Email Contact Phone Company Visit Website

London Office Head Office



+44 (0)845 680 5172 / +1 888 677 7007


Amy O Brien
[email protected]
Back to all Center for Financial Professionals announcements

The 3rd line of defense in liquidity risk management

Ahead of the Liquidity Risk Management Congress, Erjun Chen the Audit Director at CIT discusses with us the 3rd Line of defense in liquidity risk management.

About Erjun

Currently, I am working at CIT as an audit director auditing on liquidity, interest rate and capital management functions. I also have been participating in auditing CCAR/DFAST audit. Prior joining CIT, I worked at Ernest & Young and KPMG as a Senior Audit Manager and an Audit Manager, respectively, focusing on the financial statements audits in the banking industry. Prior to work for “Big Four’ accounting firms, I worked as a foreign exchange trader at one of Chinese Banks.

The 3rd line of defense and its role

Normally, the Internal Audit, as a 3rd line of defense, reports to audit committees, therefore it is independent from senior management that manages liquidity risk on a day to day basis. With that, Internal Audit can provide audit opinions over the organization’s liquidity management function based on the highest level of independence and objectivity within the organization.

The relevant regulations such as Basel and FRB’s Supervisory Letter 10-6 require internal audit performs regularly reviews and evaluates the various components of the institution’s liquidity risk management process for an organization.

In addition, the internal audit should also perform audit procedures to ensure that regulatory issues/comments are addressed timely and effectively by Management. The sustainability of Management’s remediation for these regulatory issues/comments is also within the radar of the Internal Audit.

The Future and the challenges ahead…

Obviously, with increasing regulatory requirements about the liquidity management for institutions, one of the key tasks of the liquidity risk professional is to ensure the institution meets these requirements all time.

The professional should also develop a border view of the institutions’ other risks that may potentially impact on the liquidity and is able to connect the dots, for example, using the CCAR/DFAST stress testing results to inform liquidity risk, or vice versa. Therefore, the role of the liquidity risk professional should go beyond meeting the regulatory requirements.

With increasing mandates from regulators, Audit Committee and senior management on the 3rd line of defense, the biggest challenge, in my view, is the adequate skill sets to meet these mandates. Internal audit should have resources equipped with regulatory knowledge and experience; being able to perform real time consulting services and data analytics.

In order to retain seasonal auditors, Internal Audit function also should have a strategic plan to develop staffs by provides more training on relevant regulations and tools to meet the current and future challenges.

One thing to remember

From audit perspective, if you did not document it, you did not do it. Therefore, documentation and leaving audit evidence play a significant role in the effective liquidity risk management.

Erjun Chen will be presenting at the Liquidity Risk Management Congress in NYC on October 17-18. He will address key topics in regards to the 3rd line of defense such as: Furhter developing audit capabilities and competences and enhancing the quality assurance.

The 3rd line of defense in liquidity risk management at the Liquidity Risk Management USA, Oct 17-18, NYC.