Semiannual Report to Congress

Message From the Inspector General

As we navigate the postpandemic landscape, we find ourselves in a changed and rapidly evolving world. While we continue to provide oversight of the pandemic response efforts of the Board of Governors of the Federal Reserve System and the Consumer Financial Protection Bureau, we are also focusing on several developing areas, including the recent issues involving midsize financial institutions, financial-sector innovations, climate risks, and the legal challenge to the CFPB’s funding mechanism. To continue fulfilling our mission to provide independent oversight to the Board and the CFPB, it is essential that we remain flexible and agile.

We routinely identify and prioritize the CFPB’s and the Board’s major management challenges—the areas that, if not addressed, we believe are most likely to hamper the agencies’ accomplishment of their strategic objectives. We recently published the CFPB’s major management challenges and identified four areas of focus: ensuring an effective information security program; managing human capital to maintain a talented, diverse, inclusive, and engaged workforce; continuing to refine the supervision and enforcement strategy; and managing consumer complaints. The Board’s major management challenges, which will be published in the second quarter of 2023, will address organizational governance and enterprise risk management, cybersecurity at supervised financial institutions and service providers, and information security, among other topics.

When the pandemic emerged 3 years ago, it rapidly reshaped our work, and we continue to protect the integrity of pandemic relief programs within our oversight responsibilities. We actively monitor the Board’s pandemic-related lending programs, and I continue to serve on the Pandemic Response Accountability Committee, which coordinates inspector general community oversight of the federal government’s COVID-19 pandemic response efforts.

Our Office of Investigations continues to investigate numerous cases of fraud related to the emergency lending programs established in response to the pandemic. In a recent case, for example, a man was sentenced to 8.5 years in federal prison and ordered to pay over $6 million in restitution for fraudulently obtaining more than $6.6 million in Paycheck Protection Program (PPP) and Economic Injury Disaster Loan funds and then laundering his illegal proceeds into financial instruments and real property. In another case, the chief executive officer of PPP lender MBE Capital Partners pleaded guilty to conspiring to commit wire fraud in connection with loan and lender applications. He fraudulently secured hundreds of millions of dollars in capital for PPP loans and collected over $71 million in lender fees.

Overall, in the past 6 months, our Office of Investigations closed 15 investigations and resolved 105 hotline complaints. Our work resulted in 4 referrals for criminal prosecution; 20 arrests; 24 indictments; 12 criminal informations; 24 convictions; and just over $53 million in criminal fines, restitution, special assessments, and forfeiture.

In this reporting period, we assessed processes for managing cybersecurity risks for third-party vendors supporting the Main Street Lending Program and Secondary Market Corporate Credit Facility and found that overall, Federal Reserve System officials quickly established vendor contracts that generally met cybersecurity best practices.

In other work this reporting period, we assessed the effectiveness of the Board’s processes and practices for reviewing and approving supervisory proposals, which the Board develops as part of its oversight of financial institutions. We identified several ways for the Board to enhance its review and approval of supervisory proposals. In a separate evaluation, we assessed the effectiveness of the Board’s model risk management processes for models the Board uses to monitor risks at community and regional banking organizations. We found that the Board can enhance model risk management by ensuring timely review and validation, developing a comprehensive model inventory, and developing a formal mechanism for tracking the findings and recommendations of internal groups that review and validate models.

We also evaluated the Board’s practices related to roles and responsibilities for managing the data it uses to conduct research, analysis, and policymaking; supervise and regulate certain financial institutions and activities; oversee important aspects of the nation’s payments system; and promote consumer protection, fair lending, and community development. We found that the Board can enhance enterprise practices for data management roles and responsibilities. In addition, we completed the annual audits of the Board’s and the Federal Financial Institutions Examination Council’s financial statements and the CFPB’s fiscal year 2022 compliance with the Payment Integrity Information Act of 2019.

As we look to the future, we are closely attentive to several areas of interest. Of particular note are the recent failure of Silicon Valley Bank and the voluntary liquidation of Silvergate Bank. While the U.S. Department of the Treasury, the Board, and the Federal Deposit Insurance Corporation have taken steps intended to keep our banking system resilient, much remains to be determined about how these events occurred and how future bank failures can be prevented. On March 14, we initiated reviews of Silicon Valley Bank and Silvergate Bank that will assess both the Board’s and the Federal Reserve Bank of San Francisco’s supervision of the institutions and make recommendations, as appropriate.

Financial-sector innovations represent an additional area of attention. The Board recently announced that it plans to launch FedNow, the System’s new real-time settlement system, in July, and the Board is also researching the potential benefits and risks of a central bank digital currency.

Another area of interest is the consideration of climate-related risks in the supervision of financial institutions. We are reviewing the Board’s process for developing and implementing supervisory approaches for climate risks to financial institutions, including by benchmarking with other agencies and central banks; further information will be available in a forthcoming OIG Insights paper.

Finally, the ongoing legal challenge to the constitutionality of the CFPB’s funding mechanism as well as legislative proposals to reform the CFPB may affect our future work, and we are monitoring such issues closely. Meanwhile, as our pandemic oversight work decreases, we expect to realign resources accordingly to bring our Board and CFPB work back to its historical balance, including by starting several new CFPB projects.

We understand that many of these issues are of critical importance to our stakeholders as well. In March, I testified before the House Financial Services Subcommittee on Oversight and Investigations on our oversight of the Board and the CFPB. Specific topics included our review of the Board’s approach to climate risk supervision at financial institutions, the CFPB’s budget, legal challenges to the CFPB’s funding mechanism, and our role overseeing the CFPB. I look forward to further outreach and engagement with our congressional stakeholders on how we provide independent oversight of the Board and the CFPB.

While much is uncertain in these changing times, our mission remains the same: to ensure that the programs and operations of the agencies we oversee are operating efficiently and effectively and are free of fraud, waste, and abuse. Also unchanging is my profound appreciation for the extraordinary OIG staff, who unfailingly maintain the remarkable quality of their work even as we adapt to shifting priorities. Their work requires tremendous expertise and dedication, and I am deeply grateful for their efforts and for their steadfast commitment to our mission, vision, and values.

Sincerely,
/signed/
Mark Bialek
Inspector General
April 28, 2023
 

Highlights

We continued to promote the integrity, economy, efficiency, and effectiveness of the programs and operations of the Board of Governors of the Federal Reserve System and the Consumer Financial Protection Bureau. The following are highlights, in chronological order, of our work during this semiannual reporting period.

Cybersecurity Risk Management for Lending Facility Vendors
Federal Reserve System officials quickly established vendor contracts for the Board’s lending facilities that generally met cybersecurity best practices; however, we identified ways to strengthen third-party cybersecurity risk management processes for future scenarios.

The Board’s Governance Processes for Supervisory Proposals
We found several ways for the Board to enhance its review and approval of supervisory proposals.

Roles and Responsibilities for Data Management at the Board
The Board uses a decentralized data management model, and the chief data officer has not been formally granted authority over data management and governance.

Major Management Challenges for the CFPB
The major management challenges we identified for the CFPB involve information security, human capital, supervision and enforcement, and consumer complaints.

Many of our investigations during this semiannual reporting period concern fraud related to the Federal Reserve’s pandemic response efforts, including the Paycheck Protection Program Liquidity Facility (PPPLF), which extended credit to eligible financial institutions and took Paycheck Protection Program (PPP) loans guaranteed by the U.S. Small Business Administration (SBA) as collateral, and the Main Street Lending Program (MSLP), which supported lending to small and medium-sized for-profit and nonprofit organizations in sound financial condition before the COVID-19 pandemic. In addition, our office also conducted investigations in support of our membership on the Pandemic Response Accountability Committee (PRAC).

Former First NBC Bank President Found Guilty of Dozens of Charges
For his role in a fraud scheme leading to the failure of the $5 billion First NBC Bank, former President and Chief Executive Officer (CEO) Ashton J. Ryan Jr. was found guilty of all 46 counts against him, including bank fraud, conspiracy to commit bank fraud, and making false entries in bank records.

CEO of MBE Capital Partners Pleaded Guilty to PPP Fraud
Rafael Martinez, CEO and primary owner of MBE Capital Partners, pleaded guilty to conspiracy to commit wire fraud in connection with an $823 million PPP loan and lender fraud scheme.

Sterling Bancorp Agreed to Plead Guilty to Securities Fraud
Sterling Bancorp, a Michigan-headquartered bank holding company, agreed to plead guilty to securities fraud for filing false securities statements relating to its initial public offering (IPO) and subsequent annual filings. The company will be required to serve probation through 2026, submit to enhanced reporting obligations, and pay more than $27.2 million in restitution to deceived shareholders.

Former Wells Fargo Executive Agreed to Plead Guilty to Obstruction
Carrie L. Tolstedt, the former head of Wells Fargo Bank’s retail banking division, agreed to plead guilty to obstructing a government examination into the bank’s widespread sales practices misconduct, for which Wells Fargo paid a $3 billion penalty in 2020. Tolstedt agreed to serve up to 16 months in prison, be banned from working in the banking industry, and pay a $17 million civil penalty.