DATA PRIVACY, SECURITY & AI TRACK: Safeguarding Against Emerging Data Privacy Risks in the Mortgage Industry

Managing Director, BRG

Michael Hollerich is a Managing Director in Berkeley Research Group’s Financial Institutions Advisory practice. With more than 30 years of experience across banking, mortgage finance, and fintech, he has held senior leadership roles at global financial institutions, non-depository mortgage companies, and fintechs. In prior leadership roles, he led enterprise compliance and large-scale regulatory remediation across one of the nation’s largest mortgage servicing platforms, overseeing the resolution of more than 30 state and federal consent orders and enforcement actions. Mr. Hollerich has extensive experience with mortgage origination, servicing, capital markets, and consumer protection regulation. He currently leads BRG’s engagement with the California Department of Financial Protection and Innovation (DFPI), supporting implementation of the state’s Digital Financial Assets Law (DFAL) licensing regime, and serves as the California Attorney General–mandated Chief Compliance Officer for a non-depository lender under a consumer protection consent judgment. He also serves on the faculty of the ABA Stonier Graduate School of Banking.

COO, ConvergentDS

With over twenty-five plus years of progressive technology and cybersecurity career, JT brought his passion of helping clients understand cybersecurity to help support Digital Silence and their clients. Over his career of building and operating successful cybersecurity programs across industries including financial services organizations such as Credit Unions, Community Banks, and Mortgage Banks, as well as industrial and healthcare firms. JT holds both a Certified Forensic Computer Examiner (ISFCE) as well as a Certified Information Systems Security Professional (CISSP) since 2003.

Partner, Troutman Pepper Locke

John has a national class action and trial practice representing national, regional and local banks, lenders, consumer reporting agencies, mortgage lenders and servicers, auto finance companies, furnishers, debt collectors, law firms and other related consumer finance entities in federal and state consumer litigation, including claims under the Fair Credit Reporting Act, Fair Debt Collection Practices Act, Unfair, Deceptive, or Abusive Acts or Practices, Telephone Consumer Protection Act, Truth in Lending Act, Equal Credit Opportunity Act, Real Estate Settlement Procedures Act, and other federal and state statutes, and common law.

Shareholder, Maddin Hauser, P.C.

Brian A. Nettleingham is a Shareholder at Maddin Hauser with more than 25 years of experience advising financial services clients. He helps organizations navigate evolving regulatory frameworks and manage risk in a rapidly changing industry. Nettleingham’s practice focuses on capital and secondary market transactions, mortgage lending and origination practices, reverse mortgage products, financial vendor agreements, cryptocurrency and other emerging technology issues, and compliance with consumer finance laws and regulations. He also advises on vendor management, as well as enforcement and licensing actions.

Managing Director, Data Privacy and Cybersecurity, FTI Consulting, Inc.

Ryan Smyth is a Managing Director at FTI Consulting, with more than 20 years of experience across governance, risk and compliance, cybersecurity, and privacy programs. He advises clients on a broad range of regulatory and compliance matters, with a focus on privacy, cybersecurity, data governance, and business continuity. A seasoned cybersecurity professional, Mr. Smyth helps organizations assess and strengthen their security posture through cyber maturity assessments, independent security and privacy control reviews, and data privacy evaluations. He supports clients in identifying vulnerabilities, remediating risks, and navigating complex regulatory environments. Mr. Smyth also provides guidance on evolving cybersecurity frameworks, regulatory readiness, and reporting obligations. He has deep expertise in incident response, assisting organizations through active breaches and security incidents, including business email compromises. Prior to joining FTI Consulting, he served as Director of Privacy and Data Protection at Promontory Financial Group, where he led the development of privacy and information security frameworks and data remediation initiatives. Previously, as Senior Vice President of Enterprise Risk Management and Chief Security and Privacy Officer at LPL Financial, he oversaw enterprise privacy and security programs and led regulatory engagement across cybersecurity and compliance matters.