Management Report:

Opportunities for Improvements in FDIC's Internal Controls and Accounting Procedures

GAO-07-942R: Published: Jun 27, 2007. Publicly Released: Jun 27, 2007.

Additional Materials:

Contact:

Steven J. Sebastian
(202) 512-9521
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

In February 2007, we issued our opinions on the calendar year 2006 financial statements of the Deposit Insurance Fund (DIF) and the FSLIC Resolution Fund (FRF). We also issued our opinion on the effectiveness of the Federal Deposit Insurance Corporation's (FDIC) internal control over financial reporting (including safeguarding assets) and compliance as of December 31, 2006, and our evaluation of FDIC's compliance with significant provisions of selected laws and regulations for the two funds for the year ended December 31, 2006. The purpose of this report is to present issues identified during our audits of the 2006 financial statements regarding internal controls and accounting procedures and to recommend actions to address these issues. Although these issues were not material in relation to the financial statements, we believe they warrant management's attention.

During our audits of the 2006 financial statements, we identified several internal control issues that affected FDIC's accounting for the funds it administers. Although we do not consider them to be material weaknesses or significant deficiencies, we believe they warrant management's consideration. Specifically, we found FDIC had inadequate or incomplete written procedures for key segments of its general ledger monthly closing process and other financial operations. The absence of adequate written procedures increases the risk that (1) all necessary steps in the monthly general ledger closing process and other processes may not be completely, correctly, and consistently performed and (2) disruptions and errors may arise when staff changes occur. This, in turn, could affect the reliability of data presented in FDIC's financial statements. FDIC also lacked adequate supervisory reviews of key tasks in the monthly general ledger closing process and other financial operations, increasing the risk that errors in preparing financial statements might not be timely detected and corrected. FDIC incorrectly excluded certain receivership data used in the calculation of loss rates from bank failures, resulting in an error in these loss rates that could have affected the accuracy/reliability of the contingent liability presented in the financial statements. Finally, FDIC lacked appropriate control to safeguard checks received in its Dallas mailroom and did not provide proper oversight of contractor lockbox operations, increasing the risk of theft, loss, or misappropriation of assets.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: FDIC took action to address GAO's recommendation. In GAO's subsequent audit, it found that FDIC's Dallas field office Cashier Unit employees secured checks overnight in a file cabinet that requires two individuals to open. FDIC's actions improved physical security in the Cashier Unit by reducing the risk of loss or theft of checks.

    Recommendation: To improve physical security in the Dallas field office mailroom and cashier operations, FDIC should instruct Cashiers Unit employees to store checks overnight in a locked file cabinet that requires two individuals to open it.

    Agency Affected: Federal Deposit Insurance Corporation

  2. Status: Closed - Implemented

    Comments: In response to GAO's recommendation, FDIC instructed the mailroom contractor employees to secure the checks by placing them in a sealed envelope and putting the envelope into a wall mounted safe depository which can only be opened by the Cashier's Unit for retrieving and processing the checks. FDIC's actions improved physical security in the Dallas field office mailroom by reducing the risk of loss or theft of checks.

    Recommendation: To improve physical security in the Dallas field office mailroom and cashier operations, FDIC should instruct mailroom contractor employees to lock the checks in a secured bag immediately upon receipt and prior to storing the checks in a safe.

    Agency Affected: Federal Deposit Insurance Corporation

  3. Status: Closed - Implemented

    Comments: In response to GAO's recommendation, FDIC took action to strengthen its procedures among mailroom staff. FDIC now requires that mailroom staff enter all checks onto an electronic spreadsheet, the spreadsheet to be initialed by the employee, verified by another, and dated. GAO confirmed that these procedures were being followed during its subsequent audit. This improved mailroom operations and the safeguarding of checks that arrive in the FDIC mailroom.

    Recommendation: To improve physical security in the Dallas field office mailroom and cashier operations, FDIC should instruct mailroom contractor employees to reconcile checks received to the check log, initial and date the log, and prepare a tape recording agreement of the checks to the check log.

    Agency Affected: Federal Deposit Insurance Corporation

  4. Status: Closed - Implemented

    Comments: In response to GAO's recommendation, FDIC modified its process for reviewing statistical programs used in calculating loss rates for estimating the contingent liability for anticipated failures. GAO confirmed that FDIC apprised its staff of these new procedures which should increase the reliability of data provided in Deposit Insurance Fund's (DIF) and FSLIC Resolution Fund's (FRF) financial statements.

    Recommendation: FDIC should emphasize to its staff the importance of thoroughly verifying the accuracy of all data elements included in the calculation of loss rates used in estimating the contingent liability for anticipated failures.

    Agency Affected: Federal Deposit Insurance Corporation

  5. Status: Closed - Implemented

    Comments: In response to GAO's recommendation, FDIC emphasized to its staff the importance of supervisory reviews such as reviewing 1) the manual compilation of final expense accrual analysis reports prior to distribution and 2) changes to business rules that specify how certain financial transactions are to be processed. GAO verified that FDIC's supervisory reviews were evident in subsequent months. These supervisory reviews should increase the reliability of data presented in Deposit Insurance Fund's (DIF) and FSLIC Resolution Fund's (FRF) financial statements.

    Recommendation: FDIC should emphasize to its staff the importance of completing required supervisory review of key transactions and procedures in the monthly general ledger closing process and other financial operations to ensure that they are properly executed and that these reviews are documented.

    Agency Affected: Federal Deposit Insurance Corporation

  6. Status: Closed - Implemented

    Comments: In response to GAO's recommendation, FDIC substantially revised its written procedures to more explicitly describe the steps required to accomplish and document each significant activity in the monthly general ledger closing process and other financial operations related to financial statement preparation. The revised written procedures should help ensure that the closing steps are completely, consistently, and accurately performed and increase the reliability of data presented in Deposit Insurance Fund's (DIF) and FSLIC Resolution Fund's (FRF) financial statements.

    Recommendation: FDIC should improve its written procedures by describing more explicitly the steps required to accomplish and document each significant activity in the monthly general ledger closing process and other financial operations related to financial statement preparation in order to help ensure that such steps are completely, consistently, and accurately performed.

    Agency Affected: Federal Deposit Insurance Corporation

  7. Status: Closed - Implemented

    Comments: In response to GAO's recommendation, FDIC modified its policies and procedures to request annual audit reports from the associated commercial bank providing FDIC lockbox processing services and to review these reports for possible internal control weaknesses and proposed corrective actions. GAO is closing this recommendation based on FDIC's updating of its policies and procedures; however because these audit reports do not cover specific aspects of the bank's lockbox operations, GAO recommended further action in its 2008 FDIC financial audit's management report (see GAO-09-943R).

    Recommendation: FDIC should modify its policies and procedures to require regular review and take appropriate actions to address the results of examinations of internal controls at the contractor's lockbox operation to ensure that controls are effective and operating as intended.

    Agency Affected: Federal Deposit Insurance Corporation

 

Explore the full database of GAO's Open Recommendations »

Jul 9, 2014

Jun 19, 2014

May 30, 2014

May 15, 2014

May 13, 2014

May 12, 2014

May 2, 2014

Mar 27, 2014

Mar 13, 2014

Looking for more? Browse all our products here