Semiannual Report to Congress

Message From the Inspector General

Over the last six months, we provided robust oversight of the Board of Governors of the Federal Reserve System (Board) and the Consumer Financial Protection Bureau (CFPB). This is particularly true of the CFPB, as 8 of the 11 audit and evaluation reports that we issued were on CFPB programs or operations. We issued reports on the CFPB's headquarters renovation, contract management, and coordination with other prudential regulators, among others.

We also completed significant information technology audits. Our Information Technology Audits group completed security control reviews of the CFPB's Data Team Complaint Database and of the Board's C-SCAPE application, as well as an audit of the Board's data center relocation. We also focused on closing out past audit recommendations, resulting in the closure of 48 recommendations during this reporting period.

Our investigative work led to important indictments, convictions, and sentencings of bank officers who committed wrongdoing. Most notably, we played a vital role in the investigation of a former United Commercial Bank officer whose fraudulent activities contributed to bank losses exceeding $677 million, which led to one of the most significant prosecutions to arise out of the 2008 financial crisis. In addition, our investigation of a former Chief Executive Officer and Chairman of Voyager Bank resulted in a guilty plea for obstructing a bank examination. Bank examinations are the means by which the Board determines the safety and soundness of financial institutions.

We issued our second-ever lists of major management challenges to the Board and the CFPB. These lists largely include the same issues that we reported on last year. For this year, we added cybersecurity to the Board's list of challenges. For the CFPB, we removed the challenge associated with improving the operational efficiency of supervision because the CFPB has done significant work to reduce the backlog of examination reports and to improve the examination process.

In addition to making recommendations to improve the programs and operations of the Board and the CFPB, we also looked inward in an effort to continuously improve our own operational effectiveness and to improve our outreach to stakeholders. For example, we surveyed our auditees to gain the perspectives of our agency stakeholders, and we joined Twitter to expand our public communication sphere.

Our activities during this period demonstrate that we are well positioned to, and indeed do, provide the vigorous oversight of the Board and the CFPB that Congress and the public seek. We will continue our work to ensure that both agencies operate effectively and in an accountable and transparent manner.

My thanks go to the Board and the CFPB, for their continued support of our efforts to improve the efficiency and effectiveness of their programs and operations, and to our staff members, for their dedication to our mission and their exemplary work during this reporting period.

Sincerely,
/signed/
Mark Bialek
Inspector General
October 30, 2015

Highlights

The Office of Inspector General (OIG) continued to promote the integrity, economy, efficiency, and effectiveness of the programs and operations of the Board of Governors of the Federal Reserve System (Board) and the Consumer Financial Protection Bureau (CFPB). The following are highlights of our work during this semiannual reporting period.

Management Challenges for the Board and the CFPB. We issued our memorandums on the major management challenges facing the Board and the CFPB. These challenges identify the areas that, if not addressed, are most likely to hamper the Board's and the CFPB's accomplishment of their strategic objectives. We listed six major management challenges for the Board and four major management challenges for the CFPB.

Audits, Evaluations, and Inspections

The CFPB's Headquarters Renovation. We conducted an audit related to the CFPB's headquarters renovation project. Overall, we found that construction costs appear reasonable and that potential renovation costs are below the amount previously budgeted and obligated for the renovation. We also found that current controls for approving, managing, and documenting renovation costs and project decisions are designed appropriately. However, because most construction cost-management control activities have not yet begun, we were not yet able to test the operating effectiveness of those controls. We found that the CFPB did not fully comply with the agency's Investment Review Board guidance for approving renovation costs.

The CFPB's Data Team Complaint Database. We completed an audit of the CFPB's Data Team (DT) Complaint Database. The DT Complaint Database supports the CFPB's Consumer Response System and is the source of consumer complaint information published on the CFPB's public website. We evaluated the adequacy of selected security controls for protecting that database from unauthorized access, modification, destruction, or disclosure, as well as the system's compliance with the Federal Information Security Management Act of 2002, as amended by the Federal Information Security Modernization Act of 2014 (FISMA), and the information security policies, procedures, standards, and guidelines of the CFPB. We found that the CFPB can strengthen controls for the DT Complaint Database.

Congressional Request Regarding the Independent Foreclosure Review. We reviewed issues related to the group of borrowers, referred to as the in-scope borrower population, for the Independent Foreclosure Review (IFR) and the subsequent payment agreement. The IFR process allowed borrowers who felt harmed by unsafe and unsound mortgage practices to submit a request to have their mortgage file reviewed. Overall, we concluded that the Board used an inclusive approach that involved adding borrowers to the in-scope population when discretion was required throughout the IFR process. This inclusive approach was apparent during the Board's supervision of the servicers' identification of the in-scope population and the Board's approach to resolving complaints related to the IFR and the payment agreement.

The CFPB's Contract Management Processes. We conducted an audit to assess the CFPB's compliance with applicable laws, regulations, and CFPB policies and procedures related to contract management, as well as the effectiveness of the CFPB's internal controls related to contract management. In general, we found the CFPB to be in compliance with applicable laws, regulations, and CFPB policies and procedures, although we noted that certain contract management controls could be improved in certain instances. We also noted that the CFPB's Office of Minority and Women Inclusion has not developed required standards and procedures to ensure that minority-owned and women-owned businesses are considered for CFPB procurements, including procedures that will enable the CFPB to know whether contractors have failed to make a good faith effort to include minorities and women in their workforce.

The Relocation of the Board's Data Center. We completed our third and final review of the Board's efforts to complete the production migration of servers and applications to its new data center. We concluded that the Board is continuing to follow a structured approach for planning and executing the relocation of the data center, and that Board staff members are actively engaged in planning and decisionmaking for the project. We followed up on open recommendations from our two prior data center relocation reports and determined that sufficient corrective actions have been taken to close the recommendations. We believe that the Board has established an appropriate control environment around the data center relocation, and based on our review, the project appears to be on track for successful completion by December 2015. As a result, our report contains no recommendations.

Investigations

United Commercial Bank Official Sentenced for Felony Fraud Conviction. The former Chief Operating Officer and Chief Credit Officer for United Commercial Bank (UCB) of San Francisco, California, was sentenced by a U.S. District Judge to 97 months in prison and three years' supervised release and ordered to forfeit $348,000. UCB's bank holding company, UCBH Holdings Inc., is supervised by the Board. This sentence followed a March 25, 2015, jury trial in U.S. District Court in which the defendant was found guilty of one count each of conspiracy to commit false bank entries, reports, and transactions; false bank entries, reports, and transactions; conspiracy to commit securities fraud; securities fraud; falsifying corporate books and records; false statements to accountants; and circumventing internal accounting controls. These activities were committed as part of a scheme to conspire with others within the bank to falsify key bank records to conceal millions of dollars in losses and to falsely inflate the bank's financial statements.

Former Bank Chief Executive Officer Pleaded Guilty to Obstructing an Examination by the Board. The former Chief Executive Officer (CEO) and Chairman of Voyager Bank and the President and CEO of the bank's holding company, Voyager Financial Services Corporation (VFSC), pleaded guilty to obstruction of a bank examination.

Former Executives of Wilmington Trust Indicted for Conspiracy and False Statements. Four former executives of Wilmington Trust Company (WTC), a state member bank supervised by the Board, were indicted on allegations concerning their respective roles in concealing from the Board, the U.S. Securities and Exchange Commission (SEC), and the public the total quantity of past-due loans on Wilmington Trust's books from October 2009 to November 2010.