Skip to content
Request a demo

Webinar with Bank First and Protecht

You built your CPS 230 program. Can you run it?

Thursday 14th May, 11AM-12PM AEST

CPS 230 is no longer about implementation, it’s about execution. Most organisations delivered their CPS 230 program, but fewer can prove it works when operations are under pressure. Join experts from Bank First and Protecht to learn how leaders are turning CPS 230 into a real operating discipline.  

Presenters

Paul Descheppe

Head of Risk Embedment, Bank First

Michael Howell

Head of Risk Research & Knowledge, Protecht

Fill in your details to get access to the on-demand webinar

CPS 230 is an operating test, not just a compliance milestone.  

The deadline mindset got most organisations over the line by July 2025. Programs were delivered, policies refreshed and registers created. But CPS 230 was never designed to sit in a ‘completed’ folder. It’s a continuous discipline: managing operational risk end-to-end, maintaining critical operations within tolerance, and proving it works when disruption hits.

That’s where many organisations are now exposed. When ownership shifts from project teams to BAU:

  • Governance starts to drift
  • Tolerances lose meaning
  • Controls exist, but aren’t evidenced
  • Incident response struggles under pressure
  • Third-party risk becomes the bottleneck.

With the July 2026 service provider and BCP deadline approaching, the gap between compliance on paper and operational reality is becoming harder to hide. This joint webinar with Bank First and Protecht will explore what’s happening across the market and what it takes to make CPS 230 work in practice.

Paul Deschepper, who led Bank First’s CPS 230 implementation and now leads their risk embedment, offers a frontline perspective on what it takes to make CPS 230 work in BAU, while Protecht’s Michael Howell provides a market-wide view of how organisations are progressing with CPS 230.

CPS 230 is exposing a simple truth: design doesn’t fail. Operations do.    

The shift since July 2025 is clear. Regulators are no longer asking:

“Do you have a framework?”

They’re asking:

“Can you run it, prove it, and improve it?”

The challenge is structural:

  • Operational risk spans teams, systems, and third parties
  • Evidence is fragmented across registers, spreadsheets, and tools
  • Reporting is often manual, delayed, and hard to defend
  • Service provider dependencies are growing and harder to control

This is why CPS 230 is becoming a test of governance maturity, not just compliance.

Move from compliance delivery to operational discipline.  

Protecht brings together operational risk, controls, resilience, and third-party management in a single, connected platform so you can demonstrate CPS 230 in practice, not just in documentation.

  • A connected view of critical operations, risks, controls, and service provider
  • Embedded ownership and accountability across Line 1 and Line 2
  • Continuous controls testing, issue tracking, and evidence management
  • Integrated incident management aligned to CPS 230 requirements
  • Board-ready reporting that reflects real operational performance.

Book a free demo

 

Return to top

About the presenters

Head of Risk Embedment, Bank First

Paul Deschepper leads risk embedment at Bank First, focusing on turning risk frameworks into practical, day-to-day operating disciplines across the organisation.

Following the successful delivery of Bank First’s CPS 230 program, where he led implementation across governance, critical operations, business continuity, and service provider management, Paul now works closely with the board, executive and business teams to ensure risk ownership is clearly understood, consistently applied, and embedded into decision-making.

Connect with Speaker on Linkedin

Head of Risk Research & Knowledge, Protecht

Michael Howell is Protecht's Head of Risk Research & Knowledge. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.

Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions.

 

Connect with Speaker on Linkedin