Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

The FDIC's Freedom of Information Act Response Process

This is the accessible text file for FDIC OIG report number EVAL-16-003 entitled 'The FDIC’s Freedom of Information Act Response Process'.

This text file was formatted by the FDIC OIG to be accessible to users with visual impairments.

We have maintained the structural and data integrity of the original printed product in this text file to the extent possbile. Accessibility features, such as descriptions of tables, footnotes, and the text of the Corporation’s comments, are provided but may not exactly duplicate the presentation or format of the printed version.

The portable document format (PDF) file also posted on our Web site is an exact electronic replica of the printed version.

Federal Deposit Insurance Corporation

Office of Inspector General

Office of Audits and Evaluations

Report No. EVAL-16-003

March 2016

Executive Summary

Why We Did the Evaluation

The Chairman, Committee on Homeland Security and Governmental Affairs, United States Senate, sent a letter dated June 23, 2015, to Acting Inspector General Fred W. Gibson, Jr., requesting that the FDIC Office of Inspector General (OIG) analyze “non-career officials’ involvement in the Freedom of Information Act (FOIA) response process…for the period of January 1, 2007, to the present.” The letter elaborated that if non-career officials were involved in the FOIA response process, the Committee requested that we “analyze whether their involvement resulted in any undue delay of a response to any FOIA request or the withholding of any document or portion of any document that would have otherwise been released but for the non-career official’s involvement in the process.” The Committee sent a similar letter to most federal OIGs.

Our evaluation objective was to analyze the extent and impact of select senior FDIC officials’ involvement in the FOIA agency response process. We conducted this evaluation in accordance with the Council of the Inspectors General on Integrity and Efficiency’s Quality Standards for Inspection and Evaluation.

Background

Enacted in 1966, FOIA bestows a right upon the American public to request records created by Executive Branch departments and agencies. FOIA does not require requesters to articulate a reason for the request and creates a presumption of access, so long as the request does not encompass any of the categories of information exempted from the statute. Agencies may withhold or redact records if they contain information that is exempt from FOIA’s disclosure requirements. FOIA generally requires an agency to respond within 20 business days after receiving a request, but there several exceptions to this requirement. The FOIA statute does not set forth expectations of whether, and to what extent, non-career officials can be involved in processing FOIA requests.

The FDIC currently has three non-career officials: the Chairman, Vice Chairman, and one Schedule C employee. The FDIC has employed four other non-career officials during the period from January 1, 2007 through June 30, 2015, the cutoff date for our testing. Based on discussions with Committee staff, we also included in the scope of this evaluation four corporate officer positions, which are held by three individuals, at the Deputy to the Chairman level, because the Bylaws of the Federal Deposit Insurance Corporation define their powers and duties as having broad authority to act on behalf of the Chairman.

The FOIA/Privacy Act (FOIA/PA) Group within the Legal Division has been delegated the authority for processing the FDIC’s FOIA requests.

Evaluation Results At the FDIC, the Chairman and the corporate officers that we included in the scope of this evaluation are made aware of requests and responses to FOIA requests that the Legal Division deems to be sensitive, including media or blogger requests. Eleven percent of all FOIA requests the FDIC received from September 16, 2010 through June 30, 2015, were considered sensitive, were from the media or bloggers, or both. Other non-career officials have not been involved in the FOIA process.

We reviewed a non-statistical sample of 52 FOIA requests. For 48 of the 52 FOIA requests, the Chairman’s and select corporate officers’ involvement was limited to awareness through email notices of a sensitive FOIA request when the request was received, weekly reports to the Chairman’s office that included high-level status updates, and an email notice before responsive records were sent to the requester.

Four requests exhibited heightened involvement by the Chairman, select corporate officers, or both that affected how the FDIC responded to the FOIA requests, and such involvement was for more than typical awareness. For those four requests, the heightened involvement resulted in, respectively:

• redaction of more information than what the FOIA/PA Group initially suggested on the basis that the further-redacted information was privileged communications within or between agencies or information that concerned the supervision of financial institutions; • a 16-business-day delay in the FDIC releasing information; • a fee waiver rejection being reconsidered and the FDIC waiving fees, and the FDIC releasing more information than what the FOIA/PA Group initially recommended; and • the FDIC releasing additional information, but a 32-business-day delay in the FDIC releasing the information. In completing this evaluation, we observed several issues related to the FDIC’s management of its FOIA program that were not significant in relation to this evaluation’s objective. We have shared our observations and suggestions with management separately. Management agreed to thoroughly review those suggestions and consider appropriate ways to incorporate them into the FDIC’s FOIA program.

Summary of Corporation Comments

In a response dated March 7, 2016, to a draft of this report, the General Counsel welcomed confirmation from our review that the involvement by the FDIC's non-career officials and select corporate officials in 48 of the 52 cases that we reviewed was limited to awareness of FOIA requests. Further, the General Counsel, as Chief FOIA Officer, addressed the Senate Committee’s request for a written certification from the FDIC's Chief FOIA Officer that (1) no non-career officials were involved in the FDIC's response to any FOIA request or (2) if such involvement occurred, the involvement of non-career officials has never resulted in the undue delay of a response to a FOIA request or the provision of less information than would have been provided but for the involvement of the non-career officials.

[End of Executive Suumary]

Contents

Background

Evaluation Results 8 The Chairman and Select Corporate Officers Are Made Aware of Some FOIA Requests The Chairman’s and Select Corporate Officers’ Involvement Affected a Limited Number of FOIA Requests Opportunities Exist to Strengthen the FDIC’s FOIA Program

Summary of Corporation Comments

Appendices 1. Objective, Scope, and Methodology 2. Letter from the Chairman, Senate Committee on Homeland Security and Governmental Affairs 3. FDIC FOIA Program Statistical Data 4. Glossary 5. Acronyms and Abbreviations 6. Corporation Comments

Tables 1. FDIC Officials Within the Scope of this Evaluation 2. Categorized FOIA Requests – September 16, 2010 through June 30, 2015 3. Request Disposition – September 16, 2010 through June 30, 2015 4. Appeal Determinations – September 16, 2010 through June 30, 2015 5. FDIC, FRB, and OCC Average Processing Days – Fiscal Years 2008 – 2014

Figures 1. FOIA/PA Group Organizational Placement 2. FOIA Response Process 3. FOIA Request Processing Time – September 16, 2010 through June 30, 2015

[End of Contents]

[FDIC Letterhead, FDIC logo, Federal Deposit Insurance Corporation, Office of Inspector General, Office of Audits and Evaluations 3501 Fairfax Drive, Arlington, Virginia 22226]

DATE: March 8, 2016

MEMORANDUM TO: Charles Yi, General Counsel, Legal Division

FROM: E. Marshall Gentry, Assistant Inspector General for Evaluations

SUBJECT: The FDIC’s Freedom of Information Act Response Process (Report No. EVAL-16-003)

Senator Ron Johnson, Chairman of the United States Senate Committee on Homeland Security and Governmental Affairs, sent a letter dated June 23, 2015, to Acting Inspector General Fred W. Gibson, Jr., requesting that the FDIC Office of Inspector General (OIG) analyze “non-career officials’ involvement in the Freedom of Information Act (FOIA) response process…for the period of January 1, 2007, to the present.” If non-career officials were involved in the FOIA response process, Senator Johnson’s letter requested that we “analyze whether their involvement resulted in any undue delay of a response to any FOIA request or the withholding of any document or portion of any document that would have otherwise been released but for the non-career official’s involvement in the process.” The Committee sent a similar letter to most federal OIGs.

This report presents the results of our evaluation to analyze the extent and impact of select senior FDIC officials’ involvement in the FOIA agency response process for the period January 1, 2007 through June 30, 2015.1 We conducted this evaluation in accordance with the Council of the Inspectors General on Integrity and Efficiency’s Quality Standards for Inspection and Evaluation. Appendix 1 of this report includes additional details on our objective, scope, and methodology. Appendix 2 contains Senator Johnson’s letter. Additional appendices include statistical data on the FDIC’s FOIA program, a glossary,2 acronyms and abbreviations, and the Corporation’s comments on this report.

Footnote 1: We unilaterally established June 30, 2015, as the end of the evaluation scope period to establish a defined point against which we would measure our results.

Footnote 2: Terms underlined when first used in the report are defined in Appendix 4, Glossary.



Background

Enacted in 1966, FOIA bestows a right upon the American public to request records created by Executive Branch departments and agencies.3 FOIA does not require requesters to articulate a reason for the request and creates a presumption of access, so long as the request does not encompass any of the nine categories of information exempted from the statute.4 The FOIA statute does not set forth expectations of whether, and to what extent, non-career officials can be involved in processing FOIA requests.

Footnote 3: 5 U.S.C. § 552.

Footnote 4: Id. at § 552(b). FOIA states that agencies may withhold the following nine categories: (1) information that is classified to protect national security; (2) information related solely to the internal personnel rules and practices of an agency; (3) information that is prohibited from disclosure by another federal law; (4) trade secrets or commercial or financial information that is confidential or privileged; (5) privileged communications within or between agencies; (6) information that, if disclosed, would invade another individual's personal privacy; (7) certain information compiled for law enforcement purposes; (8) information that concerns the supervision of financial institutions; and (9) geological information on wells.

Committee on Homeland Security and Governmental Affairs staff confirmed that “non-career officials” include presidential appointments, Schedule C appointments,5 and appointments of anyone whose employment had to go through the White House Office of Personnel. The Committee staff also agreed with our evaluation focus on any impact of non-career officials’ involvement rather than just undue delay of a response to any FOIA request or the withholding of any document or portion of any document.

Footnote 5: Schedule C is an appointment authority for positions excepted from the competitive service because of their confidential or policy-determining character. Schedule C positions typically either involve making or approving substantive policy recommendations, or the work of the position can be performed successfully only by someone with a thorough knowledge of and sympathy with the goals, priorities, and preferences of an official who has a confidential or policy determining relationship with the President or the agency head. The immediate supervisor of a Schedule C position must be a Presidential appointee, a Senior Executive Service appointee (career or non-career) occupying a General position, or a Schedule C appointee. Senior Executive Service is not applicable to the FDIC.

Chairman Johnson’s letter also requested a written certification from the FDIC’s Chief FOIA Officer that (1) no non-career officials were involved in the FDIC's response to any FOIA request or (2) if such involvement occurred, the involvement of non-career officials has never resulted in the undue delay of a response to a FOIA request or the provision of less information than would have been provided but for the involvement of the non-career officials. We referred this matter to the FDIC’s General Counsel, who serves as the Corporation’s Chief FOIA Officer, to respond directly to Chairman Johnson.

Relevant FDIC Officials

The FDIC currently has three non-career officials: the Chairman, Vice Chairman, and one Schedule C employee. The FDIC has employed four other non-career officials during the period from January 1, 2007 through June 30, 2015. We excluded all FDIC OIG FOIA matters from the scope of our evaluation; therefore, we did not include the FDIC’s former Inspector General, who was a presidential appointee, among the FDIC officials we reviewed.

In discussions with Committee staff, we understood that the Committee was also concerned about agency staff who could act on behalf of non-career officials or were close advisors. The Bylaws of the Federal Deposit Insurance Corporation define the powers and duties of the Deputy to the Chairman, the Deputy to the Chairman for Communications, the Deputy to the Chairman and Chief Operating Officer, and the Chief of Staff as having broad authority to act on behalf of the Chairman. Therefore, we included those corporate officer positions, which are held by three individuals, within our evaluation scope. Currently, the Deputy to the Chairman and Chief Operating Officer position and the Chief of Staff position are occupied by one individual, which in this report we will refer to as the COO.

The FDIC Board of Directors appoints corporate officers upon the recommendation of the Chairman, and corporate officers hold their respective offices for terms as the Board determines.

Table 1: FDIC Officials Within the Scope of this Evaluation

[End of Table 1]

Row 1 Position - Non-Career Officials: Chairman; previously Vice Chairman and Acting Chairman Start: Prior to 01/01/2007 End: Currently employed

Row 2 Position - Non-Career Officials: Writer-Editor (Schedule C) Start: 01/04/2010 End: Currently employed

Row 3 Position - Non-Career Officials: Vice Chairman Start: 04/16/2012 End: Currently employed

Row 4 Position - Non-Career Officials: Appointive Director Start: 04/16/2012 End: 06/04/2015

Row 5 Position - Non-Career Officials: Director, Office of Public Affairs (Schedule C)a Start: 04/16/2007 End: 09/23/2014

Row 6 Position - Non-Career Officials: Appointive Director Start: Prior to 01/01/2007 End: 04/07/2012

Row 7 Position - Non-Career Officials: Chief of Staff (Schedule C)b Start: Prior to 01/01/2007 End: 07/08/2011

Row 8 Position - Non-Career Officials: Former Chairman Start: Prior to 01/01/2007 End: 07/08/2011

Row 9 Position - Select FDIC Officers: Deputy to the Chairmanc Start: 08/28/2011 End: Currently employed

Row 10 Position - Select FDIC Officers: Deputy to the Chairman for Communications Start: 11/16/2014 End: Currently employed

Row 11 Position - Select FDIC Officers: Deputy to the Chairman and Chief Operating Officer, Chief of Staff d Start: 07/11/2011 End: Currently employed

Source: United States Government Policy and Supporting Positions (Plum Book), 2008 and 2012 editions; FDIC Human Resources Branch. a This non-career official was appointed as Deputy to the Chairman for Communications, a corporate officer position, in June 2012. b Effective July 11, 2011, this official became Senior Advisor to the Chairman for Transition until his departure from the FDIC on April 6, 2012. c This official was employed with the FDIC in positions outside the scope of this assignment prior to appointment as Deputy to the Chairman. d This official was appointed Chief of Staff July 11, 2011, before the Board designated Chief of Staff to be a corporate officer position on October 11, 2011. This official subsequently was appointed concurrently as Deputy to the Chairman and Chief Operating Officer, effective January 24, 2014. [End of Table 1]

The FDIC’s FOIA Program The FDIC received 4,031 FOIA requests from September 16, 2010, the date that the FDIC implemented FOIAXpress, the Corporation’s FOIA case processing system, through June 30, 2015.6 Within that period, the number of requests received annually decreased over time.

Footnote 6: We did not analyze FOIA requests from January 1, 2007, to September 16, 2010, because some data fields necessary for our review, including information on who suggested or made redactions and the actual responsive records provided to the requester, were not migrated into FOIAXpress. Additionally, some records likely would have been destroyed in accordance with the FDIC’s record retention schedule. See Appendix 1 for details on our methodology.

When the FDIC receives a FOIA request, it makes one of these determinations:

• Fully grant the request, which occurred with 25.7 percent of the 4,031 FOIA requests that we analyzed; • Partially grant the request and partially deny the request based on FOIA statute exemptions, which occurred with 15.8 percent of the 4,031 FOIA requests that we analyzed; • Fully deny the request based on FOIA statute exemptions, which occurred with 5.8 percent of the 4,031 FOIA requests that we analyzed; or • Fully deny the request based on other reasons permitted under the FOIA statute, such as there being no agency records, the requester not reasonably describing the records, the requester not agreeing to pay the search fees, or the request being withdrawn, which occurred with 52.7 percent of the 4,031 FOIA requests that we analyzed.

Table 3 in Appendix 3 provides more detail on the FDIC’s request dispositions.

FDIC Circular 1023.1, Procedures for Processing FOIA Requests, confers upon the FOIA/Privacy Act7 (FOIA/PA) Group responsibility for processing the FDIC’s FOIA requests. As shown in the figure to the right, the FOIA/PA Group is part of the FDIC’s Legal Division. It is led by a Supervisory Counsel with seven staff reports: two counsels, four government information specialists, and one FOIA technician. The Supervisory Counsel of the FOIA/PA Group reports to the Senior Counsel of the Opinions Unit, who in turn reports to the Assistant General Counsel (AGC) of the Legislation, Regulations and Opinions Section. The AGC reports to a Deputy General Counsel, who in turn reports to the General Counsel and Chief FOIA Officer.

Footnote 7: The Privacy Act is a federal statute that permits an individual to seek access to agency records pertaining to him or herself, provided the record is maintained within a “system of records,” i.e., the record is retrievable by an individual requester’s name or personal identifier. This evaluation’s scope did not include reviewing the FDIC’s response to any Privacy Act records requests.

Figure 1: FOIA/PA Group Organizational Placement

Top level - General Counsel and Chief FOIA Officer

2nd level - Deputy General Counsel, Consumer, Enforcement/ Employment, Insurance and Legislation Branch

3rd level - Assistant General Counsel, Legislation, Regulations and Opinions Section

4th level - Senior Counsel, Opinions Unit

5 th level - Supervisory Counsel, FOIA/Privacy Act Group

Source: Legal Division organizational chart dated August 10, 2015. [End of figure 1]

The FDIC’s FOIA Response Process

The FDIC’s FOIA System supports the FDIC’s FOIA response process. It consists of two components. One is the Public Access Link (PAL), a secure web-based portal that enables members of the public to submit and view their FOIA and Privacy Act requests, download their requested documents, and view documents in the FDIC’s online Public Reading Room. The other component is FOIAXpress, which automates and streamlines the tracking, processing, and reporting of the FOIA requests received by the FDIC Legal Division’s FOIA/PA Group.

At a high level, the following figure captures the FDIC’s FOIA response process, as discussed further following the figure.

Figure 2: FOIA Response Process

Complex flow chart, description of process provided in following paragraphs

Source: Generated by the OIG from information gathered during this evaluation. [End of figure 2]

Receipt and Screening.

Currently, the FDIC receives about 90 percent of its FOIA requests electronically via PAL or email. The FDIC receives the remaining 10 percent of requests through mail or fax. The Supervisory Counsel or his designee reviews each request to determine if the source is the media, including bloggers, or if for some other reason the request should be deemed “sensitive” and warrants additional scrutiny.

The FOIA/PA Group considers a request sensitive if it relates to the Chairman’s office, may be of particular interest to the Chairman, involves congressional correspondence, or is from a political watchdog or advocacy group or lobbyist; there are no defined criteria for designating a request as sensitive.

The Supervisory Counsel or his designee then assigns each request to a government information specialist, who ensures the request meets the FOIA requirements and FDIC regulations, and determines whether the FDIC has responsive records.

Processing. FOIA requires agencies to make their determination on valid FOIA requests within 20 business days unless (1) a requester asks for and is granted expedited processing, in which case, the records are to be provided as soon as practicable, or (2) the request involves unusual circumstances.8 If a request involves unusual circumstances, FOIA allows agencies an additional 10 business days to respond by giving written notice to the requester, or allows for an alternative time period as agreed to by the requester. The FDIC’s FOIA regulations include a third option for unusual circumstances that states the timeframe can be one that the FDIC reasonably determines with notice to the requester.

Footnote 8: Under 12 CFR §309, Disclosure of Information, unusual circumstances include: (1) the need to search for and collect records requested that are not located at the FDIC’s Washington office; (2) the records requested are voluminous or are not in close proximity to one another; or (3) there is a need to consult with another agency or among two or more components of the FDIC having a substantial interest in the determination.

The response timeframe at the FDIC begins once the FOIA/PA Group deems the request to be properly made, or “perfected.” Agencies may suspend processing time to clarify requests or to resolve fee issues with a requester. The FOIA/PA Group assigns perfected requests to the FDIC division(s) or office(s) believed to have responsive records, and the division or office provides responsive records and proposed redactions.

The FOIA/PA Group usually reviews the records and proposed redactions, and may also review them with members of Legal Division management9 or with the Chairman and select corporate officers,10 depending on the sensitivity of the request. The General Counsel, as the FDIC’s Chief FOIA Officer, has delegated authority to authorize or deny proposed redactions to various members of the Legal Division and FOIA/PA Group; in practice, however, the sensitivity of the request determines the level at which this authorization or denial is made. Once the FOIA/PA Group makes a determination on a given request, the AGC reviews the determination before the FOIA/PA Group releases the records to the requester. For sensitive and media or blogger requests, the Legal Division advises the COO and Deputy to the Chairman for Communications of the determination before the FOIA/PA Group releases the records to the requester. FOIA allows for multi-track processing based on the amount of time or work needed to respond to a request, but does not discuss processing considerations due solely to the nature of the request or requester.

Footnote 9: In the context of the FDIC’s FOIA response process, references to Legal Division management could refer to the AGC or Deputy General Counsel.

Footnote 10: For this report, references to “select corporate officers” refer collectively to the four officers (whether encumbered by three people or four) within the scope of this evaluation: Deputy to the Chairman and Chief Operating Officer; Chief of Staff; Deputy to the Chairman; and Deputy to the Chairman for Communications.

Assessing Fees. The FOIA statute allows agencies to assess a fee to cover search and review time and duplication costs. The amount and type of fees assessed depend upon the requester’s fee category, which the FOIA/PA Group determines. Under the FDIC’s FOIA regulations, requesters are asked to provide a dollar amount of fees that they would be prepared to pay if fees are required.

FOIA allows some requesters to receive records by paying a reduced amount of fees or without paying any fees if disclosure of the requested information is in the public interest because it is likely to contribute significantly to public understanding of government operations or activities. The request for information also must not be primarily in the commercial interest of the requester. The FOIA/PA Group assesses each fee waiver request on a case-by-case basis using a six-part test established by the Department of Justice (DOJ).

For requests that do not meet the criteria for a fee waiver or where fees exceed the amount agreed by the requester, the FDIC prepares a written cost estimate if the requester has not specifically agreed to pay the charges associated with the request and the expected cost of fulfilling the request exceeds $10. The requester must agree to the estimate in writing, and if the estimated costs exceed $250, the requester must also provide a deposit of 20 percent of the total estimated costs.

Sensitive and Media or Blogger Requests. From September 16, 2010 through June 30, 2015, 11 percent of the 4,031 total FOIA requests received by the FDIC were classified as either sensitive or from the media or a blogger.

When the FOIA/PA Group deems a request to be sensitive or determines a request is from the media or a blogger, the Supervisory Counsel notifies the COO and Deputy to the Chairman for Communications via email. The Deputy General Counsel or the AGC subsequently reviews the FOIA/PA Group’s draft interim or final response and the proposed records and redactions and decide whether to discuss the proposed response with the COO and the Deputy to the Chairman for Communications for their awareness.

When the Deputy General Counsel or the AGC decides to discuss a proposed FOIA response with the Chairman’s office, the FOIA/PA Group, Senior Counsel, and they meet with the COO, the Deputy to the Chairman for Communications, and sometimes the Deputy to the Chairman to review and discuss the FOIA request and the FOIA/PA Group’s proposed response. In or as a result of those meetings, the FOIA/PA Group may receive direction on the processing of the request, including interpretation of the scope and reasonableness of a request, the editing of response letters, approval or denial of fee waivers, record release decisions, redaction recommendations, and the timing of the response itself.

If the response is not discussed with the COO and the Deputy to the Chairman for Communications, the FOIA/PA Group will notify them by email that the responsive records will be released by a certain date, but not sooner than the next day. If the FOIA/PA Group receives no questions or feedback in response to the email notification, the FOIA/PA Group releases the records on the stated date. If the FOIA/PA Group receives feedback within the notice period, the records are not released without the COO’s and Deputy to the Chairman for Communications’s approval.

Administrative Appeals. Requesters may administratively appeal five types of decisions, including denials of requests for records,11 within 30 business days after receipt of a denial. Appeals are sent to the FDIC General Counsel, and the Legal Division’s Corporate Litigation Unit (CLU) processes and makes determinations on the appeals. From September 16, 2010 through June 30, 2015, the FDIC received 153 appeals of FOIA decisions. The FDIC affirmed the original decision for the majority of appeals. The FDIC partially or completely reversed about 20 percent of the decisions through the appeals process.

Footnote 11: In addition to appealing denials of requests for records, requesters can also appeal the following: the denial of expedited treatment, the denial of a fee waiver, the implied denial of a request for records due to the FDIC’s failure to respond within the applicable time period, and the scope and adequacy of the FDIC’s search for responsive records.

Reporting. Each week, the Senior Counsel sends the COO and Deputy to the Chairman for Communications: (1) a list of FOIA requests that relate to or may affect the Chairman’s office or are otherwise considered sensitive and (2) a list of all pending requests from the media and bloggers. These lists include the requester’s name, organization, a description of the request, when the request was received, and any updates.

The FOIA/PA Group also reports certain FOIA processing statistics to the DOJ Office of Information Policy on a quarterly and annual basis. Quarterly statistics include the number of requests received and processed during the quarter, the number of requests backlogged at the end of the quarter, and the status of the FDIC’s 10 oldest pending requests from the previous fiscal year. The annual FOIA report, required by FOIA, contains general information on FOIA processing procedures and statistics on various data sets, such as the use of exemptions, response and processing times, and appeals.

Processing Time. To gain perspective on the FDIC’s FOIA program over time and in relation to other comparable agencies, we analyzed data from FOIAXpress and data reported to DOJ. We also compared the data FDIC reported to DOJ with the data reported by other financial regulatory agencies, including the Board of Governors of the Federal Reserve System (FRB) and the Office of the Comptroller of the Currency (OCC).

The FDIC’s average processing time recorded in FOIAXpress for non-sensitive requests was 10.8 business days, ranging from zero business days to 126 business days. In contrast, average processing time for requests classified as both sensitive and media or blogger was 22.6 business days, ranging from zero business days to 118 business days.

The FDIC’s reported average processing time was generally comparable or faster than FRB and OCC average processing times. The FDIC’s reported average processing time was generally less than 20 business days for fiscal years 2011 through 2014.

Appendix 3 provides more detailed statistical data on the FDIC’s FOIA program.

Evaluation Results

The Chairman and Select Corporate Officers Are Made Aware of Some FOIA Requests

At the FDIC, the COO and Deputy to the Chairman for Communications are made aware of requests and responses to FOIA requests that the Legal Division deems to be sensitive, including media or blogger requests. Eleven percent of all requests are considered sensitive, are from the media or bloggers, or both.

As explained above, the FOIA/PA Group notifies the COO and Deputy to the Chairman for Communications via email when the FDIC receives such FOIA requests and again before releasing the FDIC’s determination letter responding to the request. In addition, the FOIA/PA Group sends those officers weekly reports on all sensitive and media or blogger requests. Further, the Deputy General Counsel or the AGC may decide to review some FOIA requests with the COO. The Chairman and the Deputy to the Chairman have been made aware of and participated in meetings regarding some of those FOIA requests.

The Chairman’s and Select Corporate Officers’ Involvement Affected a Limited Number of FOIA Requests

To analyze the extent and impact of selected senior FDIC officials’ involvement in the FOIA agency response process, we tested a non-statistical sample of 52 FOIA requests. We selected requests that the Chairman and select corporate officers were made aware of and that we considered to present greater likelihood of their involvement. In 48 of the 52 FOIA requests that we reviewed, non-career officials and corporate officers’ involvement was limited to awareness through an email notice of a sensitive FOIA request when the request was received, weekly reports to the Chairman’s office that included high-level status updates, and an email notice before responsive records were sent to the requester.

Four other requests exhibited heightened involvement by the Chairman, select corporate officers, or both that affected how the FDIC responded to the FOIA requests, and such involvement was for more than typical awareness. For those four requests, the heightened involvement resulted in, respectively:

• redaction of more information than what the FOIA/PA Group initially suggested on the basis that the further-redacted information was privileged communications within or between agencies or information that concerned the supervision of financial institutions; • a 16-business-day delay in the FDIC releasing information; • a fee waiver rejection being reconsidered and the FDIC waiving fees, and the FDIC releasing more information than what the FOIA/PA Group initially recommended; and • the FDIC releasing additional information, but a 32-business-day delay in the FDIC releasing the information.

We describe further below each of those four requests and the extent and impact of non-career officials’ and corporate officers’ involvement.

Request 14-0150

In late 2013, the FDIC received a FOIA request from an individual for “copies of any and all records concerning, regarding, or relating to emails or documents referenced in former Chairman Sheila Bair’s book, Bull by the Horns, as detailed” in a 13-page table with page numbers and specific quotes from the book. The FOIA/PA Group designated the request as sensitive because of the content of the records requested (many of the records requested were emails and letters between former Chairman Bair and high-ranking government officials or advisors) and the expected interest the current Chairman may have in the request.

In addition to the routine weekly FOIA reports and notifications sent to the COO and Deputy to the Chairman for Communications for sensitive requests, the COO held a meeting requested by the FOIA/PA Group to discuss this request. The FOIA/PA Group brought copies of the 17 pages of responsive records and its proposed redactions to the meeting. The responsive records included correspondence regarding bank practices; risks to the banking industry; and regulatory authority among former Chairman Bair and the leaders of other financial regulatory agencies, bank and trade group presidents, and high-level advisors. The FOIA/PA Group recommended withholding discussions regarding Washington Mutual Bank on three pages of records and withholding small portions of two pages under FOIA exemption 5, privileged communications within or between agencies, and FOIA exemption 8, information that concerns the supervision of financial institutions.

Shortly after the meeting with the COO, five additional pages of responsive records were withheld under exemptions 5 and 8 rather than released as the FOIA/PA Group had recommended. The information regarding Washington Mutual Bank that the FOIA/PA Group recommended be withheld ultimately was released and redactions on another page were slightly changed without a significant effect on the amount or content of information released.

One FDIC employee who attended the meeting recalled that the FDIC tries to be as responsive to FOIA requests as possible, but this request was processed during a time when the FDIC was particularly sensitive to disclosing private information or predictions on the broader banking industry that could have repercussions on individual depository institutions. Recollections of who suggested and who approved the additional redactions are vague and differ among those who attended the meeting.

Request 14-0263

Shortly after the FOIA/PA Group requested a fee deposit and fee agreement from the requester in FOIA request 14-0150, the FDIC received a new request for exactly the same information from a government accountability group. Because the second request asked for the same information as the first request, the FOIA/PA Group aggregated the processing of the two requests, which is permissible under FOIA. The FOIA/PA Group processed this request using its usual procedures for sensitive requests, which included review by various members of the Legal Division. The Legal Division’s processing of the request took 67 business days (95 calendar days), not including 10 business days (14 calendar days) during which the FOIA/PA Group abated processing pending receipt of a fee agreement and deposit from the requester. During processing, the three corporate officers within the scope of this evaluation met with Legal Division management and the FOIA/PA Group twice; the Chairman attended one of these meetings.

Fifteen business days (21 calendar days) after the Legal Division completed its processing, this request was discussed at a third meeting with select corporate officers, which the Chairman also attended. During the time between the completion of the Legal Division’s processing and this meeting, regular weekly email reports to the Chairman’s office listed the status of this request as “final management review is pending.” The FDIC released redacted responsive records to the requester one business day (3 calendar days) after the meeting with the corporate officers and the Chairman, or a total of 16 business days (24 calendar days) after the FOIA/PA Group and its Legal Division management completed its processing.

Request 15-0008

In late 2014, the FDIC received a FOIA request from an advocacy group seeking records related to the FDIC’s shared-loss agreement with OneWest Bank, CIT Group’s proposed acquisition of OneWest Bank, and how the FDIC’s shared-loss and purchase and assumption agreements with OneWest Bank would be affected in the event of an acquisition. The FOIA/PA Group did not initially classify the request as sensitive. The FDIC received this request less than a month after a Legal Division reorganization that placed the FOIA/PA Group under the supervision of a new Senior Counsel and AGC, both of whom had limited FOIA experience.

The FOIA Group’s first response letter to the requester denied the requester’s fee waiver request. The denial prompted the requester to complain about the decision in one of its public comment letters in response to a Federal Register notice regarding the proposed merger of CIT Group and OneWest Bank. The requester also sent this letter directly to members of FDIC senior management and the COO, asking them to share it with the Chairman. The requester was also quoted in the media complaining about the decision to deny its fee waiver request. Those actions generated the Chairman’s interest in this request and prompted the Legal Division to change the FOIA request designation from non-sensitive to sensitive.

The requester provided the FOIA/PA Group additional justification for the fee waiver and clarified its initial request. The additional justification provided a basis for the Legal Division to overturn the fee waiver denial.

Throughout the processing of this request, numerous meetings were held with the FDIC Chairman, COO, FDIC Division of Resolutions and Receiverships (DRR) senior management, Legal Division senior management, and the FOIA/PA Group. Discussions at the meetings related to the requester’s complaints in its public comment letters and whether the FDIC could release shared-loss information requested. The Chairman and the COO were also briefed specifically on matters relating to the processing of the FOIA request, including fee waiver issues, draft correspondence to the requester, and which records could be released. When asked about this request, the Chairman and COO said that their involvement in this FOIA request was for awareness purposes only, and they were not involved in request processing, including the fee waiver decision.

After one meeting with the Chairman in which the FOIA/PA Group and others discussed this FOIA request, the Deputy General Counsel and AGC overseeing the FOIA/PA Group were called into an impromptu meeting with the Chairman. Following that meeting, Legal Division officials above the FOIA/PA Group reviewed and edited, as appropriate, all further correspondence related to this request. In addition, the FOIA/PA Group understood that all correspondence related to any FOIA request, which for a brief period included routine acknowledgements of receipt of a request, would have to be approved by the AGC.

The FDIC provided the requester 512 pages of responsive records and sent a six-page letter responding to concerns the requester raised in its public comment letter 33 business days (49 calendar days) after receiving the FOIA request. DRR had not previously released such information, but chose to release it in response to this request in an effort to be more transparent. The information that was released was, according to both DRR and Legal Division officials, already publicly available in receivership financial statements presented on the FDIC’s public website. No shared-loss information on individual loans was released.

Request 15-0038

In late 2014, the FDIC received a FOIA request from a government accountability group for records related to Operation Choke Point, third-party payment processors, short-term lenders, and payday lenders. The FOIA/PA Group designated the request as sensitive because of the heightened political interest in Operation Choke Point and the expected interest the Chairman and select corporate officers would have in this request. The FOIA/PA Group initially interpreted the request as overly broad and recommended denying processing in full. Before this determination was communicated to the requester, the FOIA/PA Group, Supervisory Counsel, AGC, and Deputy General Counsel, met with corporate officers, who recommended that the FOIA/PA Group work with the requester to clarify its request rather than deny processing it. The FDIC asked the requester to revise the request 22 business days (34 calendar days) after receiving it. Eight business days (10 calendar days) later, the requester clarified the information it was seeking, and the FOIA/PA Group began processing the perfected request.

The FDIC had received and was in the process of responding to a request from Congress for a similar set of records, and was a party to ongoing litigation involving related documents. Because CLU was processing the congressional request and overseeing the litigation, the FOIA/PA Group requested CLU’s assistance in determining how to process the FOIA request. After completing its search for records, determination of responsiveness, and redaction of responsive records, the FOIA/PA Group issued a determination letter to the requester 30 business days (47 calendar days) after receiving the perfected request. However, the FDIC did not produce concurrently the responsive records. This request was one of only two among the 434 requests deemed sensitive, from the media or bloggers, or both that the FDIC received between September 16, 2010 and June 30, 2015 in which the FOIA/PA Group did not produce responsive records simultaneously with issuing its determination letter.

The FOIA/PA Group provided its proposed responsive records to CLU, which reviewed the records to determine if any had been retrieved in processing the FOIA request that had not been produced to the Congress12 and to ensure that litigation records were not inappropriately released. CLU’s review took 49 business days (70 calendar days), and it proposed changes to redactions on approximately 70 pages of responsive records (about 13 percent of the responsive records), causing those pages to be withheld in full. The FOIA/PA Group concurred with and accepted CLU’s changes.

Footnote 12: We did not review the FDIC’s response to the Congressional request for Operation Choke Point records because that was outside of the scope of this evaluation.

After Legal Division management reviewed the responsive records, a meeting was held with corporate officers, during which the responsive records were reviewed. During this meeting, the COO requested additional time to make the Chairman aware that some of his emails would be released in response to the FOIA request; the COO indicated that she notified the Chairman the next day. Also on the day after the meeting, the FOIA/PA Group made small changes to the responsive records at the recommendation of an FDIC employee who authored the records and attended the previous day’s meeting. The FOIA/PA Group agreed with the recommendation to withhold the records under exemption 5.

The FDIC provided responsive records to the requester 32 business days (47 calendar days) later, one day after another meeting with corporate officers in which this request was briefly discussed. This delay occurred because of a miscommunication between the Legal Division and the Chairman’s office. Legal Division management and the FOIA/PA Group expressed that they had been waiting for explicit approval from the Chairman’s office, while the COO and the Deputy to the Chairman for Communications thought they had been briefed for awareness only and expected that the Legal Division would release the records without further discussions or meetings with them. For this request, the FDIC sent responsive records to the requester 162 business days (232 calendar days) after it issued its determination letter.

Opportunities Exist to Strengthen the FDIC’s FOIA Program

In completing this evaluation, we observed several issues related to the FDIC’s management of its FOIA program that we consider warrant management’s attention. Because these issues were not significant in relation to this evaluation’s objective, we have shared our observations with management separately, as well as offered some suggestions that could help management improve the Corporation’s FOIA program. Management agreed to thoroughly review those suggestions and consider appropriate ways to incorporate them into the FDIC’s FOIA program.

Summary of Corporation Comments

The General Counsel provided a written response, dated March 7, 2016, to a draft of this report. The response is presented in its entirety in Appendix 6. The General Counsel welcomed confirmation from our review that the involvement by the FDIC's non-career officials and select corporate officials in 48 of the 52 cases that we reviewed was limited to awareness of FOIA requests. Further, the General Counsel, as Chief FOIA Officer, addressed the Senate Committee’s request for a written certification from the FDIC's Chief FOIA Officer that (1) no non-career officials were involved in the FDIC's response to any FOIA request or (2) if such involvement occurred, the involvement of non-career officials has never resulted in the undue delay of a response to a FOIA request or the provision of less information than would have been provided but for the involvement of the non-career officials.

Appendix 1 Objective, Scope, and Methodology

Objective

Our evaluation objective was to analyze the extent and impact of select senior FDIC officials’ involvement in the FOIA agency response process.

We performed our work from June 2015 to January 2016 at the FDIC’s offices in Washington D.C. and Arlington, Virginia, in accordance with the Council of the Inspectors General on Integrity and Efficiency’s Quality Standards for Inspection and Evaluation.

Scope and Methodology

The scope of this evaluation included FOIA requests and the associated FOIA response process for the period January 1, 200713 through June 30, 2015. We limited our evaluation of FOIA requests received to the period of September 16, 2010, when FDIC implemented FOIAXpress, through June 30, 2015.14

Footnote 13: The Committee on Homeland Security and Governmental Affairs specified the beginning of the review period in a letter, dated July 23, 2015.

Footnote 14: We did not review requests from January 1, 2007 to September 16, 2010, prior to FOIAXpress implementation, because some data fields necessary for our review, including information on who suggested or made redactions and the actual responsive records provided to the requester, were not migrated into FOIAXpress. Senate staff had requested that we ask FDIC officials interviewed during this assignment if they were aware of any particular FOIA requests from prior to September 16, 2010, for which the FDIC’s non-career officials and selected officers were significantly involved. The interviewed FDIC officials did not identify any such requests.

To address our evaluation objective, we performed the following procedures and techniques:

• Identified and reviewed relevant FOIA laws, the FDIC’s regulations and directives pertaining to the FOIA process, delegations of authority, and other practices. • Identified current and former non-career officials, and three corporate officers based on their powers and duties relevant to the Chairman for the period under review. o Non-career officials included the following positions: - Chairman; - Vice Chairman; - Appointive Director; - Director, Office of Public Affairs; - Chief of Staff (as a Schedule C position); and - Writer-Editor. o Corporate officers included the following positions: - Deputy to the Chairman; - Deputy to the Chairman for Communications; - Deputy to the Chairman and Chief Operating Officer; and - Chief of Staff (upon its designation as a corporate officer position). • To gain an understanding of the procedures that the FDIC established and implemented relevant to the evaluation objective, we: o Documented the FOIA response process: - Obtained an historical perspective of the extent and impact of selected senior FDIC officials’ involvement in the FOIA response process; and - Gained an understanding of the FOIA administrative appeals process. - Reviewed the following prior audit, evaluation, and other oversight reports: - House Committee on Oversight and Government Reform, A New Era of Openness? How and Why Political Staff at DHS Interfered with the FOIA Process, Staff Report prepared for Chairman Darrell Issa, March 30, 2011; - Department of Homeland Security OIG, The DHS Privacy Office Implementation of the Freedom of Information Act, Report OIG-11-67, March 2011; - GAO, Freedom of Information Act: DHS Has Taken Steps to Enhance Its Program, but Opportunities Exist to Improve Efficiency and Cost- Effectiveness, GAO-09-260, March 2009; and - FDIC OIG, Federal Deposit Insurance Corporation’s Processing of Freedom of Information Act Requests, EVAL-99-001, February 1999. • To gain an understanding of the FDIC’s methodology in processing FOIA requests, we: o Reviewed a judgmental sample of FOIA requests; o Assessed the FDIC’s FOIA response timeliness at defined milestones by analyzing available reports and data in the following: - FOIAXpress, data of which was assessed for reliability; - Annual FOIA reports; - Chairman’s weekly reports; - Weekly reports of open media and blogger requests; and - Data from other agencies reported publicly, particularly on FOIA.gov. o Requested FDIC officials to identify particular FOIA requests from prior to September 2010 for which the FDIC’s non-career officials and selected officers were significantly involved. • Interviewed the following FDIC officials to determine their roles, responsibilities, and perspectives related to this evaluation’s objective: o FOIA/PA Group Supervisory Counsel and staff; o FOIA liaisons in the FDIC’s Division of Risk Management Supervision, Division of Resolutions and Receiverships, Division of Depositor and Consumer Protection; Division of Insurance and Research, Legal Division, and the Office of Complex Financial Institutions; o Senior Counsel of the Corporate Litigation Unit; o Chairman; o Vice Chairman; o Deputy to the Chairman; o Deputy to the Chairman for Communications; o Deputy to the Chairman and Chief Operating Officer, Chief of Staff; and o Writer-Editor.

Sampling Methodology

To analyze the extent and impact of select senior FDIC officials’ involvement in the FOIA agency response process, we tested a non-statistical sample of FOIA requests. As such, we cannot project our results to any FOIA requests that we did not test. All FOIA requests received from September 16, 2010 through June 30, 2015 constituted the sampling population. The FDIC received 4,031 FOIA requests in that period.

We excluded FOIA requests the FDIC received from January 1, 2007 through September 15, 2010 from our sampling population because information regarding the processing of those requests is limited. When the FDIC implemented the FOIAXpress system on September 16, 2010, certain data fields for FOIA requests received between August 29, 2007 and September 15, 2010 were migrated into the system. However, request processing information was kept in paper form, and certain key information, such as who made redactions to responsive records, was not documented. No data from requests received between January 1, 2007 and August 28, 2007 were migrated into FOIAXpress.

We roughly estimate that the FDIC received 5,000 requests in the time period January 1, 2007 through September 15, 2010. During discussions with members of the FOIA/PA Group and Legal Division, we asked them to recall any FOIA requests received since January 1, 2007 that garnered particular interest from the Chairman’s office. None of the requests identified by members of the FOIA/PA Group or Legal Division were received prior to September 16, 2010. For the FOIA requests the FDIC received from September 16, 2010 through June 30, 2015, we selected our sample from the 448 FOIA requests that FOIAXpress reflected as sensitive requests, media or blogger requests, or both, but excluded from our selection 14 of those that were OIG-related requests. We primarily selected our sample from the 79 of those 434 non-OIGrelated FOIA requests that we considered to present a higher risk of having the issues for which we were testing. We considered those risk factors to be:

• Longer processing times or total time from request receipt to request close; • Full and partial denials based on legal exemptions; or • Full denials due to other reasons.

We tested 52 FOIA requests, including 50 of the 79 FOIA requests that we considered to present a higher risk of having the issues for which we were testing, and two FOIA requests that the FOIA/PA Group and other FDIC officials identified as FOIA requests in which non-career officials or corporate officers significantly were involved during the request’s processing.

For the 52 FOIA requests we tested, we analyzed each to determine the impact of non-career officials’ or corporate officers’ involvement on the elapsed time to process a request and on the information ultimately released. We identified information related to these requests by conducting searches of selected Legal Division and senior FDIC officials’ email. We reviewed these emails along with correspondence items extracted from FOIAXpress and also interviewed FDIC officials involved in processing the requests. Specifically, we identified the following for each FOIA request:

• Contents of the FOIA request; • Recommendation by the FOIA/PA group on what information should be disclosed; • Non-career officials and select corporate officers involved in the response; • Records responsive to the request; • Records ultimately disclosed; and • Records or information not disclosed because of non-career officials’ and select corporate officers’ involvement.

Appendix 2 Letter from the Chairman, Senate Committee on Homeland Security and Governmental Affairs

RON JOHNSON, WISCONSIN, CHAIRMAN JOHN McCAIN. ARIZONA ROB PORTMAN. OHIO RAND PAUL. KENTUCKY JAMES LANKFORD. OKLAHOMA MICHAEL B. ENZI. WYOMING KELLY V AYOTTE. NEW HAMPSHIRE JONI ERNST.IOWA BEN SASSE. NEBRASKA THOMAS A. CARPER. DELAWARE CLAIRE McCASKILL. MISSOURI JON TESTER. MONTANA TAMMY BALDWIN. WISCONSIN HEIDI HEITKAMP, NORTH DAKOTA CORY A BOOKER, NEW JERSEY GARY C. PETERS, MICHIGAN

KEITli B. ASHOOWN, STAFF DIRECTOR GABRIELLE A. BATKIN, MINORITY STAFF DIRECTOR

UNITED STATES SENATE

COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS WASHINGTON, DC 20510- 6250

June 23,2015

Mr. Fred W. Gibson Acting Inspector General U.S. Federal Deposit Insurance Corporation 3501 Fairfax Drive Arlington, VA 22226

Dear Mr. Gibson:

The Committee on Homeland Security and Governmental Affairs is conducting oversight of how Executive Branch departments and agencies respond to Freedom of Information Act (FOIA) requests. The Committee recognizes the important role that FOIA plays in holding the government accountable to American taxpayers and seeks to ensure that government officials do not interfere with the FOIA process to inhibit transparency. Accordingly, as the Committee examines how departments and agencies comply with FOIA, the Committee is interested in learning about any involvement by non-career officials with the FOIA process at the Federal Deposit Insurance Corporation.

Enacted in 1966, FOIA bestows a right upon the American public to request records created by Executive Branch departments and agencies.' FOIA does not require requestors to articulate a reason for the request and creates a presumption of access so long as the request does not encompass any of the nine categories of information exempted from the statute? This right of openness and transparency guaranteed by FOIA allows the American public to understand how their government is operating-a concept essential to perpetuate a flouri shing democracy. FOIA, therefore, is a critical tool available to the American public to learn and understand how their government is acting on their behalf, as well as to hold the government accountable for its actions.

Footnote 1: 5 U.S.C. § 552.

Footnote 2: Id. at§ 552(b). FOIA states that agencies may withhold the following nine categories: ( I) information that is classified to protect national security; (2) information related solely to the internal personnel rules and practices of an agency; (3) information that is prohibited from disclosure by another federal law; (4) trade secrets or commercial or financial information that is confidential or privileged; (5) privileged communications within or between agencies; (6) information that, if disclosed, would invade another individual's personal privacy; (7) certain information compiled for law enforcement purposes; (8) information that concerns the supervision of financial institutions; and (9) geological information on wells. Id.

Just one day after taking office, President Obama issued a memorandum to all heads of Executive Branch departments and agencies emphasizing that openness and transparency are fundamental aspects ofFOIA? President Obama stated:

The Freedom of Information Act should be administered with a clear presumption: In the face of doubt, openness prevails. The Government should not keep information confidential merely because pubic officials might be embarrassed by disclosure, because errors and failures might be revealed, or because of speculative or abstract fears. Nondisclosure should never be based on an effort to protect the personal interests of Government officials at the expense of those they are supposed to serve. In responding to requests under the FOIA, executive branch agencies should act promptly and in a spirit of cooperation, recognizing that such agencies are servants of the public.4

Footnote 3: Memorandum from Pres. Obama to Heads of Executive Departments and Agencies, Freedom of information Act (Jan. 21, 2009), available at https://www. whitehouse.gov/the press_ office/Freedom_ of_ Information_ Act/ (last visited Jun. 23, 20 15).

Footnote 4: Id.

As described in the President's directive, FOIA is an essential tool vital to furthering transparency within government programs and operations. Department and agency personnel play an important role in ensuring FOIA requests are handled in a timely manner. In addition, Offices of Inspectors General (OIGs) across Executive Branch perform a critical role in providing oversight of agency operations and investigating allegations of misconduct related to the processing ofFOIA requests.

Recent media reports indicate prior cases where non-career officials have been substantially involved in the FOIA response process. For example, during Hillary Clinton's tenure as Secretary of State, her staff carefully reviewed and scrutinized politically sensitive documents requested under FOIA--directly affecting what documents or portions of documents were ultimately released to requestors.5 Her staffs involvement in the response process led to delays, despite the Department's FOIA officer already having prepared and finalized responses for release. Additionally, in 2010, former Department of Homeland Security Secretary Janet Napolitano's non-career staff was substantially involved in the Department's FOIA response process by implementing an intricate review and approval process for FOIA responses, including redacting potentially embarrassing information, which compromised transparency and accountability to American taxpayers. 7 These troubling examples raise particular concerns as the Committee seeks to ensure Executive Branch departments and agencies are following public records law and that non-career personnel are not adversely affecting the quantity, quality, and timeliness of information provided to the American public through the FOIA process.

Footnote 5: Laura Meckler, Hillary Clinton's State Dep't Staff Kept Tight Rein on Records, WALL ST. J., May 19,2015, available at http://www. wsj .com/articles/hillary-clintons-state-department-staff-kept -tight-rein-on-records- 1432081701 (last visited Jun. 23, 2015).

Footnote 6: Id.

Footnote 7: ld; see also H. Comm. on Oversight & Gov't Reform, Staff Report: A New Era of Openness? How and Why Political Staff at DHS lnterfered with the FOIA Process, I 12th Cong. (Mar. 30, 20 II), available at http://oversight.house.gov/wp-content/uploads/2012/02/DHS_REPORT _FINAL _FINAL_ 4_01_11.pdf (last visited Jun. 23, 2015).

In light of previous cases of involvement by non-career officials in the FOIA response process and the critical role that OIGs play in providing oversight of internal agency operations, the Committee wants to ensure that agencies are taking the appropriate steps to fully respond to FOIA requests without unnecessary delay, and that the involvement of non-career officials in the FOIA process does not result in less infonnation being provided to the requestors than otherwise would have been provided. Further, the Committee wants to be sure that honest efforts by departments and agencies to respond to FOIA requests are not frustrated or compromised by the involvement of non-career officials in the FOIA response process.

In order to assist the Committee's oversight obligations, I ask that your office please analyze the involvement of non-career officials' involvement in the FOIA response process at the department or agency, if any, for the period ofJanuary 1, 2007, to the present. If non-career officials were involved in the FOIA response process, please analyze whether their involvement resulted in any undue delay of a response to any FOIA request or the withholding of any docrnnent or portion of any document that would have otherwise been released but for the noncareer official's involvement in the process. If your analysis shows such a result, please provide the following information about each FOIA request:

a. Contents of the FOIA request; b. Recommendation by the department or agency's FOIA officer as to what information should be disclosed in response to the request; c. Name(s) and position(s) of non-career personnel who were involved with the response process; d. Details and supporting documents related to the processing of the response to the FOIA request; e. Docrnnents that were ultimately disclosed in response to the request; and f. Docrnnents or information that would have been disclosed in response to the FOIA request absent the involvement of non-career department or agency personnel.

As part of your analysis, I request that you seek a written certification from the department or agency's chiefFOIA officer that 1) no non-career officials were involved in the department or agency's response to any FOIA request or 2) if such involvement occurred, the involvement of non-career officials has never resulted in the undue delay of a response to a FOIA request or the provision ofless information than would have been provided but for the involvement of the non-career officials. Please provide this certification to the Committee in conjunction with your analysis.

I respectfully request that your office perform this analysis and report back to the Committee within 60 days. If you have any questions about this request, please have your staff contact Caroline Ingram of the Committee staff at (202) 224-4 751. Thank you for your attention to this matter.

Sincerely,

/Signed/ Ron Johnson Chairman

cc: The Honorable Thomas R. Carper Ranking Member

Appendix 3

FDIC FOIA Program Statistical Data

The following data provides perspective on the FDIC’s FOIA program over time and in relation to other comparable agencies. It also provides perspective on the FDIC’s FOIA program compared to other financial regulatory agencies, including the FRB and the OCC.

Total Requests. The FDIC received 4,031 FOIA requests from September 16, 2010 through June 30, 2015. In general, the number of requests decreased over time. Table 2 shows the number and percentage of requests the FDIC classified as non-sensitive, sensitive, media or blogger, and both sensitive and media or blogger.

Table 2: Categorized FOIA Requests – September 16, 2010 through June 30, 2015

Row 1 Time Period: 09/16/2010 through 12/31/2010 Non-Sensitive: 295 Sensitive: 15 Media or Blogger: 42 Sensitive and Media or Blogger: 16 Total: 368

Row 2 Time Period: 01/01/2011 through 12/31/2011 Non-Sensitive: 1,040 Sensitive: 37 Media or Blogger: 53 Sensitive and Media or Blogger: 23 Total: 1,153

Row 3 Time Period: 01/01/2012 through 12/31/2012 Non-Sensitive: 778 Sensitive: 7 Media or Blogger: 47 Sensitive and Media or Blogger: 35 Total: 867

Row 4 Time Period: 01/01/2013 through 12/31/2013 Non-Sensitive: 622 Sensitive: 17 Media or Blogger: 35 Sensitive and Media or Blogger: 7 Total: 681

Row 5 Time Period: 01/01/2014 through 12/31/2014 Non-Sensitive: 508 Sensitive: 23 Media or Blogger: 29 Sensitive and Media or Blogger: 18 Total: 578

Row 6 Time Period: 01/01/2015 through 06/30/2015 Non-Sensitive: 340 Sensitive: 13 Media or Blogger: 18 Sensitive and Media or Blogger: 13 Total: 384

Row 7 Total: Non-Sensitive: 3,583 Sensitive: 112 Media or Blogger: 224 Sensitive and Media or Blogger: 112 Total: 4,031

Row 8 Percentage: Non-Sensitive: 88.9% Sensitive: 2.8% Media or Blogger: 5.6% Sensitive and Media or Blogger: 2.8% Total:

Source: OIG analysis of FOIAXpress data. Note: Due to rounding, percentages may not total 100 percent. [End of Table 2]

Request Disposition. When the FDIC receives a FOIA request, it makes one of these determinations:

• Fully grant the request; • Partially grant the request and partially deny the request based on legal exemptions; • Fully deny the request based on legal exemptions; or • Fully deny the request based on other reasons such as there being no agency records, the requester not reasonably describing the records, the requester not wanting to pay the search fees, or the request being withdrawn.

Table 3 shows the FDIC has fully granted about a quarter of FOIA requests and fully denied slightly over half of FOIA requests based on other reasons.

Appendix 3

FDIC FOIA Program Statistical Data

Table 3: Request Disposition – September 16, 2010 through June 30, 2015

Row 1 Time Period: 09/16/2010 through 12/31/2010 Full Grant: 106 Partial Grant: 47 Exemption Denial: 17 Other Denial: 198 Processing Incomplete: 0 Total: 368

Row 2 Time Period: 01/01/2011 through 12/31/2011 Full Grant: 280 Partial Grant: 253 Exemption Denial: 78 Other Denial: 642 Processing Incomplete: 0 Total: 1,153

Row3 Time Period: 01/01/2012 through 12/31/2012 Full Grant: 214 Partial Grant: 157 Exemption Denial: 41 Other Denial: 455 Processing Incomplete: 0 Total: 867

Row 4 Time Period: 01/01/2013 through 12/31/2013 Full Grant: 197 Partial Grant: 117 Exemption Denial: 50 Other Denial: 317 Processing Incomplete: 0 Total: 681

Row 5 Time Period: 01/01/2014 through 12/31/2014 Full Grant: 161 Partial Grant: 111 Exemption Denial: 33 Other Denial: 273 Processing Incomplete: 0 Total: 578

Row 6 Time Period: 01/01/2015 through 06/30/2015 Full Grant: 77 Partial Grant: 52 Exemption Denial: 14 Other Denial: 240 Processing Incomplete: 1 Total: 384

Row 7 Total Full Grant: 1,035 Partial Grant: 637 Exemption Denial: 233 Other Denial: 2,125 Processing Incomplete: 1 Total: 4,031

Row 8 Percentage Full Grant: 25.7% Partial Grant: 15.8% Exemption Denial: 5.8% Other Denial: 52.7% Processing Incomplete: 0.0% Total:

Source: OIG analysis of FOIAXpress data. [End of Table 3]

Administrative Appeals. From September 16, 2010 through June 30, 2015, the FDIC received 153 appeals of FOIA decisions. The FDIC affirmed the original decision for the majority of the appeals. The FDIC partially or completely reversed about 20 percent of the decisions through the appeals process. Table 4 shows the number of appeals the FDIC received by time period and the FDIC’s determination on those appeals.

Table 4: Appeal Determinations – September 16, 2010 through June 30, 2015

Row 1 Time Period: 09/16/2010 through 12/31/2010 Affirmed: 8 Partially Reversed: 2 Completely Reversed: 0 Closed for Other Reasons: 0 Total: 10

Row 2 Time Period: 01/01/2011 through 12/31/2011 Affirmed: 29 Partially Reversed: 6 Completely Reversed: 3 Closed for Other Reasons: 3 Total: 41

Row 3 Time Period: 01/01/2012 through 12/31/2012 Affirmed: 24 Partially Reversed: 9 Completely Reversed: 1 Closed for Other Reasons: 3 Total: 37

Row 4 Time Period: 01/01/2013 through 12/31/2013 Affirmed: 21 Partially Reversed: 4 Completely Reversed: 1 Closed for Other Reasons: 2 Total: 28

Row 5 Time Period: 01/01/2014 through 12/31/2014 Affirmed: 23 Partially Reversed: 2 Completely Reversed: 0 Closed for Other Reasons: 2 Total: 27

Row 6 Time Period: 01/01/2015 through 06/30/2015 Affirmed: 7 Partially Reversed: 2 Completely Reversed: 0 Closed for Other Reasons: 1 Total: 10

Row 7 Total Affirmed: 112 Partially Reversed: 25 Completely Reversed: 5 Closed for Other Reasons: 11 Total: 153

Row 8 Percentage Affirmed: 73.2% Partially Reversed: 16.3% Completely Reversed: 3.3% Closed for Other Reasons: 7.2% Total:

Source: OIG analysis of FOIAXpress data. [End of Table 4]

Request Processing Time. The FDIC’s average processing time recorded in FOIAXpress for non-sensitive requests was 10.8 business days, ranging from zero business days to 126 business days. FOIAXpress includes separate fields to classify requests as sensitive or from the media or bloggers, even though from a response processing standpoint either classification establishes the elevated reporting and scrutiny of sensitive FOIA requests. Average processing time for requests classified as both sensitive and media or blogger was 22.6 business days, ranging from zero business days to 118 business days. Figure 2 shows the proportion of FOIA requests by request category the FDIC has processed in 20 business days or fewer, between 21 and 30 business days, between 31 and 60 business days, and over 60 business days.

Appendix 3

FDIC FOIA Program Statistical Data

Figure 3: FOIA Request Processing Time – September 16, 2010 through June 30, 2015 (clustered bar graph)

Cluster 1 Percentage of Requests - 20 Business Days or Fewer Processing Time Non-Sensitive: 83% Sensitive Only: 63% Media or Blogger Only: 71% Both Sensitive and Media or Blogger: 61%

Cluster 2 Percentage of Requests - 21 to 30 Business Days Processing Time Non-Sensitive: 10% Sensitive Only: 15% Media or Blogger Only: 13% Both Sensitive and Media or Blogger: 17%

Cluster 3 Percentage of Requests - 31 to 60 Business Days Processing Time Non-Sensitive: 6% Sensitive Only: 15% Media or Blogger Only: 11% Both Sensitive and Media or Blogger: 15%

Cluster 4 Percentage of Requests - Over 60 Business Days Processing Time Non-Sensitive: 1% Sensitive Only: 6% Media or Blogger Only: 4% Both Sensitive and Media or Blogger: 7%

Source: OIG analysis of FOIAXpress data. Note: Due to rounding, percentages may not total 100 percent. [End if Figure 3]

Comparison with Other Financial Regulatory Agencies. Under FOIA, agencies are permitted to use a multi-track processing system. Simple requests requiring relatively minimal review are placed in one processing track, and complex requests, which involve a greater volume of records that need to be reviewed, are placed in one or more other tracks. Requests granted expedited processing are placed in yet another track. Requests in each track are to be processed on a first-in, first-out basis.

Table 5 shows average processing time for simple, complex, and expedited requests as reported by the FRB and the OCC in fiscal year annual FOIA reports. The FDIC’s reported average processing time generally was faster than FRB’s average for complex and expedited requests, and comparable to OCC’s average for simple, complex, and expedited requests. The FDIC’s reported average processing time was generally less than 20 business days each fiscal year with the exception of fiscal year 2010, the year the FDIC implemented FOIAXpress.

Table 5: FDIC, FRB, and OCC Average Processing Days – Fiscal Years 2008 – 2014

Row 1 Simple Requests - FDIC FY 2008: 9 FY 2009: 2 FY 2010: 41 FY 2011: 11 FY 2012: 9 FY 2013: 10 FY 2014: 6

Row 2 Simple Requests - FRB FY 2008: 3 FY 2009: 4 FY 2010: 5 FY 2011: 3 FY 2012: 3 FY 2013: 5 FY 2014: 9

Row 3 Simple Requests - OCC FY 2008: 9 FY 2009: 9 FY 2010: 9 FY 2011: 10 FY 2012: 11 FY 2013: 10 FY 2014: 11

Row 4 Complex Requests - FDIC FY 2008: 15 FY 2009: 4 FY 2010: 30 FY 2011: 21 FY 2012: 10 FY 2013: 13 FY 2014: 18

Row 5 Complex Requests - FRB FY 2008: 19 FY 2009: 33 FY 2010: 105 FY 2011: 47 FY 2012: 62 FY 2013: 60 FY 2014: 43

Row 6 Complex Requests - OCC FY 2008: 39 FY 2009: 48 FY 2010: 13 FY 2011: 15 FY 2012: 27 FY 2013: 21 FY 2014: 32

Row 7 Expedited Requests - FDIC FY 2008: 16 FY 2009: 19 FY 2010: 53 FY 2011: 27 FY 2012: 8 FY 2013: 4 FY 2014: 10

Row 8 Expedited Requests - FRB FY 2008: 136 FY 2009: 28 FY 2010: 12 FY 2011: 0 FY 2012: 28 FY 2013: 355 FY 2014: 290

Row 9 Expedited Requests - OCC FY 2008: 26 FY 2009: 15 FY 2010: 3 FY 2011: 0 FY 2012: 7 FY 2013: 19 FY 2014: 20

Source: OIG analysis of FDIC, FRB, and OCC Annual FOIA Reports. [End of Table5]

Appendix 4

Glossary

Fee agreement - If the FDIC determines that the estimated costs of search, duplication, or review of requested records will exceed the dollar amount specified in the request, or if no dollar amount is specified, the FDIC will advise the requester of the estimated costs. The requester must agree in writing to pay the costs of search, duplication, and review prior to the FDIC initiating any records search.

Fee category - Different fees can be charged depending on the requester or the requester’s intended use of the requested records: • For commercial use, fees are limited to the cost of document search, duplication, and review. • For noncommercial use requested by an educational or noncommercial scientific institution or a representative of the news media, fees are limited to the cost of document duplication, except for the first 100 pages. • For requests that do not fall into the two above categories, fees are limited to the cost of document search and duplication, except for the first two hours of search time and the first 100 pages of duplication.

Fee deposit - If the FDIC estimates that its search, duplication, and review costs will exceed $250.00, the requester must pay 20 percent of the estimated costs prior to the FDIC initiating any records search.

Fee waiver - As part of an initial request, a requester can ask for the FDIC to waive or reduce fees if disclosure of the records is in the public interest because it is likely to contribute significantly to public understanding of the operations or activities of the government and is not primarily in the commercial interest of the requester. The six-part test for a fee waiver, provided in DOJ guidance, considers the following: • The subject of the request; • The informative value of the information to be disclosed; • The contribution to an understanding of the subject by the general public likely to result from disclosure; • The significance of the contribution to public understanding; • The existence and magnitude of a commercial interest; and • The primary interest in disclosure.

Payday lender - Payday lenders engage in payday lending, a particular type of subprime lending. Payday loans are small-dollar, short-term, unsecured loans that borrowers promise to repay out of their next paycheck or regular income payment. Payday loans are usually priced at a fixed dollar fee, which represents the finance charge to the borrower. Because these loans have short terms to maturity, the cost of borrowing, expressed as an annual percentage rate, is very high.

Processing time - The time between the date the FOIA/PA Group receives the request and the time the FOIA/PA Group notifies the requester of the determination for the request. This time can be suspended once while awaiting information to fulfill the request. This time also can be suspended to clarify fee assessment issues.

Public comment letter - During a government agency’s rulemaking process, proposed rules must be published in the Federal Register to notify the public and to give them an opportunity to submit comments. The proposed rule and the public comments received on it form the basis of the final rule. The public comment period ranges from 30 to 60 days, but can be shortened or extended with justification. A public comment letter is one method of submitting comments. An agency may also hold public hearings where people can make statements and submit data.

Purchase and assumption agreement - A purchase and assumption agreement is a common method of resolving failed insured depository institutions. Under such agreements, healthy financial institutions purchase some or all of the assets of a failed financial institution and assume some or all of the liabilities.

Record - Any information that is maintained by an agency in any format (including electronic format) or any information that is maintained for an agency by an entity under government contract, for the purposes of records management.

Responsive record - A responsive record fulfills the description provided in the request, and is maintained by the FDIC and in existence on the date of the receipt of the request. Responsive records are subject to review in order to make a determination on whether the records are releasable to the requester.

Shared-loss agreement - Under a shared-loss agreement, when a bank fails, the FDIC agrees to absorb a portion of the loss on a specified pool of assets which maximizes asset recoveries and minimizes FDIC losses. The FDIC uses two forms of loss share: one for commercial assets and another for residential mortgages. For each, the FDIC typically reimburses 80 percent of losses incurred by the acquirer on covered assets up to a stated threshold amount, with the assuming bank absorbing 20 percent of losses.

Six-part test - See ‘Fee Waiver’ entry.

Unusual circumstances - Unusual circumstances, which allow an additional 10 business days’ processing time beyond FOIA’s usual 20 business day processing timeframe, include: • the need to search for and collect requested records that are not located at FDIC’s Washington office; • the records requested are voluminous or are not in close proximity to one another; or • the need to consult with another agency or among two or more components of the FDIC having a substantial interest in the determination.

Appendix 5

Acronyms and Abbreviations

AGC Assistant General Counsel CFR Code of Federal Regulations CLU Legal Division’s Corporate Litigation Unit COO Deputy to the Chairman and Chief Operating Officer, Chief of Staff DOJ Department of Justice DRR Division of Resolutions and Receiverships FOIA Freedom of Information Act FOIA/PA Group Freedom of Information Act/Privacy Act Group FRB Board of Governors of the Federal Reserve System OCC Office of the Comptroller of the Currency OIG Office of Inspector General PAL Public Access Link U.S.C. United States Code

Appendix 6

Corporation Comments

[FDIC Letterhead, FDIC logo, Federal Deposit Insurance Corporation, Legal Division, 550 17th Street NW, Washington, D.C., 20429-9990]

DATE: March 7, 2016

MEMORANDUM TO: E. Marshall Gentry, Assistant Inspector General for Evaluations

FROM: Charles Yi, General Counsel

SUBJECT: Comments to Draft Evaluation Report Entitled, The FDIC’s Freedom of Information Act Response Process (Assignment No. 2015-028)

Thank you for the opportunity to comment on behalf of the Federal Deposit Insurance Corporation (FDIC) on the Office of Inspector General (OIG) draft report, The FDIC’s Freedom of Information Act Response Process (Report). We recognize the extensive work done by the OIG on this matter and appreciate the opportunity to provide the following response.

The FDIC is committed to full compliance with the Freedom of Information Act (FOIA) and supports FOIA’s objective of ensuring an open and transparent Government. As the FDIC’s Chief FOIA Officer, responsible for the FDIC’s efficient and appropriate compliance with the FOIA, I took particular interest in the subject matter of this Report. The FDIC welcomes confirmation from your independent review that the involvement by the FDIC’s non-career officials1 and/or select corporate officials2 in the vast majority of FOIA requests that your office reviewed was limited to typical awareness of those requests. As to the four requests discussed in more detail in the Report, I found of particular interest that the Report indicates that in two of these requests, the heightened involvement resulted in the FDIC releasing more information.

Footnote 1: We note that there are currently only three non-career officials at the FDIC.

Footnote 2: Identified in the Report as the Deputy to the Chairman, the Deputy to the Chairman for Communications, the Deputy to the Chairman and Chief Operating Officer, and the Chief of Staff. As noted in the Report, the latter two positions are currently occupied by the same individual.

We also appreciate the Report’s focus on the FDIC’s FOIA Program statistical data, which compare favorably with that of other similar regulatory agencies. The FDIC received over 4,031 requests over the multi-year period identified in the Report – over 1,153 in 2011 alone, which averages to more than 3 per day. The Report confirms that the FDIC’s reported average processing time was generally comparable to or faster than other similar regulatory agencies. Moreover, for the multi-year period identified in the Report, the FDIC’s reported average processing time was less than 20 business days, which is within the time frame required under the FOIA. Specifically, during this identified period, the average reporting time for simple requests, those requiring relatively minimal review, was 9 days, and the average reporting time for complex requests, those involving a greater volume of records needing review, was 15.5 days.

The Report states that the June 23, 2015, letter from Senator Ron Johnson, the Chairman of the Senate Committee on Homeland Security and Governmental Affairs, requested a written certification from the FDIC’s Chief FOIA Officer that (1) no non-career officials were involved in the FDIC’s response to any FOIA request or (2) if such involvement occurred, the involvement of non-career officials has never resulted in the undue delay of a response to a FOIA request or the provision of less information than would have been provided but for the involvement of the non-career officials. I intend this comment letter to serve as my response to that request.

In particular and consistent with the objectives of this evaluation, I certify that to the best of my knowledge, I am not aware of any instances other than those discussed in the Report in which non-career officials and/or select corporate officers exhibited heightened involvement that affected how the FDIC responded to a FOIA request.

Finally, the Report states that there are opportunities to strengthen the FDIC’s FOIA program, which you have shared separately with us because they were not significant to this evaluation’s objective. We appreciate those suggestions and will thoroughly review them to consider appropriate ways to incorporate them into the FOIA program. I would note that over the last several months, the FDIC’s FOIA response process has continued to improve in order to streamline procedures for the review of certain requests and clarify lines of communication.

Thank you again for the thoroughness of the OIG’s analysis of the FDIC’s FOIA response process, and I appreciate the opportunity to submit these comments.

Sincerely,

/Signed/

Charles Yi General Counsel

[End of Appendix 6]

[End of Report]

Print Print
Close