I am pleased to provide this semiannual report on the activities and accomplishments of the Office of Inspector General (OIG) from April 1, 2006 to September 30, 2006. The audits, evaluations, investigations, and other activities highlighted in this report illustrate the FDIC OIG’s on-going commitment to promoting efficiency, effectiveness, and integrity and helping the Corporation successfully achieve its honorable mission of maintaining stability and public confidence in the nation’s banking system. Our Fiscal Year 2006 Performance Report is also included as part of this semiannual report to show our progress in meeting annual performance goals.

Over the past 6 months, our office issued 15 audit and evaluation reports. We closed 21 investigations, with over $27 million in total fines, restitution, and potential monetary recoveries. As discussed in more detail in this report, our audit and evaluation work, in particular, reviewed and made recommendations related to: the FDIC reserve ratio and assessment determinations, industrial loan companies, predatory lending, protection of personally identifiable information, consumer rights issues, FDIC contract administration, and corporate emergency response plans. We also issued a comprehensive report on the Corporation’s information security program in accordance with the Federal Information Security Management Act of 2002 and highlighted steps that the Corporation could take to enhance the security of its information resources.

Of special note on the investigations front, among other successful cases, we report that as a result of OIG investigative work in partnership with the U.S. Attorney’s Office for the Southern District of Florida, in July 2006, the former chairman of the board and chief executive officer of Hamilton Bank was sentenced to 30 years of incarceration and 36 months of supervised release. He had earlier been convicted on all 16 charges of making false filings to the Securities and Exchange Commission and to bank examiners, making false statements, wire fraud, bank fraud, securities fraud, obstruction of a bank examination, and conspiracy. Most recently, he, along with two other convicted Hamilton Bank officers, was ordered to pay $32 million in total restitution for bank and securities fraud, $16 million of which is payable to the FDIC.

We intend to continue to address issues of such significance to the Corporation, the Congress, the financial services industry, and the American people. We have just issued our Fiscal Year 2007 Business Plan, outlining a series of audits, evaluations, investigative activities, internal operational improvement projects, and other initiatives that we will undertake in the coming year. Included in that plan is a newly articulated vision statement that I firmly believe in and that will serve to inspire all OIG staff in their daily work: The OIG is a quality-focused FDIC team that promotes excellence and trust in service to the Corporation and the public interest.

I was sworn in as Inspector General of the FDIC on July 5, 2006. I have greatly appreciated the support of FDIC Chairman Sheila Bair and the FDIC Vice Chairman and Chair of the Audit Committee, Martin Gruenberg, during my first months on the job. As my office carries out its independent oversight role, I anticipate continuing a cooperative and productive working relationship with them and others at the FDIC.

In closing, I express my gratitude to Patricia M. Black, Deputy Inspector General, for her leadership as Acting Inspector General prior to my appointment. I also thank the OIG Executive team and staff for their helpful assistance as I began my tenure as Inspector General. I look forward to working with the Congress, the Corporation, and other members of the Inspector General community as we address the challenges ahead.

STRATEGIC GOAL 1

Achieving this goal is largely dependent on investigative success in combating financial institution fraud, and we made excellent progress in this area. As a result of cooperative efforts with Assistant U.S. Attorneys from around the country, numerous individuals were prosecuted for financial institution fraud during the reporting period. The former chairman of the board and chief executive officer of Hamilton Bank was sentenced to 30 years of incarceration and 36 months of supervised release. He had earlier been convicted on all 16 charges of making false filings to the Securities and Exchange Commission and to bank examiners, making false statements, wire fraud, bank fraud, securities fraud, obstruction of a bank examination, and conspiracy. The former Hamilton Bank president and the former chief financial officer also received stiff sentences for their roles in the fraud. In another case, the former president of the First National Bank of Blanchardville, Wisconsin, was sentenced to 108 months’ incarceration to be followed by 5 years of supervised release and was ordered to pay $13.4 million in restitution to the FDIC. We were also successful in obtaining three guilty pleas from businessmen involved in an $8 million real estate land flip scheme and another guilty plea from a mortgage broker for mortgage fraud. Multiple other guilty pleas, indictments, and sentencings of former bank officers, directors, and bank customers contributed to successful OIG results in this goal area.

STRATEGIC GOAL 2

Two major audit assignments focused on helping to maintain the viability of the insurance funds. We issued a report on the FDIC’s reserve ratio and assessments determination process, recommending that the Corporation periodically validate key assumptions, estimates, or other components that factor into the calculation of the reserve ratio. Importantly, in connection with corporate governance practices, we recommended improved communication of information relevant to assessment determinations and other corporate matters and activities to the FDIC Board of Directors. In another report on the industrial loan company insurance application process, we made six recommendations to strengthen that process and subsequent monitoring of conditions imposed on industrial loan companies and business processes.

STRATEGIC GOAL 3

Audits and investigations contributed to the FDIC’s protection of consumers in multiple ways. We issued a report on the challenges faced by the FDIC and the efforts taken to identify, assess, and address risks posed to FDIC institutions and consumers from predatory lending practices. We issued reports and made several recommendations to ensure better protection of sensitive customer information. One report related to the risks of financial institutions’ increased outsourcing of software development and maintenance, data processing, and other information technology services to technology service providers and the FDIC’s related examination coverage. Another audit examined the Division of Resolutions and Receiverships’ protection of bank employee and customer personally identifiable information. From a compliance standpoint, we assessed examiner use of Home Mortgage Disclosure Act data to identify and assess instances of potential discrimination in FDIC-supervised institutions and recommended strengthening examiner guidance. We also identified needed improvements in the FDIC’s process for addressing the violations and deficiencies reported in compliance examinations. To help protect consumers, our Electronic Crimes Unit responded to phishing schemes where the FDIC and OIG Web sites were misused to entice consumers to divulge personal information. We successfully shut down several Web sites used for such purposes during the period.

STRATEGIC GOAL 4

We continued to pursue concealment of assets investigations related to the more than $1.7 billion in criminal restitution that the FDIC is owed. We continued coordination with the Division of Resolutions and Receiverships, the Legal Division, and the Department of Justice on such cases. We also began to strategize approaches for OIG work related to potential large bank failures.

STRATEGIC GOAL 5

We issued a number of audit and evaluation reports resulting in positive benefits to the FDIC. Our Federal Information Security Management Act-related work reported that the FDIC had made significant progress over the last several years but continued attention was needed in such areas as enterprise architecture, configuration management, access controls, and audit and accountability controls. Other reports addressed strengthening the Corporation’s emergency response policy and the maintenance, communication, and content of emergency response plans; and enhancing controls over the disposal of sensitive FDIC information. We also made a series of recommendations to help ensure an efficient, effective, and accountable FDIC contract administration process and better position the Corporation to control costs, meet scheduled timeframes, and ensure contractor performance.

STRATEGIC GOAL 6

We continued to focus on strategically planning OIG work, resulting in formulating our Fiscal Year 2007 Business Plan, which combines our strategic plan and performance plan and includes our Audit and Evaluation Plan, infrastructure improvement projects, and other initiatives. These plans unify, guide, and integrate OIG activities in pursuit of our six strategic goals. We promoted effective stakeholder relationships and information-sharing by way of OIG Executive meetings with FDIC Executives; presentations at FDIC Audit Committee meetings; Congressional interaction; and coordination with financial regulatory OIGs, other members of the Inspector General community, and the Government Accountability Office. We reviewed and/or commented on six proposed corporate policies (e.g., protection of privacy information, the FDIC’s software configuration management program, and enterprise risk management) and two draft legislative documents and regulations. We focused on continuously enhancing the OIG’s business and management processes by strengthening the OIG’s human capital practices, taking steps to better ensure the quality of OIG activities and products, and investing in cost-effective and secure information technology to improve performance and productivity.

Bank supervision is at the core of the FDIC’s efforts to ensure stability and public confidence in the nation’s financial system. The FDIC is the primary federal regulator for 5,241 FDIC-insured, state-chartered institutions that are not members of the Federal Reserve System (generally referred to as “state non-member” institutions). The Department of the Treasury (the Office of the Comptroller of the Currency and the Office of Thrift Supervision) or the Federal Reserve Board supervise other banks or thrifts, depending on the institution’s charter.

Key to effective supervision is a strong examination program. The FDIC performs safety and soundness, information technology (IT), trust, and other types of specialty examinations of FDIC-supervised insured depository institutions. The majority of the states participate with the FDIC in an examination program under which certain examinations are performed on an alternating basis by the state regulators and the FDIC. The Corporation also has back-up examination authority for national banks, state-chartered banks that are members of the Federal Reserve System, and savings associations, all in the interest of protecting the deposit insurance fund. The examinations are conducted to assess an institution’s overall financial condition, management practices and policies, and compliance with applicable laws and regulations.

The banking industry has been marked by consolidation, the impact of globalization, and the development of increasingly complex investment strategies available to banks. This has led bank regulators, both domestically and internationally, to devise new standards for bank capital requirements commonly referred to as Basel IA and Basel II. The FDIC has been engaged with other bank regulators in developing new standards and assessing the potential impact on bank safety and soundness.

In addition, the FDIC is faced with developing and implementing programs to minimize the extent to which the institutions it supervises are involved in or victims of financial crimes and other abuse. Bank governance practices are important safeguards against fraud and other abuses, and the FDIC has issued guidance to banks about governance expectations, including adherence to requirements in the Sarbanes-Oxley Act for publicly traded financial institutions. In its role as supervisor, the FDIC also analyzes data security threats, occurrences of bank security breaches, and incidents of electronic crime that involve financial institutions. As part of safety and soundness examinations, the FDIC also ensures that the institutions comply with regulatory reporting requirements of the Bank Secrecy Act.

As more and more laws are passed, and new regulations are adopted to implement those laws, policy makers and regulators have worked to ensure that the intended benefits justify the considerable costs. Pursuant to the Economic Growth and Regulatory Reduction Act of 1996, the FDIC and other bank regulators have been reviewing regulations in order to identify outdated or otherwise unnecessary regulatory requirements imposed on insured depository institutions. Of note as we were going to press with this semiannual report, the President had signed S.2856, the Financial Services Regulatory Relief Act. Among other provisions, this act includes an increase from $250 million to $500 million on the asset size for eligibility for an 18-month examination cycle; permission for banks, thrifts, and credit unions to use new lending and investment authority; and other changes allowing financial institutions to improve the efficiency of their operations.

The OIG’s role under this strategic goal is conducting audits and evaluations that review the effectiveness of various FDIC programs aimed at providing continued stability to the nation’s banks. The OIG also conducts investigations of fraud at FDIC-supervised institutions; fraud by bank officers, directors, or other insiders; obstruction of bank examinations; fraud leading to the failure of an institution; fraud impacting multiple institutions; and fraud involving monetary losses that could significantly impact the institution.

To assist the FDIC to ensure the nation’s banks operate safely and soundly, the OIG’s 2006 performance goals were as follows:

	Evaluate the effectiveness of the FDIC’s supervision program, and
	Evaluate and assist FDIC efforts to detect and prevent bank secrecy violations, fraud, and financial crimes in FDIC-insured institutions.

OIG Work in Support of Goal 1

The OIG’s Office of Investigations is a driving force in combating fraud that occurs at or impacts financial institutions. The perpetrators of such crimes can be those very individuals entrusted with governance responsibilities at the institutions–directors and bank officers. In other cases, individuals providing professional services to the banks, others working inside the bank, and customers themselves are principals in fraudulent schemes. The intentional denial of accurate information to bank examiners undermines the integrity of the examination process. The OIG defends the vitality of the examination process by investigating allegations of criminal obstruction of bank examinations, often associated with fraudulent activities, and by working with U.S. Attorneys’ Offices to bring these cases to justice.

The following cases from the reporting period are illustrative of the OIG’s success in pursuing Strategic Goal 1 during the reporting period.

Sentencing of Former Hamilton Bank Officers for $20 Million Bank Fraud

On July 26, 2006, the former chairman of the board and chief executive officer, Hamilton Bank (Hamilton), and Hamilton Bancorp, Hamilton’s bank holding company, Miami, Florida, was sentenced in the U.S. District Court for the Southern District of Florida to 30 years’ incarceration and 36 months of supervised release. The defendant was immediately remanded to the custody of the Attorney General.

After a month-long trial, the former chairman of the board was convicted on all 16 charges of making false filings to the Securities and Exchange Commission (SEC) and to bank examiners, making false statements, wire fraud, bank fraud, securities fraud, obstruction of a bank examination, and conspiracy.

On July 27, 2006, sentencing hearings were held for the former Hamilton president, and the former Hamilton chief financial officer, both of whom pleaded guilty before trial and cooperated with the government during the investigation.

The former president was sentenced to 28 months’ incarceration, 24 months of supervised release, and was fined $10,000. He previously pleaded guilty to two counts of securities fraud. The former chief financial officer was sentenced to 28 months’ incarceration to be followed by 24 months of supervised release as a result of his earlier guilty plea to one count of securities fraud and one count of obstruction of a formal agency proceeding. Both men were ordered to surrender to the United States Marshal’s Service on October 27, 2006.

The defendants participated in a fraudulent scheme whereby they falsely inflated the results of operations, earnings, and financial condition of Hamilton Bancorp in the Securities and Exchange Commission filings; obstructed the Office of the Comptroller of the Currency’s (OCC) examination of Hamilton Bank; and lied to the investing public, the bank and securities regulators, and their accountants regarding the true financial health of Hamilton Bancorp and Hamilton Bank. In 1998 and 1999, the three defendants engaged in swap transactions (or “adjusted price trades”) to hide Hamilton Bank’s losses on certain loans, including more than $22 million in losses in 1998, and falsely accounted for the transactions to make it appear that no losses had been incurred. While the defendants falsely reported the nature of the swap transactions to the investing public and the regulators, the indictment cited recorded conversations in which the defendants openly discussed the transactions as swaps. During 1998, Hamilton Bancorp had a market capitalization of more than $300 million.

Hamilton Bank was South Florida’s highest profile trade finance bank before it ran into trouble with its regulator, the OCC, over the questionable loan swaps that allowed the bank to hide $22 million in losses in 1998. The OCC closed the bank in January 2002 and the FDIC took on liquidation responsibilities as receiver.

Investigation conducted by the FDIC OIG; prosecuted by the U.S. Attorney’s Office for the Southern District of Florida.

Former President of the First National Bank of Blanchardville Sentenced to 9 Years’ Incarceration and Ordered to Pay $13 Million in Restitution to the FDIC

On July 21, 2006, the former president of the First National Bank of Blanchardville (FNBB), Blanchardville, Wisconsin, was sentenced in U.S. District Court for the Western District of Wisconsin. The defendant was sentenced to 108 months’ incarceration, to be followed by 5 years of supervised release. In addition, the defendant was ordered to pay $13.4 million in restitution to the FDIC. The defendant earlier pleaded guilty to one count of bank fraud. On May 9, 2003, FNBB was declared insolvent by the OCC and the FDIC was appointed receiver for the failed institution.

As part of his earlier plea statement to the court, the defendant admitted that he devised a scheme to defraud FNBB of his honest services that caused the bank to fail. Specifically, the scheme to defraud involved:

	providing false information to the board of directors;
	substantially exceeding the bank’s lending limits;
	issuing unauthorized loans;
	filing false reports with regulators and causing bank records to be altered to mislead federal auditors;
	soliciting $17 million worth of worthless checks that were deposited into a customer’s account to reduce the overdraft status on the account and reduce delinquent loan accounts;
	falsifying minutes of the board of directors meetings;
	placing false loan notes in loan files; and
	failing to follow banking regulations regarding the classifications of loans.

Joint investigation by the FDIC OIG, the Federal Bureau of Investigation (FBI), and the Internal Revenue Service Criminal Investigation Division, based on a referral from the Division of Resolutions and Receiverships; prosecuted by the U.S. Attorney’s Office for the Western District of Wisconsin.

Former President of Canton State Bank and His Wife Indicted on 26 Counts of Bank Fraud

On June 8, 2006, in the Eastern District of Missouri, the former president of Canton State Bank and his wife were indicted by a federal grand jury on 26 felony counts of conspiracy to make false statements to FDIC-insured institutions and the U.S. Department of Agriculture Farm Service Agency (FSA), false statements, money laundering, and bank fraud.

The indictment charged that between October 2001 and August 2004, the defendants understated their liabilities on loan applications with Canton State Bank, The Paris National Bank, Perry State Bank, Bank of Monticello, and the FSA. In addition, the defendants represented to Perry State Bank and the FSA that the livestock and farm equipment that they pledged as collateral security for loans was free and clear of all other liens and encumbrances, when they had previously pledged the same collateral for other loans.

The indictment also charged that between August 2002 and May 2003, the former president allegedly made numerous loans to a bank customer, who then wrote checks to return a substantial portion of the loan proceeds to the former president. The indictment further alleged that, in some cases, the payee on those checks was listed as the bank president’s wife’s minor child in order to conceal the payments to him.

Former COO of Universal Federal Savings Bank Sentenced

On September 19, 2006, in the U.S. District Court for the Northern District of Illinois, Universal Federal Savings Bank’s (Universal) former chief operations officer (COO) was sentenced to 38 months of incarceration, to be followed by 3 years of supervised release and 600 hours of community service. She was also ordered to pay restitution in the amount of $1,313,082 to the FDIC. A Universal customer earlier pleaded guilty to one count of wire fraud affecting a financial institution and the former COO’s brother was sentenced to 2 years of supervised release and 200 hours of community service. All of Universal’s losses occurred prior to his activity; consequently, no restitution was ordered. The former COO’s sentence, the bank customer’s guilty plea, and the COO’s brother’s sentence were the result of an indictment filed in January 2005 concerning the activities surrounding the failure of Universal on June 27, 2002.

As previously reported, the indictment alleged that a Universal customer conspired with Universal’s COO to misapply the financial institution’s funds and to make a false entry in a book, report, or statement of or to Universal.

The bank customer wrote insufficient funds checks and deposited those checks in Universal’s correspondent account at American National Bank (ANB). After receiving immediate credit and availability of those funds, he withdrew some or all of the funds, and then covered the previous insufficient funds checks plus the withdrawn funds by depositing even larger amounts of insufficient funds checks. This cycle continued almost daily for more than 6 months. During the conspiracy, the bank customer made approximately 138 deposits at ANB that included insufficient funds checks totaling more than $200 million.

Universal’s chairman of the board of directors requested a review of the bank customer’s account activity and directed the former COO to provide copies of the fronts and backs of checks. In order to conceal the check-kiting scheme, the former COO and the bank customer agreed that the bank customer would alter the checks. The bank customer and the former COO’s brother, a certified public accountant and authorized signer on the account with the customer, falsified the backs of the account checks to conceal that they were deposited into Universal’s correspondent account at ANB. On or about June 20, 2002, the former COO knowingly provided the falsified check copies to the chairman in furtherance of the conspiracy. About 1 week later, the check-kiting scheme was discovered and stopped. The scheme and conspiracy caused a loss in excess of $10 million, and Universal was forced to cease operations.

Joint investigation by the FDIC OIG and the FBI; prosecuted by the U.S. Attorney’s Office, Northern District of Illinois.

Former Bank Director of Central Bank Convicted
of Misapplication of Bank Funds

On May 8, 2006, the former executive vice president and chief lending officer of Central Bank, Houston, Texas, pleaded guilty in the U.S. District Court for the Southern District of Texas, to 11 counts of misapplication of bank funds by a bank officer. The defendant’s guilty plea is the result of an information filed on April 14, 2006.

The defendant admitted that between May 2001 and September 2003, while employed as an officer and director of Central Bank, an FDIC-insured institution, he misapplied and converted to his own use proceeds of loans from Central Bank to various borrowers. The evidence proved, and the defendant conceded, that he had created an assumed business name for himself, CBMB & Associates. He placed false invoices for “fees” in Central Bank’s loan files, authorized the disbursement of loan proceeds to CBMB & Associates, and negotiated and deposited into bank accounts on which he was the sole signatory the checks representing these “fees,” thereby misapplying and converting the bank’s funds to his personal benefit. Each of the 11 counts of the criminal information accused the defendant of embezzling loan proceeds in sums ranging from as little as $3,390 to as much as $72,000.

As part of the defendant’s plea agreement, he entered into and executed stipulation to an action under 8(e) of the Federal Deposit Insurance Act, which provides for a lifetime ban from banking.

Joint investigation by the FDIC OIG and the FBI, based on a referral from the FDIC Legal Division; prosecuted by the U.S. Attorney’s Office for the Southern District of Texas.

Bank Vice President Sentenced to 41 Months’ Incarceration

On July 18, 2006, the former vice president of First Century Bank was sentenced in the Eastern District of Tennessee to 41 months’ incarceration, followed by 60 months of supervised release. She was also ordered to pay $600,000 in restitution to First Century Bank. The defendant earlier pleaded guilty to a one-count information charging her with bank fraud.

The defendant originated over 100 fraudulent loans during her tenure with First Century Bank, resulting in bank losses in excess of $600,000. She began falsifying loan records to enable customers to obtain loans. As these loans became delinquent, the defendant made unauthorized withdrawals from inactive customer accounts and originated new loans in the name of customers without their knowledge. The proceeds of these unauthorized withdrawals and fraudulent loans were then used to cover loan payments and to pay off existing fraudulent loans.

Joint investigation by the FDIC OIG and FBI, based on a referral from DSC; prosecuted by the U.S. Attorney’s Office for the Eastern District of Tennessee.

Bank Customer Pleads Guilty to $18 Million Bank Fraud

On July 12, 2006, in the U.S. District Court for the Northern District of Illinois, a bank customer pleaded guilty to a criminal information charging him with one count of bank fraud. The defendant admitted to devising a scheme to divert $18 million of loan proceeds from creditors.

According to the information, the defendant defrauded two financial institutions of loan payments owed by third-party borrowers. The defendant submitted falsified loan payment documents and financial reports to Lincoln State Bank, an FDIC-supervised institution, and Ottawa Savings Bank, an Office of Thrift Supervision-supervised institution. Both financial institutions were FDIC insured.

These diverted funds represented proceeds and payments against participation loan agreements between third-party borrowers and 15 financial institutions. Commercial Loan Corporation, Inc., Oak Brook, Illinois, a company controlled by the defendant, brokered commercial loans between the affected borrowers and lenders. As part of this service, Commercial Loan Corporation, Inc., provided collection and payment services for the borrowers. The defendant’s scheme involved collecting and diverting loan payments owed to creditors, and overselling the loan participation agreements to other financial institutions to obtain funds in excess of the borrowers’ approved loans. These loan payments and excess funds were then diverted, for the defendant’s personal benefit, into a manufacturing plant as capitalization loans. The defendant’s diverted funds were lost when the plant closed and these “loans” went into default.

Joint investigation by the FDIC OIG and the FBI, based on a referral from DSC; prosecuted by the U.S. Attorney’s Office for the Northern District of Illinois, Eastern Division.

Real Estate Frauds

The increased reliance by both financial institution and non-financial institution lenders on third-party brokers has created opportunities for fraud. Some of the emerging mortgage fraud schemes include “property flipping.” Property flipping is best described as purchasing properties and artificially inflating their value through false appraisals. The artificially valued properties are then repurchased several times for a higher price by associates of the “flipper.”

THREE MEN PLEAD GUILTY IN $8 MILLION REAL ESTATE “LAND FLIP” SCHEME

During April 2006, three businessmen pleaded guilty in the U.S. District Court for the Central District of Illinois to all charges in an August 5, 2005, 11-count superseding indictment that charged them with bank fraud, mail fraud, money laundering, and wire fraud.

The defendants admitted to engaging in a real estate “land flipping” scheme from 1999-2005 to defraud real estate lenders, including Central Illinois Bank, Champaign, Illinois, an FDIC-insured institution, buyers, and sellers. The scheme involved more than 150 fraudulent real estate sales and financing transactions totaling more than $8 million in fraud against financial institutions.

The superseding indictment alleged that the defendants used fraudulent appraisals to buy, sell, and finance properties at prices fraudulently inflated. Two of the defendants represented themselves as property managers who were in the business of buying, selling, and managing real estate, though neither were licensed real estate brokers or salespersons. The third defendant was a licensed real estate appraiser who allegedly performed numerous appraisals for the two defendants in which he falsely inflated the value of the real estate.

To carry out the scheme, two of the defendants recruited buyers, typically of modest means with little or no experience in rental real estate investment. To entice the buyers, the two defendants allegedly made one or more false representations to them regarding prospective properties.

The two businessmen allegedly made more than $3 million for their personal use and to promote the scheme, while the real estate appraiser received fees of $350 to $450 per appraisal.

Joint investigation by the FDIC OIG, the U.S. Postal Inspection Service and the FBI; prosecuted by the U.S. Attorney’s Office for the Central District of Illinois.

MORTGAGE BROKER PLEADS GUILTY TO A MORTGAGE FRAUD SCHEME

On September 25, 2006, a mortgage broker from Dallas, Texas, pleaded guilty in the U.S. District Court for the Northern District of Texas to an indictment charging him with one count of wire fraud and aiding and abetting. The defendant is scheduled to be sentenced on January 2, 2007.

As previously reported, the defendant and two other business associates were charged in a 14-count indictment in March 2006. The grand jury charged one of the defendants with one count of bank fraud, seven counts of wire fraud, and six counts of engaging in monetary transactions derived from specified unlawful activity. A second defendant was charged with one count of bank fraud and six counts of wire fraud. The third was charged with one count of wire fraud. Each of the counts in the indictment also included the associated charge of aiding and abetting. Following the indictment, arrest warrants were issued, and agents from the FDIC OIG and the FBI arrested two of the defendants on March 9, 2006. The third defendant self-surrendered on March 10, 2006.

The indictment alleged that the three associates devised a scheme to fraudulently obtain 21 mortgage loans totaling $3,220,550. The defendants used schemes commonly referred to in the mortgage industry as property flips, markups and kickbacks, and HUD swaps to facilitate the mortgage fraud. One of the mortgage companies impacted by this fraud scheme was Fremont Investment & Loan, an FDIC-supervised institution in Brea, California.

In each instance, one of the defendants convinced inexperienced real estate investors to stand in as straw borrowers and purchase the properties for fraudulently inflated sales prices. A second defendant, a loan officer, and the third, a mortgage broker, knowingly submitted false documentation to the lenders to enable the straw borrowers to qualify for the mortgage loans. Each of the straw borrowers received a financial inducement for participating in the fraud scheme. Fraudulent real estate appraisals were also submitted to the lenders to support the inflated sales prices of the properties.

Joint investigation by the FDIC OIG and the FBI; prosecuted by the U.S. Attorney’s Office for the Northern District of Texas.

Other Successful Investigative Outcomes

FORMER STATE BANK OF COKATO EXECUTIVES PLEAD GUILTY

In August 2006, two former bank executives from the State Bank of Cokato pleaded guilty in the U.S. District Court for the District of Minnesota in connection with various loan fraud schemes. The former president and director pleaded guilty to a criminal information charging him with one count of bank fraud and one count of making false entries in a Quarterly Bank Report to the FDIC. The bank’s former executive vice president pleaded guilty to one count of lying to a federal agent in connection with a Small Business Administration loan for a bank customer.

If convicted, the former president and director of the bank faces a maximum potential penalty of 30 years in federal prison and a $1 million fine on each of those two charges. The former executive vice president faces a maximum potential penalty of 5 years in prison and a $250,000 fine.

Joint investigation by the FDIC OIG, the FBI, IRS - Criminal Investigation Division, based on a referral from the Kansas City FDIC Legal Division and DSC Regional Office; prosecuted by the U.S. Attorney’s Office for the District of Minnesota.

FORMER BANK OFFICER SENTENCED FOR BANK FRAUD

On April 27, 2006, the former assistant vice president of Falcon International Bank, Laredo, Texas, was sentenced in the U.S. District Court for the Southern District of Texas, to 14 months of incarceration, to be followed by 60 months of supervised release. She was also ordered to pay $106,768 in restitution; $50,000 of the restitution order is to be paid to the bonding company with the remaining balance to be paid to the bank.

The defendant’s sentence resulted from her earlier guilty plea to a one-count information charging her with embezzlement by a bank officer. The defendant’s scheme resulted in approximately $106,768 in losses to the bank.

Joint investigation by the FDIC OIG and FBI, with assistance from the FDIC Legal Division; prosecuted by the U.S. Attorney’s Office for the Southern District of Texas.

FORMER EXECUTIVE VICE PRESIDENT OF IOWA-NEBRASKA STATE BANK SENTENCED

On August 1, 2006, the former executive vice president of Iowa-Nebraska State Bank, an FDIC-supervised bank, South Sioux City, Nebraska, was sentenced in the U.S. District Court for the Northern District of Iowa, to 5 months of incarceration, to be followed by 5 months of house arrest, and fined $2,500. In March 2006, the defendant was found guilty of making false entries in the bank’s records.

Joint investigation by the FDIC OIG and the FBI; prosecuted by the U.S. Attorney’s Office for the Northern District of Iowa.

FORMER VICE PRESIDENT OF ALLIANCE BANK PLEADS GUILTY TO EMBEZZLEMENT

On August 23, 2006, in the U.S. District Court for the District of Minnesota, the former vice president in Commercial Lending, Alliance Bank, New Ulm, Minnesota, pleaded guilty to one count of theft, embezzlement, and misapplication by a bank officer.

During a routine examination of Alliance Bank in August 2005, bank examiners discovered irregularities involving dozens of cashier’s checks. They found evidence that the former vice president and other officers of Alliance Bank converted fees earned by the bank into cashier’s checks, diverted those funds to their individual bank accounts, and made false entries in the books and records of the bank.

In accordance with her plea agreement, the former vice president agreed to assist the DOJ in its investigation of the other senior Alliance Bank officers, paid $37,900 in restitution to the bank, and stipulated to an action under 8(e) of the Federal Deposit Insurance Act, which provides for a lifetime ban from banking.

Joint investigation by the FDIC OIG and the FBI, based upon a referral from the DSC Kansas City Regional Office; prosecuted by the U.S. Attorney’s Office for the District of Minnesota.

FORMER BRANCH MANAGER OF HUDSON SAVINGS BANK CHARGED WITH EMBEZZLEMENT

On June 8, 2006, in the U.S. District Court for the District of Massachusetts, the former branch manager of Hudson Savings Bank, Hudson, Massachusetts, was charged in an information with two counts of misapplication and embezzlement of funds from Hudson Savings Bank.

According to the information, over a 5-year period, the defendant allegedly tampered with more than 60 customers’ accounts at the bank, performing or authorizing hundreds of credits and debits, and causing a loss to the bank of more than $650,000.

The information alleged that the defendant withdrew funds from existing customers’ deposit accounts and from active or inactive home equity lines of credit. He also created false accounts from which he withdrew funds. The defendant allegedly avoided detection of his actions by repaying credit lines from other customers’ accounts, taking steps to prevent customers from receiving account statements for periods of time, creating false loan statements that were sent to customers, and changing the mailing addresses on loan accounts to addresses controlled by the defendant. According to the information, when customers became aware of unauthorized activity in their accounts, the defendant corrected the account by depositing funds from other customers’ accounts, sent a letter to the customer reporting that there had been an “error” in the account, and made a notation in the bank’s internal data system that the account had been fixed and the customer notified.

Joint investigation by the FDIC OIG, the FBI, and the Hudson Police Department, based on a referral from DSC; prosecuted by the Economic Crimes Unit for the U.S. Attorney’s Office for the District of Massachusetts.

BANK CUSTOMER SENTENCED FOR CONSPIRACY TO COMMIT BANK FRAUD

On April 24, 2006, a bank customer of the Bank of the Panhandle, Guymon, Oklahoma, and Production Credit Association of Woodward, Oklahoma, now Farm Credit Western, was sentenced in the U.S. District Court for the Western District of Oklahoma, to 60 months of incarceration, 104 hours of community service, and ordered to pay $2,608,137 in restitution ($2,361,245 payable to Production Credit Association and $246,891 to the Bank of the Panhandle). The defendant’s sentence was the result of his earlier guilty plea to an information charging him with one count of conspiracy to commit bank fraud.

Joint investigation by the FDIC OIG, U.S. Department of Agriculture OIG, and the FBI; prosecuted by the U.S. Attorney’s Office for the Western District of Oklahoma.

Ongoing Audit Work

An ongoing audit in the supervision area is determining whether the FDIC has established and implemented adequate procedures for addressing IT security risks at FDIC-supervised financial institutions that offer electronic banking products and services.

Another assignment is determining whether examiners assess the reliability of appraisals and sufficiency of insurance coverage as part of the evaluation of an institution’s lending practices and policies.

FDIC deposit insurance remains a central component of the federal government’s assurance to the public that it can be confident in the stability of the Nation’s banks and savings associations. Since its establishment in 1933, the FDIC has insured deposits up to the legally authorized threshold, which presently stands at $100,000 for individual accounts and $250,000 for certain retirement accounts. For almost two decades following bank crises in the late-1980s and early 1990s, the FDIC managed two deposit insurance funds–one for banks and one for savings and loans.

Legislation passed by the Congress on February 1, 2006, merged separate insurance funds for banks and thrifts into a single Deposit Insurance Fund with about $49.6 billion in reserve. This legislation also imposed some reforms on how the FDIC is to manage the fund in the future, including indexing for inflation, permitting the fund reserves to fluctuate inside a percentage range of estimated insured deposits, and administering credits, dividends, and risk-based assessments. The Corporation is working to implement these reforms.

As insurer, the FDIC must evaluate and effectively manage how changes in the economy, the financial markets, and the banking system affect the adequacy and the viability of the deposit insurance fund. Financial instruments and transactions continue to become more complex, and the process of financial intermediation, even in smaller institutions, increasingly sophisticated. Further, the ongoing consolidation of the banking industry means that there are a few very large institutions that represent an increasingly significant share of the FDIC’s exposure. According to the Corporation, as of June 30, 2006, the ten largest FDIC-insured institutions accounted for 42 percent of deposits and 44 percent of the assets of all FDIC-insured institutions.

The OIG has a responsibility to evaluate the FDIC’s programs and operations to ensure that the agency has adequate information to gauge the risks inherent as financial institutions consolidate, enter into new business areas, and become more global.

To help the FDIC maintain the viability of the insurance fund, the OIG’s 2006 performance goals were as follows:

	Evaluate corporate programs to identify and manage risks in the banking industry that can cause losses to the fund, and
	Assess the management of the deposit insurance fund.

OIG Work in Support of Goal 2

The OIG’s Office of Audits issued two reports in the insurance area during the reporting period, as discussed below:

Reserve Ratio and Assessment Determinations

We conducted an audit of the FDIC’s reserve ratio and assessment determinations processes to determine whether: (1) the Division of Insurance and Research accurately determines the funds’(the Bank Insurance Fund and the Savings Association Insurance Fund–now the DIF) reserve ratios and (2) the Division of Finance has adequate controls in place to ensure that the FDIC accurately calculates, collects, and processes assessments of financial institutions. We concluded that the FDIC could improve internal controls over the reserve ratio and assessment determination processes. Although the FDIC accurately calculated fund reserve ratios and assessments due from financial institutions, a key underlying assumption supporting the reserve ratio calculations became outdated and was not representative of actual transactions. We also concluded that FDIC could improve communication of information relevant to assessment determinations and other corporate matters and activities to the FDIC Board of Directors.

We recommended that the FDIC periodically validate key assumptions, estimates, or other components that factor into the calculation of the reserve ratio; review and clarify Board delegations of authority related to the assessments determination process; and evaluate procedures and practices for keeping Board members fully informed of Corporation matters and activities.

FDIC management concurred with our findings and recommendations and is taking responsive action. The FDIC planned to submit to the Board proposed revisions to policies, procedures, and delegations of authority by September 30, 2006.

FDIC’s Industrial Loan Company Deposit Insurance Application Process

Industrial Loan Companies (ILC) are FDIC-supervised, limited-charter depository institutions. ILCs may be owned by commercial firms, and these parent companies may not be subject to consolidated supervision by a federal regulator. As of March 2006, there were 61 ILCs with total assets of $155 billion.

The FDIC solely grants deposit insurance and evaluates whether an ILC application for deposit insurance meets statutory factors. After approving the application, the FDIC issues an Order for insurance that includes standard conditions and, if warranted, nonstandard conditions.

The FDIC uses conditions to impose restrictions and establish operating parameters and controls on ILCs, including business plan limitations. The FDIC may also impose certain types of nonstandard conditions on ILCs, known as prudential conditions, which are related to separating and insulating an ILC from its parent company.

We conducted a review during the reporting period to evaluate the FDIC’s process for (1) reviewing, investigating, and approving ILC applications for deposit insurance and (2) monitoring business operations to ensure adherence to conditions imposed on ILCs. We placed particular emphasis on the FDIC’s monitoring of conditions associated with ILC business plans.

We made six recommendations to strengthen the ILC deposit insurance application process and subsequent monitoring of ILC conditions and business operations. The recommendations address our observations associated with:

	documenting pre-filing meetings;
	imposing conditions associated with deposit insurance applications;
	obtaining the applicant’s agreement in writing to nonstandard conditions, and confirming the applicant’s compliance with conditions;
	clarifying corporate guidance for investigating the possible impact of an applicant’s proposed line of business on existing financial institutions and the Deposit Insurance Fund; and
	addressing the status of conditions in visitation reports and reports of examination.

The FDIC concurred with each of our recommendations and agreed to take action to address four of the recommendations by December 31, 2006 and the two remaining recommendations by June 30, 2007.

Planned Work

Planned work in this goal area in fiscal year 2007 will include an audit of the FDIC’s Dedicated Examiner Program, a program that the FDIC uses in the six largest banks, in cooperation with other primary federal regulators and bank personnel to obtain real-time access to information about risks and trends in those institutions. We also plan to review the FDIC’s overall approach to identifying and managing risks to the Deposit Insurance Fund.

The U.S. Congress has long advocated particular protections for consumers in relationships with banks. Federal fair lending and consumer protection laws, such as the Fair Housing Act, the Equal Credit Opportunity Act, Gramm-Leach-Bliley Act, the Fair and Accurate Credit Transaction Act of 2003, the Truth in Lending Act as amended by the Home Ownership and Equity Protection Act, and the Real Estate Settlement Procedures Act provide substantive protection to borrowers. These laws provide disclosure requirements, define high-cost loans, and contain anti-discrimination provisions.

To help monitor the home lending market, the Federal Reserve and other bank regulators, such as the FDIC, collect and monitor loan pricing data in accordance with the Home Mortgage Disclosure Act. Obtaining the data enables bank regulators, including the FDIC to conduct efficient fair lending reviews and to make sure banks are providing equal access and pricing for loans regardless of a borrower’s racial or ethnic background or gender. The Congress has also enacted the Community Reinvestment Act (CRA) of 1977 to encourage federally insured banks and thrifts to help meet the credit needs of their entire community, including low- and moderate-income neighborhoods, consistent with safe and sound operations. The CRA requires federal bank regulators to assess each insured institution’s record of meeting these needs. Amendments to CRA regulations became effective in September 2005.

The FDIC oversees statutory and regulatory requirements aimed at protecting consumers from unfair and unscrupulous banking practices. Data security and financial privacy are important values to consumers. Financial institutions are obligated under various laws and regulations to protect consumer privacy and sensitive consumer information. The FDIC carries out its role by (1) providing consumers with access to information about their rights and disclosures that are required by federal laws and regulations and (2) examining the banks where the FDIC is the primary federal regulator to determine their compliance with laws and regulations governing consumer protection, fair lending, and community investment. A principal effort at consumer education has been the FDIC’s Money Smart program that aims to provide basic financial education skills to current and potential bank customers, often through alliances with government, charitable, and community development organizations.

The FDIC’s bank examiners conduct examinations in FDIC-supervised banks on a scheduled basis to determine the institutions’ compliance with laws and regulations governing consumer protection, fair lending, and community investment. When problem institutions are identified, primarily through the examination process, the FDIC seeks to bring about corrective actions and possesses broad enforcement powers to correct situations that threaten an institution’s compliance with applicable laws.

The OIG’s role under this strategic goal is to review the effectiveness of various FDIC programs aimed at protecting consumers, fair lending, and community investment. Additionally, the OIG’s investigative authorities are used to identify, target, disrupt, and dismantle criminal organizations and individual operations engaged in fraud schemes that target financial institutions or that prey on the banking public.

To assist the FDIC to protect consumer rights and ensure community reinvestment, the OIG’s 2006 performance goals were as follows:

	Evaluate the effectiveness of FDIC programs for protecting consumer privacy,
	Review FDIC’s fair lending and community reinvestment examination programs, and
	Strengthen enforcement against misrepresentations of deposit insurance coverage.

OIG Work in Support of Goal 3

A number of audits completed during the reporting period addressed important consumer protection matters: privacy, predatory lending, examiner use of Home Mortgage Disclosure Act data, and supervisory actions taken for compliance violations in FDIC-supervised institutions. Investigative work related to protection of personal information and misrepresentation of deposit insurance complemented audit efforts in this strategic goal area, as described below.

FDIC’s Oversight of TSPs

An increasing number of financial institutions are outsourcing software development and maintenance, data processing, and other IT services to technology service providers (TSPs). Under the Bank Service Company Act, the FDIC and other federal financial regulators have statutory authority to regulate and examine the services a TSP performs for FDIC-insured financial institutions.

According to the Federal Financial Institutions Examination Council (FFIEC), TSP relationships should be subject to the same risk management, security, privacy, and other internal controls and policies that would be expected if the financial institution were conducting the activities directly.

Given the potential risks associated with use of TSPs, we are conducting a series of audits to assess the FDIC’s examination coverage of TSPs and related efforts to protect sensitive customer information. During the reporting period, as a first step, we assessed the FDIC’s oversight process for identifying and monitoring TSPs used by FDIC-supervised institutions and for prioritizing examination coverage of TSPs. We also reviewed the extent to which TSP information was being captured in the FDIC’s Virtual Supervisory Information On the Net system (ViSION).

The FDIC actively supported the FFIEC through examinations of numerous high-priority TSPs and has acted to strengthen its IT Risk Management Program and corresponding coverage of TSPs. However, the FDIC’s oversight process for identifying, monitoring, and prioritizing TSPs for examination coverage needed improvement. Further, our evaluation of TSP data in ViSION indicated that adequate controls had not been implemented to obtain and maintain TSP data. Additionally, we determined that the FDIC could improve its participation in the TSP risk-based supervisory process used by the federal banking agencies.

To address these concerns, we made six recommendations to help the FDIC: (1) better identify and monitor TSPs with access to sensitive customer information and (2) improve the process the FDIC uses (in conjunction with the other FFIEC agencies) for assessing the risks posed by, and prioritizing for examination, those TSPs with access to sensitive customer information.

FDIC management generally agreed with our recommendations. The FDIC will take steps to improve its TSP inventory and sharing of TSP information with the other federal banking agencies, enhance controls over Bank Service Company Act notifications, increase data reliability, and work with the FFIEC IT Subcommittee regarding including in the new risk-based examination priority ranking program those TSPs processing sensitive customer information.

DRR’s Protection of Bank Employee and Customer
Personally Identifiable Information

The FDIC’s Division of Resolutions and Receiverships (DRR) has primary responsibility for resolving failed FDIC-insured depository institutions promptly, efficiently, and responsively in order to maintain public confidence in the nation’s financial system. In performing their duties, DRR personnel have access to a wide variety of records containing personally identifiable information of a bank’s employees and customers.

During the reporting period we conducted an audit to determine whether DRR adequately protects personally identifiable information collected and maintained as a result of resolution and receivership functions. We focused our attention on DRR efforts to protect information maintained in hardcopy form.

We determined that overall, through various policies and procedures, DRR has established certain controls over the resolution and receivership process addressing the protection of sensitive bank employee and customer personally identifiable information. During our review of documentation supporting the four most recent institution closings, we found that DRR had implemented the controls as designed.

However, we identified opportunities for DRR to strengthen its controls. In particular, DRR had not established a Records Management Program that defined recordkeeping requirements for the inventory, maintenance, control, and use of hardcopy documents. As a result, personally identifiable information could be at increased risk of compromise or unauthorized use.

We recommended that DRR work with the Division of Administration (DOA), and other cognizant FDIC divisions and offices, in developing a DRR Records Management Program that would include guidelines for the inventory, maintenance, use, and control of hardcopy records containing personally identifiable information from failed institutions. DRR management concurred with the recommendation and is forming a working group, which, in consultation with DOA and others, will develop records management guidance specific to their needs.

Challenges and FDIC Efforts Related to Predatory Lending

Predatory lending typically involves imposing unfair and abusive loan terms on borrowers, and statistics show that borrowers lose more than $25 billion annually due to predatory practices. Predatory lending can be detrimental to consumers and increases the financial and reputation risk for financial institutions. Characteristics potentially associated with predatory lending include, but are not limited to, (1) abusive collection practices, (2) balloon payments with unrealistic repayment terms, (3) equity stripping associated with repeat refinancing and excessive fees, and (4) excessive interest rates that may involve steering a borrower to a higher-cost loan.

We conducted an audit to determine the challenges faced and the efforts taken by the FDIC to identify, assess, and address the risks posed to FDIC-supervised financial institutions and consumers from predatory lending practices. We also gained an understanding of the efforts taken by the other federal banking regulators to address predatory lending.

The FDIC faces significant challenges associated with identifying, assessing, and addressing the risks posed to FDIC-supervised institutions and consumers by predatory lending. For example, (1) each loan transaction must be viewed in its totality to determine whether it may be predatory; (2) FDIC-supervised institutions can have direct or indirect involvement in predatory lending; and (3) nontraditional mortgages and other loan products are now available that contain terms that may be viewed as appropriate for some borrowers, but predatory for others. Further, the FDIC must ensure that its efforts to combat predatory lending do not limit consumer access to legitimate sources of credit.

FDIC guidance issued to examiners, FDIC-supervised financial institutions, and consumers addresses predatory lending. However, the guidance does not formally articulate a supervisory approach to address predatory lending and was not issued for the explicit purpose of identifying, assessing, and addressing the risks that such lending practices pose to institutions and consumers. Further, certain characteristics potentially indicative of predatory lending were not covered. The lack of an articulated supervisory approach and gaps in coverage could result in increased risk that predatory lending practices occur, are not detected, and harm institutions and consumers.

We recommended that the FDIC describe in policy its overall approach to addressing predatory lending and review existing examiner, financial institution, and consumer guidance and determine whether additional guidance is needed to address the risks associated with predatory lending. We also noted for the FDIC’s consideration other federal banking regulatory agencies’ actions to identify, assess, and address predatory lending. FDIC management agreed with the recommendations and is taking responsive action.

Examiner Use of HMDA Data

The Home Mortgage Disclosure Act (HMDA) was enacted in 1975, and the Federal Reserve Board has statutory responsibility to promulgate HMDA regulations. HMDA requires mortgage lenders to annually disclose data to the public on mortgage loan applications, originations, and purchases of home mortgage, home improvement, and refinancing loans.

The FDIC is required to assess HMDA compliance by FDIC-supervised institutions. Starting in 2004, institutions were required to include loan interest rate pricing information in HMDA data. The pricing information helps FDIC examiners in scoping fair lending examinations and detecting loan pricing disparities that may warrant further investigation.

We conducted an audit to determine whether the FDIC makes appropriate use of available HMDA data to identify and assess instances of potential discrimination when examining an institution’s compliance with relevant laws and regulations.

We found that overall, the FDIC makes appropriate use of available HMDA data during compliance examinations to identify and assess instances of potential discrimination in FDIC-supervised institutions. Specifically, we found that for the 14 institutions we reviewed, the FDIC used HMDA data to identify areas for review during examinations.

In addition, the FDIC has taken a positive step in instituting a project that requires increased attention for institutions with higher-priced loans. The FDIC identified a number of such institutions and when potential discriminatory practices were identified, the Corporation followed up on concerns.

However, we noted that FDIC guidance could be improved and made recommendations in that regard. We recommended that DSC (1) clarify examiner guidance related to reporting HMDA examination findings and handling institutions’ review and resubmission of corrected HMDA data, (2) provide additional examiner guidance on how to document third-party residential mortgage lending relationships for HMDA reporting purposes, and (3) emphasize examiner completion of the required checklist for HMDA reviews to document work performed. The FDIC agreed or generally agreed with the recommendations and is taking responsive actions.

Supervisory Actions Taken for Compliance Violations

The FDIC’s compliance examination process is key to ascertaining the effectiveness of an institution’s program for complying with consumer protection laws and regulations. The compliance examination and follow-up supervisory attention to violations and other deficiencies help to ensure that consumers and businesses obtain the benefits and protection afforded them by law.

We performed an audit to determine whether the FDIC’s DSC adequately addresses the violations and deficiencies reported in compliance examinations to ensure that FDIC-supervised institutions take appropriate corrective action.

DSC identified and reported 9,534 significant compliance violations during 2005. Of the 1,945 financial institutions examined in 2005, 1,607 (83 percent) had been cited with compliance violations deemed significant by the FDIC. Also, 837 (43 percent) of the 1,945 financial institutions examined had repeat, significant violations, and 708 (85 percent) of these institutions were rated “1” or “2.”

According to DSC officials, of the institutions examined in 2005, 96 percent were rated “1” or “2,” indicating a strong or generally strong compliance position, while 4 percent were rated “3,” “4” or “5,” indicating various levels of concern. DSC officials stated that the FDIC’s supervisory approach is to increase the level of attention as an institution’s compliance position worsens, and during 2005, DSC downgraded 297 institutions’ compliance ratings, issued 72 informal and 36 formal enforcement actions for compliance, and made 43 compliance referrals to the Department of Justice or other authorities.

However, we reported that DSC had not adequately ensured that the financial institutions in our sample had taken appropriate corrective actions for repeat, significant violations that had been cited during examinations. In many cases, consistent with the flexibility allowed by DSC guidance for “1” or “2” rated institutions, DSC waited until the next examination to follow up on repeat, significant compliance violations that had been identified in multiple examinations before taking supervisory action.

As a result of repeat, significant violations, consumers and businesses of the affected institutions may not obtain the benefits and protection afforded them by consumer protection laws and regulations. We also identified certain other matters for DSC’s attention relating to (1) performance goals associated with supervisory actions taken for compliance violations and (2) consideration of an institution’s training program in compliance ratings.

The report makes three recommendations for DSC to strengthen its monitoring and follow-up processes by revising guidance on follow-up, considering supervisory action when an institution’s corrective action is not timely or when significant violations recur, and revising its related performance goal. DSC’s management will reevaluate applicable guidance; analyze the prevalence and scope of repeatedly cited, significant violations over the next year; and make enhancements or clarifications as necessary. Management’s planned actions are responsive to the recommendations.

Ongoing Audit Work in the Consumer Protection Area

As of the end of the reporting period, we were conducting an audit of DSC’s IT examination procedures for addressing the security of sensitive customer data when the institutions use TSPs. Another of our ongoing audits is addressing the new interagency CRA guidelines.

OIG Investigations Seek to Thwart Identity Theft

Despite congressional efforts, regulations promulgated by federal agencies such as the FDIC, and added emphasis by law enforcement, identity theft is becoming more sophisticated and the number of victims is growing.

Identity theft includes using the Internet for new crimes such as “phishing” e-mails and “pharming” Web sites that attempt to trick people into divulging their private financial information by pretending to be legitimate businesses or government entities with a need for the information that is requested. As referenced above, certain OIG audits and evaluations are designed to focus on these issues and determine the effectiveness of the FDIC’s strategies and its implementation of programs and activities to protect consumer privacy. OIG criminal investigations expose those who illegally seek and use stolen identifications and bring them to justice. Examples of such investigative work conducted during the reporting period follow.

ELECTRONIC CRIMES UNIT RESPONDS TO PHISHING SCAMS INVOLVING THE FDIC AND OIG

The OIG’s Electronic Crimes Unit (ECU) responded to eight new cases of phishing e-mails purporting to be from the FDIC or the FDIC OIG. The phishing emails contained links to Web sites that contained official looking forms that attempted to collect confidential or personal information. In one instance, the link in the e-mail contained a program that would load another program on the victim’s computer, seemingly capable of collecting password information from the victim’s computer.

In all eight cases, the ECU has worked with the Division of Information Technology, DSC, and outside security companies to successfully shut down the fraudulent Web sites. The ECU is also continuing to work with the United States Computer Emergency Readiness Team to analyze the suspicious program attempting to collect the victims’ password information.

The ECU also continues to pursue the sources of phishing e-mails through issuance of subpoenas for customer account information and Internet Protocol address information related to the individuals who sent the phishing e-mails and maintain the fraudulent Web sites.

Misrepresentation of FDIC Insurance

Unscrupulous individuals may attempt to misuse the FDIC’s name, logo, abbreviation, or other indicators to suggest that deposits or other products are fully insured. Such misrepresentations induce the targets of schemes to trust in the strength of FDIC insurance while misleading them as to the true nature of the insurance or investment products being offered. Depositors may be particularly attracted to these misrepresented investments in our current economy when interest paid on insured deposits is historically low and uninsured investments can put an investor’s principal at substantial risk. Further, abuses of this nature may erode public confidence in federal deposit insurance. Some of our past semiannual reports to the Congress provide information on cases that have been successfully investigated involving these types of misrepresentations.

ECU RESPONDS TO ALLEGATIONS OF BANKS FALSELY ADVERTISING FDIC INSURANCE

During the reporting period, our ECU received two allegations of online financial institutions that falsely advertised FDIC insurance. In both cases the ECU contacted the entities that owned the Internet Protocol address where the online financial institution Web site was located and informed them that it was a violation of U.S. law to falsely represent FDIC insurance. In both cases, the Web sites were deactivated.

FOREIGN CURRENCY TRADER SENTENCED TO 5 YEARS’ INCARCERATION

On April 27, 2006, in the Southern District of Florida, a foreign currency trader was sentenced to 60 months of incarceration, to be followed by 36 months of supervised release. He was also ordered to pay $5,455,476 in restitution to the victims he defrauded. His sentence was the result of his guilty plea to one count of wire fraud in February 2006.

The defendant was previously indicted on 11 counts of wire fraud and 2 counts of forging and counterfeiting official seals of the United States, including the logo of the FDIC. The indictment to which the defendant pleaded guilty alleged that from April 1999 through June 2003, he fraudulently obtained $8.1 million from approximately 145 investors. The defendant, an illegal immigrant, is a citizen of Venezuela and raised all of his money from investors in Venezuela. The defendant solicited investors by representing that he had exceptional investment expertise and success. He promised approximately 145 investors that they would earn a monthly return of 3 percent or 36 percent per annum on their investment. Although the defendant did trade some currency through brokers in New York and London, his actions rapidly became a Ponzi scheme that began to collapse under its own weight.

When investors became suspicious and began asking for the return on their capital, the defendant falsely advised them, directly and through his employees and associates, that he was unable to return their investments because the FDIC had allegedly “frozen” his funds pursuant to the USA PATRIOT Act, and as soon as his case was settled, he would return to the investors the money they demanded. In support of this story, the defendant downloaded from the Financial Crimes Enforcement Network, Department of the Treasury Web site, an assessment of civil money penalty order involving Great Eastern Bank of Florida, an FDIC-supervised institution in Miami, Florida. The defendant then replaced Great Eastern Bank’s name with his own name, added the FDIC logo and seal to the document, and furnished a copy of the fraudulent document to each of his victims.

Joint investigation by the FDIC OIG and FBI; prosecuted by the U.S. Attorney’s Office for the Southern District of Florida.

When a bank that offers federal deposit insurance fails, the FDIC fulfills its role as insurer by either facilitating the transfer of the institution’s insured deposits to an assuming institution or by paying insured depositors directly. The FDIC’s DRR mission is to plan and efficiently handle the resolutions of failing FDIC-insured institutions and to provide prompt, responsive, and efficient administration of failing and failed financial institutions in order to maintain confidence and stability in the financial system.

When an institution is closed by its chartering authority–the state for state-chartered institutions, OCC for national banks, and the Office of Thrift Supervision for federal savings associations–the FDIC is responsible for resolving the failed bank or savings association. The FDIC begins the resolution process with an assessment of the assets and liabilities of the institution. Using this information, DRR solicits proposals from approved bidders to pass the insured deposits to an assuming bank and expedite the return of assets to the private sector. Once the FDIC is appointed receiver, it initiates the closing process for the failed institution and works to provide the insured depositors with access to their accounts in 1 or 2 business days. To accomplish this, the FDIC works with the assuming institution so that the insured deposit accounts are transferred to the assuming institution as soon as possible.

If no assuming institution is found during the resolution process, the FDIC disburses to customers of the failed institution the insured amount in each account category. The FDIC, as receiver, manages the receivership estate and the subsidiaries of failed financial institutions with the goal of achieving an expeditious and orderly termination.

Since the FDIC’s inception over 70 years ago, no depositor has ever experienced a loss of insured deposits at an FDIC-insured institution due to a failure. The year 2005 was the first in the FDIC’s history where no institution failed and there have been no failures in 2006 to date. Notwithstanding the current strength of the banking industry, the FDIC could potentially have to handle a failing institution with a significantly larger number of insured deposits than it has had to deal with in the past or have to handle multiple failures caused by a single catastrophic event.

The OIG’s role under this strategic goal is conducting audits and evaluations that assess the effectiveness of the FDIC’s various programs designed to ensure that the FDIC is ready to and does respond promptly, efficiently, and effectively to financial institution closings. Additionally, the OIG investigative authorities are used to pursue instances where fraud is committed to avoid paying the FDIC civil settlements, court-ordered restitution, and other payments as the institution receiver.

To help ensure the FDIC is ready to resolve failed banks and effectively manages receiverships, the OIG’s 2006 performance goals were as follows:

	Evaluate the FDIC’s plans and systems for managing bank failures, and
	Assist the FDIC in recovering financial losses from individuals fraudulently concealing assets.

OIG Work in Support of Goal 4

Ongoing work by both our Office of Audits and our Office of Investigations during the reporting period addressed the challenges that the Corporation faces in the receivership management area.

Office of Investigations Pursues Concealment of Assets Cases

The FDIC was owed more than $1.7 billion in criminal restitution as of March 31, 2006. Most often, the individuals do not have the means to pay. However, a few individuals do have the means to pay but hide their assets and/or lie about their ability to pay. The OIG’s Office of Investigations (OI) works closely with DRR and the Legal Division in aggressively pursuing criminal investigations of these individuals. As of September 30, 2006, concealment of assets cases constituted 9 percent of OI’s caseload. We are developing new cases in this area with the U.S. Attorney’s Offices in the Southern District of Miami, Florida, and Boston, Massachusetts.

Coordinating with DRR

OI coordinates closely with the Corporation’s DRR, with special attention to various types of financial institution fraud and related crimes, including concealment of assets cases. During the reporting period, such coordination continued in both our headquarters and Dallas field sites, where OI staff met with DRR and the Legal Division’s Financial Crimes Unit. All criminal cases and referrals involving concealment of asset violations are further coordinated with the various U.S. Attorneys’ Offices.

In the case of bank closings where fraud is suspected, OI is prepared to send case agents and computer forensic special agents from the ECU to the institution. Their principal role is to provide computer forensic support to OI’s investigations by obtaining, preserving, and later examining evidence from computers at the bank.

Planned Audit and Evaluation Work for Fiscal Year 2007

Upcoming work in this area will include evaluating the design and implementation of controls used by the FDIC to protect personal information collected and maintained in electronic form as a result of resolution and receivership activity. We will also be monitoring DRR’s planning for a potential large bank failure and will be ready to contribute to that effort, as needed.

The FDIC must effectively manage and utilize a number of critical strategic resources in order to carry out its mission successfully, particularly its financial, human, IT, and procurement resources. The Corporation does not receive an annual appropriation, except for its OIG, but rather is funded by the premiums that banks and thrift institutions pay for deposit insurance coverage, the sale of assets recovered from failed banks and thrifts, and earnings on investments in U.S. Treasury securities.

The FDIC Board of Directors approves an annual Corporate Operating Budget to fund the operations of the Corporation. The FDIC’s separate Investment Budget is composed of individual project budgets approved by the Board of Directors for major investment projects.

Financial resources are but one aspect of the FDIC’s critical assets. The Corporation’s human capital is also vital to its success. Currently, about 4,560 employees in offices throughout the U.S. conduct the FDIC mission. The Corporation’s workforce is supplemented by various contracts which must also be overseen by the Corporation. The value of active contracts as of March 2006 totalled $1.52 billion.

Information technology drives and supports the manner in which the public and private sector conduct their work. At the FDIC, the Corporation seeks to leverage IT to support its business goals and to improve the operational efficiency of its business processes. Along with the positive benefits that IT offers comes a certain degree of risk. A key effort for all agencies must be the establishment of effective information security programs. Title II of the E-Government Act of 2002, entitled the Federal Information Security Management Act, requires each agency to develop, document, and implement an agency-wide information security program to provide adequate security for the information and information systems that support the operations and assets of the agency.

The OIG’s role in this strategic goal is to perform audits, evaluations, and investigations that

	identify opportunities for more economical, efficient, and effective corporate expenditures of funds;
	recommend actions for more effective governance and risk management practices;
	foster corporate human capital strategies that benefit employees; strengthen employees’ knowledge, skills, and abilities; ensure employee and contractor integrity; and inspire employees to perform to their maximum capacity;
	help the Corporation to leverage the value of technology in accomplishing the corporate mission and promote the security of both IT and human resources; and
	ensure that procurement practices are fair, efficient, effective, and economical.

To promote sound governance and effective stewardship of FDIC strategic resources, the OIG’s 2006 performance goals were as follows:

	Evaluate the Corporation’s efforts to fund operations efficiently, effectively, and economically.
	Assess the Corporation’s human capital strategic initiatives to ensure a high-performing work-force that views the FDIC as an employer of choice and that stands ready to meet challenges in the banking industry.
	Promote maximization of IT resources for efficiency and effectiveness and ensure IT and physical security to protect all FDIC resources from harm.
	Evaluate the Corporation’s contracting efforts to ensure goods and services are fairly, efficiently, and economically procured.
	Monitor corporate efforts to identify and analyze the FDIC risk environment and validate that a sound internal control environment is in place and working well.

OIG Work in Support of Goal 5

Much of our Office of Audits’ work was conducted in pursuit of this strategic goal during the reporting period, as shown in the following discussion. Audits and evaluations addressed important emergency preparedness issues, information security matters, and various aspects of corporate procurement activities.

Emergency Response Plans

The Federal Emergency Management Agency issued Federal Preparedness Circular 65, which provides guidance for agencies in developing contingency plans that include emergency planning for the safety and security of agency personnel.

The FDIC’s Emergency Preparedness Program provides the FDIC’s emergency response policy and requires that emergency response plans (ERPs) be established in Washington Area Headquarters Offices (HQ) and in each of the regional offices. The ERPs document the FDIC’s procedures and structure to ensure the safety and security of all FDIC personnel during an emergency. During the reporting period, we evaluated the FDIC’s progress in developing and implementing comprehensive ERPs.

Our work determined that the FDIC’s emergency response policy provides a framework from which comprehensive ERPs have been established for HQ (including divisional ERPs for specific functional areas of concern) and the two regional offices we reviewed. The ERPs we reviewed address most of the recommended emergency response elements contained in federal agency criteria for emergency response planning. However, we reported that FDIC senior management, particularly in HQ, could do more to “set the tone” regarding the importance of emergency response through more public involvement in, and support for, ERPs. Additional guidance was also needed on certain aspects of the FDIC’s emergency response policy and the ERPs we reviewed, including:

	updating ERPs on a regular basis so they remain current,
	conducting evacuation and shelter-in-place drills,
	inventorying and maintaining emergency food and water supplies,
	providing information on available first-aid and medical response,
	incorporating the child-care facility ERP into the HQ ERP, and
	developing additional procedures for employees with disabilities.

We made two recommendations to strengthen the emergency response policy and the maintenance, communication, and content of the FDIC’s ERPs. DOA concurred with both recommendations and has planned or initiated actions that are responsive to both recommendations.

FISMA Evaluation

To achieve its mission, the FDIC relies on automated information systems to collect, process, and store vast amounts of banking and other sensitive information. Much of this information is used by financial regulators, academia, and the public to monitor bank performance, develop regulatory policy, and conduct research on and analysis of important banking issues. Ensuring the integrity, availability, and appropriate confidentiality of this information in an environment of increasingly sophisticated security threats and global connectivity requires a strong, enterprise-wide information security program.

In accordance with the Federal Information Security Management Act of 2002 (FISMA), we performed an evaluation to determine the effectiveness of the FDIC’s information security program and practices, including the FDIC’s compliance with FISMA and related information security policies, procedures, standards, and guidelines.

We reported that as a result of focused efforts over the last several years, the FDIC has made significant progress in improving its information security program and practices. Further, additional improvements were underway at the time of our evaluation. Our work did not identify any significant deficiencies in the FDIC’s information security program that warrant consideration as a potential material weakness as defined by the Office of Management and Budget (OMB). However, we reported that continued management attention is needed in key security control areas to ensure that appropriate risk-based and cost-effective security controls are in place to secure the FDIC’s information resources. These areas included enterprise architecture, configuration management, access controls, and audit and accountability controls, among others. Therefore, we concluded that the FDIC had established and implemented internal controls that provided limited assurance of adequate security for its information resources. Our report includes a number of steps that the Corporation can take to strengthen its information security program and practices. In many cases, the FDIC was already working to address these steps.

With assistance from KPMG LLP, (KPMG) we also responded to a set of questions issued by OMB related to specific security issues. Our work determined that the FDIC had implemented actions that substantially addressed the criteria used by OMB for assessing the status of those aspects of agency security programs. Still, continued management attention was need in some security control areas, as discussed in more detail in our FISMA evaluation report itself.

Privacy Work Requested by OMB

In its July 2006 memorandum entitled Fiscal Year 2006 Reporting Instructions for FISMA and Agency Privacy Management, the OMB requested that agency IGs provide any meaningful information related to their agency’s privacy program and related activities.

We contracted with KPMG to audit the status of the FDIC’s privacy program as part of our FISMA-related coverage. We reported that the FDIC has strengthened controls related to information in an identifiable form (IIF), implemented training to promote Privacy Act awareness, and identified systems with IIF and performed privacy impact assessments for most of them. We did, however, note that the FDIC could strengthen privacy management by completing some of its ongoing efforts. KPMG will be performing a more in-depth review, as required by Section 522 of the Consolidated Appropriations Act of 2005, of the FDIC’s use of IIF and related privacy protection policies and procedures. A final report will be issued in December 2006.

In an earlier OMB memorandum in June 2006, entitled, Protection of Sensitive Agency Information, OMB called for use of a National Institute of Standards and Technology checklist to assess protection of remotely accessible IIF and recommended additional controls when IIF is removed or accessed from outside the agency.

We contracted with KPMG to audit and report on the status of the FDIC’s implementation of the information protection controls related to remote access, transport, and storage of sensitive agency information. The audit found that the Corporation had taken a number of steps to protect IIF and other sensitive information, and additional control improvements were underway. However, the FDIC needed to do more to implement the National Institute of Standards and Technology checklist and fully address OMB’s recommendations for safeguarding sensitive information.

Application Controls

The FDIC relies heavily on application systems to collect, process, and store sensitive data such as financial institution examination ratings, pending enforcement actions, and personally identifiable information. It is imperative, therefore, that the FDIC implement controls to ensure that user access privileges are commensurate with job responsibilities and that user activities are recorded and periodically reviewed.

During the reporting period we conducted an audit to determine whether the Corporation’s controls provide reasonable assurance of adequate security. We reported that the Corporation had established and implemented a number of controls in this regard. However, we made several recommendations to further protect applications that process sensitive information.

Controls Over the Disposal of Sensitive FDIC Information

As emphasized above, much of the Corporation’s sensitive information must be protected in accordance with federal statutes and regulations. It is also critical that the Corporation implement appropriate controls when disposing of sensitive information to prevent an unauthorized disclosure that could lead to potential legal liability or public embarrassment.

To determine whether the FDIC has adequate controls for ensuring the secure disposal of sensitive information, we conducted an audit that focused on the disposal of information in shredder bins and consoles provided by a contractor for the FDIC’s headquarters offices.

Although the FDIC had established a number of key controls, the Corporation needed to improve its oversight of the contract to ensure that the controls were effectively implemented. We also identified matters relating to subcontractor costs and agreements, and the identification of the records management contractors that warranted management attention. We made recommendations to address these matters, and the Corporation’s planned actions were responsive.

Contract Administration

The FDIC is increasingly relying on contractors to accomplish its mission. Contract administration begins after contract award and ends when goods or services have been accepted and the contractor has received final payment.

Effective contract administration (1) helps to ensure that the contractor delivers the required goods or services according to the contract delivery schedule and (2) includes monitoring cost, schedule, and technical performance and ensuring that payments are authorized and supported. Both the contracting and program offices at the FDIC are key players in contract administration.

We conducted an evaluation to assess the strengths and weaknesses of the FDIC’s contract administration policies, procedures, and practices for ensuring that contract cost, schedule, and performance requirements are met.

During our evaluation, DOA’s Acquisition Services Branch (ASB) had a number of initiatives in progress. Specifically, ASB had streamlined contract administration by (1) moving toward larger consolidated contracts, including participation in interagency contracting efforts; (2) centralizing contracting efforts that were formerly administered in FDIC regional offices; and (3) increasing procurement card purchasing limits to include smaller recurring contracts. ASB also defined new competency and skill requirements, pursued targeted recruitments to address skills gaps, and reduced overall staff by approximately 50 percent since the beginning of 2005.

As ASB continues to transform its acquisition function, we concluded that ASB and senior FDIC management needs to devote additional attention to the following areas:

We made 13 recommendations for improvement. Addressing these issues should help to ensure an efficient, effective, and accountable contract administration process and better position the FDIC to control costs, meet scheduled timeframes, and ensure contractor performance. DOA concurred with all recommendations and has planned or initiated actions that are responsive to each recommendation.

Ongoing Audit Work

Ongoing work at the end of the reporting period in support of this strategic goal included audits related to the following: classification of salary costs in the New Financial Environment, FDIC performance measures, FDIC’s succession planning efforts, and contracting activities and controls associated with both the Federal Systems Integration Management contract with the General Services Administration and the Corporation’s consolidated IT Application Services contract.

Investigations of Employee and Contractor Actions

The OIG conducts investigations, as needed, of criminal or serious misconduct on the part of FDIC employees and contractors to ensure a working environment of high integrity. During the reporting period there were no such cases completed.

The FDIC OIG is one of 57 such offices in the federal government. Along with the Government Accountability Office and other law enforcement organizations, the Inspectors General are part of a network of government organizations with common purposes for fostering greater accountability, integrity, and excellence in government programs and operations.

While our organization is focused on the FDIC’s programs and operations, the OIG has an inherent obligation to hold itself and its people to the highest standards of performance and conduct. Like any organization, we have processes and procedures for conducting our work; communicating with our clients, staff, and stakeholders; managing our financial resources; aligning our human capital to our mission; strategically planning and measuring the outcomes of our work; maximizing the cost-effective use of technology; and ensuring our work products are timely, value-added, accurate, complete, and meet applicable professional standards.

To continuously enhance the OIG’s business and management processes, the OIG’s 2006 performance goals were as follows:

	Enhance strategic and annual planning and performance measurement;
	Strengthen human capital management to achieve enhanced results;
	Ensure the quality and efficiency of OIG audits, evaluations, and investigations;
	Foster good relationships with clients, stakeholders, and OIG staff; and
	Invest in cost-effective and secure IT that improves performance and productivity.

The following actions during the reporting period supported our efforts to continuously enhance our business and management processes.

Strategic and Annual Planning and
Performance Measurement Activities

	Worked to formulate the OIG’s 2007 Business Plan, including conducting outreach sessions to FDIC Division directors and senior management to provide input and feedback. The business planning approach seeks to integrate and align performance planning, audit and evaluation planning, performance reporting, and budgeting processes.
	Formulated the fiscal year 2008 appropriated budget request to provide the FDIC Chairman for concurrence.
	Continued to monitor and assess the OIG’s risks and the internal controls in place to manage the risks as part of our responsibilities under the Corporation’s Internal Control and Risk Management Program. Each OIG Accountability Unit Manager is submitting internal control test results for 2006 to support assertions regarding the extent of compliance with the 2006 FDIC Internal Control Program and whether unit objectives have been achieved. These certifications will support an assurance statement addressing OIG-wide Internal Control Program compliance for 2006. Managers are updating their management control plans and accountability units for 2007.

Human Capital Initiatives

	Continued to focus on Office of Audits’ training program, including ensuring course completions for needed continuing professional education credits and developing and delivering a course for all Office of Audits staff related to audit assignment planning and message design.
	Continued OIG mentoring program that pairs newer staff with more experienced OIG staff to help guide new staff and promote professional development.

Quality of Audits, Evaluations, Investigations

	Counsel’s Office provided advice and counsel and determinations of legal applicability on issues arising with respect to audits, evaluations, and investigations, including the legal accuracy and sufficiency of audit and evaluation reports.
	Began peer review of Department of Justice Office of Audit, in accordance with the President’s Council on Integrity and Efficiency (PCIE) Peer Review Guide. Final report is expected in February 2007.
	Conducted internal quality assurance reviews of the OIG’s Western Region Chicago and Dallas Offices of Investigation.
	Conducted quality control reviews of Office of Audits directorates.

Fostering Good Relationships with Stakeholders

	Participated in quarterly meetings with FDIC senior management officials to keep them apprised of ongoing audit and evaluation reviews and results.
	Continued to work closely with FDIC developing presentations that include in-depth discussions of “lessons learned/red flags” based on our experience in investigating major fraud at financial institutions. The presentations provide an overview of the investigative process, alert examiners to possible red flags or signs of fraud and/or obstruction, and provide guidance on making referrals and coordinating with the OIG regarding suspected fraud. Office of Investigations provides these types of presentations at training conferences, Federal Financial Institutions Examination Council seminars, DSC Field Office and Case Managers’ meetings, and bankers’ outreach sessions.
	Continued efforts to keep DSC, DRR, Legal, and other FDIC program offices informed of the status and results of our investigative work impacting their respective offices. We continued to issue quarterly reports to DSC, DRR, Legal and the Chairman’s Office outlining activity and results in our cases involving closed and open banks, and asset concealment and restitution cases. We continued to meet quarterly with DSC, DRR, and the Financial Crimes Unit to review ongoing cases of interest, and we coordinated routinely with these offices. As appropriate, we briefed affected program officials regarding employee cases.	A Strong Partnership The OIG has partnered with various U.S. Attorneys’ Offices throughout the country in bringing to justice individuals who have defrauded the FDIC or financial institutions within the jurisdiction of the FDIC, or criminally impeded the FDIC’s examination and resolution processes. The alliances with the U.S. Attorneys’ Offices have yielded positive results during this reporting period. Our strong partnership has evolved from years of trust and hard work in pursuing offenders through parallel criminal and civil remedies resulting in major successes, with harsh sanctions for the offenders. Our collective efforts have served as a deterrent to others contemplating criminal activity and helped maintain the public’s confidence in the nation’s financial system.
	Reviewed and provided timely comments to corporate stakeholders on six corporate directives and circulars. Of note, we provided substantive comments on proposed policy regarding protection of privacy information about individuals, the FDIC’s software configuration management policy, the FDIC personnel suitability program, and the FDIC enterprise risk management program.	For the current reporting period, we are especially appreciative of the efforts of the Assistant U.S. Attorneys in the following offices: Southern District of Florida, Western District of Wisconsin, District of Missouri, Eastern District of Tennessee, Northern District of Illinois, Central District of Illinois, Northern District of Texas, Southern District of Texas, Northern District of Iowa, District of Minnesota, District of Massachusetts, and the Western District of Oklahoma.
	Attended monthly meetings of the FDIC Audit Committee and presented the results of significant audit and evaluation assignments for consideration by Committee Members.
	Communicated with the Chairman and Vice Chairman through the Inspector General’s regularly scheduled meetings with them and in other forums.
	Participated with other OIGs in the PCIE and Executive Council on Integrity and Efficiency through attendance at regular meetings and participation in ongoing activities in the Inspector General (IG) community, such as sharing investigative best practices, working on the community’s new FISMA reporting framework, and responding to various surveys.
	Met with representatives of the OIGs of the federal banking regulators (Federal Reserve Board, Department of the Treasury, and National Credit Union Administration) to discuss audit and investigative matters of mutual interest.
	Attended regular Assistant IG for Investigation meetings. OI representatives also regularly attended meetings of the National Bank Fraud Working Group and similar working groups held throughout the country. OI participates in the Cyber Fraud and the Check Fraud working groups, subgroups of the Bank Fraud Working Group, attended by law enforcement, Department of Justice officials, and regulators.
	Held congressional briefings with Senate Banking Committee and House Financial Services staff on matters of mutual interest and kept them apprised of OIG progress in reporting on such issues as predatory lending and industrial loan companies.
	Briefed new IG on background of the OIG’s Employee Advisory Group, a forum for employees to address concerns and provide ideas to the IG for improving business processes, employee relations, and working conditions. Scheduled early October meeting with the IG to continue the Employee Advisory Group forum.

Investing in Cost-Effective, Secure IT to Enhance Performance and Productivity

	Continued work with the OIG component offices to post and/or update information on the FDIC OIG Internet and Intranet sites in the interest of facilitating internal work efforts and providing easily accessible information to parties external to our office who are interested in our office and the results of our work.
	Continued Ensured that all OIG staff completed required Security Awareness and Privacy Act training.
	Made the OIG Dashboard accessible to all OIG staff. The dashboard contains information supporting the OIG’s strategic and performance goals—both qualitative and quantitative—so that all staff can see the OIG’s overall progress in meeting those goals and the value of their individual contributions to the OIG mission.
	Took a number of measures in coordination with the Division of Information Technology to ensure the security and uninterrupted availability of OIG IT resources and data, including disseminating security-related tips and information to OIG staff on a regular basis.

[ D ]

[ D ]

[ D ]

This performance report presents an overview of our performance compared to our fiscal year 2006 annual performance goals in our Business Plan. It provides a statistical summary of our qualitative goals as well as a narrative summary of performance results by Strategic Goal. It also shows our results in meeting a set of quantitative goals that we established for the year. Our complete 2006 Business Plan is available at www.fdicig.gov.

We formulated six strategic goals, as shown in the table on the following page. Each of our strategic goals, which are long-term efforts, has annual performance goals and key efforts that represent our initiatives in fiscal year 2006 toward accomplishing the strategic goal. The table reflects the number of performance goals that were Met, Substantially Met, or Not Met. This determination was made through discussion at the OIG Executive level and a qualitative assessment as to the impact and value of the audit, evaluation, investigation, and other work of the OIG supporting these goals throughout the year.

As shown in the table, we met or substantially met all of our performance goals in fiscal year 2006. A discussion of our success in each of the 6 goals follows the table.

[ D ]

Supervision: Assist the FDIC to Ensure the Nation’s Banks
Operate Safely and Soundly

Our success in achieving this goal is largely due to our investigative activity. Some of our most significant cases involving financial institution fraud achieved impressive results. Former Community Bank of Blountsville executives and an excavating contractor received stiff sentences for conspiracy, bank fraud, and causing false entries in bank records. The former President of Hawkeye State Bank was sentenced to 65 months’ incarceration and ordered to pay $3.6 million in restitution for theft, embezzlement, misapplication by a bank officer, and engaging in monetary transactions in property derived from unlawful activity. The former director and the former president of the Bank of Alamo, along with four bank customers, were indicted on charges of conspiracy, money laundering, and bank fraud. The former chairman of the board and chief executive officer of Hamilton Bank was sentenced to 30 years of incarceration and 36 months of supervised release. He had earlier been convicted on all 16 charges of making false filings to the Securities and Exchange Commission and to bank examiners, making false statements, wire fraud, bank fraud, securities fraud, obstruction of a bank examination, and conspiracy. The former Hamilton Bank president and the former chief financial officer also received stiff sentences for their roles in the fraud. In another case, the former president of the First National Bank of Blanchardville, Wisconsin, was sentenced to 108 months’ incarceration to be followed by 5 years of supervised release and was ordered to pay $13.4 million in restitution to the FDIC. Investigations also uncovered real-estate fraud schemes involving property flips and other types of mortgage fraud that impacted FDIC-supervised institutions. In another case, a securities broker was also sentenced to 60 months’ probation and 6 months’ home confinement after pleading guilty to obstructing an examination of a financial institution.

Insurance: Help the FDIC maintain the viability of
the insurance funds

Several audit and evaluation assignments during the fiscal year focused on helping to maintain the viability of the insurance funds. We issued a report on the FDIC’s risk-related premium system leading to the Division of Insurance and Research’s (DIR) considering improvements to the assessment system to reflect changes in an institution’s capital level and examination composite ratings more frequently than semiannually. DIR will present improvements to the FDIC Board in conjunction with changes resulting from deposit insurance reform legislation. DIR committed to recommending assessment rates that better reflect differences among FDIC-insured institutions and that would be most likely to keep the insurance fund’s reserve ratio within the range contemplated by legislation. We issued a report on the FDIC’s reserve ratio and assessments determination process, recommending that the Corporation periodically validate key assumptions, estimates, or other components that factor into the calculation of the reserve ratio. Importantly, in connection with corporate governance practices, in that same report, we recommended improved communication of information relevant to assessment determinations and other corporate matters and activities to the FDIC Board of Directors. In response, the FDIC undertook an extensive review of delegations of authority. In another evaluation report on the industrial loan company insurance application process, we made six recommendations to strengthen that process and subsequent monitoring of conditions imposed on industrial loan companies and business processes.

Consumer Protection: Assist the FDIC to protect consumer rights
and ensure community reinvestment

Audits and investigations contributed to the FDIC’s protection of consumers in multiple ways. As a result of our audit of the challenges and FDIC efforts related to predatory lending, we recommended that the FDIC describe in policy its overall approach to addressing predatory lending and review existing examiner, financial institution, and consumer guidance to see if more guidance is needed to address risks associated with such lending. We also issued a report on the implementation of the Gramm-Leach-Bliley Act and Fair and Accurate Credit Transaction (FACT) Act with recommendations to enhance assurance that institutions are taking steps to prevent identity theft to the extent intended by the FACT Act and to encourage the FDIC to coordinate with the joint agency rulemaking committee to expedite issuance of final rules and regulations for all of the Act’s provisions. Two other reports included recommendations to ensure better protection of sensitive customer information. One of these reports related to the risks of financial institutions’ increased outsourcing of software development and maintenance, data processing, and other information technology services to technology service providers and the FDIC’s related examination coverage. The other audit examined the FDIC Division of Resolutions and Receiverships’ protection of bank employee and customer personally identifiable information. To further protect consumers, our Electronic Crimes Unit responded to multiple phishing schemes where the FDIC and OIG Web sites were misused to entice consumers to divulge personal information. We successfully shut down several Web sites used for such purposes. We also continued efforts to curtail misrepresentation of FDIC insurance. As a result of one of our investigations, a foreign currency trader pleaded guilty to multiple counts of wire fraud and two counts of forgery and counterfeiting official seals of the United States, including the FDIC logo. He was sentenced to 5 years’ incarceration and ordered to pay over $5 million in restitution to his victims. From a compliance standpoint, we assessed examiner use of Home Mortgage Disclosure Act data to identify and assess instances of potential discrimination in FDIC-supervised institutions and recommended strengthening examiner guidance. We also identified needed improvements in the FDIC’s process for addressing the violations and deficiencies reported in compliance examinations.

Receivership Management: Help ensure that the FDIC is ready to
resolve failed banks and effectively manages receiverships

We reported that with respect to the Corporation’s Board-approved $31.8 million asset servicing technology enhancement project (ASTEP), the project management team developed planning documents and implemented activities that complied with project management guidance in line with the status of the project. We recommended that as the project advanced and was rebaselined, strengthening project management controls would facilitate decision-making and help ensure ASTEP met user needs effectively and efficiently. Other audit work determined that the Corporation established and implemented an effective system for tracking and recovering unclaimed deposits. We pursued concealment of assets investigations related to the more than $1.7 billion in criminal restitution that the FDIC is owed. In one such successful case, the former chief executive officer of Sunbelt Savings Bank was convicted on all 27 counts of an indictment charging him with mail fraud, false statements, concealment of assets, and money laundering. He was also subject to more than $2 million in cash forfeitures.

Resources Management: Promote sound governance and effective stewardship of financial, human, IT, and procurement resources

We issued a number of audit reports resulting in positive benefits to the FDIC, for example, strengthening the Corporation’s privacy program for protecting personal employee information; establishing a more effective discrimination complaint resolution process; helping ensure an efficient, effective, and accountable FDIC contract administration process; strengthening the Corporation’s emergency response program; enhancing controls over the disposal of sensitive FDIC information; enhancing wireless security policies and procedures and restricting access to critical software programs designed to safeguard wireless communications; and strengthening the FDIC’s certification and accreditation program to better secure corporate operations and assets. Our Federal Information Security Management Act-related work for 2006 reported that the FDIC had made significant progress over the last several years but continued attention was needed in such areas as enterprise architecture, configuration management, access controls, and audit and accountability controls. We also continued efforts to ensure employee integrity and heighten awareness of unacceptable or unethical behavior as evidenced by our success in investigating a former FDIC intern’s conspiracy to commit bank fraud and identity theft of FDIC employees. The former intern was sentenced to 60 months’ imprisonment and ordered to make restitution of over $630,000.

OIG Internal Processes: Continuously enhance the OIG’s business and management processes

We strengthened our focus on strategically planning OIG work, resulting in issuance of our fiscal year 2006 Audit Plan and 2006 Business Plan, which combined our strategic plan and performance plan. These plans were designed to unify, guide, and integrate OIG activities in pursuit of our six strategic goals. We promoted effective stakeholder relationships and information- sharing by way of OIG Executive meetings with FDIC Executives; presentations at FDIC Audit Committee meetings; Congressional interaction; and coordination with financial regulatory OIGs, other members of the Inspector General community, and the Government Accountability Office. We reviewed and/or commented on 14 proposed corporate policies (e.g., Employee Rights and Responsibilities under the Privacy Act of 1974, Encryption and Digital Signatures for Electronic Mail, Protection of Privacy Information, the FDIC’s Software Configuration Management Program, and Enterprise Risk Management) and four draft legislative documents and regulations. We focused on continuously enhancing the OIG’s business and management processes by strengthening the OIG’s human capital practices, taking steps to better ensure the quality of OIG activities and products, and investing in cost-effective and secure information technology to improve performance and productivity.

[ D ]

Review of Legislation and Regulations

The FDIC OIG is tasked under the Inspector General Act of 1978 with reviewing existing and proposed legislation and regulations relating to programs and operations of the Corporation and making recommendations in semiannual reports concerning the impact of such legislation or regulations on the economy and efficiency in the administration of programs and operations administered or financed by the Corporation or the prevention and detection of fraud and abuse in its programs and operations. The Office of Counsel reviewed and provided comments on draft final deposit insurance regulations establishing higher deposit insurance limits on retirement accounts. The Office of Counsel also reviewed the Office of Management and Budget’s final regulations under the NO FEAR Act to determine the implications of reimbursing the Judgment Fund for discrimination or whistleblower judgments, awards, or settlements, but provided no comments. Further, Counsel’s Office began tracking legislative developments relating to the Privacy Act and security concerns regarding the presence of personally identifiable information on government computers.

Table I: Significant Recommendations From Previous Semiannual Reports on Which Corrective Actions Have Not Been Completed

This table shows the corrective actions management has agreed to implement but has not completed, along with associated monetary amounts. In some cases, these corrective actions are different from the initial recommendations made in the audit reports. However, the OIG has agreed that the planned actions meet the intent of the initial recommendations. The information in this table is based on (1) information supplied by FDIC’s Office of Enterprise Risk Management (OERM) and (2) the OIG’s determination of closed recommendations for reports issued after March 31, 2002. These 21 recommendations from 12 reports involve improvements in operations and programs. OERM has categorized the status of these recommendations as follows:

Management Action in Process: (21 recommendations from 12 reports)

Management is in the process of implementing the corrective action plan, which may include modifications to policies, procedures, systems or controls; issues involving monetary collection; and settlement negotiations in process.

Each year, the Inspector General community presents awards for excellence to honor those individuals whose distinguished work helps to promote economy, efficiency, and effectiveness in their agency’s programs and prevent and detect fraud, waste, and abuse. The 2006 Awards Ceremony of the President’s Council on Integrity and Efficiency and the Executive Council on Integrity and Efficiency was held at Andrew W.Mellon Auditorium on October 24, 2006, and three teams led by staff of the FDIC OIG received Awards for Excellence. The OIG is proud of the following recipients of these awards:

The evaluation team of Marshall Gentry, Ann Lewis, Loretta Weibel, Tom Ritz, Erin Shea, and Chris Gieseler for their outstanding work on the evaluation of FDIC safeguards over personal employee information.

The investigative team of Michael Rexrode and Charlie Price (Special Agent, FBI) for their outstanding efforts in investigating a conspiracy to commit bank fraud and identity theft.

The investigative team of Ken Meyd, David Beck (Senior Attorney, FDIC), and Joseph Revesz (Assistant U.S. Attorney) for their outstanding work in investigating and prosecuting illegal concealment of assets.

Charles Chisolm, a Special Agent from the OIG’s Dallas office, received an award for excellence for his work on a joint investigation with the Department of Agriculture OIG of an individual involved in violating the Packers & Stockyards Act.

Retirees

The OIG appreciates the many years of public service of three members of our staff who retired during the reporting period.

Paul Johnston, Senior Audit Specialist, retired after nearly 32 years of federal service. His career began in the Army Corps of Engineers and later included work as an accountant and auditor at the U.S. Department of Agriculture and U.S. Information Agency Offices of Inspector General. He joined the FDIC OIG in 1991.

Mike Walker, Senior IT Specialist, retired after more than 35 years of federal service. His career began as an Army Lieutenant followed by his promotion to Captain. In 1974 he became an auditor at the Naval Supply Center, Norfolk, Virginia, and later moved on to the General Accounting Office (now the Government Accountability Office). He worked at the Community Services Administration, Department of Transportation, and Department of Housing and Urban Development Offices of Inspector General prior to joining the FDIC OIG in 2003.

Joan Green, Investigative Assistant in the OIG’s Atlanta office, retired after more than 33 years of federal service. Her career began with the U.S. Army in Ft. Jackson, South Carolina, and included service with the Department of Defense, Defense Criminal Investigative Service, and finally with the Offices of Inspector General of the Resolution Trust Corporation and the Federal Deposit Insurance Corporation. We appreciate Joan’s dedicated assistance to OIG investigators over the past 15 years.

Hamilton Bank Investigative Team The OIG acknowledged the outstanding efforts of a team of individuals from the U.S. Attorney’s Office of the Southern District of Florida for their efforts in the successful prosecution of the former chairman of the board and chief executive officer of Hamilton Bank.

OIG Investigators OIG Special Agent Alan Butler received an award from FBI Special Agent in Charge, Memphis Division, My Harrison, for his outstanding assistance in the successful case of the Bank of Alamo Failure. Also recognized were members of the OIG’s Electronic Crimes Unit, Jay Chappell, Special Agent in Charge, and Lance Endy, Special Agent.

OIG Special Agent Jason Moran received an award for Special Achievement in Identity Theft and Financial Investigations at the Southeastern IG Counsel awards ceremony. Special Agent Moran was cited for his work on a case involving Colony Bank of Fitzgerald and the indictments and arrests of six defendants.