The National Credit Union Administration’s Office of Inspector General issued two reports in mid-March on 1) the agency’s records management program and 2) its charge card programs. The records management audit showed no comprehensive program is in place and identified several weaknesses; the charge card program review identified no serious issues, but annual reviews will continue.
Audit results for the records management program showed that the NCUA lacks a comprehensive records management program and needs to correct weaknesses. The audit also found that the depth and scope of the issues identified are due in large part to management’s competing priorities.
In addition to the agency’s lack of a comprehensive records management framework, retention, and disposal system, the audit showed that those charged with governance over records management for the agency did not consistently follow applicable laws, regulations, and guidance to ensure the NCUA had a comprehensive records management program in place. The report makes five recommendations, all of which were agreed to by management.
Charge card programs
As required by the Government Charge Card Abuse Prevention Act of 2012, the OIG conducted risk assessments of the NCUA’s purchase and travel card programs, the findings of which would inform the agency whether an audit is justified. The review addressed all three charge card programs and covered activity from Oct. 1, 2016, through Sept. 30, 2017. All three programs registered low risk, except the risk for the individually billed program, the OIG concluded, increased from a low risk in fiscal 2016 to a medium risk in fiscal 2017. NCUA has addressed identified risks, and the OIG did not conduct an audit of the travel card or purchase card programs for fiscal year 2017.