Skip to main content

Management Report: Improvements Needed in FDIC's Internal Control over Contract Documentation and Payment-Review Processes

GAO-22-105824 Published: May 19, 2022. Publicly Released: May 19, 2022.
Jump To:

Fast Facts

The Federal Deposit Insurance Corporation (FDIC) helps maintain stability and public confidence in the nation's financial system.

During our 2020-2021 financial statement audit of the two funds that the FDIC administers (the Deposit Insurance Fund and the Federal Savings and Loan Insurance Corporation Resolution Fund), we continued to identify issues—what auditors call a "significant deficiency." These issues related to how the FDIC ensures that its payments to contractors are correct and sufficiently documented.

In this report to FDIC's management, we made two new recommendations to address these issues.

Federal Deposit Insurance Corporation

Skip to Highlights

Highlights

What GAO Found

During the audits of the 2021 and 2020 financial statements of the two funds that the Federal Deposit Insurance Corporation (FDIC) administers—the Deposit Insurance Fund (DIF) and the Federal Savings and Loan Insurance Corporation Resolution Fund (FRF)—GAO continued to identify deficiencies in FDIC’s controls over contract documentation and payment-review processes that collectively represent a significant deficiency in FDIC’s internal control over financial reporting that merits attention by those charged with FDIC governance.

GAO communicated to FDIC management detailed information regarding these control deficiencies and made two new recommendations to address them. For one of the two recommendations related to FDIC’s contract payment-review processes from GAO’s prior-year report, GAO found that FDIC implemented corrective actions during 2021 to resolve the deficiency. As a result, this recommendation was closed. Therefore, FDIC currently has three GAO financial audit recommendations to address. These recommendations are intended to improve FDIC’s internal controls over financial reporting as well as to bring FDIC into conformance with its own policies and Standards for Internal Control in the Federal Government. In commenting on a draft of this report, FDIC agreed with the two new recommendations and described planned actions to address each recommendation.

Why GAO Did This Study

The purpose of this report is to present the internal control deficiencies identified during GAO’s audit testing of FDIC’s 2021 non-payroll operating expenses, GAO’s two new recommendations related to these new deficiencies, and the status of corrective actions FDIC took to address GAO’s prior-year recommendations. This report is intended for FDIC management’s use.

Recommendations

GAO is making two recommendations to help FDIC reasonably assure that contracting officers follow existing policies and procedures. FDIC agreed with GAO’s two recommendations and described planned actions to address each recommendation.

Recommendations for Executive Action

Agency Affected Recommendation Status
Federal Deposit Insurance Corporation The Deputy Director of the Acquisition Services Branch of the Division of Administration should direct contracting officers to review and follow FDIC's existing policies and procedures for documenting and approving contract modifications to reasonably assure that FDIC sufficiently documents and properly supports contracts. (Recommendation 1)
Closed – Implemented
In commenting on our draft report, FDIC concurred with this recommendation. In response to our recommendation, in December 2021, FDIC's Acting Deputy Director notified contracting officers of the deficiencies that we identified and directed them to review and follow FDIC's existing policies and procedures for documenting and approving contract modifications. Additionally, in January 2022, the FDIC Acquisition Services Branch provided updated guidance to contracting officers on the FDIC Procurement Administrative Bulletins webpage and included a consolidated list of bulletins addressing contract amendments and modifications. As a result, we determined that FDIC took sufficient corrective actions to close this recommendation.
Federal Deposit Insurance Corporation The Deputy Director of the Acquisition Services Branch of the Division of Administration should establish a process to periodically monitor the operating effectiveness of existing policies and procedures to reasonably assure that contracting officers sufficiently and accurately follow existing policies and procedures for contracts. (Recommendation 2)
Closed – Implemented
In commenting on our draft report, FDIC concurred with this recommendation. In calendar year 2023, FDIC's Acquisition Services Branch established a Quality Assurance/Internal Control Program, which implemented periodic review procedures to provide reasonable assurance that contracting officers follow acquisition policies and procedures. These reviews became part of the official Prepared by Client documentation for the annual financial statement audit, indicating that they are now part of FDIC's established processes. As a result, we determined that the FDIC has taken sufficient corrective actions to address this recommendation.

Full Report

GAO Contacts

Topics

DocumentationFederal deposit insuranceFinancial reportingFinancial statement auditsFinancial statementsInternal controlsContracting officersCompliance oversightPolicies and proceduresContract modifications