Summary
In March 2006, we issued our opinions on the calendar year 2005 financial statements of the Bank Insurance Fund (BIF), the Savings Association Insurance Fund (SAIF), and the FSLIC Resolution Fund (FRF). We also issued our opinion on the effectiveness of the Federal Deposit Insurance Corporation's (FDIC) internal control over financial reporting (including safeguarding assets) and compliance as of December 31, 2005, and our evaluation of FDIC's compliance with significant provisions of selected laws and regulations for the three funds for the year ended December 31, 2005. The purpose of this report is to discuss issues identified during our audits of the 2005 financial statements regarding internal controls and accounting procedures that could be improved, and to recommend actions to address these weaknesses. Although these issues were not material in relation to the financial statements, we believe they warrant management's attention.
During our audits of the 2005 financial statements, we identified several internal control issues that affected FDIC's accounting for the funds it administers. Although we do not consider them to be material weaknesses or reportable conditions, we believe they warrant management's consideration. Specifically, we found that FDIC made errors in several of its operating expense allocation percentages. These errors would have resulted in misstatements in the BIF, SAIF, and FRF financial statements. FDIC did not detect several internal control deficiencies in its procurement process, two of which resulted in misstatements in the BIF, SAIF, and FRF financial statements, though the misstatements were not considered material. Further, FDIC did not detect allocation errors in its Supplemental Payment System. These errors resulted in misstatements in the BIF, SAIF, and FRF financial statements, though the misstatements were not considered material. Finally, FDIC lacked complete control over checks in its Dallas mailroom. The lack of effective safeguarding control procedures increased the risk of theft, loss, or misappropriation of assets.
Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change
from "In process" to "Implemented" or "Not implemented" based on our follow up work.
Director:
Team:
Phone:
Steven J. Sebastian
Government Accountability Office: Financial Management and Assurance
(202) 512-9521
Recommendations for Executive Action
Recommendation: To minimize the risk of incorrect expense allocation among the funds, FDIC should issue a formal notice to all individuals who review and approve journal entries for the expense allocation percentages reminding them of their responsibility to properly review proposed changes to these percentages.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC has issued a notice to personnel with the general ledger journal approval role reminding them of their responsibility to properly review proposed changes to the allocation percentages.
Recommendation: To improve internal controls over FDIC's procurement process and to minimize the potential for erroneous charges and misallocation of charges to the funds, FDIC should reissue a formal notice to all individuals who review and approve procurement-related transactions again reminding them of their responsibilities to ensure that terms and conditions of the contract are complied with or changed if appropriate and that transactions are properly recorded.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC has reissued a formal notice to all individuals who review and approve procurement-related transactions reminding them of their responsibility for reviewing and approving invoices.
Recommendation: To improve internal controls over FDIC's procurement process and to minimize the potential for erroneous charges and misallocation of charges to the funds, FDIC should require contract oversight managers to send a letter to the appropriate contractors stating that, consistent with the contract terms, their invoices will not be paid until all supporting subcontractor invoices are submitted to FDIC for review.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC developed a standard Invoice Rejection Letter to distribute to contractors in the event a contractor submits invoices without the required supporting documentation.
Recommendation: To address the limitation associated with expense transactions processed within the Supplemental Payment System, FDIC should review all of the general ledger accounts within the new accounting system that are processed through the Supplemental Payment System to ensure that they are properly allocated to the appropriate funds.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC now ensures that the expenses are allocated properly by manually allocating the tax expense for the Supplemental Pay System transaction to the two funds administered by FDIC to ensure funds are being charged for appropriate costs.
Recommendation: To improve its physical security over the Dallas field office mailroom operations, FDIC should instruct its contractor employees to follow FDIC's policy and procedures to specifically use the access card when entering the mailroom entry door.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC has taken action to improve intruction its contractors on FDIC policy with respect to mailroom access. By taking this action, FDIC has strengthened controls to ensure that the mailroom can only be entered by authorized personnel using their access cards.
Recommendation: To improve its physical security over the Dallas field office mailroom operations, FDIC should close both half doors so that access can only be made by authorized personnel using the access card.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC has taken actions to secure both half doors to the Dallas field office mailroom and thus ensure that the mailroom can only be entered by authorized personnel using their access cards.
Recommendation: To improve its physical security over the Dallas field office mailroom operations, FDIC should require personnel to open official FDIC mail under dual control.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC has reemphasized dual control in its mail opening procedures to ensure that at least one employee or contractor oversees another employee or contractor when opening official FDIC mail. To help ensure that staff comply with the dual control procedures, an oversight manager performs observations of Dallas field office mailroom operations via a monitoring camera that can be viewed in the security area.
Recommendation: To improve its physical security over the Dallas field office mailroom operations, FDIC should log check receipts into the Daily Check Log immediately at the time of their extraction rather than at the completion of the mail-opening process.
Agency Affected: Federal Deposit Insurance Corporation
Status: Implemented
Comments: FDIC has instructed the Dallas field office mailroom contractors to log checks into the daily check log immediately at the time of their extraction.
