CBA Webinars

CBA Team Contact

Jake Fowler

California Consumer Privacy Act (CCPA): What Should Companies be Doing for Compliance Today, and Going Forward


California has taken the lead in the US as Privacy regulations have expanded globally. On January 1, 2020 the California Consumer Privacy Act (CCPA) will take effect. The law was signed on June 28, 2018 with the intention to strengthen California residents Privacy rights, and primarily focused on the personally identifiable information (PII) that companies collect, store, share and use. Additionally, the CCPA requires companies to ensure appropriate technical controls are implemented to protect and secure consumer PII against breaches and misuse.


  1. The Emerging Privacy Regulatory Landscape
  2. Overview of the California Consumer Privacy Act (CCPA)
  3. Compare and contrast CCPA and GDPR.
  4. Path to CCPA compliance.


  1. Gain an Understanding of the CCPA Scope, Applicability and Exemptions
  2. Guidance on How to Comply – Polices, Procedures, Controls, etc.
  3. Learn How to Reduce  Regulatory Risk and Potential Liabilities

Have you created an account yet? If you haven't logged in to the CBA registration site before, please click the Create Account button to set up your profile.  This allows the site to recommend programs of interest to you.

Michael Corcione

Managing Director, Treliant

Michael Corcione is a Managing Director in Treliant’s Cybersecurity service area. He has over 30 years of professional experience in technology and security, operations, compliance, and advisory services. 

Michael has led client engagements including: cybersecurity business and IT risk assessments, cyber threat identification, incident response readiness and testing, IT infrastructure implementations, regulatory compliance, vendor and third-party due diligence, and strategy implementation. He has worked with clients from all verticals, with a strong focus on financial services and asset management including private equity, hedge funds, venture capital, banking, real estate, and insurance.

Prior to joining Treliant, Michael was a Managing Director and led the Cybersecurity and Privacy Advisory Practices for Accume Partners and Cordium Consulting. Before that, he was a Director in PricewaterhouseCoopers’s (PwC) Advisory Practice leading cybersecurity and privacy engagements as part of the Financial Crimes Unit. He has also worked for financial services technology integrators, software development companies, and alternative investment firms.

Michael routinely engages with the senior leadership of organizations, including the board and C-suite executives, to identify their cybersecurity business risks, threats, and potential impacts, in regard to their organization’s client, regulatory, legal, and corporate responsibilities. He has led global efforts helping companies comply with emerging cyber and information security regulations from bodies including the New York State Department of Financial Services’ (NYDFS, Cybersecurity Regulation), European Commission (General Data Protection Regulation), Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (SEC OCIE), Office of the Comptroller of Currency (OCC), Federal Reserve Board (FRB), National Credit Union Association, (NCUA), Consumer Financial Protection Bureau (CFPB), the U.K.’s Financial Conduct Authority (FCA), and others.

 Michael is a graduate of Pace University’s Seidenberg School of Computer Science and Information Systems, with a Management of Information Systems degree.

Ash Khan

Managing Director, Treliant

Ash Khan, Managing Director of Treliant, has over 20 years of experience in information security, technology risk management, enterprise architecture, and technology infrastructure. His expertise spans a diverse range of industries including banking, insurance, pharmaceuticals, and government.

Prior to joining Treliant, Ash has held progressively senior leadership roles, most recently as the Chief Information Security Officer of the Global Consumer Banking division of Citigroup. In this role, he was accountable for ensuring the security of the Global Consumer Banking portfolio of products, services, applications, and customer data spanning the online, mobile, voice, branch, and ATM channels. During his tenure, he helped the business securely deploy innovative banking products utilizing leading-edge security capabilities, reducing risk while improving customer experience. He was also responsible for driving the Citi Payment Card Industry (PCI) Data Security Standard Program and represented Citi on the PCI Council Board of Advisors for several consecutive terms. 

Ash has hands-on experience managing the Information Security risk of complex mergers and acquisitions. He has built security programs from inception through execution, augmenting traditional security program management with business continuity, disaster recovery, and IT compliance.

Ash is a graduate in Physics from University College London and holds an advanced degree in Computing from Imperial College London. In the Security discipline, he has numerous certifications including Certification in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP/US), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), PCI Internal Security Assessor (PCI-ISA), and PCI Professional (PCIP). 

Agnes Bundy Scanlan

Senior Advisor, Treliant

Agnes Bundy Scanlan, a Senior Advisor with Treliant, has a long and distinguished career in governance, global regulation, risk management, and compliance. Her experience includes the creation, development, and execution of numerous global compliance programs for some of the country’s largest financial institutions. 

At Treliant, Agnes counsels financial services companies on regulatory, risk management, and compliance matters. She rejoined Treliant in 2017, having also served as a Senior Advisor at the firm from 2012 to 2015.

From 2015 until 2017, Agnes was the Northeast Regional Director of Supervision Examinations for the Consumer Financial Protection Bureau (CFPB). There, she oversaw all regional staff and represented the CFPB’s mission on all matters relating to consumer financial protection supervision and examinations at  large and/or complex depository financial institutions and non-depository consumer financial services companies. Agnes had regulatory authority over $6 trillion in assets.

Agnes has also worked as Chief Compliance Officer and Global Chief Privacy Officer at TD Bank, as well as holding similar roles at Bank of America and its predecessor banks. In addition, she served as counsel at Goodwin Procter and for the US Senate Budget Committee.

After rejoining Treliant, Agnes was elected to the SunTrust Banks, Inc. Board of Directors. She was also elected as a 2017 Fellow of the American College of Consumer Financial Services Lawyers. Additionally, she was included in Boston Business Journal’s “2015 Most Powerful Women” and in Chambers USA: America’s Leading Lawyers for Business. She is co-vice chair of the Privacy Subcommittee of an American Bar Association Committee, former Chair of the Federal Reserve Board of Governors’ Consumer Advisory Council, and former (and founding) Chair and Board Member of the International Association of Privacy Professionals.

In 2018, Agnes completed Harvard University’s course, Cybersecurity: Managing Risk in the Information Age.  She holds a JD from Georgetown University Law Center and a BA from Smith College. She is a member of the United States Supreme Court Bar, the Bars of the Commonwealths of Massachusetts and Pennsylvania, and the Bar of the Superior Court of the District of Columbia.


05/07/2019 at 2:00 PM (EDT)  |  60 minutes
05/07/2019 at 2:00 PM (EDT)  |  60 minutes Please click the button to the right to join the webinar.