1ST LINE OF DEFENCE – DAY TO DAY RISK MANAGEMENT AND CONTROL NOBA
Business units and support functions represent the first line of defence. The first line of defence ensures that clear processes and routines are in place in order to identify, assess, control and report risks.
2ND LINE OF DEFENCE – FUNCTIONS THAT OVERSEE RISK
The Risk Control function and the Compliance function forms the second line of defence and are independent from the first line of defence. The primary responsibility of the second line of defence are oversight and review of risk management and compliance issues. The functions develop and maintain risk management policies and methodologies, identify and monitor new and emerging risks and enforce the enterprise risk management framework. The second line of defence reports to the CEO, the Management Team and the Board of Directors.
3RD LINE OF DEFENCE – INDEPENDENT ASSURANCE
The Internal Audit function is the third line of defence and provides fully independent assurance through reviews and controls of both the first and second line. The third line of defence ensures effective Enterprise Risk Management practices and reports to the Board of Directors.