Home > About FDIC > Financial Reports > 2003 Annual Report
2003 Annual Report
IV. Management Controls - Matters for Continued Monitoring
For purposes of this report, matters for continued monitoring are medium-risk areas with ineffective internal controls with minor or no mitigating controls in place, posing medium risk to the Corporation. These areas warrant continued monitoring of corrective actions through completion.
The Corporation's evaluation and assessment process identified four matters that warrant continued monitoring. Three of these matters (numbers 2 - 4 below) were also included in the 2002 Annual Report.
1. Systems Development Project Management
NFE will provide an integrated financial system that focuses on data-sharing, state-of-the-art computing technology, and the ability to grow and change with the Corporation's future financial management and information needs. Given the scope and complexity of the overall project, current delays from the original aggressive schedule, and control deficiencies identified by leadership and reinforced in the OIG's audit report number 03-045 entitled New Financial Environment Scope Management Controls, it is appropriate to maintain a heightened level of attention and focus on this major corporate initiative.
Also, at the FDIC's request, the OIG is reviewing issues that could impact the cost and timely completion of the CDR project. The FDIC, the Office of the Comptroller of the Currency (OCC), and the Federal Reserve Board (FRB), collectively referred to as the Federal Financial Institutions Examination Council (FFIEC) Call Agencies, want to improve the collection and management of the consolidated reports of condition and income (Call Reports) and publication of the Uniform Bank Performance Reports. This project presents potential risks and challenges as a result of the reliance on new technology and involvement of multiple agencies.
Additional audits are being planned for other large system-development efforts like Virtual Supervisory Information on the Net (ViSION). ViSION is an internet-based data system that provides the FDIC and staff of the other federal banking agencies and state authorities access to supervisory information about financial institutions. Phase IV of this project has experienced delays and potentially presents risks to timely and efficient data resource and reporting needs. Therefore, the FDIC will continue to focus heightened attention on this major initiative as well.
By continuing management focus on large scale system-development efforts, the FDIC can strengthen its internal controls and mitigate risks that could hinder the Corporation from successfully achieving its goals and objectives.
2. Contractor Oversight
In prior years, the FDIC implemented results-oriented contracting structures for multi-year, complex high-dollar-value contracts, that linked contractor compensation with performance and greatly decreased contract administration risk. In 2003, greater emphasis (2003 Procurement Plan approved by the FDIC Board of Directors) was placed on awarding more consolidated, performance based contracting vehicles that will further enhance contractor performance and gain greater administrative efficiencies and contracting oversight.
The FDIC currently awards and administers over 50 percent of all contracting actions to support Information Technology (IT) activities within the Corporation. Other major system initiatives, in addition to NFE, CDR, and ViSION, include the Assessment Information Management System II (AIMS II), and the Corporate Human Resources Information System (CHRIS).
AIMS II is the platform that provides the FDIC with a flexible robust tool to efficiently track deposit insurance assessments levied since the creation of the BIF and SAIF in 1989. It takes into account any changes pending deposit insurance reform legislation might require, including possible credits or refund calculations. AIMS II is in production and produced the last three quarterly insurance invoices in 2003.
CHRIS is an integrated human resources processing and information system that will bring together many functions and data that now reside in multiple, stand-alone systems. CHRIS is being implemented incrementally utilizing a phased approach over a four-year period. The FDIC is currently planning the implementation of the fourth phase, which should be in production in early 2005.
A major non-systems related procurement effort now underway is the construction of Phase II of the Seidman Center (Virginia Square Phase II). This is a project that involves the addition of a two-tower office building and multi-purpose facility at the FDIC's existing Virginia Square campus. The new buildings will accommodate staff presently housed at three leased locations in Washington, DC, and will save the FDIC an estimated $78 million (in net present value terms) over a 20 year period. In September 2003, the FDIC broke ground for this new facility, which is expected to be occupied in 2006.
3. Risk Designation Levels/Background Investigations
Additionally, the FDIC has revised its circular on "Personnel Suitability Program," which will give current guidance on conducting the position-based background investigations discussed above.
4. Business Continuity Plan
Another related effort involved disaster recovery testing. One disaster recovery test was conducted in 2003, with several others planned for 2004 and beyond. Results of the 2003 test revealed a need to update the call listing of essential personnel and to issue new guidelines and procedures to be utilized for disaster recovery purposes.
|Last Updated firstname.lastname@example.org|