Each depositor insured to at least $250,000 per insured bank



Home > About FDIC > Financial Reports > 2010 Annual Report


2010 Annual Report

V. Management Control

Enterprise Risk Management

The Office of Enterprise Risk Management, under the auspices of the Chief Financial Officer organization, is responsible for corporate oversight of internal control and enterprise risk management (ERM). This includes ensuring that the FDIC’s operations and programs are effective and efficient and that internal controls are sufficient to minimize exposure to waste and mismanagement. The FDIC recognizes the importance of a strong risk management and internal control program and has adopted a more proactive and enterprise-wide approach to managing risk. This approach focuses on the identification and mitigation of risk consistently and effectively throughout the Corporation, with emphasis on those areas/ issues most directly related to the FDIC’s overall mission. As an independent government corporation, the FDIC has different requirements than appropriated federal government agencies; nevertheless, its ERM program seeks to comply with the spirit of the following standards, among others:

  • the Federal Managers’ Financial Integrity Act (FMFIA);
  • the Chief Financial Officers Act (CFO Act);
  • the Government Performance and Results Act (GPRA);
  • the Federal Information Security Management Act (FISMA); and
  • the OMB Circular A-123.

The CFO Act extends to the FDIC the FMFIA requirements for establishing, evaluating and reporting on internal controls. The FMFIA requires agencies to annually provide a statement of assurance regarding the effectiveness of management, administrative and accounting controls, and financial management systems.

The FDIC has developed and implemented management, administrative, and financial systems controls that reasonably ensure that:

  • Programs are efficiently and effectively carried out in accordance with applicable laws and management policies;
  • Programs and resources are safeguarded against waste, fraud, and mismanagement;
  • Obligations and costs comply with applicable laws; and
  • Reliable, complete, and timely data are maintained for decision-making and reporting purposes.

The FDIC’s control standards incorporate the Government Accountability Office’s (GAO) Standards for Internal Control in the Federal Government. Good internal control systems are essential for ensuring the proper conduct of FDIC business and the accomplishment of management objectives by serving as checks and balances against undesirable actions or outcomes.

As part of the Corporation’s continued commitment to establish and maintain effective and efficient internal controls, FDIC management routinely conducts reviews of internal control systems. The results of these reviews, as well as consideration of the results of audits, evaluations, and reviews conducted by GAO, the Office of Inspector General (OIG), and other outside entities, are used as a basis for the FDIC’s reporting on the condition of the Corporation’s internal control activities.


Last Updated 5/5/2011 communications@fdic.gov