This is the accessible text file for GAO report number GAO-04-882R 
entitled 'Better Information Sharing Among Financial Services 
Regulators Could Improve Protections for Consumers' which was released 
on July 29, 2004.

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov.

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately.

United States General Accounting Office: 

Washington, DC 20548: 

June 29, 2004: 

The Honorable Michael G. Oxley 
Chairman 
Committee on Financial Services 
House of Representatives: 

Subject: Better Information Sharing Among Financial Services Regulators 
Could Improve Protections for Consumers: 

Dear Mr. Chairman: 

GAO has long held the position that financial regulators can benefit 
from improved information sharing.[Footnote 1] As regulators are faced 
with the challenges of overseeing a myriad of financial products, along 
with the individuals and organizations that develop and sell them, 
information sharing among regulators serves as a key defense against 
fraud and market abuses. However, our system of financial regulation is 
fragmented and, in many cases, isolated among numerous federal and 
state financial regulators overseeing the securities, insurance, and 
banking industries. While there has been a greater effort to improve 
communication in recent years, the routine sharing of information 
between the regulators of the three major financial industries--
securities, insurance, and banking--continues to be a source of 
concern.

At this Committee's request, we have issued reports and testimonies in 
recent years discussing the benefits of improved sharing of criminal 
and regulatory information and the consequences of failing to 
adequately share such information. This report focuses on three areas 
where greater attention is needed to improve information-sharing 
capabilities among financial services regulators. First, we highlight 
the need for insurance regulators to have more consistent access to the 
Federal Bureau of Investigation (FBI) nationwide criminal history data. 
Second, we discuss the importance of sharing regulatory enforcement 
data as a tool to prevent the migration of undesirable people, or 
rogues, from one industry to another. Third, we present the results of 
new work assessing the regulatory oversight structures for certain 
hybrid financial products and the extent to which regulators share 
consumer complaint data that may be relevant to multiple regulators in 
a routine, systematic fashion.[Footnote 2] Finally, we highlight 
challenges to improving information sharing among financial regulators.

We conducted our work in accordance with generally accepted government 
auditing standards. For our work related to the first two objectives 
concerning access to criminal and regulatory history data, 
respectively, we relied primarily on previous GAO work. To address the 
third objective, we conducted new work related to regulatory oversight 
and information sharing associated with hybrid financial products. For 
more information concerning the scope and methodology of this recent 
work, please see enclosure I.

Results In Brief: 

Financial regulators face challenges in accessing and sharing 
information relevant to their oversight responsibilities, including 
information related to criminal history data, regulatory enforcement 
actions, and consumer complaints. Specifically, we found that many 
state insurance regulators, unlike their counterparts in the banking, 
securities, and futures industries, continue to lack the legal 
authority to access the FBI's nationwide criminal history data. 
According to information obtained from state regulators and the FBI, 
fewer than one-third of the states have taken actions that current 
federal law requires for them to have such authority. Consequently, 
regulators in other states cannot be sure that they are protecting 
insurance consumers from fraud by keeping individuals previously 
convicted of serious criminal behavior out of the business of 
insurance.

We also found that financial regulators generally did not have ready 
access to all relevant data related to regulatory enforcement actions 
taken against individuals or firms. Regulatory data are maintained by 
the various financial regulators on separate information systems and 
are not always readily accessible by one another, particularly by 
regulators across different financial industries. If the regulatory 
history of applicants cannot be readily accessed, financial regulators 
are hampered in their ability to detect and prevent an unsuitable 
individual, or rogue, from migrating from one financial services 
industry to another.

Similarly, our recent work shows that many financial regulators do not 
share relevant consumer complaint data among themselves on certain 
hybrid products (i.e., products with features and characteristics both 
of insurance and securities) in a routine, systematic fashion. The 
different regulatory structures that are involved in the oversight of 
hybrid products and the array of systems used to capture complaints 
about them create challenges for regulators and consumers for resolving 
problems that can arise in the marketplace. We found that the 
regulatory oversight structure associated with certain hybrid financial 
products can vary considerably, depending on the product and where it 
is sold. Moreover, the regulatory structure can change over time. Often 
multiple regulators can have an oversight interest in a particular 
hybrid financial product. In such an environment, it can be difficult 
for consumers to determine which organization should receive a 
complaint. Furthermore, once a complaint is received, it may be 
relevant to another regulator, either because it may not have reached 
the most appropriate regulator or because the complaint information 
could be of interest to multiple regulators. However, many financial 
regulators do not share consumer complaint data with one another in a 
routine, systematic fashion. Consequently, particularly in the case of 
hybrid financial products, regulators may be unable to resolve 
individual complaints because complaints have been directed to the 
"wrong" regulator, or, because of a lack of complete information, an 
individual regulator may not be able to fully assess the magnitude of 
problems affecting certain companies or products.

While financial regulators generally support better sharing of 
regulatory information, they also cited some concerns and barriers. 
These generally centered around protecting confidential regulatory 
information from public disclosure, as opposed to technological issues. 
Consequently, options or proposals for improving information-sharing 
capabilities or tools among financial regulators need to address 
concerns about sharing and protecting different types of regulatory 
data that have varying degrees of sensitivity. We encourage efforts to 
achieve improved information sharing, balancing a regulator's "need to 
know" with the appropriate protections on the information, so that 
financial regulators can better prevent the migration of rogues and 
respond more effectively to problems that may surface in the 
marketplace.

Most State Insurance Regulators Still Cannot Access Nationwide Criminal 
History Data: 

Many state insurance regulators continue to lack the appropriate 
authority to perform thorough criminal history checks on individuals 
trying to enter the business of insurance.[Footnote 3] One of the 
important functions of a financial regulator is licensing or approving 
the people who apply to work in the industry. The first line of defense 
against fraud is to keep known criminals and other inappropriate 
individuals out of the business--particularly when that business is 
handling other peoples' money. However, in previous work, we reported 
that many state insurance regulators, unlike their counterparts in the 
banking, securities, and futures industries, do not have the authority 
to obtain FBI nationwide criminal history data.[Footnote 4] Today, the 
situation remains much the same. According to officials from the FBI 
and the National Association of Insurance Commissioners 
(NAIC),[Footnote 5] of the 50 states and the District of Columbia, only 
16 state insurance departments have the authority under current federal 
law to access nationwide criminal history data maintained by the FBI. 
NAIC has developed model state legislation for states to gain access to 
the FBI data for purposes of conducting criminal history checks on 
industry applicants. However, NAIC also maintains that the fastest way 
to grant state insurance departments access to the FBI's fingerprint 
database in a uniform fashion is by federal statute without the need 
for subsequent state legislative action.

One mission of financial regulators is to protect the public by 
ensuring that people with a history of dishonest behavior are not 
allowed the opportunity to continue such behavior as representatives of 
banks, securities firms, or insurance companies. In our previous 
report, which described an insurance investment scam perpetrated by 
Martin Frankel, who masterminded the theft of over $200 million from 
several insurance companies during an 8-year period, we pointed out 
that most state insurance departments lacked the regulatory tools to 
access the FBI's criminal history databases. We reported that most 
state insurance commissioners do not have the means to conduct 
nationwide criminal history background checks on individuals to decide 
whether certain convicted felons should be permitted to engage in the 
business of insurance. We also recommended that the United States 
Attorney General, the president of NAIC, and state insurance 
commissioners work together to establish a mechanism by which state 
regulators can perform criminal background checks on individuals to 
facilitate enforcement of the federal insurance fraud prevention 
provision, 18 U.S.C. sec. 1033.[Footnote 6]

We reiterated and amplified our discussion of this problem in 
subsequent work. In testimony before two Subcommittees of this 
Committee in March 2001, we noted that among all financial regulators, 
only those regulating insurance lacked the ability to routinely access 
national criminal history data for the purpose of screening potential 
industry entrants.[Footnote 7] Then, in June 2002, in the context of 
states' compliance with provisions of the Gramm-Leach-Bliley Act 
(GLBA),[Footnote 8] we reported that some states' insurance regulators 
do not conduct criminal history background checks as part of their 
producer licensing requirements.[Footnote 9] As a result, other states 
that did require applicant fingerprints and a criminal history 
screening were reluctant to grant reciprocity to agents that had not 
previously met these requirements. We noted that some state insurance 
departments in relatively large markets were not willing to lower their 
standards on certain licensing requirements, such as criminal history 
checks using fingerprint identification. We concluded that in-depth 
criminal background checks through fingerprinting strengthened 
consumer protections and endorsed efforts to achieve uniformity among 
state regulators using such requirements.

In light of our findings, we have recommended that state insurance 
regulators be granted access to the nationwide criminal history data 
that FBI maintains. To properly screen industry applicants who desire 
to enter the insurance industry, insurance regulators need the 
appropriate authority to access nationwide criminal history information 
on individuals. If all state insurance regulators had the authority to 
access this criminal history data, this would put them on more equal 
par with other financial regulators in the banking, securities, and 
futures industries.

Regulators Lack Ready Access to Each Other's Enforcement Data: 

Information on regulatory enforcement activities, in addition to 
criminal history data, is vital to effective oversight, but is not 
always readily accessible among financial regulators across different 
industries. Criminal behavior is not the only reason for a regulator to 
bar an individual from participating in a regulated industry. 
Regulators also take disciplinary actions against individuals who have 
been found responsible for breaking rules or regulations that are in 
place to protect customers. In these instances, enforcement actions can 
result in individuals being banned from returning to work in the 
industry or state where they broke the rules. Such enforcement history 
would be critical to a regulator in a different financial services 
industry or state if one of these individuals sought a license to 
operate in a different industry or location. But, if regulatory 
information about an individual is not widely known or made available/
distributed, little prevents a rogue from moving to a different 
financial industry or state, lying on an application, and beginning 
again to engage in unscrupulous activities. The only way to detect and 
prevent this "rogue migration" is good regulatory information, widely 
shared. Financial regulators have taken some steps to improve 
information sharing among themselves and between industries, but 
generally they do not have direct, ready access to each other's 
regulatory information.

Each regulator faces the challenge of ensuring that individuals who 
have been involved in improper activities in one state or financial 
industry are unsuccessful in attempting to move to another. 
Accordingly, financial services regulators generally maintain 
background and disciplinary data on individuals and entities in their 
particular financial industry.[Footnote 10] Within the insurance, 
securities, and futures industries, where regulators have authority to 
license or register individuals to sell financial products, this 
information is largely centralized on an industrywide basis. Therefore, 
different regulators in each of these industries can access systems and 
databases that provide background information on individuals and 
entities, consumer complaints, and disciplinary records within that 
industry. In the banking industry, where regulators do not license or 
register individuals, we found that regulators also entered and 
maintained background, regulatory history, lending practice, and 
complaint data on entities and some individuals. Such systems and 
databases are decentralized among the separate banking regulators. 
Therefore, unlike the "one-stop shopping" search capabilities available 
in other financial industries, a search on an individual's regulatory 
history in the banking industry could necessitate separate inquiries of 
the five regulators' systems, though these queries are facilitated 
through Web-based applications.[Footnote 11]

Different financial regulators have taken some steps to improve 
information sharing between industries. For instance, state insurance 
regulators, represented by NAIC, and state securities regulators, 
represented by the North American Securities Administrators Association 
(NASAA),[Footnote 12] have formed a working group to familiarize one 
another with the regulatory systems and tools available in their 
respective industries. In May 2004, NAIC and NASAA hosted a joint 
educational seminar to facilitate this effort. We also observed 
examples where state securities and insurance regulators have developed 
procedures for requesting each other's regulatory information or 
providing limited access to such data. Moreover, many regulators, 
recognizing the need to share regulatory data with other financial 
regulators, have established bilateral information-sharing agreements 
to access external regulatory information.

Financial regulators collect and maintain several types of regulatory 
data with varying degrees of sensitivity that merit consideration of 
how such data should be shared. In previous testimony before this 
Committee, we noted discussions with financial regulators and Committee 
staff that have identified several types of data, aside from those 
related to licensing and employment history, that could be useful to 
regulators in detecting fraud and limiting its spread from one 
financial industry to another. These data types include 1) completed 
disciplinary or enforcement actions, 2) consumer complaints, 3) ongoing 
regulatory investigations, and 4) reports of suspicious or unverified 
activity that merit regulatory attention, but may not yet rise to the 
level of a formal investigation. Generally, regulators are more 
comfortable with sharing regulatory information on closed, adjudicated 
enforcement actions and less comfortable sharing data that may be 
unsubstantiated. While some of these data types may not be sufficient 
by themselves to support a regulatory action, such as a 
disqualification for registration or a license, if regulators were to 
have the information available, it could prompt them to ask more 
probing questions or conduct further checks to ensure the fitness of 
industry applicants. In the Frankel case, although Frankel himself 
reportedly used aliases and fronts to perpetrate an insurance 
investment scam, one of the individuals who appeared to have provided 
funds to purchase the first insurance company in this scam, which was 
subsequently looted of its assets, had a disclosure item involving 
complaints and settlements in the securities industry. If regulators 
had interviewed that individual to discuss past regulatory incidents 
and probed further, they may have uncovered the scam before any assets 
were stolen.

While each regulator keeps data on miscreants identified in its own 
regulated institutions or industry, financial regulators generally do 
not have ready access to enforcement data maintained by regulators in 
other financial industries. Moreover, as highlighted earlier, financial 
regulators maintain their enforcement data on separate information 
systems within different industries. Generally, access to regulatory 
data can be accomplished on an information request basis, but direct, 
ready access to regulatory data on separate information systems in 
different industries is generally not available. For instance, NAIC 
maintains centralized data on disciplinary actions regarding companies 
and individuals that can be accessed by insurance regulators and 
industry producers, but financial regulators in other industries 
generally do not have direct access to this information. Some financial 
regulators do provide public access to names of individuals and/or 
firms that have had enforcement action(s) taken against them while 
others do not. Therefore, in the absence of a means to link or search 
the various financial regulators' information systems, a comprehensive 
regulatory background check on an individual would require separate 
queries for information on numerous systems, some publicly available 
and some not. Consequently, accomplishing routine, comprehensive 
regulatory background searches on individuals throughout all the 
financial services industries and regulatory entities remains difficult 
and impractical. At the same time, through the Sarbanes-Oxley 
Act,[Footnote 13] Congress has provided more explicit authority for 
financial regulators to consider and take actions based on the 
regulatory history of industry applicants. However, without an 
effective way of routinely checking the regulatory records of multiple 
industries and agencies throughout the financial services sector, some 
individuals who self report false information on licensing and 
chartering applications are more likely able to avoid being detected by 
regulators.

Varied Oversight Structures for Hybrid Products and Lack of Information 
Sharing Hinder Consumer Protection: 

The multiplicity of regulators that are often involved in the oversight 
of hybrid products and the array of information systems that can 
capture complaint data create challenges for regulators and consumers 
to resolve market problems that may arise. In our current work on 
regulatory oversight and information sharing associated with hybrid 
financial products (i.e., products with features and characteristics 
both of insurance and securities), we found that the regulatory 
structures for such products can vary considerably. Often, multiple 
financial regulators can have an oversight interest in the creation and 
sale of hybrid products and the mix of regulators involved can vary 
depending on the product and where it is sold. Additionally, the manner 
in which consumer complaint data are collected and stored also varies 
considerably among the financial regulators and industries. When a 
consumer has a problem with one of these products, commonly complex and 
risky by nature, he/she may find it difficult to determine where to 
send the complaint. Once complaints are received, financial regulators 
are hindered in their ability to fully understand the extent of known 
problems with a particular financial product because they lack the 
ability to access and analyze relevant data from each other's complaint 
systems in a routine, systematic fashion. In an environment where 
several regulators can have an oversight interest in a product, we 
found numerous examples of complaints received by one regulator that 
perhaps should have gone to another, or which, at the least, would have 
been of interest to another regulator(s). At the same time, we also 
observed that financial regulators have limited means for sharing 
relevant complaint data with one another.

Oversight of Hybrid Products and the Regulatory Systems Used to Track 
Complaints Vary: 

The regulatory oversight of hybrid financial products can vary 
considerably depending on the type of product and where it is sold. In 
our review of variable annuities, equity-indexed annuities, and 
viatical settlements, we found that multiple regulators from the 
securities and insurance industries can have oversight responsibilities 
and overlapping interests in a particular hybrid product. Moreover, the 
oversight structure can differ from state to state and can change over 
time, reflecting continued differences among regulators and industry 
participants over how such products should be regulated.[Footnote 14] 
Figure 1 highlights differences in how these three types of hybrid 
products are generally regulated.

Figure 1: Regulatory Oversight of Hybrid Products Varies Depending on 
the Type of Product and the State Where It Is Sold: 

[See PDF for image]

Notes: Equity-indexed annuities and viatical settlements are generally 
not registered as securities with SEC, though SEC can assert oversight 
based on the unique facts and circumstances of a particular product.

[End of figure]

Some state insurance and securities regulators have statutory authority 
to regulate viatical settlements. Additionally, in states where 
securities regulators do not have explicit statutory authority on 
viatical settlements, most securities regulators have taken the 
position that investments in such products are investment contracts and 
believe they should be treated as securities.

Different regulators bring different oversight roles and functions to 
the table in the regulation of hybrid financial products--differences 
that are important when a consumer needs help to resolve a problem with 
a hybrid product. For example, a hybrid product that is considered to 
be a security by federal securities regulators must be registered with 
the SEC, which ensures that the product's literature contains the 
appropriate disclosures to inform the investor of the product's 
potential risks. However, SEC generally delegates its oversight of 
broker-dealer firms and the sales practices of individual brokers to 
several industry organizations and financial exchanges. These are known 
as self-regulatory organizations (SROs) and include NASD (formerly the 
National Association of Securities Dealers) and the New York Stock 
Exchange (NYSE), which regulate the sales practices of their member 
firms and individual sales agents. State financial regulators--banking, 
insurance, and securities--also play an important role, augmenting the 
oversight provided by federal regulators or national SROs.

Variable annuity products are regulated as securities by the federal 
government but also fall under the authority of state insurance and 
securities regulators. Variable annuities combine traditional life 
insurance annuity contracts with an investment component that is 
nonguaranteed and can fluctuate with market-based earnings (or 
losses).[Footnote 15] At the federal level, the SEC regulates the 
registration of variable annuity products. Under federal law, variable 
annuity products registered by the SEC are generally exempt from 
registration with state securities regulators. In addition, NASD 
regulates the sale of these products by broker-dealers. At the state 
level, the insurance companies that offer variable annuities generally 
fall under the jurisdiction of insurance regulators, though sales of 
such products can also fall under the jurisdiction of state securities 
regulators, or some combination of both regulators, depending on the 
state.

In contrast with variable products, equity-indexed annuities are 
generally not subject to federal oversight and thus are typically 
regulated by state insurance regulators. While equity-indexed annuity 
products also encompass a market-based investment component, they 
provide a guarantee on earnings, often in return for less participation 
in market gains, to ensure that the purchaser will not incur losses on 
the investment in a market downturn.[Footnote 16] Although SEC has 
previously solicited comments on whether or not to regulate such 
products as securities, it has generally not asserted jurisdiction over 
such products.[Footnote 17] However, SEC officials explained that 
oversight could be asserted based on the facts and circumstances of an 
individual product. NASD does not oversee sales of equity-indexed 
annuities, but does offer investor information about these products 
while referring consumers to state insurance regulators for questions 
concerning these products.

The regulatory structure for viatical settlements, involving the 
purchase and sale of insurance policies where terminally ill 
policyholders redesignate investors as beneficiaries on their policies 
in return for a reduced cash benefit prior to their death, has evolved 
in response to market abuses.[Footnote 18] When viatical settlements 
were initially introduced in the late 1980s, financial regulators 
generally did not have explicit authority to regulate them. As 
widespread sales practice abuses later surfaced in connection with 
sales of viatical settlements, different federal and state financial 
regulators sought increased authority to address the apparent 
regulatory gap by seeking explicit authority over such products. For 
instance, the Federal Circuit Court for the District of Columbia has 
held that viatical settlements are not securities under federal law 
and, therefore, are not subject to SEC jurisdiction.[Footnote 19] 
However, similar to equity-indexed annuities, while such products are 
generally not registered with SEC, the SEC has told us that it may 
assert oversight on a case-by-case basis depending on the facts and 
circumstances of a particular product or situation. At the state level, 
the oversight structure for viatical settlement products changed over 
time from that of little effective regulation to that where most states 
have taken some legislative or regulatory action to strengthen their 
regulatory tools and oversight of such products. However, substantial 
variation still exists. Information from state insurance and securities 
regulators shows that states now regulate such products either through 
their insurance departments, securities departments, or some 
combination of both. However, a handful of states still do not 
specifically address the regulation of viatical settlements. Moreover, 
even in states with a regulatory structure in place, the fraudulent 
sale of these products continues to harm consumers in the marketplace, 
as evidenced by the recent uncovering of a widespread viatical-related 
scam, where investors reportedly may have lost up to $1 
billion.[Footnote 20]

A number of regulators collect consumer complaint data about securities 
and insurance products, including hybrid products, but once complaints 
are received, they are handled differently. Within the securities 
industry, regulators at the state and federal levels collect complaints 
using their own separate information systems, but not all complaint 
data are shared in a systematic fashion. For example, according to 
NASAA officials, state securities regulators use their own systems for 
tracking complaints they receive. NASAA officials also explained that 
complaint data collected by state securities regulators vary in the 
level of detail, and only the number of complaints are aggregated on a 
nationwide basis.[Footnote 21] Some consumer complaints that result in 
settlements or arbitrations above a certain dollar threshold are 
entered into the Central Registration Depository (CRD), a system with 
information on broker-dealer firms and individuals, including 
disciplinary data related to enforcement actions, that is jointly 
maintained and operated by NASD and NASAA. Meanwhile, SROs such as NASD 
and NYSE do consolidate complaint data on a nationwide basis, requiring 
their member firms to enter records of consumer complaints received 
into an information system maintained by the SRO.

Within the insurance industry, both state regulators and insurance 
firms also record information on consumer complaints but, again, all 
the available data are not shared with other regulators. State 
insurance regulators receive and record consumer complaint data on 
their own systems. However, in contrast with their state counterparts 
in the securities industry, state insurance regulators have developed a 
mechanism for consolidating records of closed consumer complaints on a 
nationwide basis within NAIC's Complaints Database System (CDS). State 
insurance departments periodically send data on closed consumer 
complaints to NAIC, which consolidates them into CDS. However, NAIC 
officials acknowledged that complaint submissions to CDS are voluntary 
and that not all states that participate are consistent in reporting 
their complaints information to NAIC for inclusion in CDS. Furthermore, 
the complaint data in CDS is only accessible by insurance regulators 
and is not shared with securities regulators in a routine, systematic 
fashion.[Footnote 22] Also, insurance regulators do not have a system 
for collecting and consolidating complaints made to insurance firms on 
a nationwide basis, in contrast to the SROs in the securities industry. 
Thus, because of the varying ways that complaint data are collected, 
the available consumer complaint data is not complete, accessible, nor 
shared fully, either within or between industries.

Different Regulatory Systems and the Absence of a Capability to Share 
Relevant Complaint data Create Challenges for Consumers and Regulators: 

The varied regulatory oversight structures associated with hybrid 
products and the lack of a systematic means for sharing relevant 
complaint data pose challenges for consumers and regulators as problems 
in the marketplace arise. As noted earlier, the mix of regulatory 
entities with an oversight interest can vary depending on the type of 
product and the state. The regulatory structure may also change over 
time as financial regulators differ over which regulator is best suited 
for a given oversight function. Given this complexity, a consumer's 
dilemma about where to send a complaint can be very challenging. For 
example, a complaint regarding a fixed annuity that is sent to an NASD 
member firm may not be forwarded to the appropriate regulator. 
Regulators also face challenges because many do not have a capability 
for consistently and routinely sharing complaints they receive that 
might be relevant to the oversight interests of other regulators--
either because another regulator has authority to resolve the complaint 
or because the complaint is of general interest to multiple regulators. 
Regulators in the securities and insurance industries generally have 
systems for ensuring that consumer complaints are received, 
investigated, and, where possible, resolved. However, consumer 
complaints associated with a particular type of product are collected 
in various ways among different regulators and systems. We found that 
many financial regulators lacked the ability to share consumer 
complaints with other regulators within the insurance or securities 
industries, or with other regulators between industries, in a routine, 
systematic fashion. Consequently, some consumer complaints may never 
reach the appropriate regulator. Similarly, those complaints received 
by the appropriate regulator for resolution may also be relevant to, 
but not shared with, another regulator(s) that has some oversight 
responsibility. This can hamper the ability of a given regulator to see 
"the big picture" and to fully understand the magnitude of a problem 
associated with a given company or product. With the continued growth 
of hybrid products, the likelihood increases that regulators will 
receive complaints that could be of interest to other regulators.

The most appropriate regulator for a consumer who has a problem with a 
hybrid product will depend on the type of product and where it was 
sold. For instance, a consumer who has a problem with a variable 
annuity would need to determine which regulator oversees the product 
and where to send a complaint for resolution--to the regulator or to 
the broker that sold them the annuity. While SEC and NASD regulate the 
registration and sale, respectively, of variable annuities at the 
federal level, oversight of sales practices at the state level may fall 
under the jurisdiction of either the insurance department or the 
securities department, depending on the state. Accordingly, consumers 
would then have to decide where to go for help--SEC, NASD, the state 
insurance department, the state securities department, the broker-
dealer firm itself, or perhaps some combination of these. The scenario 
could be further complicated if the product were purchased in a banking 
institution that also offered financial products through an affiliated 
securities or insurance operation, because the consumer would then also 
have the option of going to a banking regulator. Finally, other 
organizations such as the states' Attorney General offices may also 
receive complaints from their citizens. Figure 2 illustrates the 
potential confusion facing a consumer trying to decide which regulator 
or organization to contact with a complaint about some type of hybrid 
product.

Figure 2: A Consumer Can Face a Dilemma over Where to Send a Complaint 
for a Particular Hybrid Financial Product: 

[See PDF for image]

[End of figure]

While the focus of our work was not to assess the effectiveness or the 
quality of the complaints systems of the various regulators, our review 
of nationwide complaint data collected in both the securities and 
insurance industries identified numerous examples where complaints 
received by one regulator also appeared relevant to other regulators. 
For example, we reviewed data from the complaints system utilized by 
NASD and its member firms, commonly referred to as NASD's 3070 
system.[Footnote 23] In 2002, more than one-third of the complaints 
recorded in the system were related to annuities or other insurance 
products, as shown in table 1. NASD indicated that the data on the 
system captured complaints on variable insurance products as well as 
fixed insurance products. Oversight of variable life and annuity 
insurance products falls under the jurisdiction of federal securities 
regulators (SEC and SROs such as NASD and NYSE) and also typically 
falls under the jurisdiction of insurance regulators at the state 
level. Fixed life and annuity insurance products generally fall under 
the jurisdiction of state insurance regulators. While state insurance 
regulators may have an oversight interest in some of NASD's 3070 
complaint data, such as understanding the nature of the complaints 
originating from consumers in their states, they do not have access to 
the system. NASD officials told us that data reported by member firms 
under Rule 3070 is generally not shared with insurance regulators, nor 
is there a requirement to do so.[Footnote 24] Consequently, complaints 
on products in this system that do not fall under NASD's jurisdiction, 
such as fixed annuities, are not forwarded to the appropriate 
regulator.[Footnote 25] State securities regulators we spoke to also 
mentioned that the 3070 system data is not regularly shared with them.

Table 1: Number of Complaints Recorded in NASD's Rule 3070 System, by 
Product Type (2000-2002): 

Product Type: Annuities; 
2000: 2,743; 
2001: 4,936; 
2002: 5,579.

Product Type: Certificates of deposit; 
2000: 7; 
2001: 86; 
2002: 53.

Product Type: Commodities/futures; 
2000: 4; 
2001: 6; 
2002: 10.

Product Type: Commodity options; 
2000: 10; 
2001: 9; 
2002: 2.

Product Type: Debt - asset backed; 
2000: 62; 
2001: 49; 
2002: 61.

Product Type: Debt - corporate; 
2000: 239; 
2001: 276; 
2002: 287.

Product Type: Debt - foreign; 
2000: 10; 
2001: 9; 
2002: 31.

Product Type: Debt - municipal; 
2000: 282; 
2001: 220; 
2002: 193.

Product Type: Debt - U.S; 
2000: 189; 
2001: 130; 
2002: 139.

Product Type: Deposit notes; 
2000: 0; 
2001: 1; 
2002: 4.

Product Type: Direct investments; 
2000: 242; 
2001: 230; 
2002: 162.

Product Type: Employee/employer stock option plans; 
2000: 12; 
2001: 14; 
2002: 12.

Product Type: Equity - foreign; 
2000: 49; 
2001: 42; 
2002: 44.

Product Type: Equity - listed; 
2000: 4,215; 
2001: 3,027; 
2002: 2,810.

Product Type: Equity - OTC; 
2000: 6,149; 
2001: 3,831; 
2002: 2,582.

Product Type: Financial futures; 
2000: 14; 
2001: 2; 
2002: 2.

Product Type: Index options; 
2000: 55; 
2001: 37; 
2002: 44.

Product Type: Insurance; 
2000: 6,493; 
2001: 6,119; 
2002: 7,946.

Product Type: Managed/wrap accounts; 
2000: 17; 
2001: 78; 
2002: 128.

Product Type: Miscellaneous; 
2000: 3,013; 
2001: 3,199; 
2002: 3,369.

Product Type: Money markets; 
2000: 899; 
2001: 381; 
2002: 316.

Product Type: Mutual funds; 
2000: 5,227; 
2001: 5,835; 
2002: 5,945.

Product Type: No product identified; 
2000: 5,666; 
2001: 5,721; 
2002: 6,460.

Product Type: Options; 
2000: 1055; 
2001: 532; 
2002: 429.

Product Type: REITs; 
2000: 24; 
2001: 43; 
2002: 21.

Product Type: Unit investment trusts; 
2000: 109; 
2001: 97; 
2002: 105.

Product Type: Warrants/rights; 
2000: 25; 
2001: 21; 
2002: 24.

Product Type: Wrap accounts; 
2000: 335; 
2001: 217; 
2002: 247.

Product Type: Grand count; 
2000: 37,145; 
2001: 35,148; 
2002: 37,005.

Percent insurance-related[A]; 
2000: 25%; 
2001: 31%; 
2002: 37%. 

[A] For each year, the Percent Insurance-Related is the sum of the 
Annuities and Insurance categories divided by the Grand Count.

[End of table]

We also reviewed nationwide complaint data available in the insurance 
industry and again found many complaints that could also be relevant to 
securities regulators. During our review of the available data in CDS 
maintained by NAIC, we observed examples of complaints on variable life 
and annuity products that also appeared relevant to securities 
regulators that have primary jurisdiction over such products. However, 
because of confidentiality concerns, financial regulators other than 
state insurance regulators do not have direct access to CDS, though 
some aggregate data by company is publicly available, as previously 
mentioned. NAIC officials indicated that the complaint data in CDS is 
not shared with securities regulators in a routine, systematic fashion.

Challenges to Improve Regulatory Information Sharing Include the 
Protection of Sensitive Data: 

As we reported in previous work, generally speaking the concerns that 
financial regulators expressed to us about sharing more regulatory 
information with one another were not technological in nature; rather, 
they centered around the need to protect sensitive data. In particular, 
in providing comments on proposals for an information-sharing network, 
regulators expressed concern over what specific regulatory information 
might be appropriate to share, the types of entities that would have 
access to such data, and liability issues surrounding the release of 
unsubstantiated information.

Financial regulators generally did not express concern about sharing 
basic regulatory history data on closed disciplinary or enforcement 
actions. The majority of such information is already publicly 
available, although not necessarily easily accessible. Such information 
could convey whether an individual was registered in a particular 
financial industry and any closed regulatory actions tied to the 
individual's activities in that industry. The threshold of concern 
rises as the sensitivity of the regulatory data rises, particularly 
when the information has not been substantiated or pertains to an 
ongoing investigation. For example, in previous work, several financial 
regulators pointed out that the untimely release of information on an 
open investigation could jeopardize that investigation and existing 
sources of information.

Regulators were also concerned about the release of regulatory data to 
entities or individuals who do not have regulatory authority. In 
previous testimony, we reported that financial regulators in both the 
banking and securities industry believed that NAIC's status as a 
nonregulatory entity was a barrier to releasing regulatory data to it, 
even though NAIC is comprised of, and operates on behalf of, state 
insurance regulators. Also, some financial regulators expressed concern 
over the varying degrees to which individual states are obligated to 
protect regulatory information and, thus, the different degrees of 
protection that could result as such information is released among 
state regulators.

Additionally, regulators brought up concerns about the potential 
liability associated with disclosing some of the information maintained 
in their databases. Financial regulators noted that some of their 
regulatory data are self-reported or otherwise unsubstantiated. Release 
of unsubstantiated information, particularly with regard to customer 
complaints and open investigations, raised liability concerns for some 
regulators. Regulators noted that the appropriate sharing and use of 
this sensitive data must be considered because of its highly 
prejudicial nature and the potential detriment to the party in 
question. Some regulators also questioned whether a proposed system or 
mechanism for sharing each other's regulatory information would violate 
the Privacy Act's prohibition against the nonconsensual disclosure of 
personal information contained in records maintained by federal 
agencies. While there are numerous exemptions to this prohibition, 
including the "routine use" exemption,[Footnote 26] regulators 
cautioned that the Privacy Act and its goal of safeguarding individual 
privacy should receive due consideration.

While the extent of regulatory information that should be shared 
remains an open question, the regulators we previously contacted 
generally agreed that some degree of information-sharing capability 
would be useful. From our past work, most generally supported an 
approach whereby they would share some basic regulatory information on 
individuals, such as whether or not they were registered in another 
financial industry and had a disciplinary record. Previously, we 
suggested that a needs assessment be conducted to determine the data 
elements most useful to each of the financial regulators and the extent 
to which each regulatory authority would be obligated to safeguard the 
data it collects from its industry. A key issue related to such an 
assessment is balancing one regulator's "need to know" with another's 
need to safeguard or restrict confidential or sensitive regulatory 
information. Additionally, from our previous work, financial regulators 
emphasized that maintaining a centralized database containing all of 
the regulatory data of each financial industry may be costly and 
difficult to maintain. They pointed out that the vast majority of 
applicants were not likely to be carrying a blemished regulatory 
history from another financial services industry. Nevertheless, most 
financial regulators appeared to support the concept of an information-
sharing approach that allows access to basic regulatory information to 
flag problems disclosed by regulators in connection with an 
individual's activities in other financial services industries.

Observations: 

Effective regulation depends on many factors. However, one of the most 
important is the extent to which regulators have access to complete and 
correct information. Financial regulators face challenges in accessing 
and sharing information relevant to their oversight responsibilities, 
including criminal history, regulatory enforcement, and consumer 
complaint data. We have previously suggested that insurance regulators 
were at a considerable disadvantage relative to regulators in other 
financial industries because of their lack of access to FBI criminal 
history data. This disadvantage continues to be a problem today. 
Similarly, in today's world of technological innovation and converging 
financial markets, better information sharing of both regulatory 
enforcement and consumer complaint data within and between financial 
industries would improve the ability of financial regulators to protect 
both individual consumers and the public at large. In particular, 
regulators would be better positioned to recognize and reduce the 
movement of rogues from one industry to another. Furthermore, improving 
financial regulators' ability to readily access or share relevant 
consumer complaints in a coordinated, systematic fashion would not only 
improve their ability to resolve those complaints, but also help them 
ascertain the overall magnitude of market problems with a given product 
or company. Moreover, better and more consistent information sharing 
may facilitate joint efforts to investigate and prosecute fraudulent 
behavior in the financial services industries.

GAO has long advocated better information sharing among financial 
regulators but recognizes regulators' legitimate concerns in connection 
with the sharing of sensitive data. Legislative actions will be needed 
to address issues related to the sharing of sensitive information. 
Ultimately, the successful implementation of expanded or new 
information-sharing capabilities or tools will depend on the extent to 
which protections are in place to make financial regulators feel 
comfortable in sharing sensitive regulatory information with one 
another. Difficult issues must be addressed in order to make this a 
reality, and regulators will have to overcome some level of inertia and 
resistance to change. The Committee's continued endorsement and 
encouragement for improvement in the interindustry sharing of criminal 
and regulatory information should provide an important impetus to 
succeed.

Agency Comments: 

We requested comments on a draft of this correspondence from SEC, NASD, 
NASAA, and NAIC. We received general comments and technical suggestions 
from the Associate Director of the Division of Investment Management of 
SEC, the Associate Vice President for Government Affairs of NASD, the 
Director of Policy of NASAA, and the Executive Vice President and Chief 
Executive Officer of NAIC. Officials from these organizations responded 
that they generally concurred with the report's findings and message 
and offered technical suggestions that we incorporated where 
appropriate.

As agreed with your office, unless you publicly release its contents 
earlier, we plan no further distribution of this correspondence until 
30 days from its issuance date. At that time we will send copies to the 
Ranking Minority Member of the Committee on Financial Services and to 
other interested congressional members and committees. We will also 
make copies available to others upon request. In addition, this report 
will also be available at no charge on GAO's Web site, http://
www.gao.gov. Please contact me or Lawrence D. Cluff at (202) 512-8678 
if you or your staff have any questions about this report. Major 
contributors to this report were Barry Kirby, Tarek Mahmassani, Angela 
Pun, Barbara Roesmann, and Paul Thompson.

Sincerely yours,

Signed by: 

Richard J. Hillman 
Director, Financial Markets and Community Investment: 

[End of section]

Enclosure I: 

In conducting our work, we reviewed the regulatory oversight structure 
for different hybrid financial products and also collected and assessed 
the nature of complaint data received by various financial regulators. 
To understand the different regulatory entities that could have an 
oversight interest in a particular hybrid product, we compared and 
contrasted the regulatory oversight structures associated with three 
different hybrid financial products--variable annuities, equity-
indexed annuities, and viatical settlements. To assess the extent and 
nature of regulatory information sharing that occurred between 
financial regulators, we reviewed how different regulators collected 
and consolidated consumer complaint data, and highlighted examples 
where consumer complaints appeared relevant to other regulator(s). The 
focus of our review was not to assess the quality of the complaint 
systems data from regulators, though we did collect some basic 
information related to data quality and known reliability issues, but 
rather to generally understand the manner in which such data are shared 
among regulators. During our work we interviewed and collected 
information or regulatory data from officials at the National 
Association of Insurance Commissioners, state insurance regulators, the 
Securities and Exchange Commission, NASD (formerly the National 
Association of Securities Dealers), the New York Stock Exchange, the 
North American Securities Administrators Association, state securities 
regulators, the National Futures Association, the Federal Reserve 
Board, the Office of the Comptroller of the Currency, the Office of 
Thrift Supervision, and the Federal Deposit Insurance Corporation. We 
conducted our work between November 2002 and May 2004 in accordance 
with generally accepted government auditing standards.

FOOTNOTES

[1] In this report, financial regulators are the regulators of the 
financial services industries.

[2] In this report, hybrid financial products refer to those products 
having both insurance-and securities-related features.

[3] The FBI and the National Association of Insurance Commissioners 
provided information on the state insurance departments authorized to 
obtain FBI criminal history information.

[4] U.S. General Accounting Office, Insurance Regulation: Scandal 
Highlights Need for Strengthened Regulatory Oversight, GAO/GGD-00-198 
(Washington, D.C; Sept. 19, 2000); Insurance Regulation: Scandal 
Highlights Need for Strengthened Regulatory Oversight, GAO/
T-GGD-00-209 (Washington, D.C; Sept. 19, 2000); U.S. General 
Accounting Office, Financial Services Regulators: Better Information 
Sharing Could Reduce Fraud, GAO-01-478T (Washington D.C; Mar. 6, 
2001).

[5] NAIC, formed in 1871, is a voluntary organization of the chief 
insurance regulatory officials of the 50 states, the District of 
Columbia, and four U.S. territories. It does not have regulatory 
authority over the state insurance departments. NAIC provides a forum 
for the development of uniform policy when uniformity is deemed 
appropriate. It assists state insurance regulators by offering 
financial, actuarial, legal, computer, research, market conduct, and 
economic expertise to carry out financial and consumer protection 
oversight functions.

[6] Under 18 U.S.C.  1033, a person who has been convicted of any 
criminal felony involving dishonesty or a breach of trust or any 
offense described in the section may engage in the business of 
insurance only through the written consent of an insurance regulatory 
official authorized to regulate the insurer.

[7] GAO-01-478T.

[8] Pub. L. No. 106-102 (1999). In Subtitle C of Title III, GLBA called 
for a majority of states to either adopt uniform producer licensing 
laws or reciprocate with other states in the licensing process by 
November 2002 to avoid the establishment of a body, the National 
Association of Registered Agents and Brokers, which would take over 
producer licensing functions from the states. In 2002, NAIC certified 
that the majority of states satisfied the provisions in GLBA by 
reciprocating with other states in the licensing process. However, some 
states did not reciprocate at the time because they were reluctant to 
accept industry applicants who were licensed in other states that use 
less stringent licensing standards.

[9] U.S. General Accounting Office, State Insurance Regulation: Efforts 
to Streamline Key Licensing and Approval Processes Face Challenges, 
GAO-02-842T (Washington D.C.: June 18, 2002).

[10] Regulatory background information would, among other things, 
include the licensing or registration status and employment history of 
an individual.

[11] For the purposes of this report, the term "federal banking 
regulators" includes the Federal Reserve Board, Office of the 
Comptroller of the Currency, Office of Thrift Supervision, Federal 
Deposit Insurance Corporation, and National Credit Union 
Administration.

[12] NASAA, organized in 1919, is a voluntary association whose 
membership consists of 66 state, provincial, and territorial securities 
administrators in the 50 states, the District of Columbia, Puerto Rico, 
Canada, and Mexico. In the United States, NASAA represents the 50 state 
securities agencies and provides information and expertise related to 
capital formation and investor protection.

[13] Under section 604 of the Sarbanes-Oxley Act, Pub. L. No. 107-204 
(2002), SEC may consider the regulatory history of an individual in 
deciding on the individual's fitness for registration as a broker, 
dealer or investment advisor. Specifically, the SEC is authorized to 
limit, suspend, or revocate the registration of persons who have been 
barred or subjected to sanctions by a state securities, banking, or 
insurance regulator because of fraudulent, manipulative, or deceptive 
conduct. See 15 U.S.C.  78o (b)(4)(H) (2000 & 2003 Supp.).

[14] Regulatory oversight of some hybrid products could change over 
time, as debates continue over which regulatory entity is best suited 
for a particular product. For instance, a key debate among financial 
regulators is whether or not sales of variable life and annuity 
products should be regulated as insurance or securities products at the 
state level. State securities regulators have argued that they have 
greater securities-related expertise and more comprehensive oversight 
to help ensure that sales of such products are suitable for the 
investor as compared to their insurance counterparts. Securities 
regulators also maintain that they have more enforcement authority and 
tools to pursue cases of sales practice abuse tied to variable 
products. In contrast, insurance regulators and industry 
representatives maintain that oversight of variable products as 
securities at the federal level coupled with oversight as insurance at 
the state level is sufficient. Parties opposed to state securities 
oversight of variable product sales argue that such a regulatory 
framework would create "four layers" of regulatory oversight--SEC, 
NASD, state insurance departments, and state securities departments--
resulting in greater costs and duplicative regulatory functions. 
Recently, both securities and insurance regulators have each developed 
legislative proposals to help strengthen their regulatory authority 
over sales practices tied to sales of variable insurance products. 

[15] Variable annuities were first introduced in the 1950s and are a 
multibillion dollar business in the United States, with sales of 
variable products exceeding $94 billion through the first three 
quarters of 2003. Variable annuities are designed to provide tax 
deferral benefits of annuities. Under an annuity contract, an insurer 
agrees to make a series of payments for a specified period or for the 
life of the contract holder, providing insurance against the 
possibility that the contract holder will outlive his or her assets 
during the period covered under the contract. The payments are either 
fixed or may vary from payment to payment. The cash value of the 
contract is invested in an insurer account, which offers the contract 
holder a number of investment options. The contract holder's premiums 
are typically allocated to mutual funds that invest in stocks, bonds, 
money market instruments, or some combination thereof. The values of 
the investment and the periodic payments vary, much like a securities 
product, depending on the performance of the chosen investment option. 
Variable annuities also have a death benefit. If a contract holder dies 
before the insurer has started to make payments, a designated 
beneficiary is guaranteed to receive a specified amount of money.

[16] Equity-indexed products are annuities or life insurance contracts 
on which the returns from the annuities are credited to contract 
holders using a fixed formula based on changes in an equity index such 
as the S&P 500. Equity-indexed annuities are different from fixed 
annuities because they credit interest using a formula based on changes 
in the index to which the annuity is linked. However, equity-indexed 
annuities are similar to fixed annuities in that they guarantee a 
minimum interest rate. The annuities are designed to protect holders 
against severe downturns in the market. Total sales of equity-indexed 
annuities during 2002 reached approximately $13 billion.

[17] On August 20, 1997, SEC solicited comments on a Concept Release 
concerning the structure of equity index insurance products, the manner 
in which they are marketed, and other matters of consideration in 
addressing federal securities law issues raised by equity index 
insurance products (Release No. 33-7438; File No. S7-22-97). 

[18] Viatical settlements are a more recent hybrid product, developed 
in the late 1980s. Sales of viatical settlements have grown from $90 
million in 1991 to approximately $1 billion in 2000. Viatical 
settlements are contracts under which investors purchase an interest in 
the life insurance policies of terminally ill individuals. When the 
insured individuals die, the investors receive the benefit of the 
insurance. More specifically, investors purchase policies (or parts of 
policies) at prices below the value of the death benefits. Because of 
uncertainties in predicting when someone will die, these investments 
are extremely speculative. If the seller dies sooner than expected, an 
investor may receive a higher return. But if the seller lives longer 
than expected, the return will be lower. An investor can lose part of 
or all of his/her principal investment if the person lives long enough 
that the investor has to pay additional premiums to maintain the 
policy. This element of risk is a securities feature of viatical 
investments.

[19] Securities and Exchange Commission v. Life Partners, Inc., 87 F.3d 
536 (D.C. Cir. 1996), reh'g denied, 102 F.3d 587 (D.C. Cir. 1996). The 
SEC has taken action for fraud against enterprises that sell securities 
backed by viatical settlements, however. See. SEC Litigation Rel. No. 
18346 (Sept. 11, 2003).

[20] In May 2004, SEC and other federal and state regulators shut down 
the operations of Mutual Benefits Corp. in Florida to halt an alleged 
billion dollar fraudulent securities offering. Regulators are 
attempting to recover what is left of the $1 billion on behalf of 
investors in this scandal, which follows several other scandals in the 
viatical industry in recent years. In February 2002, the House 
Financial Services Committee held a hearing on fraudulent activities 
taking place in conjunction with viatical sales in the marketplace. 

[21] NASAA officials indicated that they send their members an annual 
survey focusing on completed enforcement actions. In addition, from 
time to time, NASAA surveys its members on a variety of specific 
issues, often in response to requests for information from 
congressional committees. NASAA officials also mentioned that the last 
two surveys included a question designed to gather information on the 
number of complaints received.

[22] NAIC has implemented the Consumer Information Source (CIS), an 
application available from its Web site, with public disclosure of 
aggregate complaint data by company on a state-by-state basis. 
Consumers may access the following from CIS: (1) the total number of 
complaints for a selected company in each state, (2) the total number 
of complaints by type of coverage, (3) the reason the complaint was 
filed and disposition of the complaint, (4) the ratio of a company's 
market share of complaints compared to the company's market share of 
premiums for a specific policy type, and (5) the total complaint counts 
by year with the percent change of counts between years.

[23] NASD Rule 3070 requires that member firms record certain 
information on consumer complaints received for statistical and 
regulatory oversight purposes.

[24] NASD does refer insurance-related complaints to insurance 
regulators that are received directly from investors.

[25] Individual sales agents are often dually registered as broker-
dealers as well as insurance agents, allowing them to engage in sales 
of products regulated as securities by SEC and NASD (e.g., variable 
annuities), as well as products generally regulated solely as insurance 
by state insurance regulators (e.g., fixed annuities).

[26]The routine use exemption permits nonconsensual disclosure of 
personal information when the internal use of the information that is 
disclosed is compatible with the purpose for which it was originally 
collected.

GAO's Mission: 

The General Accounting Office, the audit, evaluation and investigative 
arm of Congress, exists to support Congress in meeting its 
constitutional responsibilities and to help improve the performance and 
accountability of the federal government for the American people. GAO 
examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability.

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through the Internet. GAO's Web site (www.gao.gov) contains 
abstracts and full-text files of current reports and testimony and an 
expanding archive of older products. The Web site features a search 
engine to help you locate documents using key words and phrases. You 
can print these documents in their entirety, including charts and other 
graphics.

Each day, GAO issues a list of newly released reports, testimony, and 
correspondence. GAO posts this list, known as "Today's Reports," on its 
Web site daily. The list contains links to the full-text document 
files. To have GAO e-mail this list to you every afternoon, go to 
www.gao.gov and select "Subscribe to e-mail alerts" under the "Order 
GAO Products" heading.

Order by Mail or Phone: 

The first copy of each printed report is free. Additional copies are $2 
each. A check or money order should be made out to the Superintendent 
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or 
more copies mailed to a single address are discounted 25 percent. 
Orders should be sent to: 

U.S. General Accounting Office 
441 G Street NW, Room LM 
Washington, D.C. 20548: 

To order by Phone: 

Voice: (202) 512-6000 

TDD: (202) 512-2537 

Fax: (202) 512-6061: 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: www.gao.gov/fraudnet/fraudnet.htm 
E-mail: fraudnet@gao.gov 

Automated answering system: (800) 424-5454 or (202) 512-7470: 

Public Affairs: 

Jeff Nelligan, Managing Director, 
NelliganJ@gao.gov 
(202) 512-4800 

U.S. General Accounting Office, 
441 G Street NW, Room 7149 
Washington, D.C. 20548: