An unauthorized contractual commitment that cost the federal bank deposit insurance agency $4.2 million and a prolonged increase in operational, monetary, legal, and reputational risks is outlined in a report published Monday by the agency’s inspector general.
In the report, the Federal Deposit Insurance Corp.’s (FDIC) Office of Inspector General (OIG) also said it found that that bank insurance agency incurred costs above the market price for similar services in the amount of at least $1.5 million.
“We consider these costs to be Funds Put to Better Use, and we will report this amount in our Semiannual Report to the Congress,” the OIG said.
The report details a $12 million contract the FDIC had with telecommunications provider AT&T beginning in 2014 and beyond. However, the report notes some shortcomings in the agency’s action to properly renew the contract.
“The contract had a base period of 1 year, and four 1-year option periods, potentially resulting in a 5-year contract if all option years were exercised,” the OIG said. “However, the FDIC did not exercise the option years, and allowed the contractor to continue to perform despite the fact that the base year period of performance ended in February 2015. On February 4, 2019, the FDIC modified the contract to extend the period of performance to February 2020 and increase the contract value to $13.2 million. On October 28, 2019, the FDIC again modified the contract to extend the period of performance to June 2022 and to increase the contract value to $18.3 million.”
Further, the OIG alleged, in 2019, the agency decided to upgrade the bandwidth of AT&T services in its field office. However, the OIG indicated, the procedure for doing that was flawed in that the agency had not completed a contract modification for the field office upgrades, the contract had already reached its funded ceiling, and the agency owed AT&T $2.2 million for unpaid invoices at that time.
“The FDIC did not authorize and pay AT&T for services to upgrade bandwidth in the FDIC Field Offices in accordance with its policies and procedures and existing telecommunications contract,” the OIG stated. “The FDIC did not adhere to its acquisition policies and procedures because FDIC CIOO (Chief Information Officer Organization) Executive Managers did not establish an accountable organizational culture or ‘tone at the top’ for compliance with FDIC acquisition policies and procedures.”
The report also asserts that FDIC CIOO executive and corporate managers did not use proper internal controls for the AT&T contract. It also asserts that risks related to the FDIC CIOO’s reliance on contractor services and the need to maintain an effective internal control environment for its contract oversight management activities were not included in the FDIC’s “Enterprise Risk Management Risk Inventory.”
“Lastly, FDIC CIOO personnel failed to fulfill their roles and responsibilities with regard to the AT&T contract,” the OIG stated.
FDIC Oversight of a Telecommunications Contract