2013 Annual Report

Effective Management of Strategic Resources

The FDIC recognizes that it must effectively manage its human, financial, and technological resources to successfully carry out its mission and meet the performance goals and targets set forth in its annual performance plan. The FDIC must align these strategic resources with its mission and goals and deploy them where they are most needed to enhance its operational effectiveness and minimize potential financial risks to the DIF. Major accomplishments in improving the FDIC's operational efficiency and effectiveness during 2013 follow.

Human Capital Management

The FDIC's human capital management programs are designed to recruit, develop, reward, and retain a highly skilled, cross-trained, diverse, and results-oriented workforce. In 2013, FDIC workforce planning initiatives shifted emphasis to restructuring the portion of the workforce that will address the requirements of Dodd-Frank, especially as it relates to the oversight of SIFIs. Workforce planning also more acutely addressed the need to start winding down bank closure activities, based on the decrease in the number of financial institution failures and institutions in at-risk categories.

Strategic Workforce Planning and Readiness

In August 2010, the FDIC established its Office of Complex Financial Institutions (OCFI) in response to the requirements of the Dodd-Frank Act to supervise and be prepared to resolve SIFIs. In 2011 and 2012, the FDIC recruited complex financial institution specialists who had developed their skills in other public and private sector organizations to staff the risk management supervision section of the OCFI and redeployed current FDIC employees with the requisite skills from other parts of the agency. In 2013, the FDIC reorganized these staff from the supervision section of OCFI into the Division of Risk Management Supervision (RMS), where the vast majority of bank supervisory expertise resides. This allows the FDIC to integrate all financial institution risk supervision into one organization that can deploy and train staff as needed for both SIFIs and smaller banks. It also allows OCFI to concentrate on policy and rule development as we continue to implement Dodd-Frank.

In 2013, the FDIC also addressed workforce planning at several levels within the agency. Given the number of senior executives in key leadership positions who are, or in the next few years will become, eligible to retire from the federal government, in 2013 the FDIC embarked on a succession planning effort focused on the Division and Office Director level. The FDIC is defining the attributes, skills, and experience needed in each of these positions, drafting a plan for developing these attributes and skills in executive managers at the next lower levels, and identifying potential candidates at those levels.

In addition, as the number of financial institution failures continued to decline in 2013, the FDIC's workforce planning efforts turned to determining the staffing needs of the agency during "normal" times and beginning to release some of the temporary staff as their term appointments expire. Although post-closure activity often continues for five to seven years after a bank fails, that activity should slow considerably over the next few years. The FDIC is in the process of extending term appointments only for the most critical staff still needed to monitor and process those actions. The FDIC is also filling vacancies for permanent staff, principally from among the ranks of these experienced term employees.

Finally, in 2013, the FDIC also refined its processes for implementing its "Pathways Programs" as a source of entry-level employees to maintain a fully-trained staff. By utilizing the intern program and the recent graduates program, as well as the normal hiring process, the FDIC has been able to recruit a well-educated and highly skilled workforce that can successfully complete the rigorous three- to four-year training program that leads to a commission as a bank examiner or resolutions specialist. By maintaining a steady pipeline of new examiner trainees, the FDIC intends to keep its future workforce in a steady state of readiness.

The FDIC utilizes the Corporate Employee Program (CEP) to sponsor the development of newly hired Financial Institution Specialists (FISs) for entry-level positions. The Program encompasses major FDIC divisions where newly hired FISs are trained to become a highly effective workforce. During their first year rotation within the Program, FISs gain experience and knowledge in the Division of Depositor and Consumer Protection (DCP), the Division of Risk Management Supervision (RMS), the Division of Resolutions and Receiverships (DRR), and the Division of Insurance and Research (DIR). At the conclusion of this rotation period, FISs are placed within RMS, DCP, or DRR, where they continue their career path to become commissioned examiners or resolutions and receiverships specialists.

The Corporate Employee Program is an essential part of the FDIC's ability to provide continual cross-divisional staff mobility. As a result, the FDIC is capable of responding rapidly to shifting priorities and changes in workload while achieving its corporate mission. Since the CEP's inception in 2005, 1,254 individuals have joined the FDIC through this multi-discipline program and approximately 540 have become commissioned examiners after successfully completing the program's requirements.

The FDIC also continues to sponsor the Financial Management Scholars Program (FMSP) that was launched in May 2011 as an additional hiring source for CEP. Participants in the FMSP are summer interns who have completed their junior year of college. The level of FMSP participants increased significantly in 2012 and 2013. This program allows the FDIC to recruit and hire highly talented and well-qualified students into the CEP earlier than the agency has been able to in the past, and serves as an additional venue to recruit talent. For 2014, the FDIC will continue to augment its workforce by fully utilizing the capacity of the CEP, including the FMSP.

Employee Learning and Development

The FDIC provides its employees with a broad array of learning and development opportunities throughout their career to grow both in technical proficiency and leadership capacity, supporting career progression and succession management. In 2013, the FDIC focused on developing and implementing comprehensive curricula for its business lines to incorporate lessons learned from the financial crisis and prepare employees to meet new challenges. Such training, which includes both classroom and online instruction for maximum flexibility, is a critical part of workforce and succession planning as more experienced employees become eligible for retirement.

The FDIC also offers a holistic leadership development program that combines core courses, electives, and other enrichment opportunities to develop employees at all levels. From new employees to new managers, the FDIC provides employees with targeted leadership development opportunities that are aligned with key leadership competencies. The FDIC is also expanding the use of strategic simulations within its leadership development program to support corporate readiness and preparedness.

In addition to extensive internally developed and administered courses, the FDIC also offers its employees with funds and/or time to participate in external offerings in support of their career development. The FDIC offers learning and development opportunities in support of the FDIC mission for employees at all levels and stages of their career. In 2013, FDIC employees completed approximately 39,000 sessions in the classroom and online, through internal and external courses.

Continuity of Operations

In accordance with guidance in Executive Order 12656, Assignment of Emergency Preparedness Responsibilities; National Security Presidential Directive-51/Homeland Security Presidential Directive-20, National Continuity Policy; and other pertinent Federal Executive Branch continuity guidance, in 2013, the FDIC implemented a new Continuity of Operations Plan that addresses two central priorities:

• Reduce the potential for loss of life and safeguard the FDIC workforce.
• Minimize and mitigate disruptions to FDIC operations to enable continuous performance of essential FDIC functions.

The FDIC's Continuity of Operations Plan meets these central priorities by:

• Ensuring continuity facilities are prepared to carry out essential actions.
• Facilitating succession to key positions by enunciating clear policies and procedures.
• Identifying, safeguarding, and ensuring the availability of all essential records that support FDIC essential functions..
• Protecting facilities, equipment, essential records, and other assets.
• Facilitating a timely and orderly transition from emergency operations to ordinary operations and resumption of full service to the public.
• Ensuring and validating readiness through an effective continuity test, training, and exercise program.

As a result of these efforts, the FDIC has the enhanced ability to maintain a comprehensive and effective continuity capability to support the preservation of our form of government under the Constitution and the continuing performance of Nation Essential Functions under all conditions.

Corporate Risk Management

During 2013, the Office of Corporate Risk Management (OCRM) worked with Divisions and Offices to develop common agency-wide processes for identifying, managing, and mitigating risks to the FDIC. The Office supported both the Enterprise Risk Committee and the Executive Management Committee in reviewing material risks across the FDIC, including:

• Risks to the financial system posed by the current very low level of interest rates, and from the potential disruptions which could arise from sudden and sharp increases in rates.
• Risks to the deposit insurance system arising from new products and services with characteristics very different from traditional time and demand deposits.
• Risks posed by the analytical models used by both the financial services industry and the FDIC in identifying and managing risk.
• Internal operational risks associated with both large-scale IT system development efforts and smaller-scale IT applications developed by individual Divisions and Offices.
• Coordination risks arising from new organizational units created to manage the range of new functions assigned to the FDIC by the Dodd-Frank Act.
• Risks posed to the FDIC and to the financial services industry by concerted attempts to penetrate, compromise,and disrupt the information systems that are essential to effective operation.

Employee Engagement

The FDIC continually evaluates its human capital programs and strategies to ensure that it remains an employer of choice and that all of its employees are fully engaged and aligned with the mission. The FDIC uses the Federal Employee Viewpoint Survey mandated by Congress to solicit information from employees and takes an agency-wide approach to address key issues identified in the survey. In December 2013, the FDIC received an award from the Partnership for Public Service for being ranked number one among mid-sized federal agencies on the Best Places to Work in the Federal Government® list. Effective leadership is the primary factor driving employee satisfaction and commitment in the federal workplace, according to a report by the Partnership for Public Service.

 

The FDIC's Workplace Excellence (WE) Program played an important role in helping the FDIC achieve this ranking. The WE Program is composed of a national-level WE Steering Committee and Division/Office WE Councils that are focused on maintaining, enhancing, and institutionalizing a positive workplace environment throughout the FDIC. In addition to the WE Program, the FDIC-NTEU Labor-Management Forum serves as a mechanism for the union and employees to have pre-decisional input on workplace matters. The WE Program and Labor Management Forum enhances communication, provides additional opportunities for employee input and engagement, and improves employee empowerment.

Information Technology Management

The FDIC continues to heavily leverage Information Technology (IT) to achieve its mission and has improved both the structure of IT leadership and the protection of sensitive digital information from cyber threats in 2013.

IT Leadership Structural Changes

Because the importance of digital information to FDIC operations continues to grow, an assessment of IT leadership structure was completed, and corresponding improvements were implemented. First, the assessment concluded that the requirements of the Chief Information Officer (CIO) role have grown to require a full-time incumbent in addition to a full time incumbent in the role of IT division director. The new CIO role, which reports directly to the Chairman, was separated from the IT division director role and is responsible for strategic alignment of IT resources to securely produce objectively measurable business value. The IT division director, in turn, reports to the CIO and manages IT operations and development. Second, the assessment concluded that the information security and privacy functions continue to grow in importance and warranted separation under the CIO from the IT division. Both of these changes will help to elevate and integrate IT and information security management commensurate with their increasing importance in achieving the FDIC's mission.

Sensitive Digital Information Protection

The FDIC continued to enhance its security posture under a new cross-divisional leadership team to combat the increased number and sophistication of security threats. Several specific projects were completed during the year including an independent assessment of the FDIC's IT security, employee training improvements, and the introduction of simulation exercises to routinely identify potential enhancements to the FDIC security profile.

An independent assessment of the FDIC's IT security was completed and improvements were initiated in response to the assessment's findings. The assessment confirmed the overall high quality of the FDIC's security mechanisms but also identified refinements that could be efficiently implemented, ranging from improvements to access controls to enhancements of incident monitoring tools. Several of the recommendations have already been implemented and the remainder will be completed in 2014.

The new cross-divisional leadership team has also overseen improvements to employee security training during the year. Specifically, better monitoring of employee completion of general security training was implemented and exercises to help employees identify fraudulent emails were increased. Also, educational presentations to the leadership team were completed throughout the year to raise awareness and understanding of types of threats and preventative measures, both at the FDIC and at financial institutions.

Simulation exercises contributed significantly to identifying areas to improve in current policy and procedure relative to varying threat scenarios. For example, in November simulations of a successful fraud perpetration on the FDIC data center were completed that helped identify needed changes to incident response procedures. These changes are now being implemented. Additional simulations are planned for 2014 and on an ongoing basis to continually evaluate the efficacy of FDIC security and privacy procedures.