What Critics Say on Three Lines of Defense
The Three Lines of Defense model for risk oversight—business units in the first line, compliance in the second, internal auditors in the third—has been hugely popular in recent years. Proponents love it, and regulators have come to expect it. Critics, however, say the Three Lines model is too simplistic a ...
Related articles
-
Article
Deloitte: financial institutions reengineer risk management
Financial institutions are beginning new efforts to reengineer their risk management programs and tap into emerging technologies, according to a survey conducted by Deloitte Global.
-
Article
Where Internal Audit Can Help in Cyber-Security
Image: With yet another huge data breach hitting Corporate America—add insurance giant Anthem to the Hall of Shame—internal audit departments are trying to pinpoint what expertise they can bring to the company’s cyber-security risk assessment. Plenty, many audit executives say. “There are technical aspects of these projects, but regardless of ...
-
ArticleFRC’s plans for more flexible enforcement gains support
Plans to give the U.K.’s audit regulator more options to regulate firms for sloppy work have been largely well received by experts, who believe the current system is “inflexible,” “cumbersome,” and “slow.”