Created in 2013 by the Institute of Internal Auditors, the goal of the three lines of defense model was to foster a more structured approach to the relationships between the different areas of an organization, when it comes to managing risk and controls. There had been concerns among both firms and regulators that there were both gaps and overlaps in the responsibilities within organizations for risks and controls. Today, the Three Lines of Defense model has been adopted by regulators around the globe as a robust approach to interactions between different parts of an organization. See First Line of Defense, the Second Line of Defense.

Popular resources

You may be interested in

New Generation Operational Risk Europe Summit 2023
March 9, 2023

Join us at the New Generation Operational Risk Europe Summit

British Bank Awards 2023
2 mins reading time

Vote for us as RegTech Partner of the Year in the British Bank Awards 2023

Discover more