and
technical positions with global security software companies.
Customer Owned Banking Association
Tommy works across a range of financial services policy issues at COBA. Before joining COBA, Tommy worked at the Insurance Council of Australia, APRA, the Federal Treasury and the UK’s then Financial Services Authority.
The Australian Financial Markets Association
Damian Jeffree is the Director of Policy and Professionalism at the Australian Financial Markets Association which makes representations to government on behalf of the industry. Previously he has worked for a number of investment banks, an exchange and trading companies, in a range of senior roles including in IT, as a trader and in compliance. He holds degrees in law, science (computer science and physics) and arts (philosophy).
First State Super