01 First Line of Defense
Within the Risk Governance structure, the First Line of Defense (also referred to as the "front line") includes relationship managers and other customer-facing employees, as well as support units that are closest to the customers and counterparties during the contracting phase of relationships and the conduct of transactions or business.
The Line of Business Teams (Retail, Corporate, or Treasury) that wish to conduct Banking Business with customers are also referred to as Risk Owners. The Operational Teams (Center and Branches), Support Teams (HR, Marketing, Business Intelligence, Finance and Admin), and IT Teams (Systems and Telecom) involved in supporting the Lines of Business to conduct their Banking are also considered part of the First Line of Defense. These teams are also referred to as Control Owners.
02 Second Line of Defense
The Risk & Compliance Function comprises the Second Line of Defense within the Risk Governance structure. The Head of Risk and Compliance ensures ongoing monitoring and facilitates the escalation or redressal of identified issues.
The Second-line Defense periodically reviews the effectiveness of controls used to mitigate all types of Financial Crime and Operational Risks and provides information and guidance to the First Line. They also investigate possible non-compliance with any Internal Policies & Regulations.
In general, the Second Line exists to ensure that CDD Internal Processes and Procedures applied by the First Line are designed properly, staff is well trained, processes are firmly established, and applied as intended. They are also known as Risk & Control Stewards.
03 Third Line of Defense
The Third Line of Defense within the governance structure of the Risk Management Framework is the internal audit team, which undertakes independent reviews of the controls applied by the first two lines of defense. They are defined as Risk & Control Assurance.
It independently evaluates the Risk Management and Controls of the bank through periodic assessments, including the adequacy of AGD Bank's controls to mitigate the identified risks. It also evaluates:
- The effectiveness of the staff's execution of the controls.
- The effectiveness of the Risk & Compliance Teams Oversight & Quality Control.
- The effectiveness of the Risk-related Training Programmes (e.g., AML Training Program).
01 First Line of Defense
Within the Risk Governance structure, the First Line of Defense (also referred to as the "front line") includes relationship managers and other customer-facing employees, as well as support units that are closest to the customers and counterparties during the contracting phase of relationships and the conduct of transactions or business.
The Line of Business Teams (Retail, Corporate, or Treasury) that wish to conduct Banking Business with customers are also referred to as Risk Owners. The Operational Teams (Center and Branches), Support Teams (HR, Marketing, Business Intelligence, Finance and Admin), and IT Teams (Systems and Telecom) involved in supporting the Lines of Business to conduct their Banking are also considered part of the First Line of Defense. These teams are also referred to as Control Owners.
02 Second Line of Defense
The Risk & Compliance Function comprises the Second Line of Defense within the Risk Governance structure. The Head of Risk and Compliance ensures ongoing monitoring and facilitates the escalation or redressal of identified issues.
The Second-line Defense periodically reviews the effectiveness of controls used to mitigate all types of Financial Crime and Operational Risks and provides information and guidance to the First Line. They also investigate possible non-compliance with any Internal Policies & Regulations.
In general, the Second Line exists to ensure that CDD Internal Processes and Procedures applied by the First Line are designed properly, staff is well trained, processes are firmly established, and applied as intended. They are also known as Risk & Control Stewards.
03 Third Line of Defense
The Third Line of Defense within the governance structure of the Risk Management Framework is the internal audit team, which undertakes independent reviews of the controls applied by the first two lines of defense. They are defined as Risk & Control Assurance.
It independently evaluates the Risk Management and Controls of the bank through periodic assessments, including the adequacy of AGD Bank's controls to mitigate the identified risks. It also evaluates:
- The effectiveness of the staff's execution of the controls.
- The effectiveness of the Risk & Compliance Teams Oversight & Quality Control.
- The effectiveness of the Risk-related Training Programmes (e.g., AML Training Program).