Three Lines of Defense

Three Lines of Defense is an effective internal auditing model designed to offer a framework for improved control across an organization by developing a greater understanding of the risks and controls. This identifies and articulates the collection of risks and controls, and appropriately allocates the ownership and performance to these across various ‘lines of defense’, thus ensuring unintended risks and gaps in controls can be avoided. The model outlines three lines of defense:

The first line of defense relates to functions that own and manage risks within the organization. It concerns managers and colleagues being responsible for identifying and managing risk as part of their objectives, and having the requisite knowledge and policies and procedures to accomplish this.
The second line of defense covers functions that oversee or specialize in compliance or the management of risk, and is about all the tools, policies, practices and frameworks that enable the first line to function readily, ensuring consistency, and ultimately, how well they are achieving this.
The third line of defense centers around functions that provide independent assurance through internal audit. Independent of the first and second, it’s remit is to ensure that the first two lines are operating effectively and to itemize potential improvements. This reports to the board and the audit committee.

Explore more

Risks & Compliance

April 16, 2024

Crude Oil Tankers

What is a Crude Oil Tanker? A crude oil tanker is a specialized vessel designed to transport large quantities of unrefined crude oil from production sites to refineries, or distribution centers around the world. Oil tankers are typically categorized as either dirty tankers (which move crude oil or “dirty” products, such as residual fuel oil)...

Risks & Compliance

March 28, 2024

Trade-Based Money Laundering

What is Trade-Based Money Laundering? Trade-based money laundering (TBML) is a sophisticated method used by criminals to disguise illicit funds through legitimate international trade transactions. It involves manipulating the value, volume, or type of goods being traded to transfer value across borders without detection. TBML schemes exploit vulnerabilities in trade finance systems, such as invoice...

Risks & Compliance

February 15, 2024

Marine Insurance

What is Marine Insurance? Marine insurance in shipping covers goods and cargo from when they leave the point of origin until they arrive at their final destination. It insures the ships, terminals, and all methods of forward freight where the goods are held against loss and damage. What Does Marine Insurance Cover? The scope of...

Risks & Compliance

February 11, 2024

Maritime Mobile Service Identity (MMSI)

What is Maritime Mobile Service Identity (MMSI)? Maritime Mobile Service Identity (MMSI) is a unique, 9-digit number assigned to a digital selective calling (DSC) radio. It acts as a digital fingerprint for vessels, making it easier for other boats and authorities to identify and communicate with a ship at sea quickly. The International Telecommunications Union...

Risks & Compliance

January 29, 2024

Bunkering

What is Bunkering? Bunkering refers to the process of supplying fuel to ships, while a bunker refers to fuel and oil. This fuel is used to run machinery on board the vessel and to power the engines that propel the ship across the ocean. Bunkering can be performed both onshore and offshore. Bunkering is often...