IT GovernanceRisk Management

Follow the Three-Line Defense Governance to Address Strategic Risks

Changing dynamics of the asset management industry pose a new set of risks for the asset managers. Asset managers are responsible for identifying these risks and investment compliance. In this article at Grant Thornton, David Pulido and his fellow authors suggest the three lines of the defense governance framework to address the growing risks in the industry.

Understand and Implement

The three lines of defense governance framework divide the risk governance infrastructure into three parts. The first one involves operational managers who own their risks right from scratch till the end. They practically identify, assess, measure, monitor, report, control, and even mitigate them.

The second line of the defense comprises risk control frameworks and compliances created by senior management and focuses on organization-wide risk mitigation. The second line defines roles and responsibilities, risk controls, and processes for the organization. 

The third line is defense involves independent assurance or internal audit. Its foremost objective is to establish the effectiveness of governance, risk management, and internal controls.

Related Articles

Usage of the Three-Line Approach

To efficiently use the three lines of defense governance to counter business risks, the asset managers must focus on these critical areas:

  • Enterprise risk management (ERM) plays a significant role in notifying the compliance team. By promoting an enduring application of recognized standards, the ERM helps the organizations to evolve its risk addressing factors.
  • The regulatory compliance function must focus on integrated regulatory compliance, about which only the first-line managers have first-hand information. The ideal approach here is to align information with the most stringent regulations.
  • The first line managers must also own the sales practices as a part of their operational liability. But in their absence, second-line managers can take the lead.
  • The asset managers must take the lead to control broker participation to avoid unfortunate situations. Even organizations can consult brokers to create investment guidelines, but they must ensure that the second-line managers review and oversee the coding.
  • The third-party risks are evident in the form of cybersecurity, data security, anti-fraud efforts, and reputational risk. Organizations can avert these risks by approving vendors the failsafe procedure of vetting, conducted by the second-line managers.

Click on the following link to read the original article:

Related Articles

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.