The Corporate Operational Risk Function (CORF) is a functionally independent unit within a financial institution responsible for overseeing the implementation and effectiveness of the bank's operational risk management framework. Within the Three Lines of Defense Model within the Principles for the Sound Management of Operational Risk that was established by the Basel Committee in 2011, the CORF typically serves as the second line of defense, complementing the risk management efforts of front-line business units while maintaining independence to provide objective oversight.

Key responsibilities of the CORF include:

• Designing, maintaining and updating the operational risk framework.
• Establishing risk measurement, monitoring and reporting processes.
• Supporting and challenging the first line of defense on operational risk matters.
• Reporting operational risk exposures, trends and concerns to senior management and the board.

The CORF’s independence ensures that operational risks are managed consistently across the organization and that risk-related decisions are made with sufficient objectivity and rigor.