oversight

FHFA's 2015 and 2016 Supervisory Activities, as Planned, Addressed Identified Risks with Freddie Mac's New Representation and Warranty Framework

Published by the Federal Housing Finance Agency, Office of Inspector General on 2017-09-22.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                        REDACTED

                    Federal Housing Finance Agency
                        Office of Inspector General




 FHFA’s 2015 and 2016 Supervisory
  Activities, as Planned, Addressed
 Identified Risks with Freddie Mac’s
 New Representation and Warranty
              Framework




This report contains redactions of information that is privileged or confidential.



  Audit Report • AUD-2017-009 • September 22, 2017
                Executive Summary
                The Federal National Mortgage Association (Fannie Mae) and the Federal
                Home Loan Mortgage Corporation (Freddie Mac) (together, the Enterprises)
                provide liquidity to the U.S. housing finance system by supporting the
                secondary mortgage market. The Enterprises purchase residential mortgages
                from lenders and bundle the purchased mortgages into securities for which
AUD-2017-009    they guarantee principal and interest. In guaranteeing the securities, the
                Enterprises assume the credit risk from possible default of the underlying
September 22,   mortgages. To mitigate this risk, the Enterprises require lenders that sell the
    2017        residential mortgages to make specific contractual representations and
                warranties in which they represent that the mortgages meet specific
                underwriting standards.

                Historically, the Enterprises relied on the lenders’ representations and warranties
                and conducted limited due diligence at the time the mortgages were purchased.
                When mortgages defaulted or the borrower missed payments, the Enterprises
                would review the loan files for evidence of breach of the representations and
                warranties and exercise their contractual rights to require lenders to repurchase,
                or buy back, non-compliant loans. The Enterprises’ contractual rights to put back
                non-compliant loans at any point during the term of the loans enabled the
                Enterprises to reduce losses caused by underwriting defects.

                In September 2012, the Federal Housing Finance Agency (FHFA) announced
                that the Enterprises would launch a new representation and warranty
                framework (new framework). The objective of the new framework was to
                enhance transparency and certainty for lenders by clarifying when a mortgage
                loan may be subject to repurchase. The new framework, designed by the
                Enterprises to meet FHFA’s stated objective, shifted some risk of non-
                compliance with representations and warranties from the lenders to the
                Enterprises (and therefore to taxpayers). The new framework also required
                operational changes at the Enterprises to mitigate the additional risk. FHFA
                recognized the need to test the adequacy of those operational changes, through
                its supervisory activities, to ensure that the risks had been mitigated.

                FHFA is charged by the Housing and Economic Recovery Act with, among
                other things, ensuring that the Enterprises and the Federal Home Loan Banks
                operate in a safe and sound manner. Within FHFA, the Division of Enterprise
                Regulation (DER) is responsible for the supervision of the Enterprises.
                According to the FHFA Examination Manual, each year DER assesses the
                risks of Enterprise operations and plans its supervisory activities to assess the
                mitigation of those risks. DER summarizes and communicates the results of its
                supervisory activities in an annual report of examination (ROE) issued to each
                Enterprise.
                We performed this audit to assess (1) whether DER’s planned supervisory
                activities relating to Freddie Mac’s implementation of the new framework for
                the 2015 and 2016 examination cycles could be tracked to its risk assessments
                and supervisiory strategies and (2) whether DER executed these planned
                supervisory activities during the 2015 and 2016 examination cycles.

                For the 2015 examination cycle, the risks identified by DER with respect to
AUD-2017-009    Freddie Mac’s implementation of the new framework focused on Freddie
                Mac’s                                                                   . To
September 22,   address the identified risks, we found that DER, as planned, performed two
    2017        ongoing monitoring activities related to ERM issues. For 2015, DER reported
                                                                                . For the 2016
                examination cycle, DER identified the new framework as a supervisory focus.
                DER’s 2016 Freddie Mac supervisory plan included three framework-related
                targeted examinations and one ongoing monitoring activity. These supervisory
                activities tracked to the new framework-related risks identified in the risk
                assessment. During the examination cycle, DER completed two of the planned
                targeted examinations, deferred the other targeted examination to 2017, and
                completed the ongoing monitoring activity. The 2016 supervisory activities
                identified
                             . We make no recommendations in this report.

                We are also issuing today the results of our audit of DER’s execution
                and completion of planned supervisory activities for the 2015 and 2016
                examination cycles to test the adequacy of Fannie Mae’s implementation of
                the new framework. See FHFA’s 2015 Report of Examination to Fannie Mae
                Failed to Follow FHFA’s Standards Because it Reported on an Incomplete
                Targeted Examination of the Enterprise’s New Representation and Warranty
                Framework, AUD-2017-008, available online at
                www.fhfaoig.gov/reports/auditsandevaluations.

                This report was prepared by James Lisle, Audit Director; April Ellison,
                Auditor-in-Charge; and Brian Maloney, Auditor; with the assistance of Bob
                Taylor, Assistant Inspector General for Audits. We appreciate the cooperation
                of FHFA staff, as well as the assistance of all those who contributed to the
                preparation of the report.

                This report has been distributed to Congress, the Office of Management and
                Budget, and others and will be posted to our website, www.fhfaoig.gov.



                Marla A. Freedman, Deputy Inspector General for Audits /s/
TABLE OF CONTENTS ................................................................
EXECUTIVE SUMMARY .............................................................................................................2

ABBREVIATIONS .........................................................................................................................5

BACKGROUND .............................................................................................................................6
      DER Supervisory Process .........................................................................................................6
      The New Framework Sought to Provide Greater Certainty to the Seller, Shifting
      Some Risk to the Enterprises ....................................................................................................8
      Implementation of the New Framework Required Operational Changes at
      Freddie Mac ............................................................................................................................10

FACTS AND ANALYSIS.............................................................................................................11
      DER Planned and Executed Supervisory Activities for Freddie Mac to Address the
      Risks it Identified with the New Framework in the 2015 and 2016 Examination
      Cycles .....................................................................................................................................11
             2015 Examination Cycle .................................................................................................11
             2016 Examination Cycle .................................................................................................12

CONCLUSION ..............................................................................................................................14

FHFA COMMENTS AND OIG RESPONSE ...............................................................................14

OBJECTIVE, SCOPE, AND METHODOLOGY .........................................................................15

ADDITIONAL INFORMATION AND COPIES .........................................................................17




                                         OIG • AUD-2017-009 • September 22, 2017                                                                 4
ABBREVIATIONS .......................................................................

3LOD               Three Lines of Defense

DER                Division of Enterprise Regulation

ERM                Enterprise Risk Management

Enterprises        Fannie Mae and Freddie Mac

Fannie Mae         Federal National Mortgage Association

FHFA               Federal Housing Finance Agency

Freddie Mac        Federal Home Loan Mortgage Corporation

MRA                Matter Requiring Attention

New framework      Representation and Warranty Framework

OIG                Office of Inspector General

PSPA               Preferred Stock Purchase Agreement

ROE                Report of Examination

Treasury           Department of the Treasury

UPB                Unpaid Principal Balance




                        OIG • AUD-2017-009 • September 22, 2017                     5
BACKGROUND ..........................................................................

DER Supervisory Process

Created by Congress in 2008, FHFA is charged by the Housing and Economic Recovery Act
of 2008 with, among other things, the supervision of the Enterprises. Its mission as a federal
financial regulator includes ensuring the safety and soundness of the Enterprises so that they
serve as a reliable source of liquidity and funding for housing finance and community
investment. FHFA exercises its supervision of the Enterprises through DER. Like other
federal financial regulators, FHFA maintains that it uses a risk-based approach to carry out its
supervisory activities.

In a number of recently issued reports, we have explained in detail the different elements of
DER’s supervision program for the Enterprises. 1 According to FHFA, DER’s examinations
of the Enterprises are risk-based and rely on an understanding of the Enterprise, risk
assessments, the development of a supervisory strategy and supervisory plan, and examination
procedures tailored to the Enterprise’s risk profile. The specific elements of DER’s
supervisory program include:

    •   DER’s written assessment of risks at the Enterprises, which serves as a platform for
        developing an annual supervisory strategy and supervisory plan;

    •   DER’s annual supervisory strategy is intended to form a bridge between the risk
        assessment, which identifies significant risks and supervisory concerns, and the
        supervisory activities to be conducted. The supervisory strategy should include,
        among other things, the planned supervisory approach (extent of ongoing monitoring
        or targeted examination activity) and planned objectives that address the significant
        risks and the principal supervisory priorities for the year;

    •   DER’s supervisory plan for each annual examination cycle sets forth the planned
        supervisory activities, prioritized based on level of risk identified in DER’s risk
        assessments. The supervisory plan is supposed to clearly link to the supervisory
        strategy. Because supervisory planning is a continuous process, supervisory plans may
        need to be adjusted during each year to address newly emerging risks that require
        attention during the current examination cycle; adjustments to the supervisory plans
        must be risk-based and documented. Supervisory activities include ongoing

1
 We have issued a number of reports addressing DER’s supervisory process, which are summarized in Safe
and Sound Operation of the Enterprises Cannot Be Assumed Because of Significant Shortcomings in FHFA’s
Supervision Program for the Enterprises (Dec. 15, 2016) (OIG-2017-003) (online at
www.fhfaoig.gov/Content/Files/OIG-2017-003.pdf).



                              OIG • AUD-2017-009 • September 22, 2017                                    6
         monitoring and targeted examinations. According to FHFA, ongoing monitoring
         and targeted examinations serve complementary purposes. The purpose of ongoing
         monitoring is to analyze real-time information and to use those analyses to identify
         Enterprise practices and changes in an Enterprise’s risk profile that may warrant
         increased supervisory attention. According to the FHFA Examination Manual,
         ongoing monitoring is also “used to determine the status of the Enterprise’s
         compliance with supervisory guidance, MRAs, and conservatorship directives[.]” 2
         Targeted examinations complement ongoing monitoring; further, the FHFA
         Examination Manual notes that they enable examiners to conduct “a deep or
         comprehensive assessment” of the areas found to be of high importance or risk;

    •    DER’s planned examination procedures for its supervisory activities, which are
         designed to identify the objectives of the activity and describe the examination steps to
         be performed, including sampling and testing;

    •    DER’s quality control processes for its targeted examinations and for ongoing
         monitoring activities with findings, which assess whether such activities comply with
         FHFA examination standards and procedural requirements in the FHFA Examination
         Manual, supplemental modules, supervision directives, and DER operating procedures
         bulletins, which DER requires must be completed before DER communicates the
         results of such activities to an Enterprise;

    •    DER’s communication of its findings from its supervisory activities, including its
         supervisory concerns, to each Enterprise;

    •    DER follow-up on efforts by each Enterprise to correct identified deficiencies
         throughout the remediation period to ensure that remediation is timely and adequate;
         and

    •    DER’s communication of its examination conclusions, findings, and composite/
         component examination ratings after the end of each annual examination cycle to
         each Enterprise board of directors in an annual ROE to assist Enterprise directors in
         executing their oversight responsibilities.




2
  As discussed in AB-2017-01 Classifications of Adverse Examination Findings, MRAs are adverse
examination findings that fall into one of the following categories: (1) critical supervisory matters (the highest
priority) that pose substantial risk to the safety and soundness of the Enterprise and (2) deficiencies that are
supervisory concerns, which FHFA believes could, if not corrected, escalate and potentially negatively affect
the condition, financial performance, risk profile, operations, or reputation of the Enterprise.



                                  OIG • AUD-2017-009 • September 22, 2017                                            7
The New Framework Sought to Provide Greater Certainty to the Seller, Shifting Some
Risk to the Enterprises

The Enterprises provide liquidity to the U.S. housing finance system by purchasing residential
mortgages and bundling the purchased mortgages into securities for which they guarantee
principal and interest. In guaranteeing the securities, the Enterprises assume the credit risk 3
from possible default of the underlying mortgages. To mitigate this risk, the Enterprises
require lenders that sell the residential mortgages to make specific contractual representations
and warranties in which they represent that their mortgages meet the specific underwriting
standards set forth in Fannie Mae’s Selling Guide or Freddie Mac’s Single-Family
Seller/Servicer Guide.

Historically, the Enterprises performed limited due diligence on the loans at the time of
purchase. In the event of default, the affected Enterprise reviewed whether the defaulted
loan complied with the lender’s representations and warranties in the lender contract. If an
Enterprise found that a defaulted loan breached these representations and warranties in any
way, the Enterprise could exercise its contractual right to require the lender to repurchase the
non-compliant loan, even if the loan defaulted years after it was made. This right to demand
repurchase of defaulted loans that did not comply with the representations and warranties in
the lender contract mitigated the risk of losses to the Enterprises from defaulted loans.

In September 2012, FHFA announced that the Enterprises would launch the new framework
for conventional loans sold or delivered on or after January 1, 2013. 4 The objective of the
new framework was to enhance transparency and certainty for lenders by clarifying when a
mortgage loan may be subject to repurchase. The new framework provides relief for lenders
from the requirement to remedy (e.g., repurchase) a loan due to breaches of certain
underwriting and property valuation representations and warranties when a loan meets certain
payment history requirements or the satisfactory conclusion of a quality control review by the
Enterprise. 5 The new framework does not change the underlying representations and


3
 Credit risk is the potential that a borrower or counterparty will fail to meet its obligation in accordance with
agreed terms.
4
  On September 10, 2012, then-acting FHFA Director DeMarco explained that “there has been much
discussion that the uncertainty with representation and warranty exposure may be affecting the willingness
of lenders to extend credit” and that this uncertainty warranted a change in the representation and warranty
framework. Edward J. Demarco, FHFA Acting Director, Remarks as Delivered – American Mortgage
Conference, Raleigh, NC (Sept. 10, 2012) (online at www.fhfa.gov/Media/PublicAffairs/Pages/Remarks-as-
Delivered-Edward-J-DeMarco-Acting-Director-FHFA-American-Mortgage-Conference.aspx).
5
  A quality control program defines the standards for loan quality, establishes processes designed to achieve
those standards, and mitigates risks associated with the origination processes. A quality control program
includes a documented quality control plan that outlines requirements for validating that loans are originated in
accordance with the Enterprise’s established policies and procedures.



                                  OIG • AUD-2017-009 • September 22, 2017                                           8
warranties the lender makes to the Enterprises when selling mortgages; it changes whether
and how the Enterprises will enforce breaches of those representations. 6 As Director Watt
testified in January 2015:

         FHFA’s supervision function evaluates the safety and soundness of the
         Enterprises’ operations. Safety and soundness is a top priority in meeting FHFA’s
         statutory obligations, in execution of Enterprise strategic initiatives and in all
         business and control functions. . . . In updating and clarifying the Framework,
         FHFA’s objectives are to continue to support safe and sound Enterprise
         operations, encourage lenders to reduce their credit overlays, and complement
         the agency’s efforts to strengthen the Enterprises’ quality control process. 7

As Freddie Mac recognized in its December 31, 2013, Form 10-K, 8 “We may face greater
exposure to credit and other losses under this new framework since it relieves lenders of
certain repurchase obligations in specific cases[.]” The increased exposure under this new
framework could pass through to the taxpayers as the Enterprises continue to operate under
FHFA’s conservatorship. 9

Freddie Mac reported to us that, as of April 30, 2017, it has acquired more than 5.6 million
loans, with an unpaid principal balance (UPB) of $1.12 trillion, that are subject to the new
framework. More than 2 million of those loans, with a UPB of nearly $347 billion, have either
demonstrated acceptable payment histories, passed Freddie Mac quality control review, or
met other requirements. Pursuant to the new framework, Freddie Mac will not exercise its
remedies, including a demand to repurchase those loans, except in limited situations. More
than 3.5 million loans, with a UPB of approximately $758 billion, have not completed Freddie
Mac quality control review and are still within the sunset period. Pursuant to the new


6
 Lenders remain responsible for the life of the loan in the event of misstatements, misrepresentations and
omissions, and certain other situations.
7
 Statement of Melvin L. Watt before the U.S. House of Representatives Committee on Financial Services,
“Sustainable Housing Finance: An Update from the Director of the Federal Housing Finance Agency” (Jan. 27,
2015) (online at www.fhfa.gov/Media/PublicAffairs/Pages/Statement-of-Melvin-L-Watt-Director-FHFA-
Before-the-US-House-of-Representatives-Committee-on-Financial-Services-1272015.aspx).
8
  Securities laws require publicly traded companies to disclose information on an ongoing basis. Form 10-K
provides a comprehensive overview of the company's business and financial condition and includes audited
financial statements.
9
  Fannie Mae and Freddie Mac continue to operate under conservatorship, as they have since 2008. At the time
the Enterprises were placed into conservatorship, the Department of the Treasury (Treasury) and FHFA, as
conservator of the Enterprises, executed senior preferred stock purchase agreements (PSPAs) to ensure that the
Enterprises could continue to operate. The PSPAs, among other things, obligated Treasury to provide funds
(subject to specified limits) to an Enterprise to restore it to positive net worth in any quarter in which the
Enterprise’s net worth becomes negative. Under these PSPAs, U.S. taxpayers, through Treasury, have invested
a total of $187.5 billion into the Enterprises since 2008.



                                 OIG • AUD-2017-009 • September 22, 2017                                         9
framework, Freddie Mac can exercise its remedies, including a demand to repurchase those
loans. Almost 99,000 loans, with a UPB of nearly $17 billion, did not demonstrate acceptable
payment histories within the sunset period or did not pass Freddie Mac quality control review.
For those loans, Freddie Mac retains the right to exercise its remedies, including a demand to
repurchase by the loan sellers.

Implementation of the New Framework Required Operational Changes at Freddie Mac

Implementation of the new framework shifted some risk of non-compliance with
representations and warranties from the lenders to the Enterprises. As a result, the Enterprises’
quality control programs became increasingly important to mitigate origination quality and
credit risks since the Enterprises would no longer be able to seek repurchase from a loan
seller for the life of the loan. For loans acquired under the new framework, both Enterprises
represented that they would conduct most quality control reviews within 30 to 120 days after
delivery of the loan to assess whether the specific representations and warranties were
satisfied. According to the Enterprises, they would employ new technologies and data
gathering tools to identify loans that are not originated in accordance with applicable
underwriting and eligibility requirements.




                            OIG • AUD-2017-009 • September 22, 2017                                 10
FACTS AND ANALYSIS ...............................................................

DER Planned and Executed Supervisory Activities for Freddie Mac to Address the Risks
it Identified with the New Framework in the 2015 and 2016 Examination Cycles

     2015 Examination Cycle

Risk Assessment – DER identified new framework-related risks in the credit and governance
areas 10 of the risk assessment for the 2015 examination cycle. For credit risk, DER noted that
Freddie Mac’s
                                                                       11
                                                                          For governance risk,
DER noted
                                                     12




                                                                                                 .

Supervisory Strategy – The 2015 supervisory strategy did not explicitly mention the new
framework but discussed                                   as significant risks. The
supervisory strategy included Freddie Mac’s                                         , which
impacted the new framework, as a focus of supervision.

        DER’s Supervisory Activities for the 2015 Examination Cycle

DER’s 2015 supervisory plan did not include any new framework-related targeted
examinations but included ongoing monitoring activities focused on the overall governance

10
   According to the FHFA Examination Manual, risk assessments should describe the types of risk as follows:
credit, market, liquidity, reputational, operational, model, and legal.
11
   Enterprise risk management is a risk management concept with the primary objective to identify, measure,
monitor, and report on risk exposures on an ongoing basis; it should encompass all on- and off-balance sheet
risks at entity-wide, portfolio, and business-line levels.
12
  The three lines of defense is a risk management and control model promulgated by the Institute of Internal
Auditors (IIA) in its IIA Position Paper – The Three Lines of Defense in Effective Risk Management and
Control (Jan. 2013) (online at https://na.theiia.org/standards-
guidance/Public%20Documents/PP%20The%20Three%20Lines%20of%20Defense%20in%20Effective%20Ri
sk%20Management%20and%20Control.pdf). The model defines operational management as the first line of
defense, risk management and compliance functions as the second, and internal audit as the third. The FHFA
Examination Manual states, “Sound operational risk management practices include a three line[s] of defense
approach – business line management, an independent enterprise-level operational risk management function,
and an independent review....”



                                OIG • AUD-2017-009 • September 22, 2017                                        11
of Freddie Mac’s ERM process along with two specific ERM-related ongoing monitoring
activities of Freddie Mac’s single-family business unit, responsible for the single-family
quality control function under the new framework. These ongoing monitoring activities and
their objectives were:

     •   ERM –
                                                                                       13




     •   3LOD –

                                                                     .

DER performed the two new framework-related ongoing monitoring activities during the
2015 examination cycle. In a year-end summary memorandum, which included these two
supervisory activities, DER stated that




                        .

Report of Examination – DER did not discuss the new framework in the ROE issued for
the 2015 examination cycle. It reported on Freddie Mac’s




     2016 Examination Cycle

Risk Assessment – DER identified new framework-related risks in the Freddie Mac risk
assessment for the 2016 examination cycle. The risk assessment noted that the Enterprise was



                            In addition, the risk assessment noted that

13
   OIG, FHFA’s Representation and Warranty Framework (Sept. 17, 2014) (AUD-2014-016) (online at
www.fhfaoig.gov/Content/Files/AUD-2014-016.pdf). This report concluded that neither Enterprise had
implemented the processes, procedures, and systems needed to operate within the new framework before it
went into effect in 2013. Among other things, OIG recommended that FHFA “assess the current state of the
Enterprises’ critical risk assessment tools, representations and warranties tracking systems, and any other
systems, processes, or infrastructure to determine whether the Enterprises [were] in a position to minimize
financial risk that might result from the new framework.”



                                 OIG • AUD-2017-009 • September 22, 2017                                      12
                                               .

Supervisory Strategy – Consistent with the risk assessment, DER’s 2016 supervisory strategy
identified Freddie Mac’s implementation of the new framework as an area of supervisory
focus.

           DER’s Supervisory Activities for the 2016 Examination Cycle

DER’s 2016 Freddie Mac supervisory plan included three new framework-related targeted
examinations and one ongoing monitoring activity. These supervisory activities tracked to the
new framework-related risks identified in the risk assessment. The supervisory activities and
their objectives were:

      •    Rep and Warrant Framework (Targeted Examination) –

                        .

      •    Single-family Loan Level Credit Quality (Targeted Examination) –




      •    Single-family Loan Acquisition Quality Control Program (Targeted
           Examination) –

                               .

      •    Single-family Credit Risk Management (Ongoing Monitoring Activity) –




DER completed two of the planned targeted examinations, deferred the other targeted
examination to 2017 for risk-based reasons, and completed the ongoing monitoring activity.
As a result of the supervisory activities conducted during the examination cycle, DER

                                                                                    14



Report of Examination – DER did not discuss the new framework in Freddie Mac’s 2016
ROE. Overall, DER concluded that

14
     Caution loans are loans that are on the margin of acceptability.



                                   OIG • AUD-2017-009 • September 22, 2017                      13
CONCLUSION ............................................................................

We found that DER’s planned supervisory activities relating to Freddie Mac’s implementation
of the new framework for the 2015 and 2016 examination cycles could be tracked to its risk
assessments and supervisory strategies. We also found that DER executed both planned
supervisory activities for the 2015 examination cycle and three of the four planned
supervisory activities for the 2016 examination cycle. For the one planned supervisory
activity that was not performed, DER deferred the examination to 2017 for risk-based reasons.
Accordingly, we make no recommendations in this report.


FHFA COMMENTS AND OIG RESPONSE .....................................

We provided FHFA an opportunity to respond to a draft of this audit report. FHFA provided
technical comments on the draft report, and those comments were incorporated as appropriate.
FHFA informed us that they had no further comments on the report and, therefore, did not
provide a written management response.




                           OIG • AUD-2017-009 • September 22, 2017                              14
OBJECTIVE, SCOPE, AND METHODOLOGY .................................

We conducted this audit to assess (1) whether DER’s planned supervisory activities relating
to Freddie Mac’s implementation of the new framework for the 2015 and 2016 examination
cycles could be tracked to its risk assessments and supervisory strategies and (2) whether
DER executed and completed these planned supervisory activities during the 2015 and 2016
examination cycles.

To accomplish our objective, we reviewed the FHFA Examination Manual (December 2013)
and the related Credit Risk Management examination module (July 2013); guidance issued by
FHFA and DER related to supervisory planning, execution, and quality control; and
supervisory planning and examination documentation supporting the supervisory activities
conducted of Freddie Mac related to the new framework.

Specifically, for Freddie Mac, we:

   •   Reviewed DER’s risk assessments for the 2015 and 2016 examination cycles to
       identify risks related to the new framework.

   •   Reviewed DER’s supervisory strategy documents for the 2015 and 2016 examination
       cycles to identify risks related to the new framework.

   •   Reviewed DER supervisory plan documents for the 2015 and 2016 examination cycles
       to identify whether planned supervisory activities addressed the risks related to the
       new framework DER identified in the risk assessments and supervisory strategies.

   •   Interviewed DER personnel to gain an understanding of the supervision process and
       examination approach used to supervise Freddie Mac’s implementation of the new
       framework.

   •   Reviewed DER’s workpapers for the targeted examinations and ongoing monitoring
       related to the new framework performed during the 2015 and 2016 examination cycles
       to determine whether:

           o Required documents for each type of examination performed were completed
             and included in examination documentation in accordance with FHFA
             guidelines, and

           o The scope and conclusions of each of the supervisory activities’ conclusion
             documents addressed the associated supervisory activity objectives.




                           OIG • AUD-2017-009 • September 22, 2017                             15
   •   Reviewed the 2015 and 2016 ROEs to determine whether the results and conclusions
       of the new framework related supervisory activity were discussed.

We conducted this performance audit from March 2017 through September 2017 in
accordance with generally accepted government auditing standards. Those standards require
that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a
reasonable basis for the findings and conclusions based on our audit objectives. We believe
that the evidence obtained provides a reasonable basis for our findings and conclusions based
on our audit objectives.




                           OIG • AUD-2017-009 • September 22, 2017                              16
ADDITIONAL INFORMATION AND COPIES .................................


For additional copies of this report:

   •   Call: 202-730-0880

   •   Fax: 202-318-0239

   •   Visit: www.fhfaoig.gov



To report potential fraud, waste, abuse, mismanagement, or any other kind of criminal or
noncriminal misconduct relative to FHFA’s programs or operations:

   •   Call: 1-800-793-7724

   •   Fax: 202-318-0358

   •   Visit: www.fhfaoig.gov/ReportFraud

   •   Write:

                FHFA Office of Inspector General
                Attn: Office of Investigations – Hotline
                400 Seventh Street SW
                Washington, DC 20219




                            OIG • AUD-2017-009 • September 22, 2017                        17