Personal Invitation to Executive Seminar at Said Business School, Oxford University on 22nd July Sarbanes-Oxford A seminar exploring the operational risk demands of The Sarbanes-Oxley Act 2002 Course Director: Aneira.Russell@2020governance.com The subject of this seminar is operational risk and Section 409 of the Sarbanes-Oxley Act. In addition to ‘an assessment of the risks in achieving objectives that underpin a company’s financial statement’, required by section 404, section 409 demands a dynamic risk management framework to monitor operational risks and file material events with the Securities and Exchange Commission (SEC) within 48hours. The latter is a much more onerous requirement, the full implications of which need to be carefully appraised. The line-up of expert speakers at this seminar is designed to provide the audience with the opportunity to hear a range of informed views and to interrogate the speakers on points of specific interest. This is the first seminar in a series of international briefings planned throughout the second half of 2004, sponsored by 2020 Governance AB. All three feature leading commentators who provide their perspective on different aspects of the Sarbanes-Oxley Act 2002 in the context of corporate governance. The next briefing, in the autumn, will provide clarity on the contemporary assessment of the impact of Section 404 on internal controls. This will be followed in early December by a seminar examining the implications of Section 307 focusing on the responsibility of legal counsel. Background The Sarbanes-Oxley Act was a political reaction to the US corporate scandals that surfaced around the turn of the century. Only time will judge its effectiveness but its reach to the international community is already being felt. All companies listed on the NYSE and NASDAQ are already affected and diluted templates are being considered for the UK’s Operating Financial Review (OFR) and future EU Company directives. Whilst some sections of the Act have been clearly defined with agreed deadlines others including Section 409 and 307 are still open to interpretation. It is envisaged that the Sarbanes-Oxford event will provide a contribution to the debate and provide international thought leadership on the direction of the Act. Program Four eminent speakers will make presentations during the day, as follows Assessing The Implications Of Sarbanes-Oxley Dr Alan Morrison, Merton College and Said Business School, Oxford University The Sarbanes-Oxley Act of 2002 is possibly the most sweeping corporate governance law in the United States since the 1930s. Although precipitated by the corporate scandals of the early 2000s, this legislation appears to be part of a more general trend in more developed economies away from purely disclosure-based laws and towards more substantive legislation. I will survey this regulatory shift and discuss some of its practical implications. Specifically, I will mention some of the academic evidence regarding the effectiveness of the Act’s requirements. I will review the rationale and changed incentives for cross-listings; highlight likely changes in the relationships between key players in the corporation’s governance; and, importantly, discuss the meaning of operational risk and its control. Operational Risk And Corporate Governance John Thirlwell, Director of The Operational Risk Research Forum and former Director of the British Bankers’ Association. John Thirlwell has extensive experience in banking with Barclays, TSB and Hill Samuel, where he was Chief Risk Officer. He has been heavily involved, on behalf of the banking industry, in discussions with regulators concerning the new Basel Capital Accord and integration of the FSA and chairs the Financial Services and Insurance Committee of the International Chamber of Commerce in the UK. He will explain the development of operational risk in financial services, especially banks, and discuss the management and measurement of operational risk in the context of Sarbanes-Oxley and corporate governance. Regulation And The Need For An IT Governance Framework Alan Calder, Chief Executive, IT Governance Ltd This presentation looks at the requirements of Sarbanes-Oxley in the context of OECD corporate governance requirements and discusses an integrated risk management framework that covers the entire spectrum of information and information technology. Group Risk, Sarbanes-Oxley and Other Regulatory drivers Aaron Bowring, Axa Aaron Bowring works in Group Risk with an international chartered accountancy and audit background. Aaron will examine how the operational risk requirements of Sarbanes-Oxley interact with other regulatory drivers in the context of the Insurance industry. How will the requirements of Sarbanes-Oxley relate to the Prudential Source Book and what are practical steps that need to be put in place. Panel Session: The speakers as a group will discuss issues raised by the audience What exactly is a material event and when should it be reported within 48 hours? Each presentation will be followed by a period of questions from the audience and speakers will be present during the seminar breaks to further discuss any issues arising. Final questions may be posed during the summary session at the end of the seminar. Who Should Attend This seminar will be of immense benefit to all those whose job roles include risk management or corporate governance. Typically, attendees will be Sarbanes-Oxley or corporate governance program managers, corporate controllers, risk managers, members of internal audit units or investor relations staff. However, anyone with an interest in the subject would also benefit from attendance. The dress code is informal. Doc Ref Number: 533578012 Page 2 of 3 Location The seminar will be held in a conference room in the Said Business School, Oxford University. See www.sbs.ox.ac.uk for further location details. Agenda Schedule 09:00 – 09:30 Registration, coffee and tea on arrival. 09:30 – 09.45 Welcome and Introductions. Martyn Emery 09.45 – 11.00 The Academic perspective. Dr Alan D. Morrison 11:00 - 11:30 Opportunity to network over morning coffee 11:30 – 12:30 Operational Risk and Corporate Governance, John Thirlwell 12:30 – 13:30 Break for lunch and further networking 13:30 – 14:15 IT Governance and Operational Risk, Alan Calder 14:15– 15.00 Group Risk and Sarbanes-Oxley, Aaron Bowring 15:00 – 15:30 Afternoon tea 15:30 – 16:30 Panel Session Chaired by Martyn Emery 16:30 – Seminar Close Booking Places can be reserved by sending an email to Course Director aneira.russell@2020governance.com. Places are limited and bookings will be accepted strictly on a first-come-first-served basis, so delegates wishing to attend are advised to book early. We look forward to the pleasure of meeting with you. Martyn Emery Director of Global Operations 2020 Governance AB Doc Ref Number: 533578012 Page 3 of 3