And if you want to do this properly, you're going to have a fourth site.
Like it or not, maintenance must be done at some point. And while you're conducting maintenance that element of your service is offline and your protection is at risk. One incident elsewhere during maintenance and you've potentially lost data.
As said, to really do this properly is expensive. Alternatively the business need to sign off that there are failure scenarios they are not protected against. You'd be amazed what they will sign off when you put a £50,000,000 bill in front of them. "oh, if that's the cost, I guess we can risk losing 15 minutes of data"