Audit: FDIC fell short in establishing process for gathering, using actionable threat information

January 19, 2022 FDIC 0

Effective processes to acquire, analyze, disseminate, and use relevant and actionable threat information to guide the supervision of financial institutions were not established by the federal insurer of bank deposits, according to an audit report issued Wednesday.

The report, issued by the Federal Deposit Insurance Corp.’s (FDIC) Office of Inspector General (OIG), acknowledges that the agency acquired and analyzed “certain information pertaining to threats against FDIC-supervised financial institutions and disseminated this information to supervisory personnel in its Headquarters, Regional, and Field Offices.”

However, the report adds, the audit identified gaps in the “threat sharing framework” (the method the agency uses for acquiring and sharing information about threats to financial institutions). Those gaps, the report stated, included that the FDIC did not:

Establish a written governance structure to guide its threat information sharing activities;
Complete, approve, and implement a governance charter that established a common understanding of the role for the Intelligence Support Program or defined an overall strategy and requirements for it;
Develop goals, objectives, or measures to guide the performance of its Intelligence Support Program;
Establish adequate policies and procedures that defined roles and responsibilities for key stakeholders involved in the threat information sharing program and activities; and
Fully consider the risks discussed in this report for its Enterprise Risk Inventory and Risk Profile.

Among the 25 recommendations that the report made were that the agency “establish and implement a Charter, goals, objectives, and measures” to govern its Intelligence Support Program. The report also recommends that the FDIC establish and implement policies and procedures that define roles and responsibilities for acquiring, analyzing, and disseminating threat information managed by the Intelligence Support Program and its Risk Management Supervision (RMS) Operational Risk group.

In addition, the report also recommends that the FDIC Enterprise Risk Inventory and Risk Profile fully consider the threat information sharing risks identified in the report.

The agency said it plans to complete all corrective actions by late this year (Dec. 16, 2022).

Sharing of Threat Information to Guide the Supervision of Financial Institutions

False claims about student loan costs, graduate hiring rates lead to action against for-profit school, CEO

April 17, 2024 0

Deceiving students about the cost of loans and making false claims about graduates’ hiring rates have led to a consent order and a civil money penalty (CMP) against a San Francisco-based, for-profit vocational school and its CEO, the federal consumer [...]
‘Cautiously optimistic’ economic outlook noted in latest Beige report

April 17, 2024 0

Mixed results on consumer spending, “roughly flat” bank lending and some increases in residential construction and tourism were noted by the Federal Reserve in its April Beige Book report on economic conditions. The report is based on information collected on [...]
Cross-border resolution planning topic for U.S., European regulators with eye toward GSIBs

April 16, 2024 0

A coordination exercise of cross-border resolution planning among regulators and supervisors from the U.S., the United Kingdom (UK) and the European Banking Union (EBU) is set for Saturday, the federal bank deposit insurance agency said Tuesday. The conference, the Federal [...]
Final, procedural rule aims to streamline process for designations of nonbanks

April 16, 2024 0

Procedures for designating a nonbank for supervision by the federal consumer financial protection agency were updated Tuesday, the agency said, and will streamline the process for both it and the nonbanks. The Consumer Financial Protection Bureau (CFPB) said the final, [...]
FDIC panel on community banking meets May 2

April 16, 2024 0

The federal bank deposit insurer’s Advisory Committee on Community Banking is set to meet publicly May 2 on issues of interest to community banks, according to a notice in Tuesday’s Federal Register. The Federal Deposit Insurance Corp. (FDIC) notice says [...]
CFPB’s community bank panel to meet April 30

April 16, 2024 0

A public meeting of its Community Bank Advisory Council (CBAC) is slated for April 30 from 1-3:30 p.m. Eastern, the Consumer Financial Protection Bureau (CFPB) said in a notice posted online and in Tuesday’s Federal Register. The bureau said the [...]
Rising use of fraud related to counterfeit passport cards impels notice to banks to be on alert

April 15, 2024 0

Fraud schemes related to the use of counterfeit U.S. passport cards has prompted a notice to financial institutions from the Treasury’s financial crimes enforcement unit, the agency said in a notice issued Monday. According to the Financial Crimes Enforcement Network [...]

Related