Answer-first summary for fast verification
Answer: The corporate operational risk function, as part of the second line of defense, should challenge risk inputs from business line managers.
The Basel three lines of defense model is a framework established by the Basel Committee on Banking Supervision for managing operational risk in financial institutions. It divides the risk management responsibilities into three distinct lines: 1. **First Line of Defense**: Business line managers are responsible for managing the operational risks within their respective business lines. They are expected to ensure that appropriate risk controls are in place and are functioning effectively. 2. **Second Line of Defense**: The corporate operational risk function (CORF) serves as the second line of defense. Its role is to review the risk controls implemented by the first line of defense and to establish firm-wide risk management procedures. The CORF also has the responsibility to challenge risk inputs from business line managers to ensure they are accurate and aligned with the institution's risk appetite. 3. **Third Line of Defense**: The third line of defense is typically composed of an independent review function, such as internal audit. This function assesses the effectiveness of the risk controls in the first two lines of defense and provides assurance to the board of directors and senior management. In the context of the question, option C is correct because it accurately describes the role of the CORF as part of the second line of defense, which includes challenging risk inputs from business line managers. The other options are incorrect for the following reasons: - Option A is incorrect because the internal audit function is part of the third line of defense, not the first. - Option B is incorrect because business line managers are not expected to challenge the internal audit function; their role is to manage operational risks within their business lines. - Option D is incorrect because the CORF is part of the second line of defense, not the third, and its role does not include validating model assumptions made by senior management. The correct answer, as provided in the file content, is C, which aligns with the established roles within the Basel three lines of defense model for operational risk governance.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A large bank is reviewing its strategies and protocols for managing operational risk in accordance with the Basel Committee's guidelines. As part of this review, the bank is implementing the three lines of defense model to ensure comprehensive risk management. Which of the following statements is accurate regarding this approach?
A
The internal audit function should serve as the first line of defense and continually validate operational procedures used by the business lines.
B
Business line managers, as part of the first line of defense, should provide a credible challenge to the internal audit function.
C
The corporate operational risk function, as part of the second line of defense, should challenge risk inputs from business line managers.
D
The corporate operational risk function should serve as the third line of defense and validate model assumptions made by senior management.