Please use this identifier to cite or link to this item:
Title: Challenging the adequacy of the conventional ‘three lines of defence’ model : a case study on Maltese credit institutions
Other Titles: Contemporary issues in audit management and forensic accounting
Authors: Borg, Glen
Baldacchino, Peter J.
Buttigieg, Sandra C.
Boztepe, Engin
Grima, Simon
Keywords: Auditing, Internal -- Malta
Banks and banking -- Malta
Autonomy -- Malta
Issue Date: 2020
Publisher: Emerald Publishing Limited
Citation: Borg, G., Baldacchino, P. J., Buttigieg, S., Boztepe, E., & Grima, S. (2020). Challenging the adequacy of the conventional ‘three lines of defence’ model : a case study on Maltese credit institutions. In S. Grima, E. Boztepe, & P.J. Baldacchino (Eds.), Contemporary issues in audit management and forensic accounting (pp. 303-324). Bingley: Emerald Publishing Limited.
Abstract: This study challenges the conventional theoretical approach of the ‘Three Lines of Defence’Model adopted by most of the Maltese credit institutions. The authors propose a paradigm shifting conceptualised framework that would alter the corporate governance structures of banks. The objective is to test the feasibility and willingness of credit institutions to adopt such an approach. This study challenges the current practices of the internal auditing profession and organisations and invites them to evaluate their structures whilst recognising the benefits of adopting a combined assurance function. In order to test this hypothesis, the authors sought out semi-structured interviews with controllers (Internal Auditors, Risk Managers and Compliance Officers) within Maltese Credit Institutions, varying in size from significant, medium-sized and small institutions; personal from the Malta Financial Services Authority – The regulator, the Big four audit firms and members of the Malta Forum of Internal Auditors, and practitioners working both within and outside the financial industry. There were two contrasting opinions regarding the suggested proposition. On the one hand, those operating within the credit institutions, as well as the regulator and the external auditors, do not believe that the proposition of integrating risk, compliance and internal audit functions (IAF) in one team would be possible; the reason being that independence, which is the cornerstone of every IAF, would be severely impacted. On the other hand, there were those practitioners working outside the banking industry but with sufficient experience and knowledge in the field, who challenged the traditional concept of independence. They argue that the functions should not be separate from each other because they have much in common. Four themes emerged from the study: (1) challenges as a concept, (2) benefits, (3) risks and (4) condition for successful implementation. All interviewees, from risk departments, boards, external auditors and regulators agree that a strong, knowledgeable and independent IAF is fundamental to every organisation but more so within the financial industry. Nevertheless, this study revealed two schools of thought that emerged from the findings in relation to the IAF and its regulation, and specifically, when the authors presented the proposition of an integrated function.
Appears in Collections:Scholarly Works - FacHScHSM

Files in This Item:
File Description SizeFormat 
  Restricted Access
1.34 MBAdobe PDFView/Open Request a copy

Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.