Office of Inspector General

transcript

Office of Inspector GeneralPresentation to

June 29, 2004

Workshop for Internal Auditors of Financial Sector Supervisory and Regulatory

Authorities

Tallinn, Estonia

Presentation Objectives

Overview of the Federal Reserve System

OIG Mission, Functions, and Organization

Case Studies: OIG Work in Supervision and Regulation

Federal Reserve System

Created by Congress in 1913 Four essential functions:

Conducting Monetary Policy Maintaining the stability of the

financial system and containing systemic risk in the financial markets

Performing banking supervision and regulation

Providing financial services

Federal Reserve System (con’t)

Structure of the System: Board of Governors in Washington, DC Twelve Federal Reserve Banks in major

cities throughout the U.S. Federal Open Market Committee

Board members President of FRB NY Four other Reserve Bank Presidents

Federal Reserve System (con’t)

OIG Legal Authority

The Inspector General Act of 1978 provides certain powers and authorities to help ensure OIG’s independence, objectivity, and access to information and records.

The Federal Reserve Board OIG was established in 1987 in accordance with this Act.

OIG Mission(as stated in the IG Act)

Conduct, supervise, and coordinate audits and investigations of Board programs and operations.

Promote economy and efficiency in the administration of Board activities.

Prevent and detect fraud, waste, abuse, and mismanagement.

Review and make recommendations regarding existing and proposed legislation and regulations.

Keep the Chairman and Congress fully informed.

Additional OIG Responsibilities

Other legislation provides additional responsibilities:

Federal Deposit Insurance Corporation Improvement Act (FDICIA) requires a review of failed financial institutions that result in a material loss to the Bank Insurance Fund.

Federal Information Security Management Act (FISMA) requires annual reviews of the agencies information security program.

OIG Relationships

Inspector General is appointed by and reports to the Chairman.

OIG has authority to review any Board program or activity, including functions specifically delegated to the Reserve Banks.

OIG may coordinate with Reserve Bank General Auditors on Systemwide projects, but there is no supervisory relationship.

OIG provides semi-annual reports to Congress summarizing the results of significant OIG activities.

Barry R. SnyderInspector General

Donald L. RobinsonDeputy Inspector General

Elizabeth A. Coleman

Senior Program Manager

Communications & Quality Assurance

Anthony J. CastaldoSenior Program

ManagerInspections &Evaluations

William L. MitchellSenior Program

ManagerAudits &

Attestations

Donna M. HarrisonSenior Program

ManagerInvestigations

Laurence A. Froehlich

Counsel to theInspector General

Margaret L. O’ReillyManager

Administrative Services

Sue SouvannavongManager

Information Technology

OIG Staff

OIG Organizational Structure

ManagerAudits &

Attestations

OIG Staff

Audits and Attestations

•Conduct financial and performance audits

•Evaluate economy, efficiency, and effectiveness

•Evaluate the effectiveness of internal controls

•Determine compliance with laws and regulations

•Perform attestations (examinations, reviews, or agreed- upon procedures

ManagerAudits &

Attestations

OIG Staff

Inspections and Evaluations

•Draw on methodological techniques from a variety of disciplines

•Provide timely and relevant analyses and assessments of current policy, programmatic, and operation issues; offer rapid response to inquiries made by management or external parties

•Conducts inspections, which are generally narrowly focused on a particular issue or topic

•Perform evaluations, which are generally focused on a specific program or function

ManagerAudits &

Attestations

OIG Staff

OIG Organizational StructureInvestigations

•Perform criminal and administrative investigations

•React to possible wrongdoing identified through theOIG Hotline

•Respond to referrals from OIG auditors, Board program functions, or other sources

•Conduct prevention and detection activities

ManagerAudits &

Attestations

OIG Staff

Communications and Quality Assurance

•Manage the OIG’s strategic planning process

•Oversee implementation and execution of a comprehensive quality assurance and internal control oversight program

•Take a lead role in OIG communications and reporting processes

•Serve as the liaison to the IG community

OIG Projects OIG identifies projects to be accomplished during

the year in a variety of ways: Strategic and annual planning processes Congressional requests/new legislative mandates Customer requests Hotline complaints and other investigative

referrals

Audits, inspections, evaluations, and investigative projects may result from any of the above

Projects -Supervision and Regulation

To date, we have reviewed four failed financial institutions as part of our material loss review responsibilities Two failures resulted from fraud Two were the result of economic

downturns

Also reviewed two holding companies

Projects -Supervision and Regulation

Other supervision and regulation work has focused on: Risk-focused examination process Bank holding company inspections Applications process Bank Secrecy Act Commercial Real Estate Enforcement Actions

Case Studies

Review two case studies based on recent OIG work: Material loss review of the failure of

Oakwood Bank

Review of Internal Control Assessments at Community Banks

Case Study –Oakwood MLR

Oakwood Bank was a small, two-office community bank located in rural Ohio

Bank was closed in February 2002 after the bank’s Executive Vice President confessed to fraudulent activity of a magnitude sufficient to render the bank insolvent

Estimated loss to the bank insurance fund was $60 million

Case Study –Oakwood MLR (con’t)

OIG is required by law to review supervision of failed institutions if loss is “material”

Material is defined as the greater of $25 million or 2 percent of the institution’s total assets

OIG is to review the agency’s supervision of the failed institution to: Ascertain why the institution’s problems

resulted in a loss to the insurance fund Make recommendations for preventing any such

loss in the future

Interviewed staff and officials at the Board, FRB Cleveland, the state’s regulatory agency, and the FDIC

Reviewed examination reports, off-site surveillance information, examination workpapers, and investigative files

Analyzed bank records

Oakwood failed because of weak corporate governance and an inadequate internal control structure

This created an environment in which a senior executive was able to conduct a check kiting scheme and embezzle funds

Although fraud can be difficult to detect, particularly when senior executives are involved, our work found that…

Examiners did not properly apply risk-focused examination principles that warranted more in-depth testing

Examiners relied on an outside CPA without reviewing the scope, methodology, or reliability of the work

Examiners overlooked obvious red flags that could have uncovered the fraud earlier

Lapses in appropriately applying the risk-focused approach to examinations were caused by Inexperienced examination staff Inadequate examiner supervision Failure to consistently exercise appropriate

professional skepticism

No recommendations made; report provided “matters for the Board to consider”: Communicate lessons learned to all Reserve

Bank examiners Expand the use of surprise examinations Require independent financial statement

audits Enhance examiner training

Case Study –Review of Internal Controls

As a result of Oakwood, we initiated a review of internal control assessments performed during community bank examinations

Our objective was to determine if Oakwood represented an anomaly or a systemic deficiency in examination practices

To accomplish this, we: Reviewed policies, procedures, and guidelines Reviewed workpapers for 36 examinations at 4 Reserve

Banks Interviewed staff and managers

(con’t)

We found that examiners had performed internal control assessments and had appropriately applied risk-focused principles

Depth of the examiners’ review was commensurate with the institution’s risk profile

(con’t)

Each Reserve Bank we visited had initiatives underway to augment internal control reviews based on the results of our report on Oakwood

We suggested that the Board review and evaluate all initiatives and determine if there are “best practices” that should be implemented Systemwide

Questions?

Office of Inspector General

Documents