Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Federal Agency: "National Credit Union Administration"

    2 publications with a total of 4 open recommendations
    Director: Lawrance Evans
    Phone: (202) 512-8678

    1 open recommendations
    Recommendation: To improve their ability to assess the adequacy of the information security practices at medium and small institutions, the heads of Federal Deposit Insurance Corporation, the Federal Reserve, Office of the Comptroller of the Currency, and NCUA should routinely categorize IT examination findings and analyze this information to identify trends that can guide areas of review across institutions.

    Agency: National Credit Union Administration
    Status: Open

    Comments: In July 2015, we recommended that the National Credit Union Administration (NCUA) and other federal financial institution regulators conduct trend analysis of their IT examination findings to improve their ability to assess the adequacy of information security practices at medium and small institutions. In July 2016, NCUA told us that it and the other federal financial institution regulators issued the Cybersecurity Assessment Tool (Tool) in June 2015 to provide a comprehensive method for institutions to benchmark their cybersecurity programs. Officials believe that the Tool will allow examiners to consistently and methodically look at credit union risks and trends, as well as collect detailed information on the risks and mitigating controls employed by credit unions. When the Tool is fully implemented, officials expect to be able to aggregate risk indicators and program gaps across the credit union industry to improve resource deployment and enhance cybersecurity supervisory oversight. NCUA plans to begin pilot testing the Tool in late 2016 with program integration targeted for July 2017. We will continue to monitor NCUA's progress with this program and revisit our recommendation in July 2017.
    Director: Clowers, Angela N
    Phone: (202)512-3000

    3 open recommendations
    Recommendation: In order to improve the efficiency and effectiveness of their efforts, the federal financial regulators have begun to take steps to address challenges associated with promulgating hundreds of new rules required under the Dodd-Frank Act. To strengthen the rigor and transparency of their regulatory analyses, the federal financial regulators should take steps to better ensure that the specific practices in OMB's regulatory analysis guidance are more fully incorporated into their rulemaking policies and consistently applied.

    Agency: National Credit Union Administration
    Status: Open

    Comments: In June 2016, NCUA told us that it is nearing completion of agency internal policies that standardize and institutionalize the rulemaking process within NCUA. According to agency officials, these policies will document NCUA's current practice related to OMB's regulatory analysis guidance. The policies will be issued to appropriate staff by the end of 2016. At that time, we will review the policies to review the extent to which they incorporate the practices in OMB's regulatory analysis guidance.
    Recommendation: In order to improve the efficiency and effectiveness of their efforts, the federal financial regulators have begun to take steps to address challenges associated with promulgating hundreds of new rules required under the Dodd-Frank Act. To maximize the usefulness of the required retrospective reviews, the federal financial regulatory agencies should develop plans that determine how they will measure the impact of Dodd-Frank Act regulations--for example, determining how and when to collect, analyze, and report needed data.

    Agency: National Credit Union Administration
    Status: Open

    Comments: In June 2016, NCUA noted that all of the agency's regulations are reviewed at least every three years, during an established rotation, so that every year one-third of the agency's regulations are open to comment from the public. NCUA reported that it recently launched a comprehensive multi-year project to update the agency's main data collection and analytic systems. Agency officials stated that the updates will ensure that the agency collects the data needed to assess the effectiveness and impact of applicable regulations. We will continue to monitor NCUA's progress in updating its information systems for purposes of retrospective reviews.
    Recommendation: To enhance interagency coordination on regulations issued pursuant to the Dodd-Frank Act, the FSOC should work with the federal financial regulatory agencies to establish formal coordination policies that clarify issues such as when coordination should occur, the process that will be used to solicit and address comments, and what role FSOC should play in facilitating coordination.

    Agency: National Credit Union Administration
    Status: Open

    Comments: In June 2016, NCUA stated that it continues to work closely with the other federal financial agencies regarding rulemaking, and formally coordinates with them during joint rulemaking initiatives. Agency officials said they would comply with any future coordination guidance provided by FSOC. In May 2015, FSOC created the Regulations and Resolutions Committee to identify potential gaps in regulation that could pose risks to the U.S. financial stability. The committee's duties include serving as a forum for information sharing and coordination among the FSOC staff, member agencies and other federal and state agencies, as appropriate, regarding domestic financial services policy development, and consulting, as appropriate, on the development of regulations to implement the Dodd-Frank Act's orderly liquidation authority. While the committee's duties should help promote greater collaboration, they do not constitute a formal rulemaking coordination policy addressing, for example, when coordination should occur, processes for soliciting and addressing comments, and FSOC role in facilitating coordination among and between the financial regulators. In its 2010 comment letter, FSOC noted that it provides a forum for interagency collaboration and consultation, in part through its committees, and has not indicated any plans to develop a formal rulemaking coordination policy as we recommended, in part because of its need to preserve the independence of the regulators. Therefore, the recommendation remains open.