Risk glossary


Three lines of defence (3LOD)

The three lines of defence is a risk governance framework that splits responsibility for operational risk management across three functions. Individuals in the first line own and manage risk directly. The second line oversees the first line, setting policies, defining risk tolerances, and ensuring they are met. The third line, consisting of internal audit, provides independent assurance of the first two lines.

Codified by the Basel Committee on Banking Supervision in its 2011 Principles for the sound management of operational risk, the framework has been continually adapted and modified by banks and financial services firms ever since, with many choosing to embed intermediate layers of risk management in between the first and second lines.

Click here for articles on three lines of defence.

  • LinkedIn  
  • Save this article
  • Print this page  

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here