At the operational level, the bank has adopted a three lines of defense model to allocate appropriate roles to the business lines and support functions. This includes our business units at the first line of defense to own and manage their risk, our risk and compliance units at the second line of defense to develop the risk management framework and to challenge and support the business units, and lastly the internal audit to provide independent review and assurance on the effectiveness of risk management framework and its functioning.
Categories