THE IMPACT OF SUBJECTS OF THE “SIX LINES” MODEL ON THE AUDITQUALITY OF RISK MANAGEMENT SYSTEM IN BANK

Abstract

The article analyzes modern models of lines of defense in organizing a risk management system in a bank. It is established that the “three lines of defense” model and the “three lines” model updated by the Institute of Internal Auditors are widely used in internal audit and risk management, which may encounter implementation and coordination problems. The introduction of additional “lines” into these models is not accompanied by a justification of external to the bank subjects of influence and the relationships between them. It is proposed to systematically take into account all regulatory entities of the banking ecosystem of Ukraine that affect risk management and audit in the “six lines” model, specifying them in accordance with the updated Strategy for the Development of the Financial Sector of Ukraine in 2023.

In the proposed model, each of the subjects of the banking ecosystem is assigned to one of the internal or external “lines” of defense, which in close interaction exert a proactive influence on audit objects and processes. The contribution of the main subjects of the "six lines" model to improving the quality and role of audit in the organization of the bank's risk management system is classified. It is noted that the proposed model includes both regulatory and all other links of information interaction between subjects of the banking ecosystem. When conducting an audit, it is proposed to evaluate such interaction according to the criteria of the level of maturity of the interaction process itself and the quality of available data, using the relevant international standards for assessment. It is emphasized that the level of complexity and labor costs of auditing the processes of information interaction of the subjects of the “six lines” model increases with the gradual improvement of the processes of information exchange and the quality of the data available for this. The proposed approach contributes to improving the quality of risk-based auditing by taking into account all subjects of the banking ecosystem involved in the audit and the synergistic effect of their interaction, which, in turn, ensures more reliable risk management and supports the stability of banking activities.