Abstract
Innovation requires a culture of openness and transparency, where mistakes can be made, dilemmas raised and discussed, and joint decisions about the design of new services and the risks that need to be taken.
Supervisory authorities around the globe typically consider the so-called “three-lines-of-defense model” as best practice for risk management and internal control. This risk management model is based on a strict segregation of duties. The commercial departments are expected to innovate and ensure compliance for new products and services (first line). The compliance function checks for irregularities (second line). The audit department then reviews, post rollout (third line).
Supervisory authorities around the globe typically consider the so-called “three-lines-of-defense model” as best practice for risk management and internal control. This risk management model is based on a strict segregation of duties. The commercial departments are expected to innovate and ensure compliance for new products and services (first line). The compliance function checks for irregularities (second line). The audit department then reviews, post rollout (third line).
Original language | English |
---|---|
Place of Publication | https://iapp.org |
Publisher | IAPP |
Media of output | Online |
Publication status | Published - 22 Jan 2020 |