Three Lines of Defense

From Open Risk Manual

Definition

The expression Three Lines of Defense (3LoD) denotes a popular management consultancy scheme for representing the overall Risk Management activities of (in particular) financial institutions. The origins of the concept are unclear. Broadly speaking it identifies:

  • a "first line of defense" (1LoD) provided by the business unit itself (also front office)
  • a "second line of defense" (2LoD) provided by a specific and specialized Independent Risk Management function
  • a "third line of defense" (3LoD) provided by an Audit function


The motivation for the scheme is to stress both the need for Accountability for prudent risk management in all parts of the organization and the need for multiple layers of independent control and verification

Issues and Challenges

  • The concept has been criticized[1] for being essentially vacuous when business lines (first line of defense) dominate other functions and places excessive emphasis on profit or revenue growth.

References

  1. [1]
Retrieved from "https://www.openriskmanual.org/wiki/index.php?title=Three_Lines_of_Defense&oldid=37697"
  • Creative Commons Attribution-NonCommercial-ShareAlike
  • Powered by MediaWiki
  • Powered by Semantic MediaWiki