Management Report:

Opportunities for Improvements in FDIC's Shared Loss Estimation Process

GAO-12-752R: Published: Jul 19, 2012. Publicly Released: Jul 19, 2012.

Additional Materials:

Contact:

James R. Dalkin
202-512-3133
dalkinj@gao.gov

 

Gregory C. Wilshusen
202-512-6244
wilshuseng@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

During our audit of the DIF’s 2011 and 2010 financial statements, we identified deficiencies in controls over FDIC’s process for deriving and reporting estimates of losses to the DIF from resolution transactions involving shared loss agreements. While these deficiencies, individually and collectively, did not constitute a material weakness in internal control over financial reporting, they nevertheless increased the risk of additional undetected errors or irregularities in the DIF’s financial statements. Thus, these control deficiencies collectively represented a significant deficiency in FDIC’s internal control over financial reporting for the DIF related to estimating losses from shared loss agreements.

Specifically, we found the following deficiencies in FDIC’s internal control over financial reporting for the DIF related to estimating losses from shared loss agreements:

  • FDIC did not have adequate documentation for key aspects of the shared loss estimation process. This, in turn, did not allow for sufficient review and oversight of its loss estimation process for shared loss agreements. As a result, FDIC’s multiple reviews and approvals did not identify three programming errors that existed in the shared loss model that caused errors in the shared loss estimate and resulted in errors in the DIF’s draft financial statements.

  • FDIC did not consistently implement its corporate software change management policies to its shared loss estimating process. This led to programming errors that went unidentified and resulted in inaccuracies in the DIF’s draft financial statements.

  • FDIC’s internal controls were not designed or implemented to ensure that the source data used by the shared loss model were accurate. As a result, FDIC did not identify errors in the source information or errors in the shared loss model that resulted in errors in the DIF’s draft financial statements.

At the end of our description of each of these deficiencies, we provide our recommendations for strengthening FDIC’s related internal controls. These recommendations are intended to improve management’s oversight and controls and minimize the risk of misstatements in FDIC’s financial statements for the DIF.

We also found that FDIC addressed many of the control deficiencies related to open recommendations from our prior audits. As a result, FDIC has eight financial management-related recommendations that need to be addressed, including four new recommendations we are making in this report.

Why GAO Did This Study

In April 2012, we issued our report on the results of our audits of the financial statements of the Deposit Insurance Fund (DIF) and the Federal Savings and Loan Insurance Corporation Resolution Fund (FRF) as of and for the years ending December 31, 2011, and 2010, and on the effectiveness of the Federal Deposit Insurance Corporation’s (FDIC) internal control over financial reporting as of December 31, 2011. We also reported our conclusions on FDIC’s compliance with selected provisions of laws and regulations. As part of that audit, we identified a significant deficiency in FDIC’s internal control over its shared loss estimation process for the DIF.

The purpose of this report is to present additional information on the control deficiencies we identified during our 2011 audit that comprised the significant deficiency, along with our four related recommended corrective actions to address them. In addition, we are providing an update on our assessment of the status of recommendations we made to address control deficiencies identified in previous audits that were open at the beginning of our 2011 financial statement audits. In a separate report, we provided details on additional information technology-related deficiencies also identified during our 2011 FDIC financial statement audits. These findings and related recommendations were issued in a separate report due to their sensitive nature.

What GAO Recommends

We recommend that the Deputy to the Chairman and Chief Financial Officer direct the appropriate FDIC officials to develop documentation specifying how the shared loss estimation model programs should perform calculations and how the calculations within the model’s programs relate to the shared loss estimation methodology.

We recommend that the Deputy to the Chairman and Chief Financial Officer direct the appropriate FDIC officials to implement the corporation’s change management policies to the shared loss model by taking the following actions:

  • develop, document, and implement a formal change management process for the shared loss model that is consistent with FDIC’s corporate policies for software change management and

  • design and perform tests of the shared loss model to ensure that (1) the program logic and test results are consistent with the objectives of the programs and (2) all portions of the shared loss calculation are tested.

To enhance the reliability of estimates produced by the shared loss model, we recommend that the Deputy to the Chairman and Chief Financial Officer direct the appropriate FDIC officials to design and perform tests to verify data used in the shared loss model back to an original source.

For more information, contact Jim Dalkin at (202) 512-3133 or dalkinj@gao.gov or Greg Wilshusen at (202)-512-6244 or wilshuseng@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: The Deputy to the Chairman and Chief Financial Officer should direct the appropriate FDIC officials to implement the corporation’s change management policies to the shared loss model by designing and performing tests of the shared loss model to ensure that (1) the program logic and test results are consistent with the objectives of the programs and (2) all portions of the shared loss calculation are tested.

    Agency Affected: Federal Deposit Insurance Corporation

  2. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: The Deputy to the Chairman and Chief Financial Officer should direct the appropriate FDIC officials to implement the corporation’s change management policies to the shared loss model by developing, documenting, and implementing a formal change management process for the shared loss model that is consistent with FDIC’s corporate policies for software change management.

    Agency Affected: Federal Deposit Insurance Corporation

  3. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: The Deputy to the Chairman and Chief Financial Officer should direct the appropriate FDIC officials to develop documentation specifying how the shared loss estimation model programs should perform calculations and how the calculations within the model’s programs relate to the shared loss estimation methodology.

    Agency Affected: Federal Deposit Insurance Corporation

  4. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To enhance the reliability of estimates produced by the shared loss model, the Deputy to the Chairman and Chief Financial Officer should direct the appropriate FDIC officials to design and perform tests to verify data used in the shared loss model back to an original source.

    Agency Affected: Federal Deposit Insurance Corporation

 

Explore the full database of GAO's Open Recommendations »

Nov 20, 2014

Oct 6, 2014

Sep 17, 2014

Aug 5, 2014

Jul 31, 2014

Jun 18, 2014

Apr 29, 2014

Apr 7, 2014

Jan 8, 2014

Looking for more? Browse all our products here