Skip Header

Federal Deposit
Insurance Corporation

Each depositor insured to at least $250,000 per insured bank



Home > About FDIC > Financial Reports > 2007 Annual Report




2007 Annual Report

Previous | Contents | Next

V. Management Control

Enterprise Risk Management
The Office of Enterprise Risk Management, under the auspices of the Chief Financial Officer organization, is responsible for corporate oversight of internal control and enterprise risk management (ERM). This includes ensuring that the FDIC's operations and programs are effective and efficient and that internal controls are sufficient to minimize exposure to waste and mismanagement. The FDIC recognizes the importance of a strong risk management and internal control program and has adopted a more proactive and enterprise-wide approach to managing risk. This approach focuses on the identification and mitigation of risk consistently and effectively throughout the Corporation, with emphasis on those areas/issues most directly related to the FDIC's overall mission. As an independent government corporation, the FDIC has different requirements than appropriated federal government agencies; nevertheless, its ERM program seeks to comply with the spirit of the following standards, among others:

  • Federal Managers' Financial Integrity Act (FMFIA);
  • Chief Financial Officers Act (CFO Act);
  • Government Performance and Results Act (GPRA);
  • Federal Information Security Management Act (FISMA); and
  • OMB Circular A-123.

The CFO Act extends to the FDIC the FMFIA requirements for establishing, evaluating and reporting on internal controls. The FMFIA requires agencies to annually provide a statement of assurance regarding the effectiveness of management, administrative and accounting controls, and financial management systems.

The FDIC has developed and implemented management, administrative and financial system controls that reasonably ensure that:

  • Programs are efficiently and effectively carried out in accordance with applicable laws and management policies;
  • Programs and resources are safeguarded against waste, fraud and mismanagement;
  • Obligations and costs comply with applicable laws; and
  • Reliable, complete, and timely data are maintained for decision-making and reporting purposes.

The FDIC's control standards incorporate the Government Accountability Office's (GAO) Standards for Internal Control in the Federal Government. Good internal control systems are essential for ensuring the proper conduct of FDIC business and the accomplishment of management objectives by serving as checks and balances against undesirable actions or outcomes.

As part of the Corporation's continued commitment to establish and maintain effective and efficient internal controls, FDIC management routinely conducts reviews of internal control systems. The results of these reviews, as well as consideration of the results of audits, evaluations and reviews conducted by the GAO, the Office of Inspector General (OIG) and other outside entities, are used as a basis for the FDIC's reporting on the condition of the Corporation's internal control activities.

Material Weaknesses
Material weaknesses are control shortcomings in operations or systems that, among other things, severely impair or threaten the organization's ability to accomplish its mission or to prepare timely, accurate financial statements or reports. The shortcomings are of sufficient magnitude that the Corporation is obliged to report them to external stakeholders.

To determine the existence of material weaknesses, the FDIC has assessed the results of management evaluations and external audits of the Corporation's risk management and internal control systems conducted in 2007, as well as management actions taken to address issues identified in these audits and evaluations. Based on this assessment and application of other criteria, the FDIC concludes that no material weaknesses existed within the Corporation's operations for 2007. This is the tenth consecutive year that the FDIC has not had a material weakness; however, FDIC management will continue to focus on high priority areas, including IT systems security, privacy, international and premium travel, and the New Financial Environment, among others. The FDIC will also address all control issues raised by GAO related to its 2007 financial statement audits.

Management Report on Final Actions
As required under amended Section 5 of the Inspector General Act of 1978, the tables on the following pages provide information on final action taken by management on audit reports for the federal fiscal year period, October 1, 2006, through September 30, 2007.

Table 1:
Management Report on Final Action on Audits with Disallowed Costs For Fiscal Year 2007

  Audit Reports Number of Reports Disallowed Costs (000's)
A. Management decisions – final action not taken at beginning of period 0 $0
B. Management decisions made during the period 0 $0
C. Total reports pending final action during the period (A and B) 0 $0
D. Final action taken during the period:
1. Recoveries:    
(a) Collections & offsets 0 $0
(b) Other 0 $0
2. Write-offs 0 $0
3. Total of 1(a), 1(b), & 2 0 $0
E. Audit reports needing final action at the end of the period 0 $0

Table 2:
Management Report on Final Action on Audits with Recommendations to Put Funds to Better Use For Fiscal Year 2007

  Audit Reports Number of Reports Funds Put To Better Use (000's)
A. Management decisions - final action not taken at beginning of period 0 $0
B. Management decisions made during the period 0 $0
C. Total reports pending final action during the period (A and B) 0 $0
D. Final Action taken during the period:
1. Value of recommendations implemented (completed) 0 $0
2. Value of recommendations that management concluded should not or could not be implemented or completed 0 $0
3. Total of 1 and 2 0 $0
E. Audit reports needing final action at the end of the period 0 $0

Table 3:
Audit Reports Without Final Actions But With Management Decisions Over One Year Old For Fiscal Year 2007
Management Action in Process

Report No. and Issue Date OIG Audit Finding Management Action Disallowed Costs
1. 06-014
7-20-2006
The OIG recommended that the FDIC should issue guidance to: a) clarify corporate expectations for deposit insurance investigations, and b) emphasize that examiners should document the basis for their conclusions. The FDIC is in process of clarifying corporate expectations for reviewing the statutory factors and will emphasize that examiners should document the basis for their conclusions in the "Convenience and Needs of the Community to be Served" area of their report.
 
Expected completion date: 1st quarter 2008.
$0
2. 06-026
9-29-2006
The OIG recommended that the FDIC should ensure that requirements for the new automated procurement system are well defined. The original schedule was re-baselined to provide for additional time to complete the system, due to the exploration and review of a new PeopleSoft acquisition module and consideration of year-end close-out.
 
Expected completion date: 1st quarter 2008.
$0

 


Last Updated 05/05/2008 communications@fdic.gov

Skip Footer back to content