It is helpful to provide a bit of perspective on the events impacting the results we report in our Annual Performance Reports. The past fiscal year in the OIG was one of significant organizational change as we completed our downsizing efforts and became a much more stable organization.

As our work force evened off at an authorized staffing of 168, we were able to focus intently on our goals and objectives, and to take steps to ensure that, going forward, all remaining and future OIG staff would fully understand our mission, vision, values, and strategic goals and objectives. We needed to be on the same page if we were to effectively carry out our mission and become a results-oriented, high-performance organization that could meet any upcoming challenges.

We worked toward achieving our 34 performance goals and measured our progress at regular intervals. We listened and reacted to feedback from our customers—the Corporation in particular, by way of our fifth external client survey to gauge satisfaction with OIG products, processes, and services. We focused efforts on increasing the value and impact of our work and enhancing communication with corporate officials and other stakeholders. Mindful that human capital is our greatest asset, we developed a Human Capital Strategic Plan and implemented key initiatives that are at the heart of that plan. Two in particular, our Business Knowledge Inventory System and Key Competencies Project, are currently guiding our performance management and training and development activities.

I am very pleased that we are reaping the benefits of our focused efforts to address our performance goals this year. We made very good progress—meeting or substantially meeting 79 percent of our goals in four strategic areas: Value and Impact, Communications and Outreach, Human Resources, and Productivity.

While we are proud of these accomplishments, we are not yet fully satisfied. We are continuing efforts to become a better organization and improve performance. As evidenced by our inclusion of this performance report as a separate but integral part of our widely distributed semiannual report to the Congress, we underscore the importance of transparency and accountability for our efforts as public servants.

As we commemorate the 25th anniversary of passage of the Inspector General Act of 1978, we recommit to our mission of assisting and augmenting the FDIC’s contribution to stability and public confidence in the nation’s financial system. We continue to establish challenging goals for the future and will work tirelessly to achieve the best possible results.

Relationship to the FDIC’s Annual Report
To help streamline its reporting process, the FDIC redesigned its Annual Report for 2002 by combining its GPRA Program Performance Report, Chief Financial Officers Act Report, and traditional Annual Report. The Performance Results section of the combined report presents and summarizes the Corporation’s performance against its annual performance goals. The Corporation’s annual performance goals address its mission to “Contribute to the stability and public confidence in the nation’s financial system” under four strategic goals: (1) Insured depositors are protected from loss without recourse to taxpayer funding; (2) FDIC-supervised institutions are safe and sound; (3) Consumers’ rights are protected and FDIC-supervised institutions invest in their communities; and (4) Recovery to creditors of receiverships is achieved. We believe that accomplishing the OIG’s strategic and annual goals and objectives contributes to the Corporation’s achievement of its mission and goals and objectives.

The requirement for an annual performance report under the Results Act applies to the agency as a whole rather than to the OIG as a separate component. However, because of the unique mission and independent nature of Inspectors General under the Inspector General Act, we have prepared separate strategic and annual plans and reports, rather than integrating OIG goals and results into the Corporation’s plans and reports.

Relationship to the OIG Semiannual Report to the Congress
Annual performance reports of OIGs prepared under the Results Act differ from semiannual reports of OIGs prepared under the Inspector General Act. The two reports differ with respect to the time periods covered (12 months vs. 6 months) and the specific reporting requirements. However, because both types of reports present OIG accomplishments to the Congress, the annual performance report is included as a separate but integral component of the semiannual report that coincides with the end of our fiscal year. Beginning with FY 2003, our annual performance report will be included with our semiannual report to the Congress covering the period ending September 30.

Statistical Summary of Performance Against Annual Goals

The previous table indicates that we met or substantially met 27 of our 34 goals (79 percent) for 2003. Performance cannot be evaluated based solely on a statistical summary of measures – given that all measures are not equal in weight and the quality of the measures is still evolving.

For the previous reporting period of 2002 (a 9-month period from January to September to facilitate transitioning from a calendar year to a fiscal year performance reporting cycle), we had an 88 percent level of achievement of goals met or substantially met (see table on page 83). However, our performance statistics for FY 2003 are not directly comparable to the previous year’s performance results because this year’s goals differ somewhat from last year’s goals. We updated our Strategic Plan Framework, and some annual goals have been added, combined, or dropped. Most notably, we added a strategic goal related to human capital and five human capital-related annual goals.

A summary discussion of our performance and areas needing improvement is presented in the Performance Overview section.

OIG Resources

Note 1 – Includes OIG office-wide planning, budgeting, accounting, legal support, personnel services, IT support, policy analysis, congressional relations, and independent quality assurance.
Note 2 – In addition, contractor support equivalent to 16 staff positions is expected to be used during FY 2003.

Performance Overview

Strategic Goal 1: OIG Products Add Value and Achieve Significant Impact
We met 7 of our 11 goals under Strategic Goal 1. Performance substantially exceeded the target for two goals. We issued 47 audit and evaluation reports, which was significantly above the target of 34 reports. Also, our Office of Investigations achieved a 14 to 1 financial benefits return ($93.8 million) on operating costs ($6.8 million); this significantly exceeded the 3 to 1 target ratio.

We achieved mixed results on three goals related to improving client satisfaction with our core mission areas of audits, evaluations, and investigations. Based on the results of our 2003 client survey, senior executive satisfaction ratings increased by 13 percent over the 2002 ratings for our audit function, decreased by 4 percent for our investigation function, and decreased by 28 percent for our evaluation function. We are developing action plans to address specific issues and concerns as well as other opportunities for improvement identified in the client survey report.

Strategic Goal 2: Communication Between the OIG and Stakeholders Is Effective
We met 5 of our 6 performance goals under Strategic Goal 2. Of particular note, FDIC senior executive satisfaction ratings for OIG communication efforts increased by 38 percent over the previous year, well exceeding our goal for a 10-percent increase. We attribute this rise to our increased efforts to communicate and meet regularly with FDIC divisions and offices to discuss our ongoing work. We have also continued our strong cooperative relationships with other stakeholders, including the Congress, the General Accounting Office, and other federal regulators, through meetings and participation in joint projects and other activities. However, we did not fully complete our goal to conduct an employee survey of our own employees. We have targeted the completion of this goal as a priority in FY 2004.

Strategic Goal 3: OIG Will Its Align Its Human Resources to Support the OIG Mission
We met or substantially met 4 of our 5 human capital goals under Strategic Goal 3. During this fiscal year, we developed the OIG Business Knowledge Inventory System (BKIS), which will enable us to create a valuable database of business knowledge and skills of OIG employees and to determine where knowledge gaps may exist. We also completed an initiative to identify and validate core competencies for each OIG position and integrate them into the Performance Management Program. This initiative is a key effort under the OIG’s Human Capital Strategic Plan and is another step in the OIG’s quest to be a high-performance, results-oriented organization.

Strategic Goal 4: OIG Will Effectively Manage Its Resources
We met 11 of 12 goals under Strategic Goal 4. Performance substantially exceeded the target for two goals. We exceeded our goal to achieve 100 actions from investigative cases in FY 2003 by 60 percent. In addition, we reduced the average time to issue our audit and evaluation reports from 273 days for 2002 reports to 223 days for FY 2003 reports.

Performance by Strategic Goal Area

APG 1.0.1 – Complete assignments and issue reports with useful information or recommendations in 15 of the 22 OIG-identified corporate risk areas

As shown in the following graph, we met this goal. During the fiscal year, we issued 47 audit and evaluation reports that covered 15 of the 22 OIG-identified risk areas.

We did not conduct work in the following areas: (1) coordination of financial services regulation at State, national, and international level, (2) receivership termination process, (3) receivership legal support, (4) enterprise architecture management, (5) facilities management, (6) human capital, and (7) performance management.

Met

[D]

• Insurance, Supervision, and Consumer Affairs
  - Insurance Risk Management and Dissemination of Industry Data
  - Institution Risk Management
  - Supervisory Action and Enforcement
  - Protection and Promotion of Consumer Interests
  
• Resolutions, Receiverships, and Legal Services
  - Least-Cost Resolution
  - Deposit Insurance Determinations
  - Receivership Operations
  
• Information Assurance
  - Information Security
  - Information Technology Management and Organization
  - Information Technology Planning and Investment Control
  - System and Data Integrity
  
• Resource Management
  - Procurement Functions
  - Contractors
  - Financial Accountability
  - Physical Security
  

APG 1.0.2 – 80 percent of the total number of audit and evaluation projects targeted for completion in FY 2003 will be completed and result in reports issued containing useful information and recommendations

As shown in the following graph, we met this goal. During the fiscal year, 47 audit and evaluation reports containing useful information and recommendations were issued. This represents 112 percent of the 42 assignments planned for completion during the year. This percentage is significantly above the target of 80 percent.

Met

[D]

APG 1.0.3 – The ratio of financial benefits to total audit and evaluation operating costs will increase over the ratio in the Transition Year 2002 base period

We met this goal. During the fiscal year, audit and evaluation financial benefits were $2,552,572 and operating costs were $13,104,640 for a financial benefit-to-cost ratio of 0.195 to 1, or a return of 19.5 cents on the dollar. This ratio represents an increase over the transition year 2002 base period ratio of 0.189 to 1, or a return of 18.9 cents on the dollar. (The transition period ratio was based on financial benefits of $2,289,863 and operating costs of $12,115,963 during the base period’s 9 months from January 1 through September 30, 2002.)

It should be noted that this measure does not consider the numerous benefits resulting from audits and evaluations when a dollar amount is not reasonably estimable or the deterrent effect of our work results in avoiding fraud, waste, abuse, and mismanagement.

(Note: For purposes of calculating this goal, audit and evaluation operating costs do not include OIG “overhead” costs incurred outside the Office of Audits.)

APG 1.0.4 – 80 percent of recommendations will be dispositioned within 12 months of report issuance

As shown in the following graph, we did not meet this goal. The total number of recommendations included in audit and evaluation reports issued from April 1, 2002 to September 30, 2002 was 81. (We did not track disposition of recommendations prior to April 1.) As of September 30, 2003, 47 of these recommendations, or 58 percent, were dispositioned within 12 months of report issuance. This is below the target percentage of 80 percent. The disposition percentage was below the target percentage because of the following factors: (1) the offices and divisions revised their corrective action closure (CAC) dates; (2) CAC dates were scheduled over 12 months after issuance, and (3) the OIG did not receive CAC support documentation from divisions and offices as requested for tabulation.

Not Met

[D]

APG 1.0.5 – Achieve a level of FDIC senior executive client satisfaction with the audit function 10 percent above the level achieved in the general client survey for 2001 (survey report issued in 2002) up to a sustaining level of 80 percent of the maximum score

As shown in the graph below, we met this goal. The 2003 senior executive client satisfaction rating for the audit function was 2.65, which represents a 14.2 percent increase from the 2001 baseline rating of 2.32. This exceeded our target for a 10-percent increase.

Met

[D]

APG 1.0.6 – Achieve a level of FDIC senior executive client satisfaction with the evaluation function 10 percent above the level achieved in the general client survey for 2001 (survey report issued in 2002) up to a sustaining level of 80 percent of the maximum score

As shown in the graph below, we did not meet this goal. The 2003 senior executive client satisfaction rating for the evaluation function was 2.72, which represents a 28 percent decrease from the 2001 baseline rating of 3.78. One possible reason for the decline, as suggested in the client survey report, was the integration of the evaluation function into the Office of Audits in 2001. As a result, senior level executives in the Corporation may have perceived a blurring of the lines between the audit and evaluation functions. This perception is supported by the survey results, which saw the evaluation ratings aligning more closely with the audit ratings.

Not Met

[D]

APG 1.0.7 – 80 percent of closed cases will result in either reports to management, criminal convictions,

civil actions, administrative actions, or a combination of these elements

Not Met

[D]

APG 1.0.8 – 70 percent of cases accepted for prosecution will result in convictions, pleas, and/or settlements

As shown in the following graph, we met this goal. During the year, 13 of 17 cases (76 percent) that had been accepted for prosecution and closed in FY 2003 resulted in convictions, pleas, and/or settlements.

Met

[D]

APG 1.0.10 – Achieve a level of FDIC senior executive client satisfaction with the investigation function 10 percent above the level achieved in the general client survey for 2001 (survey report issued in 2002) up to a sustaining level of 80 percent of the maximum score

As shown in the graph below, we did not meet this goal. The 2003 senior executive client satisfaction rating for the investigation function was 2.98, which represents a 3.9 percent decrease from the 2001 baseline rating of 3.10. Despite the decrease, it should be noted that the investigation function received the highest overall rating of our three core business functions for 2003.

Not Met

[D]

APG 1.0.11 – Provide useful information and analysis on corporate risks, planning, performance, policies, and directives within timeframes that are responsive to corporate needs

• Reviewed and commented on 86 proposed FDIC policies and provided substantive policy suggestions on such matters as security policies and procedures for FDIC contractors and subcontractors, access control, reporting computer security incidents, and the FDIC’s software configuration management policy;
  
  
• Participated in the Corporation’s Risk Management Examination Process Redesign III initiative;
  
  
• In the spirit of the Reports Consolidation Act of 2000, identified and provided to the Chief Financial Officer a risk-based assessment of the most significant management and performance challenges facing the Corporation;
  
  
• Provided to the Chief Operating Officer comments on the Corporation’s draft Emergency Response Plan;
• Participated in an advisory capacity on the Information Technology Subcommittee of the Audit Committee;
  
  
• Participated on a corporate team developing a presentation for the FDIC’s October 2003 symposium on “Why Banks Fail”;
  
  
• Adapted and presented training modules identifying “Red Flags of Fraud” to various FDIC audiences;
  
  
• Worked with the Division of Resolutions and Receiverships to identify potential problems that can arise at bank closings with regard to preservation of evidence, in particular computer evidence;
  
  
• Provided advisory comments to management on the FDIC’s 2003 Annual Performance Plan and 2002 Annual Report;
  
  
• Provided the Corporation with an updated risk analysis document on the Quality of Bank Financial Reporting and Auditing and Corporate Governance;
  
  
• Completed an annual review of the Corporation’s Internal Control and Risk Management Program and issued a “comfort letter” to the Chairman; and
  
  
• Coordinated with the Legal Division on several parallel proceedings and on discovery and related matters on numerous law suits.

Strategic Goal 2: Communication Between the OIG and Stakeholders Is Effective Overall, we met 5 of our 6 performance goals under our communications strategic goal. These six goals are further discussed below.

APG 2.1.1 – Promote effective corporate communications and relations by sponsoring or actively participating in various activities including quarterly meetings, conferences, seminars, task forces, and training

• Established and filled a Communications Manager position;
  
  
• Co-sponsored a symposium on emerging issues for the financial regulatory agencies;
  
  
• Hosted an interagency symposium on the Federal Information Security Management Act for attendees from 44 federal agencies;
  
  
• Served as an advisor to the Risk Management Examination Process Redesign II Team for streamlining the examination process that won the 2002 Chairman’s Excellence Award for Group or Team Contributions;
  
  
• Participated in internal corporate conferences and forums, including the FDIC Advisory Board Meeting, the FDIC Senior Management Leadership Conference, and the FDIC/DOJ Bank Fraud Conference;
  
  
• Participated in quarterly meetings with Division of Supervision and Consumer Protection (DSC) Field Office Supervisors and division heads to discuss current and planned work and efforts toward resolving open issues;
  
  
• Gave presentations at DSC Commissioned Examiner Seminars to foster a better understanding of OIG work;
  
  
• Attended the Office of Thrift Supervision’s Interagency IT Security Conference for Dallas Region financial institutions;
  
  
• Made a presentation at an Institute of Internal Auditors’ event entitled “The Mission of the Inspector General Community: Past, Present and Future;”
  
  
• Issued quarterly reports to DSC, the Division of Resolutions and Receiverships (DRR), Legal Division, and the Chairman’s Office on activity and results of our investigations involving closed banks, open banks, and asset and debt cases;
  
  
• Worked with DSC, DRR, and the Legal Division in developing training programs and modules to help identify “Red Flags of Fraud” and similarities found in fraud-related failures;
  
  
• Worked with DRR to develop procedures to help preserve potential computer-related and other evidence bank closings;
  
  
• Met with DSC and DRR management teams in three different field offices, as part of an overall investigative strategy to meet with all the new field managers put in place since FDIC restructured its field operations;
  
  
• Provided OIG Weekly Highlights Reports to the Chairman;
  
  
• Spoke at a national conference for the banking industry;
  
  
• Met with Office of Legislative Affairs representatives periodically to ensure effective corporate communications and relations;
  
  
• Joined the Corporate Human Resources Information System steering committee;
  
  
• Provided feedback on a Division of Administration plan for added on-line training;
  
  
• Attended the biweekly staff meetings of the Associate Director for the Corporation’s Human Resource Branch; and
  
  
• Participated in the FDIC’s Time and Attendance Cost Benefit Analysis Working Group.

APG 2.1.2 – Achieve a level of FDIC senior executive client satisfaction with OIG communications efforts 10 percent above the level achieved in the general client survey for 2001 (survey report issued in 2002) up to a sustaining level of 80 percent of the maximum score

As shown in the graph below, we met this goal. The 2003 senior executive client satisfaction rating for OIG communications was 3.02, which represents a 37.9 percent increase from the 2001 baseline rating of 2.19.

Met

[D]

APG 2.2.1 – Congressional committees and staff will benefit from information and mutual communication regarding OIG work and emerging issues via personal briefings and discussions, periodic update documents, and reports

• Published the October 2002 and April 2003 OIG Semiannual Reports to the Congress;
  
  
• The Inspector General met with congressional staff and kept them informed of OIG work and FDIC issues through personal briefings, individual reports, or summaries of activities;
  
  
• Completed and timely reported on material loss reviews of the failures of (1) Connecticut Bank of Commerce, Stamford, Connecticut and (2) Southern Pacific Bank of Torrance, California;
  
  
• Responded to a U.S. Senator’s inquiry related to the Division of Information Resources Management’s out-sourcing of some of its mainframe production control and computer operations (Data Center) positions;
  
  
• Provided information to the House Committee on Financial Services regarding possible legislative remedies needed to address the problem of misrepresentation of FDIC affiliation;
  
  
• Provided congressional briefings to the Senate Banking and House Financial Services Committee staff;
  
  
• Provided legislative proposals to House Financial Services Committee staff that were incorporated into proposed legislation;
  
  
• Sent audit and evaluation reports to key congressional staff to provide information and promote communication; and
  
  
• Attended key congressional hearings to foster effective relationships and stay abreast of emerging issues.

APG 2.3.1 – An OIG Employee Advisory Group will meet regularly to serve as facilitator of communications among OIG staff and as a channel to advise OIG management regarding employee relations

APG 2.3.2 – Conduct an employee survey to establish a baseline for employee satisfaction and to develop strategies to address survey results

We did not meet this goal. We used a competitive process to select an independent consultant to both conduct our external client survey and provide assistance in conducting our OIG employee survey. Due to competing year-end priorities and in view of the limited time available after completion of the client survey, we were unable to conduct the employee survey during this fiscal year. We have targeted the completion of the employee survey as a priority for FY 2004.

APG 2.4.1 – Promote effective communications and relations with other OIG stakeholders to include participating in PCIE activities and meeting quarterly with other federal regulators and representatives of the U.S. General Accounting Office

We met this goal. As the Vice Chair of the President’s Council on Integrity and Efficiency (PCIE), the Inspector General chaired monthly PCIE meetings and welcomed guest speakers from OMB, GAO, the Administration, and other OIGs to discuss issues related to the IG community. The Inspector General maintained active involvement in the development of a legislative package for possible consideration by the 108th Congress and spearheaded an effort to identify ways to commemorate the 25th anniversary of the IG Act. He also continued a variety of initiatives including (1) preparing the PCIE and ECIE annual progress report to the President, (2) assisting with the annual PCIE/ECIE conference and awards program, and (3) representing the PCIE as a speaker or presenter in various conferences, meetings, and foreign visitor programs, including government officials from the Dominican Republic, Thailand, and Poland.

• The Assistant Inspector General for Quality Assurance and Oversight served as chairman of a committee to update the PCIE’s Quality Standards for Federal Offices of Inspector General.
  
  
• Met quarterly with other federal regulatory IGs to address matters of mutual concern;
  
  
• Met with GAO representatives to discuss various projects and issues affecting the FDIC as well as the OIG;
  
  
• Participated in monthly PCIE GPRA Roundtable Meetings regarding current GPRA-related issues;
  
  
• Participated in the FDIC 2002 Financial Statement Audit with GAO and continued a dialogue regarding the FDIC OIG’s future role in this review;
  
  
• Participated in the Accelerated Financial Statement Reporting Audit Working Group (included the FDIC, U.S. Postal Service, Environmental Protection Agency, and Department of Defense OIGs);
  
  
• Met with counterparts at the Treasury and Federal Reserve to coordinate current joint audit work and audit work to be done in the coming year;
  
  
• Continued to participate in the Federal Audit Executive Council (FAEC);
  
  
• Coordinated “best practices” for resolution and disposition policies and procedures with the OIGs at the Department of Education and Pension Benefit Guaranty Corporation;
  
  
• Coordinated “best practices” for communication of significant recommendations to management with the Treasury OIG;
  
  
• The Assistant Inspector General for Investigations (AIGI) and his deputy actively participate in PCIE meetings of AIGIs and in the monthly meetings of the interagency Bank Fraud Working Group;
  
  
• Met with the Chief of the FBI’s Financial Fraud Unit; and
  
  
• Attended meetings of the Council of Counsels to the Inspectors General and Interagency Ethics Council, and a conference sponsored by the U.S. Office of Government Ethics.

Strategic Goal 3: OIG Will Align Its Human Resources to Support the OIG Mission Overall, we met or substantially met 4 of our 5 human capital-related goals. These five goals are further discussed below.

APG 3.1.1 – Prepare inventories of existing workforce knowledge and workforce knowledge needed, and identify gaps in knowledge needed to accomplish future work

We substantially met this goal. We prepared an inventory of existing business knowledge and skills needed by the OIG workforce. This inventory was created by researching other efforts in the federal government and through input from the entire OIG workforce. As a result, we created the OIG Business Knowledge Inventory System (BKIS). BKIS enables the OIG to create a valuable database of business knowledge of OIG employees and determine where knowledge gaps may exist. The BKIS was administered to all OIG employees during March 2003. In August 2003, OIG executives were briefed on the BKIS results and detailed analyses were provided to each executive and designated managers for their review and analysis in preparing business strategies for any knowledge/skill gaps. Summary results of the briefing were also provided to OIG staff. OIG offices are continuing to review the data, determine the workforce knowledge needed, and identify gaps in knowledge/skills needed to accomplish future work.

APG 3.1.2 – Identify and link competencies needed for every OIG position and align with job descriptions and position selecting factors

We substantially met this goal. During this fiscal year, we completed an initiative to identify and validate core competencies for each OIG position and integrate them into the Performance Management Program (PMP). This initiative is a key effort under the OIG’s Human Capital Strategic Plan and is another step in the OIG’s quest to be a high-performance, results-oriented organization. Earlier in the year, the OIG entered into a contract with Personnel Decisions Research Institute, Inc. (PDRI) to (1) identify competencies for all OIG positions, (2) use the identified competencies to revise OIG performance criteria for each OIG position, and (3) incorporate the new competencies into OIG position descriptions. PDRI worked with the OIG’s executive group to develop a core competency model; refined the model in workshops that represented the OIG work force; and surveyed all OIG employees to ascertain the job relatedness and importance of the competencies and associated performance criteria to their positions. Based on the results of the validation survey, OIG executives approved the use of the core competencies for the 2003-2004 cycle of the PMP. In September, OIG supervisors were trained on using the competencies and performance criteria in the PMP. The OIG continues its work to align the key competencies with position descriptions and position selection factors.

APG 3.2.1 – Develop strategies for closing the identified workforce knowledge gaps, including training, developmental assignments, recruitment and hiring, and contracting

We did not meet this goal. As discussed in APG 3.1.1, the OIG Business Knowledge Inventory System (BKIS) enables the OIG to create a valuable database of business knowledge of OIG employees and determine where knowledge gaps may exist. In August 2003, OIG executives were briefed on the BKIS results and detailed analyses were provided to each executive and designated managers for their review and analysis in preparing business strategies to address any business knowledge and skills gaps. However, because the action plans identifying these strategies had not been completed by the end of the fiscal year, we did not consider this goal met.

APG 3.3.1 – Identify OIG leadership competencies that are consistent with a results-oriented, high-performance culture that effectively manages human capital

We met this goal. Accomplishment of this goal is incorporated in the Competency Project discussed in APG 3.1.2. The OIG adopted “Leads Effectively” as a key competency for its supervisors. The adopted competency includes related performance criteria for creating and maintaining a high-performance climate where all employees are challenged and encouraged to achieve excellence.

APG 3.4.1 – Better align performance criteria and expectations and rewards/consequences with accomplishing the OIG strategic mission and goals

We substantially met this goal. The OIG will implement the FDIC Corporate Success Awards program, which better aligns staff contributions to pay decisions. In June 2003, each OIG employee received an explanation of the award criteria and the relationship between their work contributions and corporate and OIG strategic goals. Additionally, the OIG has adopted a key competency model which aligns performance criteria with OIG strategic mission and goals. These criteria are similar to the criteria that will be used for the Corporate Success Award decisions. Consequently, rewards and recognition for performance and contributions will be better aligned with accomplishing the OIG strategic mission and goals.

Strategic Goal 4: OIG Will Effectively Manage Its Resources Overall, we met 11 of our 12 performance goals related to this strategic goal. These 12 goals are discussed below.

APG 4.1.1 – Maintain the fiscal year 2002 baseline of average elapsed calendar days to produce final reports for audit and evaluation assignments

As shown in the following graph, we met this goal. During fiscal year 2003, we issued 47 audit and evaluation reports. The average elapsed time to issue these reports was 223 days, which is 50 days less than the baseline average of 273 days.

Met

[D]

APG 4.1.2 – Reduce to less than 10 percent the number of audit and evaluation assignments ongoing over 1 year

As shown in the following graph, we met this goal. Of 16 audit and evaluation assignments ongoing at the end of the fiscal year, none was over 1 year old.

Met

[D]

APG 4.1.3 – Reduce the ratio of Office of Audits’ operating costs to reports issued so that the average cost ratio is less than the 2002 baseline year’s cost ratio

As shown in the following graph, we met this goal. For fiscal year 2003, the ratio of the Office of the Audits’ (OA) operating costs to audit and evaluation reports issued was $278,822 per report (based on 47 reports issued and OA operating costs during the period of $13,104,640). This compares favorably to the 2002 baseline year’s ratio of $310,666 per report (based on 39 reports issued and operating costs of $12,115,963).

Met

[D]

APG 4.1.4 – 70 percent of active cases that have been open over 1 year will be referred and accepted for prosecution

As shown in the following graph, we met this goal. Of 57 active cases that had been open over 1 year as of September 30, 2003, 40 cases or 70 percent have been referred and accepted for prosecution.

Met

[D]

APG 4.1.5 – 90 percent of employee cases that have either no criminal prosecution potential or have been declined for prosecution will be completed in less than 6 months

As shown in the following graph, we met this goal. During the fiscal year, 7 of 7 employee cases (100 percent) that had either no criminal prosecution potential or had been declined for prosecution were completed in less than 6 months.

Met

[D]

APG 4.1.6 – 90 percent of investigative reports will be issued within 30 days, and 100 percent of investigative reports will be issued within 60 working days, after completion of the case

As shown in the following graph, we met this goal. During the fiscal year, 45 Reports of Investigation were issued. All 45 reports, or 100 percent, were issued within 30 working days of case completion.

Met

[D]

APG 4.1.7 – 100 investigative actions will result from Office of Investigations cases during the year

As shown in the following graph, we met this goal. During fiscal year 2003, 160 actions resulted from investigative cases. This is significantly above the target of 100 actions.

Met

[D]

APG 4.1.8 – Legal services are provided within applicable timeframes 90 percent of the time

As shown in the following graph, we met this goal. During the fiscal year, the Counsel’s Office provided legal services (subpoenas; FOIA and Privacy Act requests; reviews of legislation, regulations, and FDIC and OIG procedures) on 72 occasions. One hundred percent of these legal services were provided within applicable timeframes. In addition, all litigation and other known similar deadlines were met.

Met

[D]

APG 4.2.1 – Perform four (4) internal quality control reviews of audit and evaluation operations

We met this goal. We completed six internal quality control reviews (QCR) of an Office of Audits (OA) operation during FY 2003: (1) a QCR of Continuing Professional Education Credits; (2) an Internal Control Review of the OA accountability unit; (3) a QCR of Terminated Assignments; (4) a QCR of the Information Assurance Directorate; (5) an Analysis of OA Draft Report Cycle Times; and (6) a QCR of the Resources Management Directorate.

APG 4.2.2 – Achieve a result of zero (0) material instances of noncompliance with Government Auditing Standards as identified in internal quality control reviews

We met this goal. We did not identify a material instance of noncompliance with Government Auditing Standards during the course of performing our internal quality control reviews.

APG 4.2.3 – Office of Investigations will conduct internal operational reviews of the 3 major investigative offices every 12 months and resolve significant matters identified

We met this goal. During the fiscal year, internal operational reviews were conducted at the three major investigative offices. There were no significant matters identified during the reviews.

APG 4.2.4 – Conduct an independent quality review of the operations of another IG office under the auspices of the PCIE community

We did not meet this goal. Our external peer review of the Department of Commerce OIG was originally scheduled to begin in June; however, the start date was delayed until August pending completion by the Department of Commerce OIG of its internal quality reviews. As a result, we do not expect to issue a draft report on the peer review until November 2003 and a final report until December 2003.

Index of Reporting Requirements - Inspector General Act of 1978, as amended

The Inspector General Act defines the terminology and establishes the reporting requirements for the identification and disposition of questioned costs . in audit reports. To understand how this process works, it is helpful to know the key terms and how they relate to each other.

The first step in the process is when the audit report identifying questioned costs is issued to FDIC management. Auditors question costs because of an alleged violation of a provision of a law, regulation, contract, grant, cooperative agreement, or other agreement or document governing the expenditure of funds. In addition, a questioned cost may be a finding in which, at the time of the audit, a cost is not supported by adequate documentation; or, a finding that the expenditure of funds for the intended purpose is unnecessary or unreasonable.

The next step in the process is for FDIC management to make a decision about the questioned costs. The Inspector General Act describes a “management decision” as the final decision issued by management after evaluation of the finding(s) and recommendation(s) included in an audit report, including actions deemed to be necessary. In the case of questioned costs, this management decision must specifically address the questioned costs by either disallowing or not disallowing these costs. A “disallowed cost,” according to the Inspector General Act, is a questioned cost that management, in a management decision, has sustained or agreed should not be charged to the government.

Once management has disallowed a cost and, in effect, sustained the auditor’s questioned costs, the last step in the process takes place which culminates in the “final action.” As defined in the Inspector General Act, final action is the completion of all actions that management has determined, via the management decision process, are necessary to resolve the findings and recommendations included in an audit report. In the case of disallowed costs, management will typically evaluate factors beyond the conditions in the audit report, such as qualitative judgments of value received or the cost to litigate, and decide whether it is in the Corporation’s best interest to pursue recovery of the disallowed costs. The Corporation is responsible for reporting the disposition of the disallowed costs, the amounts recovered, and amounts not recovered.

Except for a few key differences, the process for reports with recommendations that funds be put to better use is generally the same as the process for reports with questioned costs. The audit report recommends an action that will result in funds to be used more efficiently rather than identifying amounts that may need to be eventually recovered. Consequently, the management decisions and final actions address the implementation of the recommended actions and not the disallowance or recovery of costs.

This table shows the corrective actions management has agreed to implement but has not completed, along with associated monetary amounts. In some cases, these corrective actions are different from the initial recommendations made in the audit reports. However, the OIG has agreed that the planned actions meet the intent of the initial recommendations. The information in this table is based on (1) information supplied by the FDIC’s Office of Internal Control Management (OICM) and (2) the OIG’s determination of closed recommendations for reports issued after March 31, 2002. These 28 recommendations from 6 reports involve monetary amounts of over $5.7 million. OICM has categorized the status of these recommendations as follows:

Management Action in Process: (9 recommendations from 4 reports)
Management is in the process of implementing the corrective action plan, which may include modifications to policies, procedures, systems or controls; issues involving monetary collection; and settlement negotiations in process.

Litigation: (19 recommendations from 2 reports, $5.7 million)
Each case has been filed and is considered “in litigation.” The Legal Division will be the final determinant for all items so categorized.

Management Action In Process Report Number, Title & Date Significant Recommendation Number Brief Summary of Planned Corrective Actions and Associated Monetary Amounts EVAL-01-002 FDIC’s Background Investigation Process for Prospective and Current Employees August 17, 2001 3 Re-designate position sensitivity levels for examiner positions to reflect their public trust responsibilities. EVAL-01-002 FDIC’s Background Investigation Process for Prospective and Current Employees August 17, 2001 4 Alert the Security Management Section of all personnel assignments to positions where users have access to sensitive computer systems or data. 01-024 FDIC’s Identification of and Accounting for Unclaimed Deposits Transferred to State Unclaimed Property Agencies December 5, 2001 1 Update both the Unclaimed Deposits Reporting System and the Corporate Accounts Receivable Management System with all unclaimed deposits that the FDIC transferred to state unclaimed property agencies and ensure that the two systems agree. 02-023 Internal and Security Controls Related to the General Examination System (GENESYS) July 31, 2002 3 Discontinue the practice of using shared or office-wide passwords when accessing GENESYS to conduct safety and soundness examinations. 02-035 Information Security Management of FDIC Contractors September 30, 2002 1 Develop additional policies and procedures for the consideration of information security in acquisition planning. 02-035 Information Security Management of FDIC Contractors September 30, 2002 2 Develop policies and procedures to ensure that the appropriate information security requirements are incorporated into information services contracts. 02-035 Information Security Management of FDIC Contractors September 30, 2002 3 More clearly define oversight manager roles and responsibilities for contractor security. 02-035 Information Security Management of FDIC Contractors September 30, 2002 4 Develop the capability of oversight managers to monitor security practices by providing adequate guidance and training on security oversight and security evaluation. 02-035 Information Security Management of FDIC Contractors September 30, 2002 6 Require oversight managers to inform the contractors of their roles and responsibilities for information security; and observe and document contractor security practices.

Supervision and Insurance Audit Report Number & Date Audit Report Title Total Questioned Costs Unsupported Questioned Costs Funds Put to Better Use 03-036 August 14, 2003 Material Loss Review of the Failure of Southern Pacific Bank, Torrance, California 03-037 September 5, 2003 The FDIC’s Implementation of the USA PATRIOT Act 03-038 September 12, 2003 The Role of Prompt Corrective Action (PCA) as Part of the Enforcement Process EVAL-03-042 September 25, 2003 Business Continuity Planning at FDIC Supervised Institutions EVAL-03-044 September 26, 2003 FDIC’s Progress in Implementing the Gramm-Leach-Bliley Act, Title V – Privacy Provisions Resolution, Receivership, and Legal Services Audit Report Number & Date Audit Report Title Total Questioned Costs Unsupported Questioned Costs Funds Put to Better Use 03-029 April 17, 2003 The Division of Resolutions and Receiverships’ Resolution and Management of Credit Card Portfolios 03-039 September 12, 2003 Division of Resolutions and Receiverships’ Asset Valuations at Specific Closings 03-041 September 17, 2003 Insurance Determination Claims Process Information Assurance Audit Report Number & Date Audit Report Title Total Questioned Costs Unsupported Questioned Costs Funds Put to Better Use 03-028 April 14, 2003 Phase III Trusted Information System Review 03-030 June 5, 2003 Remote Access Systems Review 03-031 July 18, 2003 FDIC’s Implementation of Its Information Security Strategic Plan EVAL-03-032 July 18, 2003 Life-Cycle Management of Information Technology Assets 03-035 August 21, 2003 Security Patch Management Review 03-040 September 17, 2003 Independent Evaluation of the FDIC’s Information Security Program - 2003 03-043 September 26, 2003 Follow-up Audit of Information Security Management of FDIC Contractors 03-045 September 29, 2003 New Financial Environment Scope Management Controls Resources Management Services Audit Report Number & Date Audit Report Title Total Questioned Costs Unsupported Questioned Costs Funds Put to Better Use 03-047 September 30, 2003 Contract Terms and Oversight Management Related to ARAMARK Services, Inc., Contract Number 00-00611-C-J3 $32,000 $1,175,321 Post-award Contract Audits Audit Report Number & Date Audit Report Title Total Questioned Costs Unsupported Questioned Costs Funds Put to Better Use 03-033 July 31, 2003 Post-award Contract Review $35,916 03-034 August 1, 2003 Post-award Contract Review $39,825 03-046 September 30, 2003 Post-award Contract Review $9,375 $9,375 TOTALS FOR THE PERIOD Audit Report Number & Date Audit Report Title Total Questioned Costs Unsupported Questioned Costs Funds Put to Better Use TOTALS FOR THE PERIOD $117,116 $9,375 $1,175,321 Table 1.3: Audit Reports Issued with Questioned Costs Item Number of Questioned Costs Total Questioned Costs Unsupported Questioned Costs A. For which no management decision has been made by the commencement of the reporting period. 3 $314,357 0 B. Which were issued during the reporting period. 4 $117,116 $9,375 Subtotals of A & B 7 $431,473 $9,375 C. For which a management decision was made during the reporting period. 6 $422,098 0 (i) dollar value of disallowed costs. 4 $372,606 0 (ii) dollar value of costs not allowed. 3 $49,492 0 D. For which no management decision has been made by the end of the reporting period. 1 $9,375 $9,375 Reports for which no management decision was made within 6 months of issuance. 0 0 0 The one report included on the line for costs not disallowed is also included on the line for costs disallowed because management did not agree with some of the questioned costs. Management response not due until December 1, 2003, for one report with questioned costs totaling $9,375. Table I.4 Audit Reports Issued with Recommendations for Better Use of Funds Item Number Dollar Value A. For which no management decision has been made by the commencement of the reporting period. 1 $781,140 B. Which were issued during the reporting period. 1 $1,175,321 Subtotals of A & B 2 $1,956,461 C. For which a management decision was made during the reporting period. 2 $1,956,461 (i) dollar value of recommendations that were agreed to by management. 2 $871,140 - based on proposed management action. 2 $871,140 - based on proposed legislative action. 0 0 (ii) dollar value of recommendations that were not agreed to by management. 1 $1,085,321 D. For which no management decision has been made by the end of the reporting period. 0 0 Reports for which no management decision was made within 6 months of issuance. 0 0 The one report included on the line for recommendations not agreed to by management is also included on the line for recommendations agreed to by management because management did not agree with some of the funds put to better use. Table I.5: Status of OIG Recommendations Without Management Decisions During this reporting period, there were no recommendations without management decisions. Table I.6: Significant Revised Management Decisions During this reporting period, there were no recommendations without management decisions. Table I.7: Significant Management Decisions with Which the OIG Disagreed During this reporting period, there were no recommendations without management decisions. Table I.8: Instances Where Information Was Refused During this reporting period, there were no recommendations without management decisions. Abbreviations and Acronyms Term AUSA Assistant United States Attorney BHCA Bank Holding Company Act BIF Bank Insurance Fund CD Certificates of Deposit CFO Chief Financial Officer DIRM Division of Information Resources Management DRR Division of Resolutions and Receiverships DSC Division of Supervision and Consumer Protection EA Enterprise Architecture ECIE Executive Council on Integrity and Efficiency ECT Electronic Crimes Team FBI Federal Bureau of Investigation FDI Act Federal Deposit Insurance Act FDIC Federal Deposit Insurance Corporation FISMA Federal Information Security Management Act of 2002 FSBH First State Bank of Harrah GENESYS General Examination System GISRA Government Information Security Reform Act GLBA Gramm-Leach Bliley Act HCSB Hartford-Carlisle Savings Bank IBM International Business Machines IG Inspector General IRS Internal Revenue Service IT Information Technology ITAMS Information Technology Asset Management System NFE New Financial Environment NIST National Institute of Standards and Technology OCC Office of the Comptroller of the Currency OI Office of Investigations OICM Office of Internal Control Management OIG Office of Inspector General OMB Office of Management and Budget PCA Prompt Corrective Action PCIE President’s Council on Integrity and Efficiency PDD Presidential Decision Directive PKI Public Key Infrastructure Results Act Government Performance and Results Act RTC Resolution Trust Corporation SAIF Savings Association Insurance Fund SCS San Clemente Securities, Inc. SPB Southern Pacific Bank UCC United Custodial Corporation Congratulations to the OIG’s PCIE Award Winners! At the Annual Awards Ceremony of the President’s Council on Integrity and Efficiency (PCIE) and the Executive Council on Integrity and Efficiency ECIE), six awards were given to current and former FDIC OIG staff. We are proud of the accomplishments of the following individuals: Ben Hsiao and Mark Mulholland: For outstanding and innovative leadership and direction of the FDIC OIG’s Security Act/Federal Information Security Management Act evaluation and reporting efforts. Michael Lombardi, Philip Anderson, and John Colantoni: For outstanding leadership of material loss review audit work and reporting at the FDIC OIG. Russell Rau: In recognition of vision, leadership, and initiative in coordinating government-wide efforts in the information security arena. Laurie West: In recognition of outstanding investigative efforts relating to the Hartford-Carlisle Savings Bank Failure Case. Jo Anne King: In recognition of outstanding administrative support provided to PCIE projects and to the Inspector General of the FDIC. Leslee Bollea, Magdaleno Velasquez, and Wayne Gordon: In recognition of outstanding achievement in the timely and professional redesign, compilation, and publishing of the PCIE/ECIE FY 2002 Progress Report to the President. IG and FDIC OIG staff celebrate awards. Back row left to right: IG Gianni, M. Mulholland, R. Rau, P. Anderson, S. Beard, B. Hsiao. Front row left to right; L. Bollea, J. Colantoni, M. Lombardi, J. King. OIG Bids Farewell to Retirees Warren Bush Warren Bush retired after more than 23 years of federal government service. His career included dedicated service as an officer in the U.S. Air Force, as well as over 16 years with the FDIC as both a Liquidation Assistant and Audit Specialist. Warren contributed greatly to the OIG’s work on the annual audits of the FDIC’s Financial Statements. He also assisted in a multi-jurisdictional criminal investigation of BestBank. Wayne Gordon After a distinguished 31-year career in the federal government, the last 25 years of which were dedicated to federal law e