Skip Header

Federal Deposit
Insurance Corporation

Each depositor insured to at least $250,000 per insured bank

2015 Annual Report

Previous | Contents | Next

VI. Corporate Management Control

The FDIC uses several means to maintain comprehensive internal controls, ensure the overall effectiveness and efficiency of operations, and otherwise comply as necessary with the following federal standards, among others:

As a foundation for these efforts, the Division of Finance Corporate Management Control Branch oversees a corporate-wide program of relevant activities by establishing policies and working with management in each division and office in the FDIC. The FDIC has made a concerted effort to ensure that financial, reputational, and operational risks have been identified and that corresponding control needs are being incorporated into day-to-day operations. The program also requires that comprehensive procedures be documented, employees be thoroughly trained, and supervisors be held accountable for performance and results. Compliance monitoring is carried out through periodic management reviews and by the distribution of various activity reports to all levels of management. Conscientious attention is also paid to the implementation of audit recommendations made by the FDIC Office of the Inspector General, the GAO, and other providers of external/audit scrutiny. The FDIC has received unmodified/unqualified opinions on its financial statement audits for 24 consecutive years, and these and other positive results reflect the effectiveness of the overall management control program.

In 2015, efforts were focused on human resources, process mapping, continuation of activities associated with the Dodd-Frank Act, and contract oversight. Considerable energy was devoted to ensuring that the FDIC’s processes and systems of control have kept pace with the workload, and that the foundation of controls throughout the FDIC remained strong.

During 2016, among other things, program evaluation activities will focus on failed bank data; the Identity, Credential and Access Control Program; systems development associated with the Capital Investment Review Committee; the Workforce Development Initiative; and systems security. Continued emphasis and management scrutiny also will be applied to the accuracy and integrity of transactions and oversight of systems development efforts in general.           

MANAGEMENT REPORT ON FINAL ACTIONS

As required under amended Section 5 of the Inspector General Act of 1978, the FDIC must report information on final action taken by management on certain audit reports. The tables on the following pages provide information on final action taken by management on audit reports for the federal fiscal year period October 1, 2014, through September 30, 2015.

TABLE 1:
MANAGEMENT REPORT ON FINAL ACTION ON AUDITS WITH DISALLOWED COSTS FOR FISCAL YEAR 2015
Dollars in Thousands
(There were no audit reports in this category.)

 

TABLE 2:
MANAGEMENT REPORT ON FINAL ACTION ON AUDITS WITH RECOMMENDATIONS TO PUT FUNDS TO BETTER USE FOR FISCAL YEAR 2015
Dollars in Thousands
Audit Reports Number of Reports Funds put to
Better Use
A. Management decisions – final action not taken at beginning of period 0 $0
B. Management decisions made during the period 1 $4,586
C. Total reports pending final action during the period (A and B) 1 $4,586
D. Final action taken during the period:    
1. Value of recommendations implemented (completed) 0 $0
2. Value of recommendations that management concluded should not or
could not be implemented or completed
0 $0
3. Total of 1 and 2 0 $0
E. Audit reports needing final action at the end of the period 1 $4,586

 

TABLE 3:
AUDIT REPORTS WITHOUT FINAL ACTIONS BUT
WITH MANAGEMENT DECISIONS OVER ONE YEAR OLD
FOR FISCAL YEAR 2015
Report No. and Issue Date OIG Audit Finding Management Action Disallowed Costs
AUD-14-002
11/21/2013
The Director, Division of Administration (DOA), should coordinate with the Division of Information Technology (DIT) and FDIC division and office officials, as appropriate, to address potential gaps that may exist between the 12-hour time frame required to restore mission essential functions following an emergency and the 72-hour recovery time objective for restoring missioncritical applications.

In addition to other steps that it has already taken, DOA, in partnership with the Office of Corporate Risk Management and DIT, has convened a working group to advance a risk management framework that will enhance the FDIC’s business continuity plans. The framework will define a method for addressing potential gaps that may exist between the 12-hour requirement to restore mission essential functions and the 72-hour recovery time objective for restoring mission-critical applications. A set of options and recommendations will be presented to executive management to either accept identified risks or authorize resources to close identified gaps.

Due Date: 12/31/2016

 

$0
EVAL-14-002
07/25/2014
The FDIC, FRB, and OCC should consider the need to (1) increase their level of written enforcement action coordination to meet the requirements of Federal Register policy statement 62 Fed. Reg. 7782, or (2) revise the policy statement to reflect the regulators’ current level of coordination.

The Legal Division and the Division of Risk Management Supervision will revise the memo and devise a new policy statement.

Due Date: 4/30/2016

$0

 

Previous | Contents | Next

Skip Footer back to content