Safeguarding New Zealanders' wealth with the three lines of defence at Trustees Fund Administration

Trustees Fund Administration is a leading provider of financial administration services in New Zealand. Our team of professionals is dedicated to providing excellent service to our clients. Our range of services includes custody, registry, and investment accounting, all of which utilise modern technology to deliver the best possible outcomes for wealth management.

We are proud to have over $50 billion NZD of assets under our safeguard, and our mission is to empower our clients to achieve their financial goals.

As a custodian of many New Zealanders' wealth, we recognise the importance of having a strong defence model to ensure that all assets are protected at all times.

Trustees Fund Administration follows the Three Lines of Defence model when it comes to managing risks. This model involves three distinct lines of defence working together to identify and manage risks effectively. The aim of using this model is to define roles and responsibilities across the three functions, split the risk management responsibility between them, and establish different levels of accountability.

The Three Lines of Defence model offers clarity to the boards and senior management by specifying which line is responsible for which areas, how the functions and elements interrelate, and which risks each function or activity should monitor.

How was the Three Lines of Defence created?

The Three Lines of Defence framework was created by the Federation of European Risk Management Associations (FERMA) and the European Confederation of Institutes of Internal Auditing (ECIIA) between 2008 and 2010. It has been widely adopted as a best practice framework for governance risk and compliance (GRC) and enterprise risk management.

What are the three lines of defence?

The framework offers several benefits for our clients and their members. It brings clarity to the issue of risk management, making it simple to communicate and easy to understand. Its goal is to ensure there are no gaps, overlaps, or ambiguities in an organization's risk management and control activities. With the right people, processes, and tools in place, the Three Lines of Defence framework allows for success in governance, risk, and compliance (GRC).

Line 1 is the management and team members of the individual business units within Trustees Fund Administration, who are responsible for identifying and managing risks within their business units. This includes the design, implementation, operation, and monitoring of business process controls to ensure all risks are effectively mitigated.

Line 2 is the Trustees Fund Administration Risk and Compliance Team, who are independent from all other business units. This team is responsible for business process control analysis and testing, monitoring incidents, and supporting the business units on risk and compliance matters. The team is also responsible for facilitating and managing all external audits of Trustees Fund Administration functions.

Line 3 is the Trustees Group Services Internal Audit Team, who are responsible for oversight of line 1 and line 2 functions, which is achieved through internal audits of, and consultation with, the Trustees Fund Administration business units. Line 3 has a direct reporting line to the Trustees Executors Group Audit, Risk & Compliance Committee.

At Trustees Fund Administration, we are committed to ensuring the services we provide to our clients are supported by robust risk management processes and culture. This underpins our promise to safeguard our clients’ information and assets, take accountability for our actions, and promote continuous improvement. The three lines of defence model supports this commitment.