The objective of the audit was to assess the FDICís controls for performing background checks of child care provider personnel working in the FDICís child development centers. As part of the audit, we performed limited procedures to assess building security services related to the child development centers.
The FDICís Division of Administration (DOA) entered into a Memorandum of Understanding (MOU) with the Finding Dreams In Children Child Development Centers, Inc. (CDC) to provide the CDC with space and certain services for two child development centers located in the FDICís headquarters offices. Key services provided by the FDIC under the MOU include building security to help ensure a safe physical environment for the children and background checks to help ensure the suitability of child care provider personnel.
FDIC background checks of child care provider personnel consist of two principal componentsóa preliminary background check and background investigations conducted by the U.S. Office of Personnel Management (OPM) (i.e., OPM investigations). Preliminary background checks are intended to assess whether child care provider personnel meet FDIC requirements for accessing FDIC facilities. OPM investigations are intended to assess whether child care provider personnel are suitable to work in the FDICís child development centers. OPM investigations consist of a National Agency Check with Inquiries (NACI) (i.e., a search of federal investigation databases and other inquiries) and a State History Repository check (i.e., a search of state criminal history repositories), in accordance with the Crime Control Act of 1990.
Controls over background checks of child care provider personnel needed improvement. Importantly, DOA had conducted preliminary background checks on all 57 of the child care provider personnel working in the FDICís child development centers as of January 25, 2008. However, DOA had not ordered a NACI for 26 of the 57 personnel or a State History Repository check for 42 of the 57 personnel as prescribed in the MOU. In addition, DOA had not performed background checks defined in District of Columbia laws and regulations and the laws and regulations of the Commonwealth of Virginia and the County of Arlington for the 57 personnel. Further, although DOA generally provided the CDC with the results of its preliminary background checks, DOA had not provided the CDC with the results of the OPM investigations. Weaknesses in the FDICís background checks increased the risk that a problem involving the suitability of a child care provider employee would go undetected, posing potential safety concerns to the children and reputational risk to the Corporation.
We also identified building security vulnerabilities related to the child development centers warranting managementís attention.
To its credit, DOA took a number of actions to address the weaknesses related to background checks and building security services identified during the audit, and additional actions were underway at the close of our field work.
| Recommendations and Management Response
The report contains five recommendations to strengthen the controls for conducting background investigations and to address the security vulnerabilities identified during the audit. The FDIC concurred with our recommendations and has either completed or planned responsive actions.
This report addresses issues associated with physical security access and with the operations of entities that are not contractors of the FDIC. Accordingly, we do not intend to make public release of the specific contents of the report.