Summary

This testimony discusses the progress of the federal regulatory agencies in ensuring that the thousands of financial institutions that they oversee are ready for the upcoming century date change. If these institutions do not address the Year 2000 problem in time, key systems that assist them in making loans, investing deposits, transferring funds, issuing credit cards, and handling such routine business functions as accounting and personnel management could malfunction. GAO summarizes the findings of its reports on the Office of Thrift Supervision, the Federal Deposit Insurance Corporation, and the National Credit Union Administration, and focuses largely on their oversight responsibilities. GAO also discusses the challenges that these three regulators, along with the Office of the Comptroller of the Currency and the Federal Reserve System, face as they enter the more complex and difficult stages of their Year 2000 efforts.

GAO noted that: (1) because financial institutions are heavily dependent on information technology, their viability hinges on whether they can successfully remediate systems before the Year 2000 deadline; (2) given this possibility, regulators must take every measure possible to assist banks, thrifts, and credit unions in their Year 2000 efforts as well as to identify and take swift enforcement measures against those in danger of failing; (3) regulators have recognized this responsibility and have begun an intense effort to raise awareness of the problem, develop guidance to facilitate remediation efforts, and determine where individual institutions stand in correcting their systems; (4) in doing so, regulators have initially identified several hundred institutions at high risk of missing the deadline due to their poor performance in conducting awareness and assessment phase activities; (5) despite aggressive efforts, the regulators still face significant challenges in providing a high level of assurance that individual institutions will be ready; (6) they were late in addressing the problem and consequently, are behind in the Year 2000 schedule recommended by both GAO and the Office of Management and Budget; (7) they are also late in developing key guidance on contingency planning and dealing with servicers, vendors, and corporate customers; (8) this guidance is needed by financial institutions to complete their own preparations; (9) in addition, their follow-on assessments to be completed by June 1998 were not in all cases, designed to collect the data required to be defective about the status of individual institutions; (10) furthermore, it is questionable whether all regulators have an adequate level of technical staff to completely evaluate industry readiness; (11) with regard to their own systems, the regulators have generally done much to mitigate the risk to their mission critical systems; and (12) in some areas such as contingency planning, the regulators can do more to provide added assurance that they will be ready for the century date change and any unexpected problems.