Laura Moore

Laura is a Managing Director in Protiviti’s Risk and Compliance (R&C) practice with over 20 years financial services experience. She is the lead for the UK’s Operational Resilience team and has a deep understanding of the key operational resilience concepts and challenges faced by organisations seeking to strengthen their resiliency. She is an integral member of Protiviti’s Global Operational Resilience Centre of Excellence and has been key in the development of Protiviti’s operational resilience offerings and thought leadership.

Laura also leads our UK interaction with the industry on resilience and with our Trade Associations. She acts as Co-Chair on both Protiviti’s Industry Digital Operational Resilience (DORA) working group and Chair’s Protiviti’s Internal DORA Working Group. Laura meets regularly with various operational resilience clients and contacts across the financial services industry providing insights into how organisations are approaching operational resilience enabling informal benchmarking and leading practices to be understood.

Laura is also a seasoned risk and control practitioner having previously held Head of Internal Audits roles in large financial services firms. She has led complex assurance engagements across a variety of regulatory specialist areas in financial services. She has also led multiple skilled person reviews supporting the skilled person, particularly in the conduct space.

Representative Engagement

Since joining Protiviti, Laura has led a number of large projects in the operational resilience space including:

• Leading teams to complete UK Operational Resilience and/or Digital Operational Resilience Act (DORA) gap assessments/assurance reviews, making recommendations for remediation support by a tailored implementation roadmap;
• Establishing programme set up and governance and leading teams to support clients in the build and implementation of key methodologies and addressing recommendations for both UK and DORA compliance;
• Providing ongoing advice and assurance over key concepts developed as part of firms operational resilience programmes at key points within the programme lifecycle to confirm these are in line with regulatory expectations and industry good practice, including providing opinions on transitional roadmaps and activities for embedding resilience, making recommendations for improvements;
• Leading teams in the development and build out of Resilience Strategy, Objectives and Target Operating Model across the 3 lines of defence for the embedding of resilience and enduring resilience capabilities;
• Providing training to Boards on operational resilience and crisis management and SMF24s (COOs/CTOs) on their role and responsibilities for operational resilience; and
• Acting as a subject matter expert on assurance reviews conducted by internal audit to help ensure testing performed and recommendations made cover key regulatory requirements and reflect industry good practice, this includes embedding of resilience concepts into third party risk management.

Other engagements include:

• Leading External Quality Assessments (EQAs) assessing audit functions against IIA criteria, Codes of Conduct and leading practices. This includes conducting maturity assessments against Protiviti Next Generation Internal Audit maturity model.
• Leading the Protiviti team working alongside the Head of Methodology at a large bank to re-design and implement the new internal audit methodology across Group Audit. Activities included defining workstream key deliverables and success criteria, providing external benchmarking inputs into methodology decisions, devising workstream project plan, developing content, hosting business stakeholder working groups to obtain input and buy-in, coordinating with other workstream leads, identifying risks to delivery and appropriate responses, and providing progress updates to the key sponsor and Exco.
• Overseeing Protiviti teams executing audit work for large and medium FS firms in specialist areas recommending and driving key control improvements across the organisation. This role includes regularly liaising with the audit team and key Group Audit stakeholders on the progress of the audits and key findings and QA’ing certain deliverables.
• Laura has also acted as engagement lead on section 166 reviews which include a review of the effectiveness of organisations governance and risk management.