PSD2 & GDPR
15 Feb 2018
15 Feb 2018

OmnitechIT presents its Approach to GDPR and related IBM solutions at the PSD2 & GDPR Forum

PSD2 & GDPR Forum is the only cross industry combined event in Europe to focus on these two key regulations which brings together leading institutions for two days of knowledge sharing, analysis and quality networking. This forum is an ideal platform for OmnitechIT to engage and strongly position its brand as Industry’s pioneer through branding, speaking and exhibition options.

19-20 Feb 2018 – Amsterdam
Park Plaza Victoria

19 February19 February
20 February20 February

08:45 – Registration and Morning Networking

09:00 – Conference Chair’s Opening Remarks
Conny Dorrestijn | Founding Partner| BankiFi

09:05 – Opening Power-hour Panel session
• Introduction to Revised Payment Services Directive (PSD2), its background
• Why has the commission decided to adopt a revised directive (PSD2)?
• What is the scope of the Directive?
• Is the PSD2 up to date ?
• Why financial institutions should go beyond the minimum PSD2 compliance?
• How much Investments are required to implement PSD2?
• How will PSD2 affact the payments industry?
• How PSD2 will contribute towards integrating European Financial Market?
• Implications for payments: Customer, Competition, Collaboration, Consent, and Innovation
• How to harness real potential of open banking and APIs in driving innovation
• PSD2 vs. GDPR conundrum – How organizations can navigate through overlaping regulations for correct implementation?

Conny Dorrestijn | Founding Partner| BankiFi (Moderator)
Sladecek Martin | Open Banking Manager | Komerční Banka
Ann Börestam | Principal Expert | European Central Bank
Danique van Koppenhagen| Digital Expert Risk | ABN AMRO Bank
Gijs Boudewijn | Chair Payment Systems Committee | European Banking Federation

10:05 – Strong customer authentication: constraints and opportunities
• PSD2 opens the market to innovative services to the benefit of consumers and to new players willing to offer these new services
In such open world, the Regulator has expressed the need to protect consumers by reinforcing security as per the RTS
Is increased security opposed to innovative services? Will it be a barrier?
How to comply with the RTS while meeting user expectations?

Philippe Régnier | VP Markets & Solutions | Gemalto

10:30 – UK’s Open Banking initiative
The Open Banking Implementation Entity was created by the UK’s Competition and Markets Authority to create software standards and industry guidelines that drive competition and innovation in UK retail banking. Open Banking UK will give an overview of UK’s Open Banking initiative, progress and challenges to date and future roadmap.

Gary Farrow | Head of Architecture | Open Banking UK

10:50 – The Relationship between the PSD2 and the GDPR
PSD2 and GDPR – Friends or Foes?
• What will GDPR mean for the payments industry?
• PSD2 is aimed to promote innovation – will the GDPR limit innovation?

Ann Börestam | Principal Expert | European Central Bank

11:10 – Go Beyond PSD2 Compliance with Digital Identity
European financial institutions have an opportunity to redesign customer journeys, making them more personal and contextual, by putting the identity at the centre. A modern digital identity platform can help companies with API security and authentication requirements, whilst enabling innovation in areas like consent management, with dashboards that allow customers to control their personal data at a granular level. As the GDPR deadline approaches, prioritizing consumer privacy will be critical. Banks are focusing their digital platforms around identity in order to use these regulations as a strategic opportunity to build trusted relationships with their customers.

Nick Caley | VP Financial Services and Regulatory | ForgeRock

11:35 – Networking coffee break

11:55 – Digital lending and open-banking: what changes

Gaining business benefit from PSD2 and the sentiment behind open-banking hinges on a combination of analytics expertise, large data sets and software. It will inform very accurate credit scoring techniques and help drive the most appropriate lending decisions. We will share insights on how this will allow banks to forge ahead with their digital aspirations.

Damien Prevosto | Senior Business Consultant | Experian

12:20 – Key next steps to get your Banks ready for PSD2
• What is the likely customer take up
• What are the strategic options for banks to respond
• What are the hot use cases that people are focusing on first

Marc Baxter | UK Lead, Open Banking/PSD2 Commercialization | HSBC

12:40 – Priora: PSD2 Compliance Solution in a month (Demo)

• Strong Customer Authentication and Dynamic Linking Implementation
• TPP Verification, Onboarding, Dedicated Channels
• End Customer Consent Management, Trusted Beneficiaries Management
• Monitoring, Triggers, Fraud Reporting, Value Added APIs

Lisa Terziman-Gutu, Co-Founder & Business Development SaltEdge

12:50 – Demo

Rob Otto | Senior Regional Solutions Architect | Ping Identity

13:00 – Networking and coffee break

14:00 – Role of APIs in Open Banking -Expert Panel session
• How Open API banking can help the EU in meeting emerging policy and regulatory requirements.
• Real life examples of Open API Banking.
• Why financial institutions need to build strong API strategy to support PSD2/Open Banking?
• How Banks as a service or API Banking as a channel can be a new source of revenue.
• How leading financial services are developing the operating model around an API platform?
• Future outlook

Conny Dorrestijn | Founding Partner | BankiFi (Moderator)
Joanna Erdman | Director, Strategic Projects Transactional Banking | mBank
Gary Farrow | Head of Architecture | Open Banking UK
Marc Baxter | UK Lead, Open Banking/PSD2 Commercialization | HSBC

14:40 – Are banks ready for PSD2?
PSD2 is scheduled to be transposed into national legislation by January 13, 2018. Some Member States, among which The Netherlands, will not make that date. Which creates a period of legal uncertainty of 6 months. The most important Level 2 legislation, the Regulatory Technical Standards on Strong Customer Authentication and Secure Communication will be applicable 18 months after publication in the Official Journal of the EU. That will most likely not be before March 2018, meaning the effective that will be September 2019. That creates another period of legal uncertainty, from June 2018 till September 2019. If that is not enough uncertainty, May 25th the General Data Protection Regulation will enter into force, with a slightly different concept of explicit consent by the payment service user. Confused? About time to clarify all this uncertainty!

Gijs Boudewijn | Chair Payment Systems Committee | The European Banking Federation

15:05 – Who will be the winner after PSD2?
• Will banking become only the utility service?
• Should banks compete or cooperate to build new value proposition for the customers?
• Potential strategies for Open API banking

Joanna Erdman | Director, Strategic Projects Transactional Banking | mBank

15:30 – Networking coffee break

15:50 – The PSD2 Opportunity: Mobile Operators as Key Providers of SCA
The opportunity that PSD2 brings and the key role that mobile operators play in being able to provide Strong Customer Authentication through Mobile Connect

Helene Vigue | Identity, Commercial Director | GSMA

16:15 – Setting a strategic roadmap for PSD2 and Open Banking
Fresh real-life experience about setting of the real strategic approach & roadmap for PSD2 and Open Banking in Komercni banka, and how to initiate the delivery itself. In this presentation Martin will share point of view is the business not the technology one as I am acting within the bank’s Marketing & Communication department.

Martin Sladecek | Open Banking Manager | Komercni Bank 

16:45 – Conference Chair’s Closing Remarks

Conny Dorrestijn | Founding Partner | BankiFi 

17:00 – Networking Drinks Reception



08:45 – Registration and Morning Networking

09:00 – Conference Chair’s Opening Remarks
Conny Dorrestijn | Founding Partner | BankiFi

09:10 – Opening Power-hour Panel session
• An introduction to the General Data Protection Regulation and it’s Background
• What necessitated introduction of GDPR replacing Directive 95/46/EC?
• Which sectors will be affected by GDPR implementation?
• What are the pre-requisites of GDPR compliance?
• Is GDPR world’s strictest data privacy law?
• How companies can prepare themselves for GDPR?
• What are the consequences of non-compliance of GDPR? What are the risks and penalties?
• How Banks and Financial Sector can mitigate risk of fines due to non- compliance?
• What are ISO27001, NIST (National Institute of Standards and Technology) and PCI-DSS 3.2 standard? Is GDPR just an extension to these?
• How major companies prepare for implementation of GDPR

Conny Dorrestijn | Founding Partner | BankiFi (Moderator)
Gary Brown | GDPR Program Director| Banco Santander
Dimitri Devlamminck| Head of Regulatory Affairs | BNP Paribas
Vilmos Lorincz | GDPR strategy and delivery lead | Llyods Banking
Rolf Huber | Account Executive | Ping Identity

10:10 – GDPR: How to Tackle Consent and Preference Management
Consent is an active area that many organizations are currently struggling with in GDPR (and ePrivacy). Consent impacts both B2B and B2C marketing activities, as well as deeper business activities that may require consent such as automatic decision making, processing special categories of data, or cross-border data transfers. This session will help clarify why consent is so unique in GDPR, when you do (and don’t) need consent, and practical case studies of how to tackle consent, re-consent, and preference management in practice.

Kabir Barday | Chief Executive Officer | OneTrust

10:35 – Key features of GDPR
• GDPR an opportunity to sort out your data!
• Data Breach Notification – 72:00 hours – how can we do this?

Dimitri Devlamminck | Head of Regulatory Affairs | BNP Paribas

10:55 – How to align PSD2 and GDPR for harmonized implementation in a bank?
• PSD2 & GDPR regulations on collision course?
• PSD2 and GDPR – Friends or foes?
• Core elements of a successful implementation strategy for the GDPR and PSD2 programs in the industry.

Danique van Koppenhagen| Digital Expert Risk | ABN AMRO Bank

11:15 – Key challenges of implementation of GDPR
• Level of impact of GDPR – Banking and Insurance sector
• What are the consequences of the GDPR on governance and operations?
• Key challenges of implementation of GDPR
• Implementation of GDPR is onerous

Gary Brown | GDPR Program Director | Banco Santander

11:35 – Networking coffee break

11:55 – How to Interpret data protection requirements mandated by the GDPR particularly consent, portability and customer rights?

Vilmos Lorincz | GDPR strategy and delivery lead | Llyods Banking

12:15 – A comprehensive value driven offering for the GDPR compliance and related IBM solutions
OmnitechIT is the industry leader in IT Security services in Europe, it has a holistic approach to IT Security combined with deep specialization. In this session OmnitechIT will share its approach to GDPR an related IBM solutions, tools and deliverables and how it supports its customers in protecting their information assets across the entire IT stack, to reach an adaptive, context aware security posture.

Ludovica Ciliutti | Senior Sales Engineer | OmnitechIT

12:35 – Dealing with data access requests: consent due diligence versus consent management. Must the PSP mandate meet the requirements of valid ‘consent’ under the GDPR?
Can banks provide access to PSPs that have a license?
• What efforts do banks have to take to validate that the user gave its consent?
• Do banks have to obtain a second GDPR proof ‘consent’?

Wouter Seinen, Partner IP IT & Commercial | Baker & McKenzie Amsterdam N.V.
Corinne Schot, Partner Banking & Finance | Baker & McKenzie Amsterdam N.V.

13:00 – Networking and coffee break

14:00 – How technology can help (or hinder) GDPR compliance?(Panel)
Aligning your technology strategy: How organizations will need to document, report on, where their data is, how it is collected, stored, and who can access it?
• What are the technology steps for accelerating GDPR compliance?
• Where does Technology become a hindrance? How it can be overcome?
• How important is API management for a future-proof GDPR-compliant architecture?

Conny Dorrestijn | Founding Partner | BankiFi (moderator)
Dr. Claus D. Ulmer | Global Data Protection Officer | Deutsche Telekom
Sara Fernandez Martinez | Director Privacy Design | Liberty Global
Willem de Paepe | GDPR Global Campaign Leader | Capgemini

14:30 – A case study on how eBay is approaching GDPR, with a look at three separate areas of compliance effort.
• The rights of the data subject
• Vendor management
• Operational compliance

Ben Westwood | Senior Privacy | Manager & Data Protection Officer UK | eBay

14:50 – GDPR from Telecom’s prospective
• GDPR – background, goals, systematics, what’s new?
• What do companies have to do?
• Data Protection / Privacy Impact Assessment

Dr. Claus D. Ulmer | Global Data Protection Officer | Deutsche Telekom

15:10 – Cultural change for GDPR implementation
• GDPR implementation requires culture change at a whole organisation level
• The role of Leaders in driving this culture change by enabling and empowering others
• Exploring how the new information rights may change public institutions relationships with individuals Privacy by Design – using internal and external consultation to change perceptions, manage risk and secure support for change
• The power of communication – embedding transparency in your change programme
• Supporting your Data Protection Officer – what skills, knowledge and help do they need?

Imogen Heywood, Engagement Manager | Centre of Excellence for Information Sharing

15:30 – Networking coffee break

15:50 – What is privacy impact assessment (PIA) data protection impact assessment (DPIA)?
• Need of PIA/DPIA.
• What do PIAs/DPIAs require an organization to do?
• When should PIAs/DPIAs be conducted?
• When is a PIA needed?
• When is a DPIA needed?
• Who is required to conduct PIAs?

Fransesca Sclano| GDPR Data Privacy Advisor| IKEA

16:10 – Privacy as a Product
• How can we turn GDPR into a business opportunity to build a win-win relationship with customers based on trust?
• How can organizations commercialize from GDPR?

Sara Fernandez Martinez | Director Privacy Design | Liberty Global

16:30 – Implementation of GDPR
• How companies can prepare themselves for GDPR?
• What are the consequences of non-compliance of GDPR? What are the risks and penalties.
• Key challenges of implementation of GDPR
• Implementation of GDPR is onerous (from a Dutch perspective)

Ady Van Nieuwenhuizen | Partner (IP/IT/Privacy) | Fieldfisher

16:50 – Conference Chair’s Closing Remarks

Conny Dorrestijn | Founding Partner | BankiFi 

17:00 – END

Leave a comment
More Posts