I also would like to acknowledge the four FDIC Chairmen—Ricki Helfer, Skip Hove, Donna Tanoue, and Donald Powell—with whom I have worked during my tenure at the FDIC. Their support and understanding of the IG mission was critical to our success. In addition, I want to especially thank Director Joe Neely (1996 -1998) and Vice Chairman John Reich (2001 to present), who served as Audit Committee Chairmen and who were instrumental in ensuring that appropriate attention was given to our reports. Vice Chairman Reich has been extremely supportive in helping to ensure that my office became more effective within the Corporation, and I am extremely grateful for his efforts on our behalf.
Finally, I want to acknowledge and thank the Office of Management and Budget, my Congressional appropriators, and the House Financial Services and the Senate Banking Committees for their support over the years. Their support has been critical to ensuring that the IG function works as the Congress intended. I have great respect for all of my colleagues in the President’s Council on Integrity and Efficiency and the Executive Council on Integrity and Efficiency and their commitment to the IG mission.
I am confident that my Executive team, under the leadership of my Deputy Inspector General, Patricia Black, will effectively carry on the mission of the OIG at the Corporation until the President selects my successor. It has been my privilege and pleasure to have been a public servant for our federal government. God Bless America!
Gaston L. Gianni, Jr.
United States citizens have recently cast their votes for president and for many other state and local government officials who will lead our Nation. Election Day reminds us of the many freedoms we enjoy and the opportunity afforded voters to shape the future of our country and the world. As public servants, we in the Federal Deposit Insurance Corporation (FDIC) Office of Inspector General (OIG) also feel especially privileged to serve our country by helping to achieve the FDIC mission—maintaining stability and public confidence in the nation’s financial system.
The Corporation will carry out its principal business lines—insuring deposits, examining and supervising financial institutions, and managing receiverships—in an atmosphere of constant change over the coming months. The financial services industry is highly dynamic, and new technologies, financial services, and products are introduced every day. Consolidation in the industry can result in much larger institutions that pose unique supervisory challenges. The Corporation’s operations are also marked by change. The FDIC is refining its internal processes to keep pace with the industry, introducing a New Financial Environment to better meet financial management and information needs, guarding against information security risks, responding to Congressional legislation and concerns regarding anti-money laundering and terrorist financing, engaging contractors to provide needed services, and building a new work site for many FDIC employees. At the same time, the Corporation will be carrying out additional downsizing of up to 12 percent of its 5,300 employees through buyouts, retirements, and reductions in force; cross-training many others; and hoping for Congressional approval of the proposed FDIC Workforce 21 Act of 2004 which would grant the FDIC more personnel flexibility. FDIC people, processes, property, and products will all be greatly impacted, and an environment in such flux is highly vulnerable to both known and unforeseen risk. For the Corporation to be successful during this time of critical change, it will need to devote careful attention to ensuring that the risks are managed and minimized.
In that context, I believe that the OIG has a vital, independent role to play in ensuring that controls are in place and operating to mitigate not only existing risks but new ones as well. I further believe that the working relationship principles outlined by the federal Inspector General community and the Office of Management and Budget and articulated on the inside front cover of this report will continue to serve the FDIC and the OIG well as we carry out our respective responsibilities amidst this changing environment.
Those principles are being embraced at the FDIC. The OIG and the Corporation engage in open communications at all levels and maintain personal and professional respect for one another. We understand the mission and priorities of the Corporation, align our strategic plan and goals with those of the Corporation, and take advantage of every opportunity to communicate the OIG mission and vision to FDIC management and staff. Because of the nature of our audits and investigations, we may take positions and express views that others in the Corporation do not share. However, we duly consider the Corporation’s point of view and are careful to ensure that our work is thorough, objective, and fair, and that our audits and evaluations meet Generally Accepted Government Auditing Standards. We engage the Corporation in frequent dialogue. For example, during the reporting period, we coordinated with FDIC management as we developed our Fiscal Year 2005 Assignment Plan and the management and performance challenges that drive much of our work. We also participated at "Getting to Green" meetings with management to address Federal Information Security Management Act related issues and partnered with the Corporation on investigative activities targeting financial institution fraud, concealment of assets, consumer protection, and employee integrity issues.
In line with the principles, the OIG is also very focused on human capital and the knowledge and skills the OIG needs to add utmost value to FDIC programs and operations. Our highly qualified staff meets rigorous professional training standards, and as we hire new staff, we seek to maintain a workforce with the proper expertise and skills to carry out the Inspector General mission. At an Emerging Issues in Banking symposium that we recently cosponsored with the Department of the Treasury and Federal Reserve OIGs, officials from several of the FDIC’s major divisions shared their perspectives with us—a valuable source of knowledge on corporate issues and priorities.
Feedback is another important guiding principle—both formal and informal. Such feedback occurs in a number of ways. We meet regularly with the Chairman,Vice Chairman, Chief Operating Officer, Chief Financial Officer, Chief Information Officer,Division and Office Directors, and engage in dialogue at every operating level. Meetings of the Audit Committee provide us an opportunity to present report findings and recommendations and respond to Audit Committee members’ questions about our work. We have also recently completed a sixth client survey to solicit feedback from corporate management on various aspects of OIG communications, processes, and products. The feedback provided by the Corporation, much of which is captured in our fiscal year 2004 performance report and included in this semiannual report, was constructive and will help guide our efforts going forward.
While I have spoken of our office as a whole and how we espouse principles to ensure successful working relationships with all others in the Corporation, I also wish to recognize some of the individuals in the OIG whose success has been especially commended during the reporting period. Samuel Holland, our Assistant Inspector General for Investigations was named as a finalist for the Service to America Medal in the Justice and Law Enforcement category. The Service to America program is sponsored by the Atlantic Media Company and the Partnership for Public Service and recognizes the outstanding accomplishments of America’s public servants. Mr. Holland was nominated for his pioneering efforts in fighting white-collar crime in the nation’s financial system. One of our Special Agents, J. Kenneth Meyd, was also recognized by the District of Connecticut’s U.S. Attorney’s Office for his work on a criminal restitution case involving an individual who concealed assets from the FDIC.
Three teams of individuals also received Awards for Excellence at the annual awards ceremony of the President’s Council on Integrity and Efficiency and the Executive Council on Integrity and Efficiency this month. First, individuals responsible for the audit of Supervisory Actions Taken for Bank Secrecy Act Violations were honored for recommending improvements to follow-up of Bank Secrecy Act violations at FDIC-supervised institutions. Members of the joint investigative/prosecutorial team responsible for investigating the failure of Hamilton Bank, N.A. were also acknowledged for their efforts leading to the indictment of those alleged to be responsible for the bank’s failure. Third, an interagency OIG team led by Robert L. McGregor, Assistant Inspector General for Quality Assurance and Oversight, received recognition for updating the Quality Standards for Offices of Inspector General, known as the "Silver Book," in honor of the 25th anniversary of the passage of the Inspector General Act of 1978. Also of note during the reporting period, Rex Simmons, our Assistant Inspector General for Management and Congressional Relations, accepted a Training Recognition Award from the U.S. Department of Agriculture Graduate School as runner-up for the W. Edwards Deming Outstanding Training Award. This award acknowledged the OIG’s enduring efforts to identify core competencies for staff that are aligned with OIG and corporate strategic goals and link training investments to core competencies and identified skill gaps. We are proud of these accomplishments.
In closing, the OIG is committed to continuing to promote effective working relationships with the FDIC and helping the Corporation accomplish its mission in the very challenging months ahead. We appreciate and count on the support of all OIG staff, the Corporation, and the Congress, as we serve under the newly elected Administration and work at being the best OIG in government.
Management and Performance Challenges
The Management and Performance Challenges section of our report presents OIG results of audits, evaluations, and other reviews carried out during the reporting period in the context of the OIG’s view of the most significant management and performance challenges currently facing the Corporation . We identified the following 10 management and performance challenges, and, in the spirit of the Reports Consolidation Act of 2000, we presented our assessment of them to the Chief Financial Officer of the FDIC in December 2003. The Act calls for these challenges to be presented in the FDIC’s consolidated performance and accountability report. The FDIC included such reporting as part of its 2003 Annual Report. Our work has been and continues to be largely designed to address these challenges and thereby help ensure the FDIC’s successful accomplishment of its mission.
1. Adequacy of Corporate Governance in Insured Depository Institutions
OIG work conducted to address issues in these areas during the current reporting period includes 31 audit and evaluation reviews containing questioned costs and funds put to better use of nearly $51.2 million and 86 nonmonetary recommendations; comments and input to the Corporation’s draft policies in significant operational areas; participation at meetings, symposia, conferences, and other forums to jointly address issues of concern to the Corporation and the OIG; and assistance provided to the Corporation in such areas as concealment of assets cases and participation in the Federal Information Security Management Act "Getting to Green" initiative.
In the Investigations section of our report, we feature the results of work performed by OIG agents in Washington, D.C.; Atlanta; Dallas; and Chicago who conduct investigations of alleged criminal or otherwise prohibited activities impacting the FDIC and its programs. In conducting investigations, the OIG works closely with U.S. Attorneys’ Offices throughout the country in attempting to bring to justice individuals who have defrauded the FDIC. The legal skills and outstanding direction provided by Assistant U.S. Attorneys with whom we work are critical to our success. The results we are reporting for the last 6 months reflect the efforts of U.S. Attorneys’ Offices throughout the United States. Our write-ups also reflect our partnering with the Federal Bureau of Investigation, the Internal Revenue Service, and other law enforcement agencies in conducting investigations of joint interest. Additionally, we acknowledge the invaluable assistance of the FDIC’s Divisions and Offices with whom we work closely to bring about successful investigations.
Investigative work during the period led to indictments or criminal charges against 9 individuals and convictions of 15 defendants. Criminal charges remained pending against 33 individuals as of the end of the reporting period. Fines, restitution, and recoveries resulting from our cases totaled about $38.6 million. This section of our report also includes an update of the work of our Electronic Crimes Team, acknowledges special recognition given to our Assistant Inspector General for Investigations and one of our Special Agents, and features Special Olympic activities of some Office of Investigations staff.
In the Organization section of our report, we note many significant activities and initiatives that the FDIC OIG has pursued over the past 6 months in furtherance of our four main strategic goals and corresponding objectives. These activities complement and support the audit, evaluation, and investigative work discussed in the earlier sections of our semiannual report. Activities of OIG Counsel and cumulative OIG results covering the past five reporting periods are also shown in this section.
Statistical Tables Required Under the Inspector General Act
The statistical tables required under the Inspector General Act, as amended, are included here.
We offer congratulations to President’s Council on Integrity and Efficiency and Executive Council on Integrity and Efficiency award winners and bid farewell to several FDIC OIG retirees in the back section of our report.
We also feature an Emerging Issues Symposium sponsored jointly by the Department of the Treasury, Federal Reserve, and FDIC Offices of Inspector General on the inside back cover of our report.
OIG’s Fiscal Year 2004 Performance Report
We are including our performance report for fiscal year 2004 as a separate but integral component of our Semiannual Report to the Congress. Our performance report summarizes our progress against our 41 annual performance goals for the fiscal year. We met or substantially met 31 of 41 of our goals under four categories: OIG Products Add Value and Achieve Significant Impact, Communication Between the OIG and Stakeholders Is Effective, Align Human Resources to Support the OIG Mission, and Resources Are Effectively Managed. We hope that by presenting this report along with our semiannual report, the results of our work will be transparent, and the Congress and other readers will have a full understanding of our overall performance and accountability. (Our Performance Report directly follows the main text of our semiannual report.)
We will continue to pursue audits, evaluations, investigations, and other reviews that address the management and performance challenges we identified. Our work during the reporting period can be linked directly to these challenges and is presented as such in the sections that follow. We will be updating our identification of the management and performance challenges by year-end 2004 and will continue to work with corporate officials to successfully address all challenges identified.
1. Adequacy of Corporate Governance in Insured Depository Institutions
Corporate governance is generally defined as the fulfillment of the broad stewardship responsibilities entrusted to the Board of Directors, Officers, and external and internal auditors of a corporation. A number of well-publicized announcements of business failures, including financial institution failures, have raised questions about the credibility of accounting practices and oversight in the United States. Such events have increased public concern regarding the adequacy of corporate governance and, in part, prompted passage of the Sarbanes-Oxley Act of 2002. The public’s confidence in the nation’s financial system can be shaken by deficiencies in the adequacy of corporate governance in insured depository institutions. For example, the failure of senior management, boards of directors, and auditors to effectively conduct their duties has contributed to certain financial institution failures. In some cases, board members and senior management engaged in high-risk activities without proper risk management processes, did not maintain adequate loan policies and procedures, and circumvented or disregarded various laws and banking regulations. In other cases, independent public accounting firms rendered clean opinions on the institutions’ financial statements when, in fact, the statements were materially misstated.
To the extent that financial reporting is not reliable, the regulatory processes and FDIC mission achievement (that is, ensuring the safety and soundness of the nation’s financial system) can be adversely affected. For example, essential research and analysis used to achieve the supervision and insurance missions of the Corporation can be complicated and potentially compromised by poor quality financial reports and audits. The insurance funds could be affected by financial institution and other business failures involving financial reporting problems. In the worst case, illegal and otherwise improper activity by management of financial institutions or their boards of directors can be concealed, resulting in potential significant losses to the FDIC insurance funds.
The FDIC has initiated various measures designed to mitigate the risk posed by these concerns, such as reviewing the bank’s board activities and ethics policies and practices and reviewing auditor independence requirements. In addition, the FDIC reviews the financial disclosure and reporting obligations of publicly traded state non-member institutions. The FDIC also reviews their compliance with Securities and Exchange Commission regulations and the Federal Financial Institutions Examination Council-approved and recommended policies to help ensure accurate and reliable financial reporting through an effective external auditing program and on-site FDIC examination.
The Corporation issued comprehensive guidance in March 2003, describing significant provisions of the Sarbanes-Oxley Act and related rules of implementation adopted by the Securities and Exchange Commission. Other corporate governance initiatives include the FDIC’s issuing Financial Institution Letters, allowing bank directors to participate in regular meetings between examiners and bank officers, maintaining a "Directors’ Corner" on the FDIC Web site, and the expansion of the Corporation’s "Directors’ College" program. While the FDIC has taken significant strides, corporate governance issues remain a key concern.
Also, pursuant to the Economic Growth and Regulatory Paperwork Reduction Act of 1996, the FDIC, along with the other members of the Federal Financial Institutions Examination Council, is engaged in reviewing regulations in order to identify outdated or otherwise unnecessary regulatory requirements imposed on insured depository institutions. The OIG supports prudent opportunities to reduce regulatory burdens on insured depository institutions along with consideration to the impact on the FDIC’s ability to adequately supervise the institutions.
OIG Audit and Investigative Work Addresses Corporate Governance Issues
Division of Supervision and Consumer Protection’s Assessment of Bank Management
Specifically, examiner guidance could be strengthened with respect to evaluating the risks posed by dominant officials and for assessing and recommending mitigating controls when that type of corporate structure exists at a financial institution. Failure to appropriately evaluate and assess such risks increases the opportunity for fraud or mismanagement to go undetected and uncorrected and could, as evidenced by prior OIG reports, ultimately cause an institution to fail.
We concluded that within the frame work of the existing examination procedures, the risks of a dominant official should be considered as a part of the pre-examination planning process to the extent that this risk is observed at the senior corporate level. Due to the complexity of corporate governance oversight and the increased level of inherent risk at financial institutions dominated by one official, a comprehensive and consolidated set of instructions is needed to facilitate the supervisory review process regarding a dominant official. We made two recommendations to address these concerns, and the corrective actions that management proposed were responsive. (Report No. 04-033, September 8, 2004.)
FDIC’s Implementation of the Sarbanes-Oxley Act of 2002
We did not make recommendations in this report. We may conduct further work related to examiner assessment of institution compliance with the Sarbanes-Oxley Act in a subsequent audit. (Report No. 04-042, September 29, 2004.)
Our investigative work also addresses corporate governance issues. In a number of cases, financial institution fraud is a principal contributing factor to an institution’s failure. Unfortunately, the principals of some of these institutions—that is, those most expected to ensure safe and sound corporate governance—are at times the parties perpetrating the fraud. Our Office of Investigations plays a critical role in investigating such activity. (See the Investigations section of this report for specific examples of bank fraud cases involving corporate governance weaknesses.)
2. Protection of Consumer Interests
The FDIC’s mission is to maintain public confidence in the nation’s financial system. The availability of deposit insurance to protect consumer interests is a very visible way in which the FDIC accomplishes this mission. Additionally, as a regulator, the FDIC oversees a variety of statutory and regulatory requirements aimed at protecting consumers from unfair and unscrupulous banking practices. The FDIC, together with other primary federal regulators, has responsibility to help ensure bank compliance with statutory and regulatory requirements related to consumer protection, civil rights, and community reinvestment. Some of the more prominent laws and regulations related to this area include the Truth in Lending Act, Fair Credit Reporting Act, Real Estate Settlement Procedures Act, Fair Housing Act, Home Mortgage Disclosure Act, Equal Credit Opportunity Act, Community Reinvestment Act, and Gramm-Leach-Bliley Act. In December 2003, the President signed the Fair and Accurate Credit and Transactions Act of 2003 to expand access to credit and other financial services for all citizens, enhance the accuracy of consumers’ financial information, and help fight identity theft.
The Corporation accomplishes its mission related to fair lending and other consumer protection laws and regulations by conducting compliance examinations, taking enforcement actions to address compliance violations, encouraging public involvement in the community reinvestment process, assisting financial institutions with fair lending and consumer compliance through education and guidance, and providing assistance to various parties within and outside of the FDIC.
The FDIC’s examination and evaluation programs must assess how well the institutions under its supervision manage compliance with consumer protection and fair lending laws and regulations and meet the credit needs of their communities, including low- and moderate-income neighborhoods. A challenge for the Corporation is risk focusing compliance examinations while still protecting consumers’ interests. The FDIC must also work to issue regulations that implement federal consumer protection statutes both on its own initiative and together with the other federal financial institution regulatory agencies. A challenge in this area is ensuring compliance with out undue regulatory burden.
The Corporation’s community affairs program provides technical assistance to help banks meet their responsibilities under the Community Reinvestment Act. One of the FDIC’s principal areas of emphasis is financial literacy, aimed specifically at low- and moderate-income individuals who may not have had previous banking relationships. The Corporation’s "Money Smart" initiative has been a key outreach effort. The FDIC must also continue efforts to maintain a Consumer Affairs program by investigating consumer complaints about FDIC-supervised institutions, answering consumer inquiries regarding consumer protection laws and banking practices, and providing data to assist the examination function.
The continued expansion of electronic banking presents a challenge for ensuring consumers are protected. The number of reported instances of identity theft has also ballooned in recent years. The Corporation will need to remain vigilant in conducting comprehensive, risk-based compliance examinations, analyzing and responding appropriately to consumer complaints, and educating individuals on money management topics, including identity protection.
The Corporation’s deposit insurance program promotes public understanding of the federal deposit insurance system and seeks to ensure that depositors and bankers have ready access to information about the rules for FDIC insurance coverage. Informing bankers and depositors about the rules for deposit insurance coverage helps foster public confidence in the banking system.
OIG Efforts to Address Consumer Protection Issues
Supervision Appeals Review Committee Decision Regarding the Appeal of a Fair Lending Violation
We found no evidence that the SARC acted outside of its delegated authority. We also found that the SARC considered all relevant facts and that the SARC and DSC followed applicable requirements and procedures in the appeal case. We did not make recommendations in our report and received no comments from the SARC chairman or other members of the committee. (Report No. 04-036, September 20, 2004.)
The OIG’s involvement with consumer protection matters includes our investigative cases regarding misrepresentations of FDIC insurance or affiliation to unsuspecting consumers. Additionally, our Office of Investigations’ Electronic Crimes Team has been involved in investigating emerging e-mail "phishing" identity theft schemes that have used the FDIC’s name in an attempt to obtain personal data from unsuspecting consumers who receive the e-mails. Our investigations have also uncovered multiple schemes to defraud depositors by offering them misleading rates of returns on deposits. These abuses are effected through the misuse of the FDIC’s name, logo, abbreviation, or other indicators suggesting that the products are fully insured deposits. Such misrepresentations induce the targets of schemes to invest on the strength of FDIC insurance while misleading them as to the true nature of the investments being offered. (See the Investigations section of this semiannual report.)
Our experience with such cases prompted us on March 4, 2003, to submit to the House Financial Services Committee Chairman, Michael Oxley, a legislative proposal to prevent misuse of the Corporation’s guarantee of insurance. This proposal was incorporated in H.R. 1375: Financial Services Regulatory Relief Act of 2003. On March 24, 2004, H.R. 1375 was passed by the House of Representatives and referred to the U.S. Senate. Section 615 of H.R. 1375, as we suggested, would provide the FDIC with enforcement tools to limit misrepresentations regarding FDIC deposit insurance coverage. We appreciate Congressional support of this proposal.
3. Management and Analysis of Risks to the Insurance Funds
The FDIC seeks to ensure that failed financial institutions are and continue to be resolved within the amounts available in the insurance funds and without recourse to the U.S. Treasury for additional funds. Achieving this goal is a significant challenge because the insurance funds generally average just over 1.25 percent of insured deposits, and the FDIC supervises only a portion of the insured institutions. In fact, the preponderance of insured institution assets are in institutions supervised by other federal regulators. Therefore, the FDIC has established strategic relationships with the other regulators surrounding their shared responsibility of helping to ensure the safety and soundness of the nation’s financial system. The FDIC engages in an ongoing process of proactively identifying risks to the deposit insurance funds and adjusting the risk-based deposit insurance premiums charged to the institutions. One of the key tools used by the FDIC is its safety and soundness examination process which, when combined with off-site monitoring and extensive industry risk analysis, generally provides an early warning and corrective action process for emerging risks to the funds. The Risk Analysis Center, managed and staffed by the DSC, Division of Insurance and Research, and Division of Resolutions and Receiverships, facilitates and coordinates risk analysis at the FDIC.
Recent trends and events continue to pose risks to the funds. From January 1, 2002 to September 30, 2004, 18 insured financial institutions failed, and the potential exists for additional failures. While some failures may be attributable primarily or in part to economic factors, as previously mentioned, bank mismanagement and apparent fraud have also been factors in the most recent failures. The environment in which financial institutions operate is evolving rapidly, particularly with the acceleration of interstate banking, new banking products and complex asset structures, and electronic banking. The industry’s growing reliance on technologies, particularly the Internet, has changed the risk profile of banking. Continuing threats to the U.S. financial infrastructure have made business continuity planning an essential ingredient to sound risk management programs. The consolidations that may occur among banks, securities firms, insurance companies, and other financial services providers resulting from the Gramm-Leach-Bliley Act pose additional risks to the FDIC’s insurance funds. Limited charter depository institutions may also pose unique risks, as discussed later in this section. Also, institutions face challenges in managing interest rate risks in an environment of historically low interest rates. The Corporation’s supervisory approach, including risk-focused examinations, must operate to identify and mitigate these risks and their real or potential impact on financial institutions to preclude adverse consequences to the insurance funds.
The FDIC employs a number of supervisory approaches, several of which are described below, to identify and mitigate institution risk and faces challenges in ensuring that each meets its intended purpose.
Supervisory Strategies for Large Banks: In 2002, the FDIC initiated the Dedicated Examiner Program for the eight largest banks in the United States. The FDIC is the insurer but not the primary federal regulator for these institutions. Examiners are dedicated to those institutions to participate in targeted reviews and attend management meetings. Also, case managers closely monitor such institutions through the Large Insured Depository Institutions Program’s quarterly analysis and executive summaries. Additionally, case managers consistently remain in communication with their counterparts at the other regulatory agencies, frequently attending pre-examination meetings, post-examination meetings, and exit board meetings.
Maximum Efficiency, Risk-focused, Institution Targeted (MERIT) Examinations Program: This program was introduced in March 2002 and is designed to improve the efficiency and effectiveness of bank examinations by maximizing the use of risk-focused examination procedures in well managed banks in sound financial condition. As of September 30, 2004, over 4,600 of approximately 5,300 FDIC-supervised institutions were MERIT-eligible based on asset size (less than $1 billion) and composite rating (of 1 or 2). DSC has reported that the MERIT program has reduced the average time spent conducting safety and soundness examinations of small, low-risk institutions by well over the 20 percent target in qualifying institutions.
Relationship Manager Program: Still in its early stages, under this approach, commissioned examiners are assigned a portfolio of banks and are designated the "Relationship Manager" or primary point of contact for these banks. As such, relationship managers will conduct comprehensive risk assessments of the banks in their portfolios and in consultation with other experts prepare a risk-focused supervisory plan. Off-site and on-site activities will be conducted as needed throughout the examination cycle rather than the current "point-in-time" approach. The emphasis is on scheduling offsite and on-site reviews during the examination cycle to better leverage external sources of information.
Many other challenges also exist as the Corporation seeks to protect and ensure the continued strength of the insurance funds, as discussed below:
Merging the Insurance Funds: Because of bank mergers and acquisitions, many institutions hold deposits insured by both the Bank Insurance Fund (BIF) and Savings Association Insurance Fund (SAIF), obscuring the difference between the funds. There is ongoing consideration of merging the two insurance funds with the perceived outcome being that the merged fund would not only be stronger and better diversified but would also eliminate the concern about a deposit insurance premium disparity between the BIF and the SAIF. The prospect of different premium rates for identical deposit insurance coverage would be eliminated. Also, insured institutions would no longer have to track their BIF and SAIF deposits separately, resulting in cost savings for the industry. Assessments in the merged fund would be based on the risk that institutions pose to that fund.
The Corporation has worked hard to bring about deposit insurance reform, and the OIG supports the FDIC’s continued work with the banking community and the Congress in the interest of eventual passage of reform legislation.
The Designated Reserve Ratio: If the BIF ratio is below 1.25 percent, in accordance with the Federal Deposit Insurance Act, the FDIC Board of Directors must charge the banks premiums that are sufficient to restore the ratio to the statutorily mandated designated reserve ratio within 1 year. As of March 31, 2002, the BIF reserve ratio was at 1.23 percent, the first time since 1995 that the ratio had fallen below 1.25 percent. By June 30, 2002, the BIF reserve ratio was at 1.25 percent, precisely at the minimum mandated level. According to the Corporation’s Letter to Stakeholders, the BIF ratio reported for 2nd Quarter 2004 was 1.31 percent. The Corporation must maintain or exceed the designated reserve ratio, as required by statute.
Setting Deposit Insurance Premiums: Insurance premiums are generally assessed based on the funding requirements of the insurance funds. Because the reserve ratio may not fall below the statutory designated reserve ratio of 1.25 percent, this approach has the impact of assessing premiums during economic downturns when banks are failing and are likely not in the best position to afford the premiums. Also, numerous institutions have benefited from being able to sharply increase insured deposits without contributions to the insurance funds commensurate with this increased risk. This situation can occur because the designated reserve ratio is not breached, thereby triggering across-the-board premiums. Current deposit insurance reform proposals include provisions for risk-based premiums to be assessed on a more frequently scheduled basis than would occur using the existing approach. Risk-based premiums can provide the ability to better match premiums charged to institutions with related risk to the insurance funds.
Adoption of the Proposed Basel Committee II Capital Accord: Adoption of the accord poses a potential major impact to the insurance funds due to the prospect of lower minimum capital requirements for some of the largest, most complex institutions. The initial Basel Capital Accord only took credit risks into account; Basel II will require that banks evaluate and measure other forms of risk, including operational risk. Banks will have to make capital provisions to effectively act as a contingency fund, to cover the direct and indirect losses that emergent operational risks could cause. The failure of at-risk institutions to fully adhere to this proposed contingency funding mechanism in place of higher minimum capital requirements constitutes a threat of increased insurance losses to the funds. Adoption of the accord may pose challenges for the Corporation by requiring new skill sets to address Basel II issues.
FDIC’s Information Technology Examinations
We concluded that the Corporation’s IT examination program does provide such assurance. We did, however, identify opportunities for improving the quality of the IT examination process. Specifically, the FDIC did not have a review process in place to determine whether appropriate examination procedures are applied and that findings and conclusions are adequately supported. The FDIC has a quality review process in place for its safety and soundness examinations but generally has not conducted similar quality reviews for IT examinations. We recommended that the FDIC improve the quality, efficiency, and effectiveness of its IT examinations by instituting a standardized quality review of all phases of the IT examination process and supporting documentation prior to issuance of IT examination results.
DSC generally concurred with the report’s findings and agreed that the IT review process could be enhanced. DSC provided an action plan that would enhance DSC’s quality review process from the field office and field territory levels. We consider the recommendation resolved. (Report No. 04-022, June 15, 2004.)
The Division of Supervision and Consumer Protection’s Approach for Supervising Limited-Charter Depository Institutions
The Corporation contends that ILCs are no riskier than traditional banks and the risks lie within business line, not the charter type. Most ILC parent companies are subject to varying degrees of federal regulation. Many are subject to consolidated supervision by the Office of Thrift Supervision (OTS), the Securities and Exchange Commission, or the Federal Reserve Board. The FDIC has stated it has sufficient legislative authority to supervise ILCs and their parents. However, differences exist in the scope of authority granted to the FDIC, the Federal Reserve Board, and OTS relating to holding company supervision. We concluded that ILCs may pose additional risks to the deposit insurance fund because ILC parent holding companies are not always subject to the scope of consolidated supervision, consolidated capital requirements, or enforcement actions imposed on parent organizations subject to the Bank Holding Company Act or the Home Owners’ Loan Act. However, the FDIC has established controls to help mitigate these added risks through its deposit insurance application process, routine examination of ILCs and affiliates, and offsite monitoring program.
Nevertheless, we identified opportunities to: strengthen DSC’s insurance application process; better define and clarify guidance for determining the parent company’s source of financial and managerial strength to the ILC; enhance examination policies and procedures for assessing the impact of ILC-parent relationships; and develop a more formal examination program for ILC parent companies that generally relies on the primary federal regulator when applicable and addresses those parent companies that are not supervised by a federal regulator.
Our report contained eight recommendations for strengthening the quality of DSC’s program for supervising ILCs. The Corporation generally agreed with our recommendations, which we consider resolved. (Report No. EVAL-04-048, September 30, 2004.)
Division of Supervision and Consumer Protection’s Regional Office Structure
In our view, industry, technology, and security changes along with changes in DSC’s approach to its supervisory responsibilities warrant reconsideration of the current geographic and organizational structure of the regional offices. We therefore recommended that the Director, DSC, initiate an independent analysis of DSC’s regional office structure to determine the optimal means to effectively manage the division’s organizational structure and its resources.
DSC agreed to evaluate its regional structure as part of its annual workforce planning and budgeting efforts. This corrective action is responsive to our recommendation. (Report No. 04-040, September 28, 2004.)
4. Effectiveness of Resolution and Receivership Activities
One of the FDIC’s corporate responsibilities is planning and efficiently handling the franchise marketing of failing FDIC-insured institutions and providing prompt, responsive, and efficient resolution of failed financial institutions. These activities maintain confidence and stability in our financial system. Notably, since the FDIC’s inception over 70 years ago, no depositor has ever experienced a loss of insured deposits at an FDIC-insured institution due to a failure. According to the Corporation’s Letter to Stakeholders for the 3rd Quarter 2004, the FDIC is managing over $603 million in assets in liquidation in 35 BIF and SAIF receiverships. The Asset Servicing Technology Enhancement Project is a key initiative to implement an integrated solution to meet the FDIC’s current and future asset servicing responsibilities based on industry standards, best practices, and available technology.
The FDIC has outlined primary goals for three business lines that are relevant to the three major phases of its work: Pre-Closing, Closing, and Post-Closing of failing or failed institutions. Each is accompanied by significant challenges:
Deposit Insurance: The FDIC must provide customers of failed financial institutions with timely access to their insured funds and financial services. A significant challenge in this area is to ensure that FDIC deposit insurance claims and payment processes are prepared to handle large institution failures.
Resolutions: As the FDIC seeks to resolve failed institutions in the least costly manner, its challenges include ensuring the efficiency of contingency planning for institution failures and effective internal FDIC communication and coordination as well as communication with the other primary federal regulators. Such steps help ensure timely access to records and optimal resolution strategies.
Receivership Management: The FDIC’s goal is to manage receiverships to maximize net return toward an orderly and timely termination and provide customers of failed institutions and the public with timely and responsive information. Related challenges include ensuring the efficiency of the receivership termination process, effective claims processing, continual assessment of recovery strategies, sound investigative activities, collection of restitution orders, and accurate charging of receiverships for services performed under the Receivership Management Program.
Our work in the receiverships and resolutions area included the following reports:
Retention Strategies for Failed Insured Depository Institution Employees
DRR’s decisions to retain and pay former institution employees to assist in the operations of its receiverships appeared justified given the specific circumstances of the closed institutions. Also, retention decisions were adequately communicated to, and approved by, appropriate FDIC management officials. However, DRR could have better documented the basis for the retention decisions. We also concluded that the FDIC can better protect against the misuse of sensitive financial and customer information by former institution employees retained to assist in liquidating receiverships.
We made four recommendations to address our concerns with documenting decisions, securing sensitive financial and customer information, and conducting background checks of retained employees. The Director, DRR, agreed with our recommendations and expects significant progress and results in the areas discussed in the report by the end of 2004. (Report No. 04-030, August 20, 2004.)
Proceeds from Terminated Securitizations
We conducted an audit to determine whether funds from terminated securitization transactions had been properly reported and credited to the FDIC by third parties, which include the mortgage-backed securities master servicer and a trustee appointed to the trust created for each securitization. The reserve fund releases and residual distributions from the four terminated securitization transactions we reviewed totaled $341,578,536 and $241,120,162, respectively. We concluded that DRR had an adequate management control process to ensure that all proceeds from the terminated securitizations were properly reported and credited to the FDIC by third parties. (Report No. 04-034, September 13, 2004.)
Cases Involving Concealment of Assets
5. Management of Human Capital
Human capital issues pose significant elements of risk that interweave all the management and performance challenges facing the FDIC. Human capital management requires committed, sustained, and inspired leadership and persistent attention. In the last 15 years, the FDIC has dealt with dramatic swings in its staffing levels in response to the banking and thrift crisis of the late 1980s and early 1990s and subsequent period of recovery. The FDIC, like other organizations, continues to be affected by changing technology, market conditions, initiatives designed to improve its business processes, an aging workforce, and by the unknown. Such events impact staffing levels and required skills mix going forward just as they would any other organization.
Since 2002, the FDIC has been working to create a flexible permanent workforce that is poised to respond to sudden changes in the financial sector. As part of the 2005 corporate planning and budget process, senior executives concluded that the FDIC’s future workforce will be smaller with a somewhat different mix of skills. Recently, FDIC executives announced initiatives focused on workforce planning, human resources flexibilities, and the establishment of a Corporate Employee Program.
In August 2004, the FDIC’s Chief Operating Officer announced a Workforce Planning for the Future initiative that requires the FDIC’s three business line divisions to: (1) review future workload assumptions; (2) analyze existing skill sets, identify needed skill sets, and design strategies for closing any gaps; and (3) develop succession management plans. The initiative also established vacancy management goals for carefully reviewing each vacancy within the Corporation to determine whether and how vacancies should be filled.
On September 1, 2004, the FDIC sent a legislative proposal, known as the FDIC Workforce 21 Act of 2004, to the Congress that would provide the Corporation with greater flexibility in the human resources area. The proposal seeks to build upon human capital flexibilities related to streamlined hiring authority, term appointments, reemployment of retired annuitants in exigent circumstances, employment of experts and consultants, and reduction-in-force and early retirement authority.
The Chief Operating Officer has also announced a Corporate Employee Program. The Program’s objectives address risks related to industry consolidation and complexity and will position the Corporation to more successfully respond to rapid changes in individual institutions or the entire financial industry. The program will provide cross-training programs and cross-divisional mobility to provide individual job enhancement and to serve organizational needs as events require. Amid these initiatives, the Corporation will need to confer with the National Treasury Employees Union, when appropriate, in negotiating matters affecting bargaining unit employees.
The FDIC has stated that over the next 10 years, it is likely that almost 1,600 employees or 30 percent of the FDIC’s current workforce will retire. Other employees will leave the FDIC for non-retirement reasons. The Corporation must carefully plan its Corporate University training programs, continue to work to identify an appropriate skills mix, correct any existing skills imbalances, fill key vacancies in a timely manner, engage in careful succession planning, and continue to conserve and replenish the institutional knowledge and expertise that has guided the organization over the past years. A need for additional outsourcing may arise. Hiring and retaining new talent will be important and hiring and retention policies that are fair and inclusive must remain a significant component of the corporate diversity plan. Designing, implementing, and maintaining effective human capital strategies—including developing a coherent human capital blueprint that comprehensively describes the FDIC’s human capital framework and establishes a process for agency leaders to systematically monitor the alignment and success of human resources-related initiatives—are critical priorities and must continue to be the focus of centralized, sustained corporate attention. Our ongoing work in this area includes an evaluation of the effectiveness of DSC’s workforce planning. We are also initiating an evaluation of the Corporate University.
6. Management and Security of Information Technology Resources
Information technology continues to play an increasingly greater role in every aspect of the FDIC mission. As corporate employees carry out the FDIC’s principal business lines of insuring deposits, examining and supervising financial institutions, and managing receiverships, the employees rely on information and corresponding technology as an essential resource. Information and analysis on banking, financial services, and the economy form the basis for the development of public policies and promote public understanding and confidence in the nation’s financial system. IT is a critical resource that must be safeguarded.
Accomplishing IT goals efficiently and effectively requires sound IT planning and investment control processes. The Corporation’s 2004 IT budget is approximately $233 million. The Corporation must constantly evaluate technological advances to ensure that its operations continue to be efficient and cost-effective and that it is properly positioned to carry out its mission, particularly in light of ongoing downsizing. While doing so, the Corporation must continue to respond to the impact of laws and regulations on its operations. The Corporation’s Transformation Project is bringing about significant change in the Division of Information Resources Management (DIRM). Management of IT resources and IT security have been the focus of several laws, such as the Paperwork Reduction Act, the Government Information Security Reform Act, and the Federal Information Security Management Act of 2002 (FISMA). Under FISMA, each agency is required to report on the adequacy and effectiveness of information security policies, procedures, and practices and compliance with information security requirements.
The FDIC has recognized that improvements in its information security program and practices are needed. In its 2003 annual report to the Congress, the FDIC identified information security as a high vulnerability issue within the Corporation. The FDIC also identified improvements in its information security program as a major corporate priority in its 2004 Annual Performance Plan. Senior FDIC managers, including the Vice Chairman of the Board of Directors and the FDIC Audit Committee, have played an active role in strengthening the FDIC’s information security program through oversight of information security initiatives and monitoring of corporate efforts to address security weaknesses. As discussed below in this section, representatives of DIRM, the Division of Administration, and the Office of Enterprise Risk Management have also been working with our office as part of a "Getting to Green" initiative on the OIG’s annual FISMA evaluation scorecard.
Federal Information Security Management Act Evaluation
The objective of the evaluation was to determine the effectiveness of the FDIC’s information security program and practices, including its compliance with the requirements of FISMA and related information security policies, procedures, standards, and guidelines. In summary, we concluded that the Corporation had established and implemented management controls that provided limited assurance of adequate security over its information resources. As a result of focused efforts over the past several years, the FDIC has made considerable progress in improving its information security controls and practices. Notably, this is the first annual security evaluation wherein we identified no significant deficiencies as defined by OMB that warrant consideration as a potential material weakness. However, continued management attention was needed in several key security control areas to ensure that appropriate risk-based and cost-effective security controls are designed and in place to secure the FDIC’s information resources and further the Corporation’s security goals and objectives.
We also issued a separate audit report containing responses to specific questions raised by OMB in its August 23, 2004 memorandum, FY 2004 Reporting Instructions for the Federal Information Security Management Act.
Our responses to the OMB questions, together with the independent security evaluation report, satisfy our 2004 FISMA reporting requirements.
Similar to our prior year security evaluations, our FISMA report identified 10 steps that the Corporation can take in the near term to improve its information security program and operations. Generally, the steps focused more on the implementation of the FDIC’s security management controls, whereas the steps contained in our prior year evaluation focused primarily on the establishment of security management controls. In many cases, the FDIC had already begun to address these steps during our evaluation field work. We will continue to work with the Corporation throughout the coming year to ensure that appropriate risk-based and cost-effective IT security controls are in place to secure corporate information resources and further corporate security goals and objectives. (Report No. 04-046, September 30, 2004.)
We also conducted specific work in the following IT areas, much of which contributed to our overall FISMA evaluation:
Enhancements to the FDIC System Development Life Cycle Methodology
FDIC’s Software Management Program
FDIC’s Virtual Supervisory Information on the Net Application
We recommended that the Corporation develop, update, and implement key management and operational controls to protect the confidentiality, integrity, and availability of the information contained in the ViSION application. The Corporation’s response adequately addressed our recommendations. (Report No. 04-027, July 30, 2004.)
FDIC’s Capital Investment Management Review Process for Information Technology Investments
The CIRC was established in September 2002; therefore, measuring the overall effectiveness of the CIRC was difficult. Nonetheless, we found that the program activities the FDIC has undertaken since 2002 aligned with the processes the U.S. Government Accountability Office (GAO) considers necessary to build a successful IT capital investment process. Specifically, the FDIC’s efforts have encompassed a broad range of activities, including ongoing work to develop:an IT governance structure, including the establishment of the Chief Information Officer Council in February 2004;
a systematic, quarterly management oversight process for individual capital investment projects and the overall portfolio; and
corporate tools and guidance for project managers.
These activities align with the processes associated with the second and third stages of maturity in GAO’s five-tiered model. However, work remains to achieve a mature, repeatable process, and the FDIC has many efforts underway or planned to reach that goal.
We made 11 recommendations to the Chief Financial Officer and Chief Information Officer, the CIRC Co-Chairs, to take actions in 3 general areas to help ensure continued maturation of the CPIM process: (1) Strengthen the IT investment management governance structure, (2) Strengthen CPIM-related procedures, and (3) Create a CPIM plan.
Management did not concur with 2 of our 11 recommendations. With respect to one of those recommendations, we requested that management reconsider its position and clarify requirements for validating quarterly project assessments by independent qualified personnel when management updates the FDIC Capital Investment Policy in June 2005. For the other outstanding recommendation, we agreed with management that further action was not required. (Report No. 04-039, September 23, 2004.)
Audits by IBM
FDIC’s IT Security Risk Management Program—Overall Program Policies and Procedures and the Risk Assessment Process: IBM concluded that the FDIC had made progress since August 2003 in implementing the risk management program. However, policies and procedures for the overall program and the risk assessment process could be strengthened.
IBM made three recommendations to the Director, DIRM, to improve the policies and procedures for managing IT risk and the Director agreed. (Report No. 04-028, July 30, 2004.)
FDIC’s Mainframe Security: IBM concluded that the FDIC has established and implemented management, operational, and technical controls that provide reasonable assurance of adequate mainframe security. IBM also found that the FDIC has made progress in its efforts to strengthen mainframe security, update security policies and procedures, and increase employee security awareness.
Further, DIRM has completed the required certification activities in preparation for system accreditation. These activities include completing a mainframe security plan; conducting a risk assessment and preparing the final risk assessment report; performing a self-assessment of mainframe management, operational, and technical controls; and completing a Plan of Actions and Milestones.
IBM did find one aspect of mainframe security that could be improved. DIRM management concurred with IBM’s related recommendation. (Report No. 04-037, September 30, 2004.)
FDIC’s IT Contingency Planning: IBM’s audit focused on the adequacy of the FDIC’s policies, procedures, and tools for contingency planning. IBM concluded that the FDIC had made progress since the OIG’s 2003 FISMA evaluation. However, improvements are needed to ensure that FDIC data can be restored in a timely manner.
IBM made three recommendations to improve the FDIC’s contingency planning program. DIRM agreed to take corrective actions that adequately address the three recommendations. (Report No. 04-038, September 22, 2004.)
7. Security of Critical Infrastructure
The adequate security of our nation’s critical infrastructures has been at the forefront of the federal government’s agenda for many years. Specifically, the President’s Commission on Critical Infrastructure Protection (established in July 1996) was tasked to formulate a comprehensive national strategy for protecting the nation’s critical infrastructure from physical and "cyber" threats. Included among the limited number of systems whose incapacity or destruction were deemed to have a debilitating impact on the defense or economic security of the nation was the banking and finance system. With the increased consolidation and connectivity of the banking industry in the years since 1996, and with the new awareness of the nation’s vulnerabilities to terrorist attacks since September 11, 2001, the security of the critical infrastructure in the banking industry is even more important.
On December 17, 2003, the President signed Homeland Security Presidential Directive (HSPD) 7, Critical Infrastructure Identification, Prioritization and Protection. HSPD–7 established a national policy for federal departments and agencies to identify and prioritize United States critical infrastructure and key resources and to protect them from terrorist acts. On June 17, 2004, OMB issued Memorandum M04-15, Development of the HSPD-7 Critical Infrastructure Protection Plans to Protect Federal Critical Infrastructures and Key Resources. The memorandum provides guidance regarding the format and content of critical infrastructure protection plans that federal agencies are required to submit to the OMB. Although the FDIC has determined that it does not maintain critical infrastructure or key resources as intended by HSPD–7, the FDIC is required to report to OMB on its ability to ensure the continuity of its business operations in the event of a physical or cyber attack.
The intent of HSPD–7 is to ensure that the federal government maintains the capability to deliver services essential to the nation’s security and economy and to the health and safety of its citizens in the event of a cyber- or physical-based disruption. Much of the nation’s critical infrastructure historically has been physically and logically separate systems that had little interdependence. However, as a result of technology, the infrastructure has increasingly become automated and interconnected. These same advances have created new vulnerabilities to equipment failures, human error, natural disasters, terrorism, and cyber attacks.
To effectively protect critical infrastructure, the FDIC’s challenge is to implement measures to mitigate risks, plan for and manage emergencies through effective contingency and continuity planning, coordinate protective measures with other agencies, determine resource and organization requirements, and engage in education and awareness activities. The FDIC will need to continue to work with the Department of Homeland Security and the Finance and Banking Information Infrastructure Committee, created by Executive Order 23231 and chaired by the Department of the Treasury, on efforts to improve security of the critical infrastructure of the nation’s financial system. To address this risk, the FDIC is sponsoring 24 outreach conferences for the Financial and Banking Information Infrastructure Committee and Financial Services Sector Coordinating Council through 2005, which will address protecting the financial sector. The Corporation will also need to be attentive to the new requirements of HSPD-7.
Implementation of Physical Security Policies
We concluded that the FDIC had implemented the OIG-recommended improvements to security policies for FDIC-owned and leased space in the Washington, D.C., and Virginia Square locations and in the regional and field offices. However, we also found that the Division of Administration (DOA) could further improve the vulnerability assessment process for some of its offices, and we made a recommendation to that effect. The Director, DOA, concurred with our recommendation and agreed to take responsive action. (Report No. 04-021, June 15, 2004.)
FDIC’s Business Continuity Plan
We found that the FDIC’s BCP addresses the critical business functions of key FDIC divisions and offices. Also, actions are underway to review and update a business impact analysis and to identify the resources necessary to sustain essential functions in the event of disruptions. However, the FDIC could improve the quality of its BCP in a number of key areas to help ensure its success. As a result, we made 10 recommendations to strengthen the quality of the FDIC’s BCP, with which the Corporation agreed. (Report No. EVAL-04-029, August 9, 2004.)
8. Management of Major Projects
Project management is the defining, planning, scheduling, and controlling of the tasks that must be completed to reach a goal and the allocation of the resources to perform those tasks. The FDIC has engaged in several multi-million dollar projects, such as the New Financial Environment (NFE), Central Data Repository, and Virginia Square Phase II Construction. Without effective project management, the FDIC runs the risk that corporate requirements and user needs may not be met in a timely, cost-effective manner. We have done several reviews of these projects and identified the need for improved defining, planning, scheduling, and controlling of resources and tasks to reach goals and milestones. The Corporation included a project management initiative in its 2004 performance goals and established a Program Management Office to address the risks and challenges that these kinds of projects pose.
In September 2002, the FDIC executed a multiyear contract to replace its core financial systems and applications with a commercial-off-the-shelf software package. NFE is a major corporate initiative to enhance the FDIC’s ability to meet current and future financial management and information needs. At the time the Board case was approved, the FDIC estimated the total lifecycle cost of NFE, including FDIC staff time, to be approximately $62.5 million over 8 years. NFE offers the FDIC significant benefits and presents significant challenges. These challenges will test the Corporation’s ability to (1) maintain unqualified opinions on the FDIC’s annual financial statements through the system implementation and associated business process reengineering; (2) manage contractor resources, schedules, and costs; and (3) coordinate with planned and ongoing system development projects related to NFE. We have reported on several NFE matters in the past and are currently auditing the Corporation’s ongoing NFE efforts.
The Call Report Processing Modernization project is a collaborative effort by the FDIC, the Federal Reserve Board, and the Office of the Comptroller of the Currency to improve the processes and systems used to collect, validate, store, and distribute Call Report information. The project resulted in a Central Data Repository approach to managing bank Call Report Information. We are monitoring the Corporation’s progress on this project.
In March 2002, the Board of Directors approved construction of a new nine-story building at the FDIC’s Virginia Square in Northern Virginia. Known as Virginia Square Phase II, the building will house FDIC staffers (about 1,100) for the most part now working in leased space. The expansion will cost approximately $111 million. The building is expected to be finished by early 2006. Completing construction activities and moving staff from leased to owned space within the planned time and cost budgets presents considerable challenges for FDIC management.
The Corporation must ensure that employees from all divisions and offices properly safeguard the BIF and SAIF. It is critically important that budgets for the major projects discussed above and all others be established and closely monitored to prevent significant cost overruns.
Control Framework for the Virginia Square Phase II Project
We concluded that the FDIC established an adequate control framework for the Virginia Square Phase II construction project that, if consistently and effectively implemented, should ensure that the project will be completed on time and within budget. However, we also found that the FDIC withheld less than the contract entitled the FDIC to retain on progress payments to the general contractor. We recommended that the Director, DOA, emphasize that contractor invoices be reviewed for compliance with all contract terms, including retainage provisions, and that discrepancies be documented and resolved before payment. The Corporation took prompt action in response to our recommendation. (Report No. 04-018, April 22, 2004.)
9. Assessment of Corporate Performance
Assessing corporate performance is a key challenge because good intentions and good beginnings are not the measure of success. What matters in the end is completion: performance and results. To that end, the Government Performance and Results Act (Results Act) of 1993 was enacted. This Act requires most federal agencies, including the FDIC, to prepare a strategic plan that broadly defines each agency’s mission, vision, and strategic goals and objectives; an annual performance plan that translates the vision and goals of the strategic plan into measurable annual goals; and an annual performance report that compares actual results against planned goals.
The current Administration has raised the bar further in this area. Specifically, OMB is using an Executive Branch Management Scorecard to track how well departments and agencies are executing the management initiatives, and where they stand at a given point in time against the overall standards for success. OMB has also introduced the Program Assessment Rating Tool to evaluate program performance, determine the causes for strong or weak performance, and take action to remedy deficiencies and achieve better results.
The Corporation’s strategic plan and annual performance plan lay out the agency’s mission and vision and articulate goals and objectives for the FDIC’s three major program areas: Insurance, Supervision, and Receivership Management. Through its annual performance report, the FDIC is accountable for reporting actual performance and achieving its strategic goals. In addition to the Corporation’s strategic and annual goals and objectives established under the Results Act, the Chairman maintains a comprehensive set of objectives used for internal management which are summarized in terms of Stability, Sound Policy, and Stewardship.
The Corporation has made significant progress in implementing the Results Act. Over the years, it has developed more outcome-oriented performance measures, better linked performance goals and budgetary resources, and improved processes for verifying and validating reported performance. While the FDIC is not included on the Management Scorecard nor required to submit a Program Assessment Rating Tool to the OMB, some of the Corporation’s divisions have begun using a "scorecard" approach to monitoring and evaluating performance, and we support the use of these tools.
The OIG has played an active role in evaluating the Corporation’s efforts in this area. We have conducted reviews of the processes used for verifying and validating data and evaluated the Corporation’s budget and planning process. As part of the Corporation’s overall planning process, we provide input and our perspective annually on the FDIC’s strategic goals and objectives. In doing so, we have pointed to the need to better align the strategic and annual planning process under the Results Act with the separate process used to develop detailed annual corporate performance objectives and initiatives designed to accomplish the Chairman’s priorities.
During the reporting period, we updated an earlier analysis of the linkage between the Corporation’s two separate performance measurement processes. We compared (1) the FDIC’s 2004 Corporate Performance Objectives (i.e., Chairman’s) to (2) the 2004 Results Act Annual Performance Plan. The analysis continues to reflect that the two separate plans are not well integrated. OIG advisory comments on the Corporation’s 2002, 2003, and 2004 Results Act plans have suggested that the Corporation take additional steps to better link the two systems.
Strong internal control and risk management practices can help an organization achieve strategic and annual goals. Internally, the Corporation is currently operating under an internal control policy that predates many developments toward proactive risk management. Since the Corporation issued its internal control policy in February 1998, GAO has issued Standards for Internal Control in the Federal Government (GAO/AIMD-00-21.3.1, November 1999), which discusses five components of internal control and provides an overall framework for identifying and addressing major performance challenges and areas of greatest risk for fraud, waste, abuse, and mismanagement. Also, as mentioned earlier in this semiannual report, many organizations in the insurance industry and other organizations are using an Enterprise Risk Management approach to managing not only financial risks, but all business and compliance risks. The Committee of Sponsoring Organizations of the Treadway Commission has issued a document that explains essential concepts and the interrelationship between enterprise risk management and internal control. The Corporation’s Office of Enterprise Risk Management can play a role in risk management activities that help the Corporation achieve its goals.
10. Cost Containment and Procurement Integrity
Stewardship of resources has been a focus of the FDIC’s current Chairman. As steward for the insurance funds, the Chairman has embarked on a campaign to identify and implement measures to contain and reduce costs, either through more careful spending or assessing and making changes to business processes to increase efficiency.
A key challenge to containing costs relates to the contracting area. To achieve success in this area, the FDIC must ensure that its acquisition framework—that is, its policies, procedures, and internal controls—is marked by sound planning; consistent use of competition; fairness; well-structured contracts designed to produce cost-effective, quality performance from contractors; and vigilant contract management to ensure successful oversight management activities. The Corporation has taken a number of steps to strengthen controls and oversight of contracts.
However, as the Corporation downsizes and continues to contract for services, it needs to remain vigilant. We have a contract audit program that looks at the reasonableness and support for billings on significant Corporation contracts and, as needed, evaluates contract award processes. Our work in the cost containment and procurement integrity area during the reporting period included the following:
Acquisition Planning and Execution Strategy
We made seven recommendations to the Director, DOA, to revise certain aspects of the Acquisition Policy Manual, establish additional procedures to document the disposition of Legal Division comments, modify certain contracts, and enhance certain oversight activities of contracting officers. The Director, DOA, provided a written response to the draft report, and through subsequent discussions, all recommendations are now resolved. (Report No. 04-043, September 29, 2004.)
FDIC’s Allocation of Records Storage Costs
We recommended that the Director, Division of Finance (DOF), adjust the fund balances for the BIF, SAIF, and FRF; charge the funds appropriately for future records storage costs; and determine whether prior-year adjustments should be made to the funds’ financial statements due to the magnitude of the reallocation of records storage costs to the FRF.
The Corporation disagreed with our finding and recommendations. The Director, DOF, stated that the current allocation methodology provides a reasonable, efficient, and consistent basis for allocating costs to the funds. We requested DOF to reconsider its position and provide a subsequent response. (Report No. 04-044, September 29, 2004.)
Records Management and Storage
We made nine recommendations to the Director, DOA, to make the FDIC’s contract with Iron Mountain more cost-effective and to improve contract oversight. We also recommended that the General Counsel and DOA expedite efforts related to the destruction of records for thrifts not involved in the goodwill litigation.
The Director, DOA, did not agree with four of our recommendations, and we asked DOA to reconsider its responses and provide additional comments. DOA also disagreed with all but $602,438 of our identified cost avoidances. The General Counsel agreed to take responsive action.
Based on our review, we are reporting a range of $5,151,822 to $5,573,881 for funds put to better use in this Semiannual Report to the Congress. This range has been adjusted to reflect our acceptance of DOA’s lower estimate of savings for moving microforms to general storage space. (Report No. 04-045, September 30, 2004.)
Pre-award and Post-award Contract Audits
We also issued one post-award contract audit report during the reporting period. The objectives of post-award audits are to determine whether amounts charged to FDIC contracts are allowable, allocable, and reasonable. We reported a total of $110,915 in questioned costs as a result of the post-award audit. As of the end of the reporting period, a management decision was pending for the amount identified as a monetary benefit.
The Office of Investigations (OI) is responsible for carrying out the investigative mission of the OIG. Staffed with agents in Washington, D.C.; Atlanta; Dallas; and Chicago; OI conducts investigations of alleged criminal or otherwise prohibited activities that may harm or threaten to harm the operations or integrity of the FDIC and its programs. In addition to its headquarters and field sites, OI operates an Electronic Crimes Team and laboratory in Washington, D.C. The Electronic Crimes Team is responsible for conducting computer-related investigations impacting the FDIC, including employee cases involving computer abusers and providing computer forensic support to OI investigations nationwide. OI also manages the OIG Hotline for employees, contractors, and others to report allegations of fraud, waste, abuse, and mismanagement via a toll-free number or email. During the reporting period, the Hotline received 68 allegations, a number of which included reports of "phishing" schemes as discussed in this report. Two reports that were based on Hotline allegations were issued by the Office of Audits during the reporting period. Fourteen allegations were referred for further action.
OI Cases Target High-Risk Areas
OI concentrates its investigative efforts on those cases of most significance or potential impact to the FDIC and its programs. OI’s goal, in part, is to bring a halt to the fraudulent conduct under investigation, protect the FDIC and other victims from further harm, and assist the FDIC in recovery of its losses. Another consideration in dedicating resources to these cases is the need to pursue appropriate criminal penalties not only to punish the offender but to deter others from participating in similar crimes.
Currently, the majority of OI’s caseload is comprised of investigations involving major financial institution fraud. OI’s work in this area targets schemes that resulted in significant losses or vulnerabilities for the institution(s), and/or involves institution officers or insiders, multiple subjects and institutions, obstruction of bank examiners, and/or misrepresentation of FDIC insurance or affiliation. It also includes investigations of fraud resulting in institution failures. Cases in this area are highly complex and resource-intensive, often requiring teams of agents and years to complete. Despite the resource demands, the OIG’s commitment to these investigations is imperative, in light of their significance and potential impact to the FDIC and the banking industry. Additionally, from a cost-benefit perspective, these cases have brought results that make our investment in them well worth the effort, as illustrated in some of the cases reported for this period. Our investigations of major financial institution fraud schemes have brought increased returns measured by successful prosecutions resulting in incarceration, court-ordered fines, restitution to victims, and administrative actions.
Fraud Arising at or Impacting Financial Institutions
Former Hamilton Bank Senior Executives Indicted for Defrauding Investors and Bank and Securities
If convicted of wire fraud, the defendants face a statutory maximum term of imprisonment of 30 years and a fine of up to $1 million for each wire fraud count. If convicted of securities fraud, the defendants face a statutory maximum term of 10 years’ imprisonment and a fine of $1 million for each such count. If convicted of conspiracy, obstruction of an examination of a financial institution, or making a false statement, the defendants face a statutory maximum term of 5 years’ imprisonment and a fine of up to $250,000 for each such count.
This case is being investigated by the FDIC OIG and Treasury OIG. The case is being prosecuted by the U.S. Attorney’s Office for the Southern District of Florida.
The former CEO of Stevens Financial Group was found guilty of conspiring to commit bank fraud. Through his company, Stevens Financial Group, he sold over $15 million worth of sub-prime loans to SNB. He was found guilty of conspiracy with the defendant’s ex-husband to defraud SNB in the purchase of these sub-prime loans.
On September 7, 2001, after only 18 months under new ownership, the OCC closed SNB, and the FDIC was named receiver. SNB’s failure caused a loss of approximately $4.5 million to the Bank Insurance Fund.
On September 24, 2004, after a 2-week trial in a State Court in Harrisonville, Missouri, a jury also found the former CEO of Stevens Financial Group guilty on five felony counts of making false and misleading statements to the Missouri Division of Securities. Stevens was found not guilty on six counts of Missouri securities fraud.
The State Court convictions arose from the fraudulent submission of documents to the State of Missouri Secretary of State’s Office by the former Stevens Financial Group CEO. These fraudulent documents were used to artificially inflate the true net worth of the company. In order to accumulate cash, the defendant sold "time certificates" that raised approximately $100 million from investors in Missouri. The sales of the securities were structured to avoid federal securities regulations as enforced by the Securities and Exchange Commission. Consequently, the securities were sold only within the State of Missouri, and some of the funds raised from this scheme furnished the money used by one of the former owners to purchase SNB. The loans that secured these securities were also utilized in the fraudulent activity involving SNB.
The State case was investigated by the FDIC OIG, Missouri Secretary of State’s Office, and the FBI. The case was prosecuted by the Missouri Attorney General’s Office.
The federal case was brought to trial by the Department of Justice, Main Justice Attorneys from the Fraud Section. The case was investigated by the FDIC OIG, Treasury OIG, FBI, and IRS-CI.
Accountant Pleads Guilty to Bank Fraud
The indictment that led to the defendant’s eventual guilty plea charged him with 26 counts of mail fraud, bank fraud, making false statements, counterfeiting a security, pension plan theft, falsification of pension plan records, and bankruptcy fraud in connection with a $7 million Ponzi scheme and a $1.6 million bank fraud scheme.
The defendant’s actions resulted in more than $1 million in losses for individuals and businesses and more than $980,000 in losses for three financial institutions. Those institutions include Northern Star Bank in Mankato, of which he was a founder; Merchants State Bank of Lewisville, which the indictment claims was forced to sell its assets to Farmers State Bank of Madelia because of the defendant’s unpaid loans; and Americana Community Bank in Chanhassen.
The defendant started the Ponzi scheme sometime before January 1, 1999, by enticing individuals and organizations to invest millions of dollars with him by promising their investments would be safe and claiming they would receive a high rate of return. According to the indictment, the defendant invested only about 30 percent of the money he received from the investors. The majority of the funds were used by the defendant for his personal benefit in order to pay personal lines of credit and to make lulling payments to other investors. The defendant lulled investors into believing their investment funds had been invested by making payments to the defrauded investors from funds obtained from other investors and by providing the defrauded investors with statements that purported to show the status of their account and the purported rate of return the investor obtained.
In addition to defrauding investors, the defendant also fraudulently obtained more than $1.6 million from financial institutions, including Northern Star Bank, where he was a director and officer. He misstated his assets and liabilities and substantially overstated his net worth in order to obtain loans, which he used to further his Ponzi scheme. Financial institutions suffered losses in excess of $980,000.
The defendant also pleaded guilty to stealing from two pension plans. He admitted to stealing approximately $100,000 from Catalytic Combustion Corporation, of Bloomer, Wisconsin, in which he was a 40 percent minority shareholder and chief financial officer, and approximately $750,000 from a Mankato architectural firm.
This case was investigated jointly by the FDIC OIG, the FBI, and the U.S. Department of Labor’s Employee Benefits Security Administration, and was prosecuted by the U.S. Attorney’s Office for the District of Minnesota.
Former President of Farmers Bank & Trust Sentenced for Bank Fraud
The sentence was a result of the defendant’s guilty plea to one count of making false statements to a financial institution and one count of making false entries in the books and records of a financial institution. The defendant was indicted in August 2003 and charged with defrauding the Farmers Bank & Trust.
In his guilty plea, the defendant admitted that he defrauded the bank by making false entries and statements on at least 24 loans and financial statements. He also admitted to forging documentation that falsely represented that these loans were secured by Farm Service Agency guarantees. In addition, he made false entries into records of the bank that misrepresented borrowers’ total indebtedness to the bank. To prevent this bank fraud and other illegal practices from being detected by an audit conducted by the Louisiana Office of Financial Institutions and the FDIC, the defendant made additional false entries in the bank’s records. He also falsely applied a portion of all of a borrower’s indebtedness to nominee loans. These and other actions were taken to conceal both the borrowers’ total indebtedness and payment delinquencies from the bank board, the FDIC, and the state bank examiner.
As a result of the defendant’s actions, the bank suffered a loss of over $6 million. On December 17, 2002, Farmers Bank & Trust was closed by bank regulators.
This case was investigated jointly by the FDIC OIG and the FBI, and is being prosecuted by the U.S. Attorney’s Office for the Western District of Louisiana.
Two Former Car Dealers Ordered to Pay $16 Million in Restitution to the FDIC
On August 23, 2004, the second former car dealer was sentenced to 60 months’ incarceration with 3 years’ supervised release and was ordered to pay more than $8 million in restitution to the FDIC. His sentence was the result of his December 2003 guilty plea to conspiracy to commit bank fraud and bank fraud.
The two former car dealers were earlier indicted for conspiracy and bank fraud. The charges arose as a result of the check-kiting scheme in which they engaged during calendar year 2001. A check-kite is a fraudulent scheme in which a bank customer uses the time it takes to clear checks to create artificially high balances of nonexistent funds through a systemic exchange of checks among accounts when, in reality, actual funds do not exist. The indictment charged that the defendants kited checks between accounts maintained by one of the defendants at Liberty National Bank and the other defendant at the now defunct Oakwood. Losses to Oakwood due to the kite were in excess of $11 million.
It was the initial investigation into the check-kite that led to the confession by Oakwood’s former president of embezzling over $40 million resulting in the subsequent failure of the 99-year old Oakwood Deposit Bank Company. Oakwood’s former president pleaded guilty to embezzlement and money laundering in May 2003 and is currently serving a 14-year jail term.
The kite investigation was conducted jointly by the FDIC OIG and the FBI. Prosecution was handled by the U.S. Attorney’s Office for the Northern District of Ohio (Western Division).
Former Used Car Salesman Ordered to Pay $3.7 Million after Pleading Guilty to Bank Fraud
According to the plea agreement, the defendant acknowledged that his participation in a checkkiting scheme had caused over $3.37 million in losses to Mauriceville National Bank. He also defrauded SouthTrust Bank, with whom he had a line of credit and a wholesale floor plan agreement. Our investigation determined that he sold or otherwise disposed of vehicles without accounting to the bank for the proceeds, assignments, and endorsements resulting from the disposition of the vehicles. The defendant’s fraudulent scheme caused a loss to SouthTrust Bank of approximately $350,000, which he then converted to his personal benefit.
The defendant’s plea agreement was negotiated by the U.S. Attorney’s Office in connection with our ongoing investigation into a scheme to defraud multiple FDIC-insured institutions.
The case is being investigated jointly by the FDIC OIG and the FBI, and is being prosecuted by the U.S. Attorney’s Office for the Eastern District of Texas.
Commercial Contractor Sentenced for Conspiring to Commit Bank Fraud
The defendant was a commercial contractor whose company, Riverwoods Development Corporation, was a customer of the former Town & Country Bank of Almelund, Almelund, Minnesota. On April 8, 2003, a federal grand jury indicted the defendant and the bank’s former president on eight counts relating to bank fraud, money laundering, making false entries in the bank’s records, and conspiracy. On August 11, 2003, the federal grand jury returned
a superceding indictment that added two counts of false bank entries and one count of money laundering.
Specifically, the indictment alleged that the defendants acted in close association with each other to:Use the bank as a private source of money,
Make loans that exceeded legal lending limits,
Improperly use overdrawn accounts as a temporary extension of credit,
Conceal the true purpose of the loans by using nominee borrowers,
Prepare false loan documents, and
Falsely report loans as being repaid.
The above acts resulted in the failure of the bank in July 2000 when the State of Minnesota declared the bank insolvent and appointed the FDIC as receiver. The failure of Town & Country resulted in an estimated loss of $3.4 million to the FDIC Bank Insurance Fund.
A third subject, the former bookkeeper of Riverwoods Development Corporation, was sentenced on August 11, 2004, after earlier pleading guilty to bank fraud for his role in the scheme. He was sentenced to 5 years’ probation and ordered to pay $41,187 in restitution to the FDIC. The former bookkeeper received a downward departure from the federal sentencing guidelines as a result of his cooperation with federal law enforcement in the investigation, which helped lead to the guilty pleas of the commercial contractor and the bank’s former president.
This case was investigated by the FDIC OIG, the FBI, and the IRS-CI, and was prosecuted by the U.S. Attorney’s Office for the District of Minnesota.
Judicial Action Taken Against Two Customers of the Failed Bank of Falkner
The indictment charged the defendant with 19 counts of making payments to the former Falkner CEO in exchange for a loan to purchase a large parcel of land in Alcorn County, Mississippi. According to the terms of their agreement, the defendant paid the former CEO one-half of the proceeds from the sale of any tract of the subject parcel; the 19 payments totaled $224,500. All but one of the payments were deposited into the bank account of the former CEO’s wife. The alleged illegal activity occurred between October 1996 and August 2000. This defendant was the fourth person charged to date in the case.
Also during this reporting period, on June 17, 2004, the owner of Blackton Equipment Company (Blackton), Walnut, Mississippi, pleaded guilty to the indictment filed against him in the U. S. District Court for the Northern District of Mississippi in April 2004. The indictment charged the defendant with one count of causing false entries to be made in the books and records of Falkner. The owner of Blackton was arrested by agents of the FDIC OIG and FBI on May 6, 2004. The indictment to which this defendant pleaded guilty alleged that he, aided and abetted by the former Falkner CEO, received a nominee loan in the name of one of his employees after the former CEO had been prohibited by FDIC examiners from advancing any more money to the defendant or his business. The defendant received advances totaling $86,531 on the loan.
As we previously reported, Falkner’s former CEO was sentenced following his plea of guilty in October 2002 to two counts of making false entries in the books and records of the bank with the "intent to deceive the FDIC and its agents and examiners" and one count of money laundering. One of the counts was based on a scheme through which he issued $4,824,660 in nominee loans to certain bank customers who were above their legal lending limits. Another count involved a scheme where he caused a bank employee to record advances of $3,642,686 on existing loans and to misapply those advances to other customers’ accounts in order to conceal overdrafts from the FDIC examiners. The money laundering charge to which he pleaded guilty was based on his helping a bank customer disguise the nature, location, source, and ownership of $1,709,497 another customer had on deposit with the bank.
The prosecution of this investigation is being handled by the U.S. Attorney’s Office for the Northern District of Mississippi and was based on an investigation conducted jointly by the FDIC OIG and the FBI; this investigation was initiated to examine the circumstances leading to the bank’s failure in September 2000.
Former Loan Officer Sentenced for Misapplication of Bank Funds and False Statements and Barred from Working in an FDIC-Insured Institution
As previously reported, the defendant pleaded guilty on February 6, 2004, to a two-count information charging him with misapplication of bank funds and false statements. In late 1999, while serving as a loan officer at Citizens First Bank, the defendant misapplied approximately $300,000 in funds from the line of credit of a bank customer to the operating account of another bank customer. During the same period, he made a false entry into the records of Citizens First Bank by creating a fictitious customer and a related $800,000 line of credit. The defendant continued his scheme of misapplying funds from other customer accounts as well as from fictitious accounts to a specific bank customer and at one point exposed the bank to over $7 million in uncollateralized outstanding loans. Eventually the customer, who claimed no knowledge of the defendant’s unauthorized actions, worked with bank officials to collateralize or otherwise pay off his outstanding debt. The defendant made other unauthorized loans that ultimately caused a loss to the bank, resulting in the ordered restitution.
The investigation was conducted jointly by the FDIC OIG and the FBI, and was prosecuted by the U.S. Attorney’s Office for the Northern District of Georgia.
Bank Customer at First State Bank of Harrah Sentenced for Bank Fraud
As previously reported, a jury found the defendant guilty in December 2003 on all counts of an indictment charging him with aiding and abetting, conspiracy, and bank fraud against FSBH.
The indictment charged that from September 1997 through December 1998 the defendant conspired with a former executive vice president of FSBH to defraud FSBH by creating a series of fraudulent nominee loans. The defendant recruited nominee borrowers to obtain loans. The loan proceeds from this scheme totaled $800,000 and were intended to benefit the defendant.
In August 2002, the former executive vice president of FSBH, who participated in the scheme, was sentenced in the U.S. District Court for the Western District of Oklahoma to 5 years’ probation, 180 days’ home incarceration, 208 hours of community service, and was ordered to pay restitution in the amount of $3,529,500.
The investigation of the activities involving FSBH was conducted jointly by the FDIC OIG and the FBI. The case was prosecuted by the U.S. Attorney’s Office,Western District of Oklahoma.
Fraud by FDIC Debtors
Owner of Company that Owed Over $3 Million to the Former First New York Bank for Business Pleads Guilty to Conspiracy to Commit Bank Fraud
As alleged in the indictment, beginning in March 1990 the defendants entered into a series of loan agreements, guarantees, and promissory notes on behalf of their company with First New York. In 1992, the defendants acknowledged they had defaulted on the loans and entered into repayment agreements with First New York in which, among other things, they agreed to repay the loans by granting First New York the right to clear all payments made by the company’s customers. The defendants also agreed to direct all present and future customers to make their payments directly to First New York.
However, unbeknownst to First New York, between July 1992 and August 1995, the defendants deposited accounts-receivable payments owed to First New York pursuant to the agreements into an account they had set up at another bank. The indictment also alleged that, in furtherance of their scheme, they formed a series of shell companies, which they used to falsely hide business activities between the company and its customers, thereby circumventing the repayment agreement with First New York.
The OIG initiated this investigation based on a referral from the FDIC Legal Division, which became aware of questionable transfers during the discovery phase of civil litigation with the company over its debt.
Misrepresentations Regarding FDIC Insurance or Affiliation
San Clemente Securities, Inc. Brokers Plead Guilty
Two of the former SCS brokers each pleaded guilty to one count of misprision of a felony for their knowledge and concealment of the alleged felonies committed by the other parties indicted in this on-going investigation. In August 2003, an 80-count superseding indictment was returned against the two defendants and against the two co-owners of SCS and United Custodial Corporation (UCC), located in San Clemente, California. The 80-count superseding indictment charged all defendants with conspiracy, false bank entries, false statements, mail fraud, wire fraud, bank fraud, securities fraud, and investment advisor fraud.
As alleged in the indictment, the defendants schemed to defraud various financial institutions and individual investors by inducing them to enter into investment contracts in order to purchase certificates of deposit (CDs) and other securities issued by the Federal Home Loan Mortgage Corporation and the Federal National Mortgage Association, which would be held and managed for investors by UCC.
As part of their scheme, the defendants falsely and fraudulently failed to advise investors that SCS and UCC would subtract undisclosed fees and commissions from the amount invested. The defendants also made false representations regarding FDIC insurance coverage of the CDs. The investment confirmations and statements sent to investors were false and intentionally misleading, and money paid to investors when they liquidated an investment prior to maturity was actually money funded by another investment or by other persons. The investors had no ownership in any investment which would be purchased in UCC’s name. In addition, in 1997, SCS, along with its co-owners, had been banned by the National Credit Union Administration from doing business with federally insured credit unions because of their deceptive practices.
On May 3, 2004, the third former SCS broker pleaded guilty to aiding and abetting the obstruction of an examination of a financial institution. This defendant had been indicted in March 2004, along with the two co-owners of SCS and UCC and the former president of Heritage Savings Bank (Heritage), Terrell, Texas.
During July and August of 1998, the Office of Thrift Supervision (OTS) conducted an examination of Terrell Federal Savings and Loan, the name of which was later changed to Heritage. During the examination, the former president was asked by the OTS to confirm liquidation values of the nine zero-coupon CDs he had purchased from the defendant through SCS. The defendant prepared a spread-sheet purporting to represent present liquidation values for the CDs. The defendant admitted he knew the values represented on the spread-sheet did not disclose or reflect the amounts of premiums that had been deducted by SCS from the amounts paid for the assets by Heritage. The defendant admitted that he was aware that the former president intended to communicate the stated values he was provided to the OTS.
Sentencing for the three former SCS brokers has been delayed pending their cooperation with the prosecution of the co-owners of SCS and UCC.
The case is being investigated by the FDIC OIG and the FBI and is being prosecuted by the U.S. Attorney’s Office for the Northern District of Texas. The investigation was initiated based on a referral from DSC.
Former DSC Examiner Sentenced
The defendant was a certified bank examiner for 13 years with the FDIC in Albany, Georgia, and resigned from her position in June 2004.
The case was investigated as a result of information provided by the FDIC’s DSC. The case was prosecuted by the U.S. Attorney’s Office for the Middle District of Georgia.
FDIC Employee Receives 30-Day Suspension for Inappropriate Use of Computer
[ D ]
Office of Investigations’ Peer Review Activities
Our office continued to aggressively pursue our four main OIG goals and related objectives during the reporting period. These goals and objectives form the blueprint for our work. While the audit, evaluation, and investigative work described in the earlier sections of this report drives our organization and contributes very fundamentally to the accomplishment of our goals, a number of other activities and initiatives complement and support these efforts and enhance the achievement of our goals. Some examples follow.
Value and Impact: OIG products will add value by achieving significant impact related to addressing issues of importance to the Chairman, the Congress, and the public. This goal means that we contribute to ensuring the protection of insured depositors, safety and soundness of FDIC-supervised institutions, protection of consumer rights, achievement of recovery to creditors of receiverships, and effective management of agency resources. Efforts in support of this goal and related objectives include the following:
[ D ]
[ D ]
[ D ]
[ D ]
Reader’s Guide to Inspector General Act Reporting Terms
What Happens When Auditors Identify Monetary Benefits?
The Inspector General Act defines the terminology and establishes the reporting requirements for the identification and disposition of questioned costs in audit reports. To understand how this process works, it is helpful to know the key terms and how they relate to each other.
The first step in the process is when the audit report identifying questioned costs1 is issued to FDIC management. Auditors question costs because of an alleged violation of a provision of a law, regulation, contract, grant, cooperative agreement, or other agreement or document governing the expenditure of funds. In addition, a questioned cost may be a finding in which, at the time of the audit, a cost is not supported by adequate documentation; or, a finding that the expenditure of funds for the intended purpose is unnecessary or unreasonable.
The next step in the process is for FDIC management to make a decision about the questioned costs. The Inspector General Act describes a "management decision" as the final decision issued by management after evaluation of the finding(s) and recommendation(s) included in an audit report, including actions deemed to be necessary. In the case of questioned costs, this management decision must specifically address the questioned costs by either disallowing or not disallowing these costs. A"disallowed cost," according to the Inspector General Act, is a questioned cost that management, in a management decision, has sustained or agreed should not be charged to the government.
Once management has disallowed a cost and, in effect, sustained the auditor’s questioned costs, the last step in the process takes place which culminates in the "final action." As defined in the Inspector General Act, final action is the completion of all actions that management has determined, via the management decision process, are necessary to resolve the findings and recommendations included in an audit report. In the case of disallowed costs, management will typically evaluate factors beyond the conditions in the audit report, such as qualitative judgments of value received or the cost to litigate, and decide whether it is in the Corporation’s best interest to pursue recovery of the disallowed costs. The Corporation is responsible for reporting the disposition of the disallowed costs, the amounts recovered, and amounts not recovered.
Except for a few key differences, the process for reports with recommendations that funds be put to better use is generally the same as the process for reports with questioned costs. The audit report recommends an action that will result in funds to be used more efficiently rather than identifying amounts that may need to be eventually recovered. Consequently, the management decisions and final actions address the implementation of the recommended actions and not the disallowance or recovery of costs.
1 It is important to note that the OIG does not always expect 100 percent recovery of all costs questioned.
Reader’s Guide to Inspector General Act Reporting Terms
This table shows the corrective actions management has agreed to implement but has not completed, along with associated monetary amounts. In some cases, these corrective actions are different from the initial recommendations made in the audit reports. However, the OIG has agreed that the planned actions meet the intent of the initial recommendations. The information in this table is based on (1) information supplied by the FDIC’s Office of Enterprise Risk Management (OERM) and (2) the OIG’s determination of closed recommendations for reports issued after March 31, 2002. These 13 recommendations from 8 reports involve improvements in operations and programs. OERM has categorized the status of these recommendations as follows:
Management Action in Process: (13 recommendations from 8 reports)
The OIG has not evaluated management’s actions in response to OIG recommendations.
During this reporting period, there were no recommendations without management decisions.
During this reporting period, there were no significant revised management decisions.
During this reporting period, there were no significant management decisions with which the OIG disagreed.
During this reporting period, there were no instances where information was refused.
[ NOTE:This report has been physically divided into two sections in order to maintain download performance ]
Link to Section II of the OIG's Semiannual Report to the Congress (contains FY 2004 Perfromance Report)