RiskBusiness International, the operational risk advisory and solutions firm, has published guidance for those companies wishing to develop, implement and maintain a formal three lines of defence structure for corporate governance and risk management. While there has been much discussion as to what constitutes a three lines of defence model, there remains across all industries (and, notably, within financial services) little understanding of the ramifications of actually implementing a risk agnostic, organisation-wide three lines of defence model. Drawing upon its experiences in working with a wide range of organisations across the globe exhibiting different sizes, complexities and management structures, RiskBusiness International has established a step-by-step guide to assist companies in establishing a robust, proactive three lines of defence model which is able to stand the test of time. The resultant approach allows for custom models” there’s no ‘one size fits all'” which have been tried and tested across corporate entities, banks, insurers, asset managers and other entities. ” Three lines of defence is not about risk management,” stated Mike Finlay, CEO of RiskBusiness International.” You cannot try and apply a model that affects corporate structure, individual accountability and, as a consequence, corporate culture by thinking it’s a risk management initiative” even worse if you think it only applies to operational risk and perhaps to the compliance function.” Finlay continued:” Three lines of defence is integral to the DNA of the firm. It begins with the vision, mission and values and flows through corporate governance, corporate strategy and overall business objectives into the everyday functioning and decision-making of the entire enterprise. It’s all about the core principles on which we base our business and how we measure ourselves against the achievement of those principles and our defined business objectives.” Global regulation, particularly in the financial services sector, is increasingly focused on good governance and how the Board and executive management behave and run the enterprise. To comply with the ever-increasing volume of regulation and achieve the firm’s potential, every enterprise should implement a robust governance structure which embraces the three lines of defence concept. On that basis, this new guidance from RiskBusiness International is an invaluable resource for every firm, irrespective of geography, size or nature. Companies interested in more information about the RiskBusiness International Position Paper on the Three Lines of Defence should visit the RiskBusiness website at: www.RiskBusiness.com
RiskBusiness International publishes guidance on three lines of defence
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.