Semiannual Report to Congress

Message From the Inspector General

This spring, turmoil in the banking industry captured headlines and raised questions about the stability of certain segments of the financial system. In March, Silicon Valley Bank, headquartered in Santa Clara, California, failed and was placed into receivership, ultimately costing the Deposit Insurance Fund (DIF) an estimated $16.1 billion. Earlier that same week, the holding company for Silvergate Bank, headquartered in La Jolla, California, announced its intent to begin voluntarily liquidating the bank. In separate reports, we assessed the Board of Governors of the Federal Reserve System's and the Federal Reserve Bank of San Francisco's (FRB San Francisco) supervision of each institution. We made 19 recommendations to improve the Board and FRB San Francisco's supervisory processes.

In July, Heartland Tri-State Bank, located in Elkhart, Kansas, failed and was placed into receivership. At the time of its failure, the loss to the DIF was estimated to be about $54 million. Our material loss review of Heartland Tri-State Bank will be completed early next year.

Last year, the Board's Federal Open Market Committee (FOMC) adopted a new personal investment and trading policy that prohibits covered individuals from purchasing individual securities, restricts active trading, and revises public reporting and disclosure requirements. We assessed the design and effectiveness of this policy as well as the Board's and the Federal Reserve Banks' approach to monitoring potential conflicts of interest. We determined that the new policy can be significantly enhanced by extending requirements that apply to senior FOMC officials to additional staff who have access to confidential FOMC information, by strengthening ethics programs to make reviews of financial disclosure reports more uniform throughout the Federal Reserve System and to enforce consequences for policy violations, and by verifying the completeness and accuracy of information provided in financial disclosure reports.

Information security remains another key area of focus for both the Board and the Consumer Financial Protection Bureau. We recently evaluated the Board and Reserve Banks' process for responding to cybersecurity incidents at supervised financial institutions and found that guidance documents do not clearly describe the mission or governance structure of the cybersecurity incident response process and that responses to such incidents have not consistently followed the established process. In addition, in a separate evaluation, we assessed the Board's and Reserve Banks' controls for protecting sensitive, nonpublic information in certain examination applications used for supervising community and regional banks. We found that examiners do not consistently use a process to help purge sensitive documents that are not required to be retained and that some examiners may have access to more sensitive personally identifiable information than is necessary for their job duties.

We conducted a performance audit of the CFPB's Agile systems/software development life cycle processes and found that the CFPB's information security program effectively integrates cybersecurity requirements into its software development life cycle processes. We also performed our annual assessments of the Board's and the CFPB's information security programs; overall, both the Board's and the CFPB's information security programs continue to operate effectively.

Climate risk is a particularly salient topic after this summer's record-breaking heat and natural disasters. In July, we published an OIG Insights paper on the Board's approach to climate risk supervision at financial institutions. Our paper compares the Board's approach to climate risk supervision to the approaches of other central banks and financial regulatory agencies and identifies key areas of consideration as the Board develops and implements its supervisory approach.

Additional work from this reporting period focused on the pandemic lending programs. We assessed the System's vendor selection and management processes for COVID-19 emergency lending facilities and found that the Federal Reserve Bank of New York generally followed established processes for selecting and managing vendors, which helped foster transparency and consistency, mitigate risks and conflicts of interest, and confirm that expected services were delivered. We also evaluated the Board and the Federal Reserve Bank of Boston's process for purchasing Main Street Lending Program (MSLP) loan participations and found that the Board and the Federal Reserve Bank of Boston generally followed their process but can formally document how to approach potentially ineligible MSLP loans.

In other work this reporting period, we found that the Board's purchase card program controls are generally effective, although approving officials could review and approve transaction logs in a more timely manner. We also performed risk assessments of the Board's and the CFPB's government travel card programs; both assessments found that the risk of illegal, improper, or erroneous use of the cards is low. Finally, we assessed the CFPB Office of Finance and Procurement's controls for exercising contract options, which allow federal agencies to add supplies or services to existing contracts, and we found that these controls can be improved.

The work of our Office of Investigations continues to send a strong message that those who commit fraud will be brought to justice. Earlier this month, the former president of First NBC Bank was sentenced to 14 years in prison for bank fraud and making false statements in bank records. His fraudulent schemes resulted in the failure of the bank in April 2017, which caused an approximate $1 billion loss to the DIF and the loss of approximately 500 jobs. In another case, the chief executive officer of Paycheck Protection Program lender MBE Capital was sentenced in July to 54 months in prison in connection with fraudulent loan and lender applications that enabled him to collect over $71 million in lender fees.

Overall, in the past 6 months, our Office of Investigations closed 28 investigations and resolved 196 hotline complaints. Our work resulted in 5 referrals for criminal prosecution; 19 arrests; 14 indictments; 12 criminal informations; 27 convictions; and nearly $400 million in criminal fines, restitution, special assessments, and forfeiture.

Our audit organization recently underwent an external peer review conducted by the National Aeronautics and Space Administration Office of Inspector General, which awarded us a rating of pass. The review team found that our system of quality control for the audit organization has been suitably designed and complied with to provide reasonable assurance of performing and reporting in conformity with applicable professional standards in all material respects. In addition, the OIG for the U.S. Department of Commerce conducted a peer review of our investigative operations and found that our system of internal safeguards and management procedures is in compliance with the quality standards established by the Council of the Inspectors General on Integrity and Efficiency and other applicable guidelines and statutes. The review team identified three aspects of our investigative operations that reflect best practices: our firearms program and other training requirements; the organizational structure of our headquarters personnel; and the organization, documentation, and professionalism of our investigative case files. Finally, we completed an evaluation peer review of the U.S. Small Business Administration OIG and reported that the organization generally complied with Blue Book requirements.

We continue to closely monitor the ongoing legal challenge to the constitutionality of the CFPB's funding mechanism as well as legislative proposals to reform the CFPB. In addition, we recently welcomed new leadership to the Board, as Adriana Kugler took office as a member of the Board of Governors. We have met with Governor Kugler, and we look forward to continuing to work with leadership at the Board and the CFPB as we provide robust independent oversight to improve their programs and operations and to prevent and detect fraud, waste, and abuse.

We could not achieve our mission without our phenomenal staff, who continue to impress me daily with their exceptional talent, expertise, and dedication. I remain deeply grateful for their hard work and steadfast commitment, and I look forward to continuing to work together to fulfill our vitally important mission.

Sincerely,
/signed/
Mark Bialek
Inspector General
October 31, 2023
 

Highlights

We continued to promote the integrity, economy, efficiency, and effectiveness of the programs and operations of the Board of Governors of the Federal Reserve System and the Consumer Financial Protection Bureau. The following are highlights, in chronological order, of our work during this semiannual reporting period.

Federal Open Market Committee Investment and Trading Rules
The Board's and the Federal Reserve Banks' approach to monitoring personal investment and trading activities for possible conflicts of interest can be strengthened.

Main Street Lending Program Loan Participation Purchases
Some key processes for purchasing Main Street Lending Program (MSLP) loan participations were not formally documented, which can lead to loss of institutional knowledge or inconsistency in process.

Climate Risk Supervision
Uncertainty about the timing and magnitude of the effects of climate change and the lack of quality data pose challenges for supervisors and financial institutions.

The CFPB's Exercise of Contract Options
The CFPB did not consistently document that all Federal Acquisition Regulation requirements were met before exercising options, did not always exercise options before the associated contracts expired, and did not always notify the contractors of the option extension within contract-required time frames.

Material Loss Review of Silicon Valley Bank
Silicon Valley Bank (SVB) failed because of unchecked, rapid growth; significant concentrations; and ineffective leadership. The Board and the Federal Reserve Bank of San Francisco (FRB San Francisco) should have acted earlier or taken stronger action to address identified weaknesses at SVB.

Supervision of Silvergate Bank
Silvergate's concentration in crypto industry deposit customers, rapid growth, and multilayered funding risks, as well as weaknesses in the bank's corporate governance and risk management capabilities, led to the bank's voluntary liquidation. The Board and FRB San Francisco should have escalated concerns through stronger, earlier, and more-decisive supervisory action.

The Board's Information Security Program
The Board's information security program continues to operate effectively at a level-4 (managed and measurable) maturity.

The CFPB's Information Security Program
The CFPB's information security program continues to operate effectively at a level-4 (managed and measurable) maturity.

Former First NBC Bank President Sentenced to 14 Years in Prison and $214 Million Restitution
Convicted of all 46 counts against him, Ashton J. Ryan Jr., former president and chief executive officer (CEO) of First NBC Bank, was sentenced to 170 months in prison, 3 years of supervised released, and $214 million in restitution. Ryan was at the center of a long-running fraud scheme that caused the $5 billion New Orleans bank to fail.

CEO of MBE Capital Sentenced to Prison and Restitution for $823 Million Paycheck Protection Program Fraud
Rafael Martinez, CEO and primary owner of MBE Capital Partners, was sentenced in New York to 54 months in prison for an $823 million Paycheck Protection Program (PPP) loan and lender fraud scheme. He was also sentenced to 3 years of supervised release and ordered to pay over $71 million in restitution and forfeit about $45 million.

CEO of California Residential Reentry Home Convicted for $34 Million in PPP Fraud
Attila Colar, former CEO of All Hands on Deck, was convicted of 44 counts involving a $34 million PPP fraud scheme and other crimes. The counts—including conspiracy, bank fraud, wire fraud, aggravated identity theft, obstruction, and witness tampering—carry up to 30 years in prison and fines up to $1 million.

Two Loan Brokers and a Loan Officer Pleaded Guilty to Bank Fraud Conspiracy
Ted Capodilupo and Joseph Masci, operators of a loan brokerage business, pleaded guilty to conspiracy to commit bank fraud against a Massachusetts-based bank and the U.S. Small Business Administration (SBA). Brian Ferris, a loan officer at the bank, also pleaded guilty to conspiracy to commit bank fraud. The charges carry up to 30 years in prison plus fines, restitution, and forfeiture.