Matthew is a partner in the Risk & Public Policy and Digital, Technology, & Analytics Practices, with experience consulting to financial services and government institutions. His work has primarily focused on risk governance, risk identification, and operating model design for non-financial risks, including information risk and cybersecurity.
Relevant experience
- Led an assessment of a large NY-based bank鈥檚 compliance with the NYDFS cybersecurity regulation, reviewing and challenging the bank鈥檚 interpretation of requirements and developing a strategic NYDFS compliance roadmap
- Executed an assessment of the cybersecurity program of a US federal agency against latest industry standards and regulatory guidance and the design of actionable initiatives
- Executed an engagement with the World Economic Forum on the implications of innovation on cyber risk in financial services
- Designed, built, and implemented the Regulatory Program Office for IT focused on remediation of information security, IT Risk and cyber risk management gaps through implementation of a strategic solution for a large US bank
- Led the review and challenge of the operational risk and information risk governance at a regional US bank, focusing on risk policies, standards, and procedures
- Conducted an assessment of a US regional bank鈥檚 foundational inputs for their risk identification process, including IT risk assessments, scenario analysis, RCSA, issue management, and metric / KRI definition
- Synthesized the results of a US regional bank鈥檚 bottom-up and top-down risk identification process into a prioritized list of top risks for the Board, spanning financial and non-financial risk types
- Provided targeted recommendations to improve the IT operating model of a large used-car retailer based on leading practice across industries
Other relevant credentials
Matthew holds a B.A. in Economics and Spanish from Cornell University.