Year 2000 Computing Crisis: Office of Thrift Supervision's Efforts to Ensure Thrift Systems Are Year 2000 Compliant
T-AIMD-98-102
Published: Mar 18, 1998. Publicly Released: Mar 18, 1998.
Skip to Highlights
Highlights
Pursuant to a congressional request, GAO discussed the progress being made by the Office of Thrift Supervision (OTS) in ensuring that the more than 1,200 thrifts it oversees have adequately mitigated the risks associated with the year 2000 date change.
Recommendations
Recommendations for Executive Action
Agency Affected | Recommendation | Status |
---|---|---|
Office of Thrift Supervision | OTS should work with other FFIEC members to complete their guidance to institutions on mitigating the risks associated with corporate customers and reliance on vendors. Further, OTS should work with the other FFIEC members to complete the contingency planning guidance by its April 1998 deadline. |
Closed – Implemented
On March 17, 1998, OTS and the other FFIEC members issued guidance to institutions on mitigating the risks associated with corporate customers and reliance on vendors. In addition, OTS and the other FFIEC members issued contingency planning guidance on May 13, 1998.
|
Office of Thrift Supervision | OTS should work with the other FFIEC members to develop in an expeditious manner, more explicit instructions to thrifts for carrying out the latter stages of the year 2000 process--renovation, validation, and implementation--which are the critical steps to ensuring year 2000 compliance. |
Closed – Implemented
In April 1998, OTS and the FFIEC issued testing guidance ("Testing for Year 2000 Readiness") and in May 1998, issued contingency planning guidance ("Contingency Planning in Connection with Year 2000 Readiness"). Since then, OTS and FFIEC have issued 7 additional pieces of guidance on year 2000 subjects including data entry software, customer awareness, fiduciary services, customer communications, and business resumption contingency planning.
|
Office of Thrift Supervision | Because OTS and other regulators will have more complete information on the status of institutions, servicers, and vendors by mid-1998, OTS should work with the other FFIEC members to develop a tactical plan that details the results of its assessments and provides a more explicit road map of the actions it intends to take based on those results. This should include an assessment of the adequacy of OTS' technical resources to evaluate the year 2000 efforts of the thrifts and the servicers and vendors that service them. |
Closed – Implemented
OTS and the FFIEC developed FFIEC's Phase II work program for year 2000 examinations (i.e., year 2000 tactical plan). Prior to engaging in its Phase II examinations, OTS assessed the adequacy of its resources to evaluate the year 2000 efforts of thrifts, servicers, and vendors. OTS completed its Phase II examinations by the March 1999 milestone established by the FFIEC.
|
Office of Thrift Supervision | With regard to OTS' internal systems, the Director of OTS should instruct the agency to develop contingency plans for each of OTS' mission-critical systems and core business processes. |
Closed – Implemented
To help prepare for the continuity of core business processes, OTS completed development of contingency plans for its 15 mission-critical systems. OTS also developed a Business Recovery Plan that addresses continuity of core business processes, business dependencies, the impact of potential year-2000-induced business disruptions, contingency plan triggers, and business recovery resources. During March and April 1999, OTS conducted a review of its contingency plans to ensure that they contained current information.
|
Office of Thrift Supervision | With regard to OTS' internal systems, the Director of OTS should instruct the agency to develop a comprehensive year 2000 program plan. |
Closed – Implemented
During the fourth quarter of 1998, OTS finalized its year 2000 program plan, which addresses IT, non-IT, thrift oversight, and telecommunications.
|
Full Report
Office of Public Affairs
Topics
Bank examinationContingency plansMission critical systemsData integrityInformation resources managementInternal controlsLending institutionsRegulatory agenciesSoftwareStrategic information systems planningSystems conversionsY2K