1
Office of Inspector GeneralPresentation to
June 29, 2004
Workshop for Internal Auditors of Financial Sector Supervisory and Regulatory
Authorities
Tallinn, Estonia
2
Presentation Objectives
Overview of the Federal Reserve System
OIG Mission, Functions, and Organization
Case Studies: OIG Work in Supervision and Regulation
3
Federal Reserve System
Created by Congress in 1913 Four essential functions:
Conducting Monetary Policy Maintaining the stability of the
financial system and containing systemic risk in the financial markets
Performing banking supervision and regulation
Providing financial services
4
Federal Reserve System (con’t)
Structure of the System: Board of Governors in Washington, DC Twelve Federal Reserve Banks in major
cities throughout the U.S. Federal Open Market Committee
Board members President of FRB NY Four other Reserve Bank Presidents
5
Federal Reserve System (con’t)
6
OIG Legal Authority
The Inspector General Act of 1978 provides certain powers and authorities to help ensure OIG’s independence, objectivity, and access to information and records.
The Federal Reserve Board OIG was established in 1987 in accordance with this Act.
7
OIG Mission(as stated in the IG Act)
Conduct, supervise, and coordinate audits and investigations of Board programs and operations.
Promote economy and efficiency in the administration of Board activities.
Prevent and detect fraud, waste, abuse, and mismanagement.
Review and make recommendations regarding existing and proposed legislation and regulations.
Keep the Chairman and Congress fully informed.
8
Additional OIG Responsibilities
Other legislation provides additional responsibilities:
Federal Deposit Insurance Corporation Improvement Act (FDICIA) requires a review of failed financial institutions that result in a material loss to the Bank Insurance Fund.
Federal Information Security Management Act (FISMA) requires annual reviews of the agencies information security program.
9
OIG Relationships
Inspector General is appointed by and reports to the Chairman.
OIG has authority to review any Board program or activity, including functions specifically delegated to the Reserve Banks.
OIG may coordinate with Reserve Bank General Auditors on Systemwide projects, but there is no supervisory relationship.
OIG provides semi-annual reports to Congress summarizing the results of significant OIG activities.
10
Barry R. SnyderInspector General
Donald L. RobinsonDeputy Inspector General
Elizabeth A. Coleman
Senior Program Manager
Communications & Quality Assurance
Anthony J. CastaldoSenior Program
ManagerInspections &Evaluations
William L. MitchellSenior Program
ManagerAudits &
Attestations
Donna M. HarrisonSenior Program
ManagerInvestigations
Laurence A. Froehlich
Counsel to theInspector General
Margaret L. O’ReillyManager
Administrative Services
Sue SouvannavongManager
Information Technology
OIG Staff
OIG Organizational Structure
11
Barry R. SnyderInspector General
Donald L. RobinsonDeputy Inspector General
Elizabeth A. Coleman
Senior Program Manager
Communications & Quality Assurance
Anthony J. CastaldoSenior Program
ManagerInspections &Evaluations
William L. MitchellSenior Program
ManagerAudits &
Attestations
Donna M. HarrisonSenior Program
ManagerInvestigations
Laurence A. Froehlich
Counsel to theInspector General
Margaret L. O’ReillyManager
Administrative Services
Sue SouvannavongManager
Information Technology
OIG Staff
OIG Organizational Structure
Audits and Attestations
•Conduct financial and performance audits
•Evaluate economy, efficiency, and effectiveness
•Evaluate the effectiveness of internal controls
•Determine compliance with laws and regulations
•Perform attestations (examinations, reviews, or agreed- upon procedures
12
Barry R. SnyderInspector General
Donald L. RobinsonDeputy Inspector General
Elizabeth A. Coleman
Senior Program Manager
Communications & Quality Assurance
Anthony J. CastaldoSenior Program
ManagerInspections &Evaluations
William L. MitchellSenior Program
ManagerAudits &
Attestations
Donna M. HarrisonSenior Program
ManagerInvestigations
Laurence A. Froehlich
Counsel to theInspector General
Margaret L. O’ReillyManager
Administrative Services
Sue SouvannavongManager
Information Technology
OIG Staff
OIG Organizational Structure
Inspections and Evaluations
•Draw on methodological techniques from a variety of disciplines
•Provide timely and relevant analyses and assessments of current policy, programmatic, and operation issues; offer rapid response to inquiries made by management or external parties
•Conducts inspections, which are generally narrowly focused on a particular issue or topic
•Perform evaluations, which are generally focused on a specific program or function
13
Barry R. SnyderInspector General
Donald L. RobinsonDeputy Inspector General
Elizabeth A. Coleman
Senior Program Manager
Communications & Quality Assurance
Anthony J. CastaldoSenior Program
ManagerInspections &Evaluations
William L. MitchellSenior Program
ManagerAudits &
Attestations
Donna M. HarrisonSenior Program
ManagerInvestigations
Laurence A. Froehlich
Counsel to theInspector General
Margaret L. O’ReillyManager
Administrative Services
Sue SouvannavongManager
Information Technology
OIG Staff
OIG Organizational StructureInvestigations
•Perform criminal and administrative investigations
•React to possible wrongdoing identified through theOIG Hotline
•Respond to referrals from OIG auditors, Board program functions, or other sources
•Conduct prevention and detection activities
14
Barry R. SnyderInspector General
Donald L. RobinsonDeputy Inspector General
Elizabeth A. Coleman
Senior Program Manager
Communications & Quality Assurance
Anthony J. CastaldoSenior Program
ManagerInspections &Evaluations
William L. MitchellSenior Program
ManagerAudits &
Attestations
Donna M. HarrisonSenior Program
ManagerInvestigations
Laurence A. Froehlich
Counsel to theInspector General
Margaret L. O’ReillyManager
Administrative Services
Sue SouvannavongManager
Information Technology
OIG Staff
OIG Organizational Structure
Communications and Quality Assurance
•Manage the OIG’s strategic planning process
•Oversee implementation and execution of a comprehensive quality assurance and internal control oversight program
•Take a lead role in OIG communications and reporting processes
•Serve as the liaison to the IG community
15
OIG Projects OIG identifies projects to be accomplished during
the year in a variety of ways: Strategic and annual planning processes Congressional requests/new legislative mandates Customer requests Hotline complaints and other investigative
referrals
Audits, inspections, evaluations, and investigative projects may result from any of the above
16
Projects -Supervision and Regulation
To date, we have reviewed four failed financial institutions as part of our material loss review responsibilities Two failures resulted from fraud Two were the result of economic
downturns
Also reviewed two holding companies
17
Projects -Supervision and Regulation
Other supervision and regulation work has focused on: Risk-focused examination process Bank holding company inspections Applications process Bank Secrecy Act Commercial Real Estate Enforcement Actions
18
Case Studies
Review two case studies based on recent OIG work: Material loss review of the failure of
Oakwood Bank
Review of Internal Control Assessments at Community Banks
19
Case Study –Oakwood MLR
Oakwood Bank was a small, two-office community bank located in rural Ohio
Bank was closed in February 2002 after the bank’s Executive Vice President confessed to fraudulent activity of a magnitude sufficient to render the bank insolvent
Estimated loss to the bank insurance fund was $60 million
20
Case Study –Oakwood MLR (con’t)
OIG is required by law to review supervision of failed institutions if loss is “material”
Material is defined as the greater of $25 million or 2 percent of the institution’s total assets
OIG is to review the agency’s supervision of the failed institution to: Ascertain why the institution’s problems
resulted in a loss to the insurance fund Make recommendations for preventing any such
loss in the future
21
Case Study –Oakwood MLR (con’t)
Interviewed staff and officials at the Board, FRB Cleveland, the state’s regulatory agency, and the FDIC
Reviewed examination reports, off-site surveillance information, examination workpapers, and investigative files
Analyzed bank records
22
Case Study –Oakwood MLR (con’t)
Oakwood failed because of weak corporate governance and an inadequate internal control structure
This created an environment in which a senior executive was able to conduct a check kiting scheme and embezzle funds
Although fraud can be difficult to detect, particularly when senior executives are involved, our work found that…
23
Case Study –Oakwood MLR (con’t)
Examiners did not properly apply risk-focused examination principles that warranted more in-depth testing
Examiners relied on an outside CPA without reviewing the scope, methodology, or reliability of the work
Examiners overlooked obvious red flags that could have uncovered the fraud earlier
24
Case Study –Oakwood MLR (con’t)
Lapses in appropriately applying the risk-focused approach to examinations were caused by Inexperienced examination staff Inadequate examiner supervision Failure to consistently exercise appropriate
professional skepticism
25
Case Study –Oakwood MLR (con’t)
No recommendations made; report provided “matters for the Board to consider”: Communicate lessons learned to all Reserve
Bank examiners Expand the use of surprise examinations Require independent financial statement
audits Enhance examiner training
26
Case Study –Review of Internal Controls
As a result of Oakwood, we initiated a review of internal control assessments performed during community bank examinations
Our objective was to determine if Oakwood represented an anomaly or a systemic deficiency in examination practices
To accomplish this, we: Reviewed policies, procedures, and guidelines Reviewed workpapers for 36 examinations at 4 Reserve
Banks Interviewed staff and managers
27
Case Study –Review of Internal Controls
(con’t)
We found that examiners had performed internal control assessments and had appropriately applied risk-focused principles
Depth of the examiners’ review was commensurate with the institution’s risk profile
28
Case Study –Review of Internal Controls
(con’t)
Each Reserve Bank we visited had initiatives underway to augment internal control reviews based on the results of our report on Oakwood
We suggested that the Board review and evaluate all initiatives and determine if there are “best practices” that should be implemented Systemwide
Questions?