Federal Deposit
Insurance Corporation

To the Board of Directors
Federal Deposit Insurance Corporation

We have audited the statements of financial position as of December 31, 1998 and 1997, of the three funds administered by the Federal Deposit Insurance Corporation (FDIC), the related statements of income and fund balance (accumulated deficit), and the statements of cash flows for the years then ended.  In our audits of the Bank Insurance Fund (BIF), the Savings Association Insurance Fund (SAIF), and the FSLIC Resolution Fund (FRF), we found

• the financial statements of each fund were fairly presented in all material respects;

• FDIC management fairly stated that internal control in place on December 31, 1998, was effective in assuring that there were no material misstatements in the financial statements of the three funds administered by FDIC (including safeguarding assets from material loss), and assuring material compliance with selected laws and regulations; and

• no reportable noncompliance with laws and regulations we tested.

The following sections discuss our conclusions in more detail.  They also present information on (1) the scope of our audits, (2) Year 2000 (Y2K) and insured financial institutions, (3) the current status of the goodwill litigation cases, (4) the current status of FRF's liquidation activities and funding, (5) FDIC's progress in addressing a reportable condition¹ identified during our 1997 audits, and (6) our evaluation of the Corporation's comments on a draft of this report.

Opinion on Bank Insurance Fund's Financial Statements

The financial statements and accompanying notes present fairly, in all material respects, in conformity with generally accepted accounting principles, the Bank Insurance Fund's financial position as of December 31, 1998 and 1997, and the results of its operations and its cash flows for the years then ended.

Opinion on Savings Association Insurance Fund's Financial Statements

The financial statements and accompanying notes present fairly, in all material respects, in conformity with generally accepted accounting principles, the Savings Association Insurance Fund's financial position as of December 31, 1998 and 1997, and the results of its operations and its cash flows for the years then ended.

Opinion on FSLIC Resolution Fund's Financial Statements

The financial statements and accompanying notes present fairly, in all material respects, in conformity with generally accepted accounting principles, the FSLIC Resolution Fund's financial position as of December 31, 1998 and 1997, and the results of its operations and its cash flows for the years then ended.

As discussed in note 10 of FRF's financial statements, a significant contingency exists from approximately 120 lawsuits pending in the United States Court of Federal Claims concerning the counting of goodwill assets as part of regulatory capital.  Based on information currently available, a reasonable estimate cannot be made regarding future losses and settlements related to these cases.  Information on the current status of the goodwill cases is presented later in this report.

Opinion on FDIC Management's Assertions About the Effectiveness of Internal Control

For the three funds administered by FDIC, we evaluated FDIC management's assertions about the effectiveness of its internal control designed to provide reasonable assurance that the following objectives are met:

• reliability of financial reporting – transactions are properly recorded, processed, and summarized to permit the preparation of financial statements in accordance with generally accepted accounting principles (including safeguarding of assets) and

• compliance with applicable laws and regulations – transactions are executed in accordance with laws and regulations that could have a direct and material effect on the financial statements.

FDIC management fairly stated that internal control in place on December 31, 1998, provided reasonable assurance that misstatements, losses, or noncompliance, material in relation to the financial statements would be prevented or detected on a timely basis.  FDIC management made this assertion based on criteria established under the Federal Managers' Financial Integrity Act of 1982 (FMFIA).

Compliance With Laws and Regulations

Our tests for compliance with selected provisions of laws and regulations disclosed no instances of noncompliance that would be reportable under generally accepted government auditing standards. However, the objective of our audits was not to provide an opinion on overall compliance with laws and regulations.  Accordingly, we do not express such an opinion.

Objectives, Scope, and Methodology

FDIC's management is responsible for

• preparing the annual financial statements in conformity with generally accepted accounting principles;

• establishing, maintaining, and assessing internal control to provide reasonable assurance that the broad control objectives of FMFIA are met; and

• complying with applicable laws and regulations.

We are responsible for obtaining reasonable assurance about whether

• the financial statements are free of material misstatement and presented fairly, in all material respects, in conformity with generally accepted accounting principles and

• FDIC management's assertion about the effectiveness of internal control is fairly stated, in all material respects, based upon the criteria established under FMFIA.

We are also responsible for testing compliance with selected provisions of laws and regulations and for performing limited procedures with respect to certain other information appearing in FDIC's annual financial report.

In order to fulfill these responsibilities, we

• examined, on a test basis, evidence supporting the amounts and disclosures in the financial statements;

• assessed the accounting principles used and significant estimates made by management;

• evaluated the overall presentation of the financial statements;

• obtained an understanding of internal control related to financial reporting, including safeguarding assets, compliance with laws and regulations, including the execution of transactions in accordance with management's authority;

• tested relevant internal controls over financial reporting, including safeguarding assets, and compliance, and evaluated management's assertion about the effectiveness of internal control; and

• tested compliance with selected provisions of the Federal Deposit Insurance Act, as amended; the Chief Financial Officers Act of 1990; and the Federal Home Loan Bank Act, as amended.

We did not evaluate all internal controls relevant to operating objectives as broadly defined by FMFIA, such as those controls relevant to preparing statistical reports and ensuring efficient operations.  We limited our internal control testing to those controls necessary to achieve the objectives outlined in our opinion on management's assertion about the effectiveness of internal control.  Because of inherent limitations in internal control, misstatements, losses, or noncompliance may nevertheless occur and not be detected.  We also caution that projecting our evaluation to future periods is subject to the risk that controls may become inadequate because of changes in conditions or that the degree of compliance with controls may deteriorate.

We conducted our audits from July 1998 through May 1999.  We did our work in accordance with generally accepted government auditing standards.

FDIC provided comments on a draft of this report.  FDIC's comments are discussed and evaluated in the "Corporation Comments and Our Evaluation" section.

Information on Y2K and Insured Financial Institutions

Insured financial institutions face an unprecedented challenge in preparing their computer systems for the Y2K date change.  Banks and thrifts are vulnerable to Y2K problems due to their widespread reliance on computer systems to make loans, invest deposits, transfer funds, issue credit cards, calculate interest, and handle routine business functions.  In addition, many critical financial institution functions are dependent on public infrastructure such as telecommunications and electric power networks, which could also encounter difficulties or interruptions in service due to the Y2K problem.

Addressing the Y2K problem on time has been and will continue to be a tremendous challenge. FDIC, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the Office of Thrift Supervision (the regulators), have made considerable progress in assisting banks and thrifts in their Y2K efforts, and identifying those institutions at a high risk of not remediating their systems on time.  Since June 1996, when their Y2K oversight efforts began, FDIC and the other regulators have taken many important steps to alert financial institutions of the risks associated with the Y2K problem and to assess institutions' progress in mitigating the risks.²

To raise awareness, FDIC and the other regulators issued letters to all insured banks and thrifts describing the Y2K problem and special risks facing financial institutions, and recommended approaches to planning and managing effective Y2K programs.  In addition, the regulators provided extensive guidance to assist financial institutions in critical Y2K tasks, including guidance on (1) Y2K project management, (2) addressing Y2K business risks, (3) assessing risk from customers, service providers, and software vendors, (4) testing systems for Y2K readiness, (5) contingency planning, and (6) establishing effective Y2K customer awareness programs.  FDIC and the other regulators have also undertaken extensive outreach efforts to raise the Y2K awareness of insured financial institutions and the public.

To assess institutions' progress in addressing Y2K issues, the regulators have performed a series of high-level and more detailed assessments for each institution.³  These supervisory efforts have generally been divided into three phases.  Phase I focused on institutions' awareness, assessment, and renovation efforts.  Phase II focused on the institutions' testing efforts and credit risk assessments. Phase III is currently in process and will continue throughout 1999, and will focus on implementation, business resumption and contingency planning, customer awareness initiatives, and liquidity planning.  In addition, during Phase III the regulators plan to pay particular attention to those institutions identified as having risk for potential Y2K problems.

Based on Y2K assessments through April 30, 1999, the regulators have found that the vast majority of financial institutions have acceptable performance in key phases of the Y2K project management process, including awareness, assessment, renovation, testing, and implementation.  As discussed in the notes to BIF's and SAIF's financial statements, 97.7 percent of insured financial institutions were rated by the regulators as having made satisfactory progress in their Y2K project management through Phase II.  Those institutions held 98.7 percent of industry assets.  Of the remaining 2.3 percent of institutions rated by the regulators as less than satisfactory, 216 institutions are rated as "needs improvement" and 21 institutions are considered as having made "unsatisfactory" progress. See figure 1.

Figure 1: Y2K Ratings for FDIC-Insured Institutions as of April 30, 1999

Source: FDIC Division of Supervison.

Virtually all banks and thrifts rely on service providers and software vendors for at least a portion of their data processing services.  The regulators have also completed Phase II assessments of service providers and software vendors that provide data processing services or software to the industry.  Of the 257 service providers and software vendors examined, as of April 30, 1999, the regulators reported that 97.3 percent showed satisfactory progress.  Of the remaining servicers rated by the regulators as less than satisfactory, 5 were rated as "needs improvement" and 2 were rated as having made "unsatisfactory" progress.  See figure 2.

Figure 2: Y2K Assessment Ratings for Service Providers and Software Vendors,
as of April 30, 1999

Source: FDIC Division of Supervision.

The FDIC and the other regulators have stated that they will focus additional attention throughout the remainder of 1999 on those institutions and service providers not rated satisfactory. Due to the short time frame remaining until the year 2000, the regulators have stated that they will adopt a more aggressive stance to achieve the necessary remedial action at institutions rated less than satisfactory.

Although the regulators reported that the vast majority of institutions, service providers, and software vendors had made satisfactory progress on mitigating their Y2K risks through April 30, 1999, uncertainties still exist regarding the potential for Y2K problems. Y2K assessment ratings do not constitute certification of a financial institution's Y2K readiness. They reflect an institution's ongoing progress in addressing Y2K issues at a certain point in time. It is possible that ratings could change over time. In addition, because of the unprecedented nature of the Y2K problem, unanticipated events could occur for which the institution was not prepared. Institutions are required, however, to design Y2K contingency plans to mitigate the risks associated with unsuccessful implementation of their Y2K efforts, and to provide assurance that core business functions will continue if one or more computer systems fail. Institutions could also encounter difficulties due to the Y2K problems of third parties. Therefore, it is difficult to determine which institutions, if any, could ultimately fail due to potential Y2K problems.

As stated in the notes to FDIC's financial statements, BIF and SAIF are subject to potential loss from financial institutions that may fail due to Y2K problems. In order to assess exposure to BIF and SAIF as a result of potential Y2K failures, FDIC evaluated Y2K assessment results, as well as the financial condition and supervisory ratings for all institutions. As of December 31, 1998, FDIC has not identified any probable losses to BIF and SAIF from Y2K failures. Further, any reasonably possible losses from Y2K failures were not estimable as of December 31, 1998. During 1999, FDIC and the other regulators are continuing to collect data on the impact of banks' and thrifts' potential Y2K problems on the deposit insurance funds, and plan to take supervisory action as necessary to minimize any potential impact to the insurance funds.

Current Status of the Goodwill Litigation Cases

As discussed in note 10 of FRF's financial statements, a significant contingency exists from approximately 120 lawsuits pending against the United States government in the United States Court of Federal Claims. These lawsuits assert that certain agreements were breached when Congress enacted and the Office of Thrift Supervision implemented the Financial Institutions Reform, Recovery, and Enforcement Act (FIRREA), which affected the thrift industry. The legislation changed the computation for regulatory capital requirements, thereby eliminating the special accounting treatment previously allowed for goodwill assets acquired when institutions merged with or acquired failing thrifts. The changes in regulatory treatment of goodwill assets caused some institutions to fall out of capital compliance. In such cases, institutions had to take action to meet capital requirements or they were subject to regulatory action.

On July 1, 1996, the United States Supreme Court concluded that the government is liable for damages in three cases, consolidated for appeal to the Supreme Court, in which the changes in regulatory treatment required by FIRREA led the government to not honor its contractual obligations related to the accounting treatment of goodwill assets. The cases were then referred back to the Court of Federal Claims for trials to determine the amount of damages. On July 23, 1998, the Department of the Treasury determined, based on an opinion of the Department of Justice, that FRF is legally available to satisfy all judgments and settlements in the goodwill litigation involving supervisory action or assistance agreements, in which FSLIC was a party to those agreements. Treasury further determined that FRF is the appropriate source of funds for payment of any such judgments and settlements. During 1998, FDIC paid $103.3 million in settlements for four cases. Two of the settlements were related to cases that had been consolidated for appeal to the Supreme Court.

Subsequent to December 31, 1998, damages awards in two goodwill-related cases have been decided. On April 9, 1999, the Court of Federal Claims ruled that the federal government must pay Glendale Federal Bank $908.9 million for breaching the contract that allowed the thrift to count goodwill toward regulatory capital.⁴  The plaintiffs were seeking up to $2 billion in damages. Both the plaintiffs and the Department of Justice are expected to appeal the decision. In another case the Court of Federal Claims awarded $23 million in damages on April 16, 1999, to California Federal Bank, which had been seeking more than $1 billion in damages. California Federal is expected to appeal the decision.

Because of the expected appeals and the differences in awarding damages in the above cases, the final outcome of both cases is uncertain. With regard to the remaining cases, the outcome of each case and the amount of any possible damages remain uncertain. However, FDIC has concluded that it is probable that FRF will be required to pay additional, possibly substantial amounts as a result of future judgments and settlements. Because of the uncertainties surrounding the cases, such losses are currently not estimable.

Current Status of FRF's Liquidation Activities and Funding

FDIC, as administrator of FRF, is responsible for liquidating the assets and liabilities of the former Resolution Trust Corporation (RTC)⁵, as well as the former FSLIC's assets and liabilities. As of December 31, 1998, FRF held total assets valued at $10.5 billion. Of that total, $4.6 billion was held in cash and investments, with $5.9 billion remaining to be liquidated. As of December 31, 1998, FRF's liabilities had been reduced to $138 million. The reduction was mainly due to FRF paying off the note to the Federal Financing Bank, which was issued to RTC to provide working capital for RTC's liquidation activities. In addition to the liabilities shown on FRF's Statements of Financial Position, FRF is subject to significant future contingent liabilities resulting from the goodwill litigation cases, as noted in the previous section.

As of December 31, 1998, FRF's total accumulated deficit was $125.2 billion. FRF's accumulated deficit represents the realized losses to date for all RTC and FSLIC-related liquidation activity, as well as future estimated losses from assets and liabilities not yet liquidated. Uncertainties still exist with regard to the unrealized losses, and the final amount of total losses will not be known with certainty until all remaining assets and liabilities are liquidated.

In total, $135.5 billion was received to cover liabilities and losses associated with the former FSLIC and RTC resolution activities. Of the $135.5 billion total, $91.3 billion⁶ was received by RTC and $44.2 billion was received by FRF to cover losses and expenses associated with failed institutions from RTC's caseload and to cover losses associated with the former FSLIC activities.

As shown in table 1, after reducing the total amount of funding received by the amount of recorded accumulated deficit, an estimated $10.3 billion in funds will remain available. FRF consists of two distinct pools of assets and liabilities: one composed of the assets and liabilities of FSLIC transferred to FRF on August 9, 1989 (FRF-FSLIC) and the other composed of the RTC assets and liabilities transferred to FRF on January 1, 1996 (FRF-RTC). Of the $10.3 billion in funds available, $2.1 billion is available to FRF-FSLIC and $8.2 billion is available to FRF-RTC.

Table 1: FRF's Estimated Funds Available as of December 31, 1998

Funds available in FRF-FSLIC will be used to pay future liabilities of the FRF-FSLIC, including the contingency related to the goodwill litigation cases. Because additional and possibly substantial amounts could be paid out of the FRF-FSLIC for the goodwill cases, FRF has been provided with an indefinite appropriation for the payment of judgments and settlements in the goodwill litigation, without fiscal year limitation.⁷

The RTC Completion Act requires FDIC to deposit in the general fund of the Treasury any funds transferred to RTC pursuant to the Completion Act but not needed for RTC-related losses. In total, RTC drew down $4.6 billion of funding provided by the act. After providing for all outstanding RTC liabilities, FDIC must transfer to the Resolution Funding Corporation (REFCORP) the net proceeds from the sale of RTC-related assets.

Any such funds transferred to REFCORP are to pay the interest on REFCORP bonds issued to provide funding for the early RTC resolutions. Any payments to REFCORP benefit the U.S. Treasury, which is otherwise obligated to pay the interest on the bonds. The final amount of unused funds will not be known with certainty until all of FRF's remaining assets and liabilities are liquidated.

Progress on Prior Year's Reportable Condition

In our 1997 audit report⁸ on the three funds administered by FDIC, we identified one reportable condition that affected FDIC's ability to ensure that internal control objectives were achieved. The weakness related to FDIC's internal controls designed to ensure that assets valued outside of FDIC's Standard Asset Valuation Estimation (SAVE) process were accurately and appropriately valued. During our 1997 audits, we found significant errors in the estimated recoveries for a portfolio of partnership interests, and we found unsupported recoveries and other errors in the estimated recoveries for another portfolio of debt and equity securities.

During 1998, FDIC developed standard valuation methodologies for assets previously valued outside of its SAVE process. FDIC's objective was to establish consistent asset valuation methodologies for those assets. FDIC also clearly designated responsibility for valuing those assets and for reviewing completed valuations. While we continued to find some instances where recovery estimates for FRF assets were not fully supported, we concluded that they were isolated problems that were not significant to FRF's financial statements. We will discuss this matter further in a management letter.

We did not identify any reportable conditions during our 1998 audits. However, we noted other less significant matters involving FDIC's internal accounting and electronic data processing general controls that we will be reporting separately to FDIC in two management letters.

Corporation Comments and Our Evaluation

In commenting on a draft of this report, FDIC acknowledged the importance of an effective internal control program, and stated a commitment to achieving corporate objectives by ensuring that the Corporation operates within an environment conducive to strong internal controls. FDIC also stated that it will continue to monitor the other matters discussed in the audit report, including the Y2K issues related to insured financial institutions, the goodwill litigation cases, and FRF's liquidation activities and funding. We also plan to monitor these issues as a part of our audits of FDIC's 1999 financial statements.

May 14, 1999

¹  Reportable conditions involve matters coming to the auditor's attention relating to significant deficiencies in the design or operation of internal control that, in the auditor's judgment, could adversely affect an entity's ability to (1) properly record, process, and summarize transactions to permit the preparation of financial statements in accordance with generally accepted accounting principles (including safeguarding of assets) and (2) ensure the execution of transactions in accordance with laws and regulations that could have a direct and material effect on the financial statements. [Return to Letter]

²  Year 2000 Computing Crisis: Federal Depository Institution Regulators Are Making Progress, But Challenges Remain (GAO/T-AIMD-98-305, September 17, 1998). [Return to Letter]

³  As a result of these assessments, the regulators have assigned each institution one of the following ratings: satisfactory, needs improvement, or unsatisfactory.  Generally, institutions are considered "satisfactory" if they exhibit acceptable performance in all key phases of the Y2K project management process as set forth in the May 5, 1997, Federal Financial Institutions Examination Council (FFIEC) Interagency Statement.  A "needs improvement" rating results from less than acceptable performance under FFIEC guidelines; however, project weaknesses can be readily corrected within the existing project management framework.  An "unsatisfactory" rating results from poor performance under FFIEC guidelines where weaknesses are serious and are not easily corrected within the existing project management framework.  See note 7 to BIF's financial statements and note 6 to SAIF's financial statements for additional information. [Return to Letter]

⁴  Glendale Federal Bank was one of the three cases consolidated for appeal to the Supreme Court. [Return to Letter]

⁵  On Junuary 1, 1996, FRF assumed responsibility for all remaining assets and liabilities of the former RTC. [Return to Letter]

⁶  FIRREA provided an initial $50 billion to RTC. The Resolution Trust Corporation Funding Act of 1991 provided an additional $30 billion. The Resolution Trust Corporation Refinancing, Restructuring, and Improvement Act of 1991 provided $25 billion in December 1991, of which $6.7 billion was obligated prior to the April 1, 1992, deadline. In December 1993, the RTC Completion Act removed the April 1, 1992, deadline, thus making the remaining $18.3 billion available to RTC for resolution activities. Prior to RTC's termination on December 31, 1995, RTC drew down $4.6 billion of the $18.3 billion that was made available by the RTC Completion Act. [Return to Letter]

⁷  Section 130 of the Department of Justice Appropriation Act, 1999, appropriates for paying judgments against the United States and compromise settlements in the goodwill cases "such sums as may be necessary, to remain available until expended." We believe section 130 establishes an indefinite, permanent appropriation. FDIC has not expressed a view on the permanency of section 130 and the President's budget proposes clarifying language for the fiscal year 2000 appropriation act, which is designed to provide FDIC with a permanent appropriation. [Return to Letter]

⁸  Financial Audit: Federal Deposit Insurance Corporation's 1997 and 1996 Financial Statements (GAO/AIMD-98-204, June 29, 1998). [Return to Letter]