Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of September 18, 2017)

Office of Program Audits and Evaluations (PAE)

  • The FDIC's Loan Sampling Methodology 

The objective is to evaluate (1) the FDIC's loan sample selection methodology, including compliance with Division of Risk Management Supervision guidance and (2) whether the FDIC is generating loan samples that are representative of financial institutions' loan risk exposures.

  • Evaluation of the FDIC's Consumer Response Center  

The objective is to assess how efficiently and effectively the FDIC processes consumer complaints. Specifically, we will evaluate how the Division of Depositor and Consumer Protection (1) receives, investigates, and responds to consumer complaints involving FDIC-supervised institutions and (2) analyzes complaint data, identifies emerging issues and trends, and responds to those issues and trends.

  • Consumer Protection Rules Regarding Ability to Repay Mortgages

The objective is to assess the FDIC’s implementation of selected consumer protection rules.  Our evaluation is focusing on two rules that placed new requirements on the banking industry by (1) directing lenders to determine if a consumer has a reasonable ability to repay a mortgage loan and (2) limiting loan originator compensation and subjecting loan originators to new requirements.

  • Material Loss Review of First NBC Bank, New Orleans, Louisiana

The objectives are to (1) determine the causes of First NBC’s failure and resulting material loss to the Deposit Insurance Fund and (2) evaluate the FDIC’s supervision of the institution, including its implementation of the Prompt Corrective Action provisions of section 38 of the Federal Deposit Insurance Act.

  • Claims Administration System (CAS) Functionality

The objective is to determine to what extent CAS has achieved the Division of Resolutions and Receiverships’ performance expectations for accuracy, timeliness, and capacity in making insurance determinations.

  • Implementing Forward-looking Supervision for High Growth-High Concentration Institutions

The objective is to determine whether the intended outcomes of the Forward-looking Supervision Program have been achieved—the Division of Risk Management Supervision has taken appropriate supervisory action as risks are identified, and the financial institutions have undertaken corrective measures.

  • Compliance Under the Digital Accountability and Transparency Act of 2014

The objectives are to assess (1) the completeness, timeliness, quality, and accuracy of the spending data submitted to the Office of Management and Budget (OMB); and (2) the FDIC's implementation and use of Government-wide financial data standards established by OMB and Treasury.

Office of Information Technology Audits and Cyber (ITC)

  • Controls for Preventing and Detecting Advanced Cyber Threats 

The objective is to assess the effectiveness of the FDIC's network firewalls and security information and event management (SIEM) tool in preventing and detecting advanced cyber threats.

  • The FDIC's Processes for Responding to Breaches of PII

The objective is to assess the adequacy of the FDIC's processes for (1) evaluating the risk of harm to individuals potentially affected by a breach involving personally identifiable information and (2) notifying and providing services to those individuals, when appropriate.

  • Governance of Information Technology Initiatives 

The objective is to identify key challenges and risks that the FDIC faces with respect to the governance of IT initiatives.  The audit is focusing on the FDIC’s IT governance structure, Enterprise Architecture, and strategic plans in relation to selected IT initiatives, including the planned migration of email operations to the cloud, the deployment of laptop computers to employees and contractor personnel, and the potential adoption of a managed services solution for mobile IT devices.

  • Security Configuration Changes and Software Updates to FDIC's Windows Servers

The objective is to determine whether the FDIC has established and implemented controls for managing changes to its Microsoft Windows Server operating system that are consistent with federal requirements and guidelines.  Specifically, we plan to assess FDIC's controls for managing changes to the approved baseline configurations for the Windows server operating system and addressing software updates from the Microsoft Corporation.

  • Federal Information Security Modernization Act – 2017

The objective is to evaluate the effectiveness of the FDIC's information security program and practices.

Print Print