Skip to Navigation
Skip to Main content
OIG Home
OIG Home

IN THIS SECTION

Skip SHARE THIS PAGE section Skip STAY CONNECTED section

FAQs

/761AE504D6ED4898BDA34C8AE19F0F82.htm

An Inspector General in the federal government is a public official whose responsibility it is to review the programs and operations of an agency to ensure they are delivered economically, efficiently, effectively, and with integrity and to make recommendations for agency improvement. Specifically, Inspectors General were established by the Inspector General Act of 1978, as amended, to carry out the following tasks:

  • conduct independent and objective audits, investigations, and inspections
  • prevent and detect waste, fraud, and abuse
  • promote economy, efficiency, and effectiveness
  • keep agency heads and Congress fully and currently informed of problems and deficiencies relating to the administration of agency programs and operations and the necessity for and progress of corrective action.

There are 73 Inspectors General, each of whom oversees one or more federal agencies. As of fiscal year 2012, Inspectors General collectively delivered a $17 return on every dollar invested in OIG operations through increased economy and efficiency in government programs as well as through fines and recovered money resulting from investigations.

/85D4F3D3BCF54890AF20BF19A0E24DF0.htm

The Inspector General for the Board and the CFPB is appointed by the Chairman of the Board of Governors. Inspectors General are appointed without regard to their political affiliation, based on their integrity and their ability in accounting, auditing, financial analysis, law, management analysis, public administration, or investigations.

/1440BA68D785469F8EC7B146C9A19185.htm

The Inspector General serves under the general supervision of the Board of Governors and the Director of the CFPB. Under the Inspector General Act of 1978, as amended, the Inspector General also has an independent reporting responsibility to Congress. Specifically, the Inspector General must keep the Board, the CFPB, and Congress informed concerning any significant issues relating to the administration of programs and operations of the agencies, any recommendations to address those issues, and the progress made by the agencies in implementing such corrective action. 

The Inspector General must also issue Semiannual Reports to Congress summarizing its activities during the reporting period, including detailing problems and deficiencies identified, listing current and pending recommendations, and summarizing prosecutive referrals.

/B95BC9AD65524180A15A0317F44294DC.htm

The OIG is an independent oversight authority within the Board, the government agency component of the broader Federal Reserve System. In addition, the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) established the OIG as the independent oversight authority for the CFPB. In fulfilling this responsibility, the OIG conducts audits, investigations, and other reviews related to the Board's and the CFPB's programs and operations. The OIG shares its findings and makes corrective action recommendations to the agencies but does not have the authority to manage programs or implement changes.

In addition, the OIG is required to review certain failed financial institutions supervised by the Board. The OIG must also evaluate the Board's supervision of certain financial companies that may pose a systemic risk and have been placed into receivership under title II of the Dodd-Frank Act.

Finally, the OIG is required to perform an annual independent evaluation of the information security programs and practices of the Board and the CFPB to determine the effectiveness of such programs and practices.

/9A69B16E9C714021BAF0EC9DBECDA7FB.htm

The Federal Reserve System is the nation's central bank, which generally consists of three parts: (1) the Board of Governors of the Federal Reserve System, which is located in Washington, DC, and led by a seven-member Board of Governors; (2) the 12 Federal Reserve Banks, which are located in major cities throughout the United States; and (3) the Federal Open Market Committee (FOMC). For more information about the Federal Reserve System, please see the Board's website.

/F42BD3934F954DD3B28762E6254A0B83.htm

The Federal Reserve Banks are the operating arms of the Federal Reserve System, but unlike the Board, the Reserve Banks are generally not federal agencies. Each Reserve Bank is a federally chartered corporation with its own board of directors. The Federal Reserve Act authorizes the Federal Reserve Banks to, among other activities, make discount window loans and provide payment services to depository institutions, the U.S. Department of the Treasury, and government agencies. The Board has delegated to the Federal Reserve Banks the responsibility for supervising Board-regulated institutions under the rules, regulations, and policies established by the Board.

The OIG's jurisdiction extends to the programs and operations of the Board but generally does not extend to the activities of the Federal Reserve Banks or the broader Federal Reserve System. In the area of supervision, however, the OIG's jurisdiction includes the authority to audit and investigate matters relating to the Federal Reserve Banks' supervision of Board-regulated institutions, because this Reserve Bank function is delegated from the Board.

/64CA81B00D2441F7960017E5B3347EFC.htm

Under the Inspector General Act of 1978, as amended, the OIG has the following general authorities to effectively conduct its oversight work:

  • access to all records and documents available to the agencies it oversees
  • subpoena authority to require the production of records from nonfederal entities
  • law enforcement powers, namely, the authority for OIG Criminal Investigators to (1) carry a firearm while engaged in official duties, (2) make warrantless arrests under specific circumstances, and (3) seek and execute federal arrest and search warrants.
/6A8F86E32513445D9E3093716DB68D19.htm

The Inspector General Act of 1978, as amended, provides the OIG with access to all information available to the Board and the CFPB that is needed to fulfill the OIG's responsibilities under the act. As such, the Board and the CFPB have issued policies that require all employees, contractors, grantees, and other persons carrying out functions for the Board and the CFPB to cooperate with and be responsive to information requests and questions from OIG auditors and investigators in connection with an OIG inquiry. These individuals also have a duty to promptly report instances of fraud, waste, abuse, misconduct, or criminal activity in Board or CFPB programs and operations to the OIG. 

Employees or others concerned about possible wrongdoing can contact the OIG through our Hotline.

/534258B038ED49CCBD48E5D662AAFE05.htm

The Inspector General Act of 1978, as amended, provides several mechanisms for IG accountability. First, all OIGs are subject to congressional reporting and public scrutiny. All OIG reports (excluding those containing sensitive or confidential information that may not be released) are published on the OIG's public website. OIGs are also mandated to produce Semiannual Reports to Congress and make them available on their website. These reports reveal important information about the work of the OIG and the acceptance and implementation of OIG recommendations.

Second, OIG audit functions, as well as investigative functions that exercise law enforcement authority, are subject to peer reviews by other OIGs, generally every three years, to determine whether they are operating in accordance with applicable professional standards. The results of all such peer reviews are made public on the OIG's website and in its Semiannual Reports to Congress.

Finally, the Council of the Inspectors General on Integrity and Efficiency (CIGIE) has an important role in ensuring OIG professionalism and accountability. CIGIE is an independent entity within the executive branch charged with increasing the professionalism and effectiveness of OIG personnel. The CIGIE Integrity Committee serves as an independent review and investigative mechanism for allegations of wrongdoing brought against Inspectors General and other designated staff members of the OIGs. For more information, see the Integrity Committee website.

/8E1DA36CE4204A8DB1A809A233A52046.htm

Audits are reviews of an agency's programs and operations that are intended to ensure that the agency is efficiently and effectively performing its work. OIG audits are objective and fact based, and we perform them in accordance with the U.S. Government Accountability Office's Government Auditing Standards.

We generally perform performance audits, which provide findings and recommendations based on an evaluation of sufficient, appropriate evidence against criteria, for example, laws, regulations, contracts, or other benchmarks against which performance is compared or evaluated. Performance audits provide objective analysis to improve program performance and operations, reduce costs, facilitate corrective action, and contribute to public accountability.

The findings and recommendations in our audit reports are intended to improve the efficiency and effectiveness of Board and CFPB programs and operations as well as to prevent or detect fraud, waste, or abuse.

/F79C71A0AE204533B09EAE49C992E3F5.htm

Evaluations are systematic and independent assessments of the design, implementation, or results of an agency's operations, programs, or policies. Evaluations can be used to determine efficiency, effectiveness, impact, and/or sustainability of agency operations, programs, or polices. They often recommend improvements and identify where administrative action is necessary.

Because the standards for conducting evaluations are not as prescriptive as the generally accepted government auditing standards that apply to audits, they provide OIGs with more flexibility and options for conducting reviews. They may be used for narrower scope reviews or projects that need to be completed quickly. In conducting evaluations, we follow the Council of the Inspectors General on Integrity and Efficiency's Quality Standards for Inspection and Evaluation.

/693AFA338FBF40788A6B719125FCDD85.htm

We identify areas for audit or evaluation using a risk-based planning process. We focus on areas that we see as major management challenges for the Board and the CFPB and consider input from our agency and congressional stakeholders. Our objective is to identify opportunities to improve the economy, efficiency, and effectiveness of each agency's operations and programs and translate those opportunities into auditable activities. We maintain a dynamic Work Plan that lists all of our ongoing and planned work. We update our Work Plan twice a month to allow us to respond to new stakeholder requests, emerging issues, and complaints received through our Hotline.

/B5BFA027B5D74C21A4DDD1E71F25186A.htm

OIG audits follow the guidelines in the U.S. Government Accountability Office's Government Auditing Standards. OIG inspections and evaluations follow the Quality Standards for Inspection and Evaluation issued by the Council of the Inspectors General on Integrity and Efficiency.

/5E1658F4F68A45E0979BAF8FDD8064B9.htm

There are three phases to the audit and evaluation process:

  • Planning
    • We provide the agency with an announcement memorandum that describes the proposed scope and objectives of the project.
    • We hold an entrance conference with relevant agency staff and officials to let them know the scope and objectives of the project, what information will be needed, and key milestones in the process.
  • Fieldwork
    • We gather and analyze information within the scope of the project objectives.
    • Throughout the fieldwork phase, we meet with agency stakeholders to update them on the progress of our work, request additional information, and get feedback on any tentative findings and recommendations we have identified.
  • Reporting
    • We provide a discussion draft report for agency management to comment on.
    • We hold an exit conference with the relevant agency stakeholders to discuss their comments.
    • We provide an official draft report, to which management is requested to provide a written response.
    • We issue a final report that includes the agency's comments on the draft report as an attachment.
    • The final report is posted on our website within three business days of being issued.
/FC1DC8C93E9D4CFBB4FB6F9FDDD63DE5.htm

We track and report on each of our recommendations in our Semiannual Report to Congress. Periodically, we request that each agency provide us documentation to show that it has implemented our recommendations. We also may perform an in-depth follow-up audit to assess the effectiveness of this implementation.

/2FC2A965E8BF47CC93D21D465AD0F4DF.htm

The OIG issues audit reports, evaluation reports, security control reviews, material loss reviews, and failed bank reviews.

Audit reports can be used to report on performance audits, financial audits, or attestation engagements. In addition to our regular audit reports, we may issue letter reports, management letters, and briefing reports.

A letter report is shorter than a standard audit report (generally 10 pages or less), although it may address similar types of issues and be addressed to the same audiences.

A management letter may be used for reporting less significant problems uncovered during an audit, communicating reasons for stopping or curtailing an audit (e.g., no weaknesses identified), or endorsing commendable practices.

A briefing report may be used to communicate work results in a timely and concise manner. Briefing reports are typically developed in PowerPoint and delivered as an oral presentation to Board or CFPB officials or staff. 

Evaluation reports summarize the results of systematic and independent assessments we perform of the design, implementation, or results of an agency's operations, programs, or policies.

Security control reviews are reviews required by the Federal Information Security Management Act of 2002 to evaluate the effectiveness of the information security controls and techniques for a subset of the Board's or the CFPB's information systems, including those provided or managed by another agency, a contractor, or another organization.

Failed Bank Reviews

Material loss reviews are reviews of failed banking institutions under Board supervision that resulted in a material loss to the Federal Deposit Insurance Corporation's Deposit Insurance Fund. The purpose of these reviews is to examine the agency's supervision of the failed institution, ascertain why the institution's problems resulted in a material loss to the Deposit Insurance Fund, and make recommendations for preventing any such loss in the future.

In-depth reviews are conducted when a loss to the Federal Deposit Insurance Corporation's Deposit Insurance Fund is not considered material but presents unusual circumstances. We apply professional judgment in our assessment of whether the loss to the Deposit Insurance Fund or supervisory history presents unusual circumstances. In general, we consider a loss to the Deposit Insurance Fund to present unusual circumstances if the circumstances associated with the banks deterioration, ultimate closure, and supervision were not addressed in any of our prior bank failure reports or involved potentially fraudulent activities.

/BDA51C0DF39F4384A5DDCAE8ECD566E0.htm

OIG investigations look into possible violations of law, regulation, or policy. The results of OIG investigations may be used for administrative action by the Board or the CFPB, as well as for criminal or civil action by the U.S. Department of Justice.

The OIG Hotline receives complaints from Board and CFPB employees and contractors, as well as from the general public, that may lead to investigations. We also may open an investigation based on information received from the Board or the CFPB, the U.S. Department of Justice, other agencies, or Congress.

/D9448BA2159D4238BB773994B1AE9951.htm

Anyone may report fraud, waste, abuse, or mismanagement related to the programs or operations of the Board or the CFPB by contacting the OIG Hotline. Examples of the types of activities to report include

  • violations of federal laws, rules, and regulations relating to Board and CFPB programs and operations
  • violations of laws, rules, or regulations that compromise or impact the supervisory programs of the Board or the CFPB
  • ethics violations or conflicts of interest by Board or CFPB officials
  • employee misconduct, such as abuse of authority or misuse of position
  • contract and procurement irregularities related to Board or CFPB programs and operations
  • theft and abuse of Board or CFPB property
  • purchase card fraud
  • waste or mismanagement of funds or government resources

The OIG is unable to intervene in or investigate individual consumer complaints against institutions or other entities supervised by the Board or the CFPB. For these complaints, please refer to information on consumer complaints against financial institutions.

/4107B97762A743F19810F38E93503A3F.htm

The OIG has a staff of Criminal Investigators (Special Agents) and Investigative Analysts. The OIG operates under statutory law enforcement authority granted by the U.S. Attorney General, which vests our Special Agents with the authority to carry firearms, seek and execute search and arrest warrants, and make arrests without a warrant in certain circumstances.

/19C9CFA2FDFA4992874841347145870F.htm

The Inspector General Act of 1978, as amended, provides the OIG with unfiltered access to any and all information available to the Board and the CFPB that is needed to fulfill the OIG's responsibilities under the act. Further, Board and CFPB policy states that all officers and employees of the Board and the CFPB are expected to cooperate with and be responsive to information requests and questions asked by OIG investigators in connection with an OIG inquiry.

In addition, all employees of the Board and the CFPB have a duty to promptly report actual or suspected violations of law, fraud, waste, abuse, or wrongdoing related to Board or CFPB programs and operations to the OIG. The OIG will not disclose the identity of any Board or CFPB employee who comes forward with a complaint or information unless the Inspector General determines that such disclosure is unavoidable during the course of an investigation. The Inspector General Act of 1978, as amended, protects employees from reprisals or retaliation for reporting a complaint or disclosing information to the OIG.

/2F93A7D5E75B4663A2D51D6752D3D19A.htm

Employees are obligated by agency policy to fully cooperate with the OIG, which includes being interviewed, except in circumstances when the employee asserts his or her Fifth Amendment right against self-crimination. The OIG cannot compel an employee to be interviewed, but management can direct the employee to be interviewed and can take disciplinary action if the employee declines.

Employees who are the subject of an OIG investigation may assert their Fifth Amendment right to refuse to provide information on the grounds that the information might be used against them in a criminal proceeding. Additionally, employees who are bargaining unit members may be permitted to have a union representative present during interviews.

An OIG investigation can only result in a criminal proceeding if the U.S. Department of Justice (DOJ) accepts it for criminal prosecution. In cases where DOJ has declined criminal prosecution and the OIG is pursuing a matter civilly or administratively, OIG investigators will provide employees who are the subject of an investigation with a written advisement that DOJ has declined the case for criminal prosecution and that the employee must then fully cooperate with investigators. This advisement effectively grants immunity against criminal prosecution based on the employee’s statements concerning the matter(s) covered by the advisement, unless the statements are found to be untruthful.

/F545554DC488495F82DFA32A09627D1E.htm

To provide independent and effective oversight, the OIG must obtain full and complete information during its interviews. Since the presence of agency attorneys may affect the willingness of an employee to speak freely and candidly, the OIG does not permit Board or CFPB attorneys to represent agency employees during OIG interviews. Moreover, it is generally the case that government attorneys represent the agency and are thus prohibited from personally representing individual agency employees. 

/79CB2365168E407BB5FA375DE6EFE996.htm

Information technology (IT) audits are reviews of various aspects of Board and CFPB IT systems, as well as management and operational controls within the IT infrastructure. IT audits focus on information security controls, systems development, operations, investment, and contractor support, among other areas.

The findings and the recommendations we provide to Board and CFPB management are intended to improve the efficiency and effectiveness of IT systems and to ensure that data are protected from unauthorized access, modification, destruction, or disclosure.

/E5B01673D0BB414886F2412B5D16AF4C.htm

The Federal Information Security Management Act of 2002 (FISMA) requires each OIG to perform an annual independent evaluation of the information security program and practices of the agency it oversees to determine the effectiveness of such program and practices. FISMA also requires each OIG to perform information security control reviews of IT systems to evaluate the effectiveness of information security controls and techniques for a subset of the agency's information systems.

Each year, we review the Board's and the CFPB's IT systems and IT challenges to determine those systems or IT areas that represent the highest risk to the efficient and effective performance of Board and CFPB mission functions. Our review includes a particular focus on information security risks.

/F7865CF88B274E47B710669AFBB3DC49.htm

IT audits follow the guidelines in the U.S. Government Accountability Office's Government Auditing Standards. For our annual FISMA audit work, we comply with guidance provided by the National Institute for Standards and Technology and follow direction from the U.S. Department of Homeland Security in focusing on 11 information security areas when analyzing the adequacy of the Board's and the CFPB's information security programs.

/AD7442CA13B0492A8BAEE2BD2E420704.htm

We begin our IT audits by performing a brief survey to get an understanding of the system or IT area to be audited as well as the potential risks or vulnerabilities that warrant further analysis. We then formulate an audit approach, including the time frame for our analytical work. 

If the audit involves a review of information security controls, we also plan what controls we will examine to best analyze the major risks and vulnerabilities. We perform the audit work by meeting with officials and reviewing documentation; if the audit is a security control review, we also test information security controls. At the conclusion of our audit work, we draft an audit report that we discuss with agency officials, and we incorporate their formal comments in our final report.

/C15452321C5446B6B04E3F4C6772DA34.htm

We issue audit reports and management letters regarding our findings and recommendations on the IT audits we perform. Our reports on information security reviews are typically restricted due to the sensitivity of the information; only a high-level summary of the work and report is provided in our Semiannual Report to Congress and on our public website.

/0E94EB5C39134547A043935062880444.htm

Anyone may report fraud, waste, abuse, or mismanagement related to the programs or operations of the Board or the CFPB by contacting the OIG Hotline. Examples of the types of activities to report include

  • violations of federal laws, rules, and regulations relating to Board and CFPB programs and operations
  • violations of laws, rules, or regulations that compromise or impact the supervisory programs of the Board or the CFPB
  • ethics violations or conflicts of interest by Board or CFPB officials
  • employee misconduct, such as abuse of authority or misuse of position
  • contract and procurement irregularities related to Board or CFPB programs and operations
  • theft and abuse of Board or CFPB property
  • travel card or purchase card fraud
  • waste or mismanagement of funds or government resources
/8E65E9F874EA4821982E4FC9CE1F21DE.htm

The OIG is unable to intervene in or investigate individual consumer complaints against institutions or other entities supervised by the Board or the CFPB. For these complaints, please refer to information on consumer complaints against financial institutions.

/1446A32B8F2B48CFAF37253E10537D14.htm

We will not disclose the identity of an employee who comes forward with a complaint or information. In rare circumstances, however, disclosure may occur if it is unavoidable during the course of an investigation.

Additionally, Board and CFPB employees are protected under the IG Act from reprisals or retaliation for reporting a complaint or disclosing information to the OIG.

/EF727FBB40544598B1A8C07E8D291F6A.htm

Yes. Individuals may contact the OIG Hotline anonymously; however, knowing the individual's identity and contact information will help us in our efforts to pursue the individual's complaint.

/974DCE7C6905435D9AAF43AA19B6C233.htm

Complaints to the OIG Hotline are reviewed by OIG analysts. If we have any questions regarding a complaint or if we require any additional information, we may contact the complainant. After reviewing a complaint, we may refer the matter to the appropriate component within the OIG, the Board, or the CFPB for additional action. Please note it is generally the case that the OIG cannot provide information regarding specific allegations reported to our office.