Difference between revisions of "Three Lines of Defense"
From Open Risk Manual
Wiki admin (talk | contribs) |
Wiki admin (talk | contribs) |
||
| Line 10: | Line 10: | ||
== Issues and Challenges == | == Issues and Challenges == | ||
| − | The concept has been criticized<ref>[http://blogs.ft.com/the-a-list/2013/07/09/banks-need-to-question-their-three-lines-of-defence/]</ref> for being essentially vacuous when | + | * The concept has been criticized<ref>[http://blogs.ft.com/the-a-list/2013/07/09/banks-need-to-question-their-three-lines-of-defence/]</ref> for being essentially vacuous when business lines (first line of defense) dominate other functions and places excessive emphasis on profit or revenue growth. |
== References == | == References == | ||
Latest revision as of 18:16, 8 February 2024
Definition
The expression Three Lines of Defense (3LoD) denotes a popular management consultancy scheme for representing the overall Risk Management activities of (in particular) financial institutions. The origins of the concept are unclear. Broadly speaking it identifies:
- a "first line of defense" (1LoD) provided by the business unit itself (also front office)
- a "second line of defense" (2LoD) provided by a specific and specialized Independent Risk Management function
- a "third line of defense" (3LoD) provided by an Audit function
The motivation for the scheme is to stress both the need for Accountability for prudent risk management in all parts of the organization and the need for multiple layers of independent control and verification
Issues and Challenges
- The concept has been criticized[1] for being essentially vacuous when business lines (first line of defense) dominate other functions and places excessive emphasis on profit or revenue growth.
