oversight

FHFA's Failure to Consistently Identify Specific Deficiencies and Their Root Causes in Its Reports of Examination Constrains the Ability of the Enterprise Boards to Exercise Effective Oversight of Management's Remediation of Supervisory Concerns

Published by the Federal Housing Finance Agency, Office of Inspector General on 2016-07-14.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                     REDACTED




              Federal Housing Finance Agency
                  Office of Inspector General




FHFA’s Failure to Consistently Identify
  Specific Deficiencies and Their Root
 Causes in Its Reports of Examination
Constrains the Ability of the Enterprise
Boards to Exercise Effective Oversight of
    Management’s Remediation of
         Supervisory Concerns




    Evaluation Report  EVL-2016-008  July 14, 2016
                Executive Summary
                Since 2008, FHFA has operated as both regulator and conservator of Fannie
                Mae and Freddie Mac (the Enterprises) and regulator of the Federal Home
                Loan Banks (FHLBanks) to ensure that they operate safely and soundly so that
                they serve as a reliable source of liquidity and funding for housing finance and
                community investment. Like other federal financial regulators, FHFA has
EVL-2016-008    adopted a risk-based approach for supervision. FHFA’s Division of Enterprise
                Regulation (DER) conducts supervision activities for the Enterprises. DER
July 14, 2016   conducts ongoing monitoring and targeted examinations into strategically
                selected areas of high importance or risk at each Enterprise pursuant to a
                supervisory plan that is prepared annually and revised at mid-year.
                Supervision of the FHLBanks is the responsibility of FHFA’s Division of
                Federal Home Loan Bank Regulation (DBR). DBR’s supervisory activities
                include annual on-site examinations, periodic visits, special reviews, and off-
                site monitoring.

                In its role as regulator of the Enterprises and the FHLBanks, FHFA produces
                written reports of examination (ROE) for each annual supervisory cycle, as do
                other federal financial regulators for their safety and soundness examinations
                of financial institutions they regulate. FHFA’s governance regulations and
                Examination Manual charge a board of directors (board) of each of its
                regulated entities with oversight responsibilities to ensure that management
                corrects all deficient, unsafe, or unsound practices giving rise to supervisory
                concerns and findings in an ROE.

                The purpose of an ROE is to communicate to the board of each regulated entity
                examination results and conclusions, findings, supervisory concerns, and the
                composite and component ratings assigned in accordance with FHFA’s rating
                system. A board can only effectively satisfy its oversight responsibilities to
                ensure that such practices will be corrected when the ROE identifies all
                deficient, unsafe, or unsound practices giving rise to supervisory concerns and
                findings.

                Given the central role the ROE serves in communicating FHFA’s supervisory
                concerns, examination findings, and ratings to the board of directors of each of
                its regulated entities, we conducted this evaluation to compare FHFA’s ROE
                requirements and guidance to the ROE requirements established by other
                federal financial regulators, and to assess whether ROEs issued by DER to the
                Enterprises over the past five years meet FHFA’s established requirements and
                guidance. We also compared DER’s ROE-related guidance and practices with
                those of DBR. Based on the information learned during this evaluation, we are
                issuing today two reports. In this report, we compare the requirements and
                guidance issued by other federal financial regulators regarding the minimum
                standard of information to be provided in each ROE to the requirements and
                guidance issued by FHFA. We then discuss the supplemental guidance issued
                by DBR for content of ROEs issued to FHLBanks and show that DER has no
                similar guidance. Last, we examine whether DER examiners have adhered to
                commitments made by DER for the preparation of ROEs over the past five
                years and we find that they have not.

EVL-2016-008    The companion report (entitled FHFA Failed to Consistently Deliver Timely
                Reports of Examination to the Enterprise Boards and Obtain Written
July 14, 2016   Responses from the Boards Regarding Remediation of Supervisory Concerns
                Identified in those Reports) assesses whether DER examiners have followed
                FHFA’s limited requirements and guidance for delivery of the ROE and
                response by the regulated entity over the past five years. We show that, on a
                regular basis, DER examiners have failed to meet FHFA’s requirements.

                Read together, our reports show that FHFA’s limited ROE requirements and
                guidance and DER’s shortcomings in following those standards weaken the
                value of the ROE to Enterprise boards, create the risk that Enterprise boards
                may not be fully knowledgeable of matters addressed in the ROE, and
                constrain the boards’ ability to oversee remediation of supervisory concerns.
                Given the lack of comprehensive guidance by FHFA and the inconsistent
                application of existing guidance by DER examiners, FHFA has little assurance
                that the ROE will focus the attention of an Enterprise board on excessive risks
                or deficient risk management practices and their root causes, consistent with
                the objectives of FHFA’s supervisory activities.

                We make three recommendations to remedy the shortcomings we found.
                FHFA has partially agreed with our first recommendation, disagreed with the
                second, and agreed with the third.

                This report was prepared by Jon Anders, Program Analyst, and Timothy
                Callahan, Attorney Advisor. We appreciate the cooperation of FHFA staff, as
                well as the assistance of all those who contributed to the preparation of this
                report.

                This report has been distributed to Congress, the Office of Management and
                Budget, and others and will be posted on our website, www.fhfaoig.gov.




                Kyle D. Roberts
                Deputy Inspector General for Evaluations
TABLE OF CONTENTS ................................................................
EXECUTIVE SUMMARY .............................................................................................................2

ABBREVIATIONS .........................................................................................................................6

BACKGROUND .............................................................................................................................7
      Reports of Examination: Communicating Examination Findings, Supervisory
      Concerns, and Ratings ..............................................................................................................8
             FHFA’s Examination Rating System—An Overview ......................................................9
             Ramifications of CAMELSO Composite Ratings ..........................................................10
             Examination Ratings for Fannie Mae and Freddie Mac During the
                Conservatorships .....................................................................................................10

FACTS AND ANALYSIS.............................................................................................................11
      Requirements of Other Federal Financial Regulators for Content of Reports of
      Examination ............................................................................................................................11
      FHFA Requirements, Guidance, and Practice Regarding Reports of Examination ...............12
             Requirements and Guidance on ROE Structure and Content .........................................12
             Observed Practice ...........................................................................................................14
             DER’s ROE Review Process Continues to Create the Appearance that the
                Enterprises Influence the Content of the Final ROEs .............................................16

FINDINGS .....................................................................................................................................19
      1. Guidance issued by FHFA and DER on the structure and content of the annual
      ROE is incomplete compared to guidance issued by DBR and by three other federal
      financial regulators and has led to inconsistent and incomplete ROEs. .................................19
      2. ROEs issued to each Enterprise during the five annual supervisory cycles failed
      to consistently provide Enterprise directors with critical information on the most
      serious examination findings which necessarily constrained the directors’ ability
      to exercise effective oversight. ...............................................................................................19
      3. DER’s ROE review process continues to create the appearance that the
      Enterprises exert influence over ROE content........................................................................20

CONCLUSION ..............................................................................................................................20

RECOMMENDATIONS ...............................................................................................................21


                                              OIG  EVL-2016-008  July 14, 2016                                                             4
FHFA COMMENTS AND OIG RESPONSE ...............................................................................22

OBJECTIVE, SCOPE, AND METHODOLOGY .........................................................................24

APPENDIX A ................................................................................................................................25
      Examination Manuals and ROE Templates and Instructions of the OCC,
      Federal Reserve, and FDIC.....................................................................................................25
             OCC ................................................................................................................................25
             Federal Reserve...............................................................................................................25
             FDIC ...............................................................................................................................25

APPENDIX B ................................................................................................................................26
      FHFA’s Comments on OIG’s Findings and Recommendations ............................................26

ADDITIONAL INFORMATION AND COPIES .........................................................................31




                                              OIG  EVL-2016-008  July 14, 2016                                                                5
ABBREVIATIONS .......................................................................

Board                     Board of Directors

DBR                       Division of Federal Home Loan Bank Regulation

DER                       Division of Enterprise Regulation

EIC                       Examiner-in-Charge

Enterprises               Fannie Mae and Freddie Mac, collectively

FDIC                      Federal Deposit Insurance Corporation

Federal Reserve           Board of Governors of the Federal Reserve System

FHFA or Agency            Federal Housing Finance Agency

FHLBank                   Federal Home Loan Bank

MRA                       Matter Requiring Attention

OCC                       Office of the Comptroller of the Currency

OQA                       Office of Quality Assurance

ROE                       Report of Examination




                           OIG  EVL-2016-008  July 14, 2016                       6
BACKGROUND ..........................................................................

Since 2008, FHFA has operated as both regulator and conservator of the Enterprises and
regulator of the Federal Home Loan Bank system to ensure that these entities operate safely
and soundly so that they serve as a reliable source of liquidity and funding for housing
finance and community investment. FHFA recognizes that its relationship to the Enterprises
in its role as conservator is quite different from its role as regulator. As conservator,
“FHFA has the ultimate authority and control to make business, policy, and risk decisions
for the Enterprises, and the Enterprises’ boards know that their job is to meet [FHFA’s]
expectations.”1 According to Director Melvin L. Watt, “managing these Enterprises in
conservatorship requires much more of a joint effort than would occur under a normal
regulatory relationship.” For example, employees from FHFA’s “Division of
Conservatorship team attend management and board meetings as part of [FHFA’s]
conservatorship functions, and [the FHFA Director] personally attend[s] and preside[s]
at executive sessions of Enterprise board meetings.”

As regulator of the Enterprises, FHFA’s role is no different from its role as regulator of
the FHLBanks or the role played by other federal financial regulators for the entities they
regulate. FHFA, like other federal financial regulators, is tasked with ensuring that the
regulated entities operate safely and soundly. FHFA meets these responsibilities through
risk-based supervisory activities.

FHFA’s DER is responsible for supervision of the Enterprises. DER conducts both
ongoing monitoring and targeted examinations based on its supervisory strategy and plan.
Through ongoing monitoring, DER examiners evaluate the Enterprises’ operations and
risk management by meeting with Enterprise management and reviewing management and
board reports. Examiners may also conduct ongoing monitoring to determine the status of
the Enterprises’ compliance with supervisory guidance and conservatorship directives and
remediation of Matters Requiring Attention (MRAs). Targeted examinations enable
examiners to conduct a deep or comprehensive assessment of selected areas of high
importance or risk. DER examiners conduct targeted examinations on an as needed basis,
determined by risk. FHFA’s DBR is responsible for supervision of the FHLBanks and the
Office of Finance. DBR’s supervisory activities include annual on-site examinations
typically lasting several weeks, supplemented by periodic visits, special reviews, and off-
site monitoring.


1
 Melvin L. Watt, Director, FHFA, Prepared Remarks at the Bipartisan Policy Center (Feb. 18, 2016) (online at
www.fhfa.gov/Media/PublicAffairs/Pages/Prepared-Remarks-Melvin-Watt-at-BPC.aspx). FHFA has
delegated responsibility of day-to-day operations to the Enterprises’ boards and senior management, with the
exception of certain activities that require approval of the conservator.



                                    OIG  EVL-2016-008  July 14, 2016                                         7
Reports of Examination: Communicating Examination Findings, Supervisory Concerns,
and Ratings

FHFA’s governance regulations and Examination Manual make clear that the board of a
regulated entity is ultimately responsible for: ensuring that the conditions and practices
that gave rise to any supervisory concerns and findings are corrected and that executive
officers have been responsive in addressing all of FHFA’s supervisory concerns in a
timely and appropriate manner;2 and holding management accountable for remediating
those conditions and practices. FHFA, like other federal financial regulators, produces an
ROE in conjunction with its supervision of each regulated entity. According to FHFA, the
ROE communicates to the board of directors of a regulated entity substantive examination
results and conclusions. DER issues an ROE to each Enterprise at the end of each annual
supervisory cycle, and DBR issues an ROE to each FHLBank after completing that bank’s
annual on-site examination.

As noted earlier, DER’s supervisory activities during each annual supervisory cycle
involve ongoing monitoring and targeted examinations. The results and conclusions from
DER’s ongoing monitoring activities are reported in the annual ROE. At the close of each
targeted examination, DER issues a conclusion letter to Enterprise management, not the
Enterprise board.3 The ROE rolls up the substantive examination results from these
targeted examinations and also reports on conclusions and any findings issued through
ongoing monitoring. ROEs issued by DBR focus on results from its annual on-site
examinations, any periodic visits, special reviews, and off-site monitoring.




2
 FHFA’s corporate governance regulation does not define the term “supervisory concerns,” but imposes
duties on a board of regulated entities to ensure that all supervisory concerns are addressed. See
12 C.F.R. § 1239.4(c)(3) (Duties and Responsibilities of Directors).
3
  Through discussions with management and formal correspondence such as “conclusion letters,” DER
communicates examination findings to Enterprise management as they are identified during the course of the
examination cycle. Prior to March 2016, DER addressed conclusion letters to Enterprise management, not to
the board of directors or a board committee of an Enterprise. In response to a recent OIG recommendation,
FHFA will now require that any conclusion letter that includes an MRA be sent to the chair of the board Audit
Committee of the affected Enterprise. See OIG, FHFA’s Supervisory Standards for Communication of Serious
Deficiencies to Enterprise Boards and for Board Oversight of Management’s Remediation Efforts are
Inadequate, at 20 (Mar. 31, 2016) (EVL-2016-005) (online at www.fhfaoig.gov/Content/Files/EVL-2016-
005.pdf).



                                    OIG  EVL-2016-008  July 14, 2016                                          8
Each ROE includes examination findings, which
FHFA defines as deficiencies related to: risk                         FHFA’s Examination Findings
management; risk exposure; or violations of laws,                     Matter Requiring Attention: The
regulations, or orders affecting the performance or                   most serious examination finding,
condition of a regulated entity. The most serious                     issued for non-compliance with
examination findings are MRAs. The ROE also                           laws or regulations, repeat
                                                                      deficiencies, unsafe or unsound
reports “supervisory concerns,” a term of art
                                                                      practices, significant control
commonly used among federal financial regulators to
                                                                      weaknesses, and inappropriate
describe a practice or condition that, on its own, may                risk-taking.
not qualify as an MRA, but nevertheless requires
remediation and resolution. Last, each ROE contains                   Violation: A matter as to which
                                                                      there is reason to suspect non-
the component and composite ratings assigned in
                                                                      compliance with laws, regulations,
accordance with FHFA’s examination rating system.4                    or orders. A violation with serious
                                                                      implications also may be classified
    FHFA’s Examination Rating System—An                               as an MRA.
    Overview
                                                                      Recommendation: An advisory
FHFA adopted the “CAMELSO” examination rating                         finding representing a suggested
                                                                      change to a policy, procedure,
system in 2012.5 CAMELSO is similar to the
                                                                      practice, or control to improve,
“CAMELS” rating system used by federal banking
                                                                      or prevent deterioration in,
regulators for depository institutions.6 The                          condition, operations, or
CAMELSO system has seven components                                   performance.
(component ratings): Capital, Asset Quality,
Management, Earnings, Liquidity, Sensitivity to
Market Risk, and Operational Risk. Under the CAMELSO system, FHFA assigns each
component a rating (on a scale of 1 to 5), where a 1 rating represents the lowest level of
supervisory concern and a 5 rating represents the highest level. After considering the
examination findings and ratings for each of the components, FHFA assigns a rating for the
overall condition of the regulated entity (composite rating).



4
 FHFA published its examination findings categories and supervisory guidance in Advisory Bulletin 2012-01,
which established a hierarchy of three findings categorized by the seriousness of the deficiency. See FHFA,
Advisory Bulletin 2012-01, Categories for Examination Findings, at 2 (Apr. 2, 2012) (online at
www.fhfa.gov/SupervisionRegulation/AdvisoryBulletins/AdvisoryBulletinDocuments/2012_AB_2012-
01_Categories_for_Examination_Findings_508.pdf). An FHFA Advisory Bulletin may be directed to FHFA
employees, to the entities FHFA regulates, or to both. Advisory Bulletin 2012-01 is addressed to both.
5
 See FHFA, Advisory Bulletin 2012-03, FHFA Examination Rating System (Dec. 19, 2012) (online at
www.fhfa.gov/SupervisionRegulation/AdvisoryBulletins/Pages/AB-2012-03-FHFA-EXAMINATION-
RATING-SYSTEM.aspx). The new rating system became effective January 1, 2013.
6
 See FHFA, Examination Rating System, 77 Fed. Reg. 67644 (Nov. 13, 2012) (online at
2012.11.13_FHFA_77FR67644-Examination-Rating-System).



                                    OIG  EVL-2016-008  July 14, 2016                                        9
The CAMELSO composite rating reflects FHFA’s conclusions regarding the safety,
soundness, and risk management practices of a regulated entity. According to FHFA, a
composite rating of 1 or 2 reflects FHFA’s conclusion that the regulated entity is generally
sound; a composite rating of 3 reflects FHFA’s determination that the entity has moderate to
severe weaknesses and needs improvement; and a composite rating of 4 or 5 reflects the need
for supervisory intervention.

    Ramifications of CAMELSO Composite Ratings

FHFA may take enforcement action to address, among other things, examination findings,
capital deficiencies, and unsafe or unsound practices or conditions. Enforcement actions
can be informal or formal, and can take the form of a board resolution, written agreement,
memorandum of understanding, prompt corrective action directive, consent order, or cease-
and-desist order.

Under FHFA’s Enforcement Policy, the CAMELSO composite rating is a significant factor in
guiding FHFA’s decision whether to take an enforcement action and the type of enforcement
action that is appropriate. For a regulated entity with a composite rating of 1 or 2, FHFA’s
policy directs that examiners should address supervisory concerns identified in an ROE
through commitments from management and the board to correct the problems. When a
regulated entity receives a CAMELSO composite rating of 3, 4, or 5, FHFA’s policy
contemplates that a formal or informal enforcement action may be appropriate to ensure that
management and the board correct the identified deficiencies within specified timeframes.7

    Examination Ratings for Fannie Mae and Freddie Mac During the Conservatorships

For each year of FHFA’s conservatorships of the Enterprises, FHFA has assigned
examination ratings to each Enterprise. From 2008 through 2012, FHFA assigned ratings
under its “GSEER” rating system;8 after adopting the CAMELSO system, FHFA assigned
ratings under it from 2013 to the present. FHFA assigned the worst possible GSEER rating—
“Critical Concerns”—to each Enterprise until the Agency transitioned to the CAMELSO


7
 See FHFA Advisory Bulletin 2013-03, FHFA Enforcement Policy, at 10-11 (May 31, 2013) (online at
www.fhfa.gov/SupervisionRegulation/AdvisoryBulletins/AdvisoryBulletinDocuments/20130531_AB_2013-
03_FHFA-Enforcement-Policy_508%20(2).pdf). Pursuant to 12 U.S.C. § 4631(b), the FHFA Director may
bring an enforcement action against a regulated entity for unsafe and unsound practices if it receives a
CAMELSO component rating of 3, 4, or 5 in any individual component for asset quality, management,
earnings, or liquidity and fails to correct the deficiency that led to the rating.
8
  GSEER stands for Governance, Solvency, Earnings, and Enterprise Risk (Enterprise Risk is comprised of
Credit Risk, Market Risk, and Operational Risk). GSEER was a four-tiered system with ratings of “No or
Minimal Concerns,” “Limited Concerns,” “Significant Concerns,” and “Critical Concerns.” A full description
of the rating system is set forth in Chapter 3 of the DER Supervision Handbook 2.1 (June 16, 2009). FHFA
rescinded the Supervision Handbook after adopting the Examination Manual in December 2013.



                                    OIG  EVL-2016-008  July 14, 2016                                       10
system. FHFA publicly disclosed examination ratings in its annual reports to Congress from
2009 to 2012, but has not disclosed the Enterprises’ composite or component ratings since its
2012 report. Perhaps because both Enterprises have been in conservatorship since September
2008, FHFA has not assigned either Enterprise a composite rating better than
during the conservatorships. FHFA has not brought any enforcement action against any
Enterprise manager or director since placing the Enterprises into conservatorships in
September 2008. According to FHFA’s Advisory Bulletin 2013-03, the broad statutory
powers granted to FHFA as conservator provide it with an effective means to remediate
deficiencies at a regulated entity in its conservatorship, rendering traditional enforcement
tools unnecessary.


FACTS AND ANALYSIS ...............................................................

Requirements of Other Federal Financial Regulators for Content of Reports of
Examination

Like FHFA, other federal financial regulators such as the Office of the Comptroller of the
Currency (OCC), the Board of Governors of the Federal Reserve System (Federal Reserve),
and the Federal Deposit Insurance Corporation (FDIC), conduct safety and soundness
examinations of, and issue periodic ROEs to, the financial institutions they supervise.9 In
1993, the OCC, Federal Reserve, and FDIC adopted the uniform common core ROE, a format
developed collaboratively to provide a common template and to set a minimum standard for
the information provided in an ROE.10 The uniform common core ROE template established
baseline ROE elements such as mandatory pages for overall conclusions and examiner
comments, matters requiring the board’s attention, standardized financial condition
assessments, and discussion of each examination rating area. The uniformity of ROEs across
regulatory agencies is intended to reduce regulatory burdens and promote consistency.
Consistency across ROEs within a regulatory agency allows the reports to guide and inform
subsequent examination work.




9
  FHFA maintains, based on the language of its authorizing statute, that its supervisory authority “is virtually
identical to—and clearly modeled on—Federal bank regulators’ supervision of banks.” See Def’s Resp. in
Opp. to Pls’ Mot. to Compel Prod. of Certain Documents Withheld for Privilege, at 17, Fairholme Funds, Inc.
v. United States, No. 13-465C (Fed. Cl. Feb. 19, 2016).
10
   See OCC, FDIC, Federal Reserve, and Office of Thrift Supervision, Interagency Policy Statement on the
Uniform Common Core Report of Examination (Oct. 1, 1993) (online at www.occ.gov/static/news-
issuances/bulletins/pre-1994/examining-bulletins/eb-1993-7a.pdf).




                                      OIG  EVL-2016-008  July 14, 2016                                           11
The common core ROE has been augmented with agency-specific templates and detailed
instructions for bank examiners,11 including the requirement to clearly communicate and
prioritize supervisory concerns and deficiencies to the boards of regulated financial
institutions. Examiners are also expected to include corrective actions and record the
board’s and management’s commitments to remediation in the ROE.

FHFA Requirements, Guidance, and Practice Regarding Reports of Examination

     Requirements and Guidance on ROE Structure and Content

According to FHFA Director Watt, DER examiners produce ROEs and make findings as to
whether the Enterprises need to make corrective actions in particular areas. During the review
period,12 FHFA’s requirements and guidance regarding the structure and content of the ROE
consisted of the following four sentences in its Examination Manual:

        The report of examination identifies supervisory concerns and contains
        examination ratings that reflect FHFA’s view of the regulated entity’s
        financial safety and soundness and risk management practices. . . . The FHFA
        issues an ROE, signed by the EIC [Examiner-in-Charge]. . . . The ROE
        communicates substantive examination conclusions, findings (when
        applicable), and the composite and component ratings. The ROE must also
        contain analysis that supports the conclusions, findings, and ratings.13

The Examination Manual contains no standardized ROE template or set of instructions to
guide the examiners’ preparation of an ROE.14 Moreover, beyond Advisory Bulletin 2012-03,
which announced FHFA’s adoption of the CAMELSO system, FHFA has issued no



11
  See, e.g., OCC, Bank Supervision Process, Comptroller’s Handbook, at 101-109 (Dec. 2015) (online at
www.occ.gov/publications/publications-by-type/comptrollers-handbook/pub-ch-ep-bsp.pdf); Federal Reserve,
Commercial Bank Examination Manual, Section 6000.1 (Apr. 2015) (online at
www.federalreserve.gov/boarddocs/supmanual/cbem/cbem.pdf); and FDIC, RMS Risk Management Manual of
Examination Policies, Section 16.1: Report of Examination Instructions (Apr. 2015) (online at
www.fdic.gov/regulations/safety/manual/section16-1.pdf).
12
   On June 28, 2016, DER issued an internal bulletin that established a requirement for MRAs to be included
in ROEs. DER issued this guidance in response to a March 2016 OIG report recommendation.
13
  See FHFA, Examination Manual, at 6, 16, 23. On May 25, 2016, DER issued internal procedures for
performing risk assessments. The new procedures note that the ROE must be approved by the DER Deputy
Director (in addition to the Examination Manual’s examiner-in-charge (EIC) signature requirement).
14
  A DER official responsible for examination standards informed us that his office developed a draft ROE
template and shared it in 2016 with the EICs of Fannie Mae and Freddie Mac for informational purposes. The
Deputy Director of DER has not reviewed or approved the template and, as such, it is not binding guidance.




                                    OIG  EVL-2016-008  July 14, 2016                                        12
additional guidance to examiners to explain the basis on which each component rating should
be determined or the basis on which a composite rating should be assigned.

DER has issued an internal procedures bulletin for the preparation of an ROE that simply
restates the brief guidance, quoted above, from the Examination Manual.15 During the review
period, neither FHFA nor DER issued requirements or guidance regarding identification
and prioritization of MRAs or other supervisory concerns in the ROE, or the underlying
deficiencies that gave rise to the MRA or supervisory concern. DER has not promulgated
requirements or guidance regarding the reporting of specific deficiencies giving rise to
supervisory concerns or MRAs. As a consequence, each EIC exercises substantial discretion
over the content and structure of the ROE.

In contrast with DER, DBR has issued an ROE template to its examiners and internal
guidance describing how to complete the ROE template for an FHLBank. DBR directs its
examiners to include a principal findings table in the ROE consisting of a brief description
of each examination finding and the date by which remediation is expected, and requires its
examiners to identify all open “principal” findings from the prior examinations and findings
resolved since the last examination.

FHFA’s current ROE guidance on the preparation of an ROE is a significant departure
from—and relaxation of—prior DER guidance.16 From 2008 through 2013, DER guidance
instructed that an ROE “should clearly, concisely, and effectively communicate FHFA’s
overall conclusions and issues,” “convey[ ] FHFA’s assessment of the overall condition of the
Enterprise,” and “discuss[ ] any unwarranted risks or significant deficiencies.” To implement
that instruction, DER established a number of specific requirements for ROE structure and
content, which included:

        An overall condition statement providing the overall safety and soundness assessment
         and the composite rating (under the GSEER rating system);

        A core report section containing a narrative analysis of the Enterprise’s condition;

        Separate sections addressing each of the six components covered by the examination
         rating system in place at that time (the GSEER rating system);and



15
  See FHFA, DER Operating Procedures Bulletin 2014-DER-OPB-01, Guidelines for Preparing Supervisory
Products and Examination Workpapers (Jan. 27, 2014).
16
  The prior examination guidance in place was DER Supervision Handbook 2.1, a revised version of the
Office of Federal Housing Enterprise Oversight Supervision Handbook that existed when the Housing and
Economic Recovery Act of 2008 combined the Office of Federal Housing Enterprise Oversight and the Federal
Housing Finance Board to create FHFA.



                                   OIG  EVL-2016-008  July 14, 2016                                       13
        Identification of all MRAs, because the underlying deficiencies could have a major
         impact on an Enterprise’s condition and an Enterprise board was responsible for
         ensuring that Enterprise management corrected such deficiencies.

From December 2013 through the end of our review period, none of these specific elements
for ROE structure and content were required by FHFA or DER. In a previous evaluation
concerning FHFA’s semi-annual risk assessments, we found that the absence of standards
within DER limits the utility of its work product.17 A senior DER official acknowledged, in
that context, the value of a consistent, standardized approach.

FHFA’s wholesale lack of requirements for ROE content and structure is at odds with the
requirements of other federal financial regulators. While DBR has issued internal guidance
that mirrors the requirements of these regulators, DER has not, and committed the content and
structure of the ROE solely to the discretion of the EIC.

     Observed Practice

We reviewed the 10 ROEs issued by FHFA to the Enterprises during the review period (2012-
16).18 We found that these ROEs did not consistently identify or describe specific
deficiencies in management practices or the root causes of those deficiencies. We also found
that the content of the ROEs varied by Enterprise and across the five supervisory cycles under
review.19

All 10 ROEs issued during the review period included an introductory section highlighting
significant examination conclusions. However, the structure of these sections and their
degree of specificity varied between DER’s examination teams and over time. For example,
the examination conclusions sections of both Enterprises’ 2012 ROEs (issued for the 2011
supervisory cycle) identified specific areas of board and senior management focus and actions
for the Enterprises to take to reduce risk. The following year, DER discontinued this practice

17
   See OIG, Utility of FHFA’s Semi-Annual Risk Assessments Would Be Enhanced Through Adoption of Clear
Standards and Defined Measures of Risk Levels, at 11-12 (Jan. 4, 2016) (EVL-2016-001) (online at
www.fhfaoig.gov/Content/Files/EVL-2016-001.pdf).
18
  We examined the actual ROE practices of DER between 2012 and 2016 (corresponding to examination
work conducted from 2011 to 2015) to assess whether DER met the requirements of FHFA’s Examination
Manual.
19
   See OIG, Utility of FHFA’s Semi-Annual Risk Assessments Would Be Enhanced Through Adoption of Clear
Standards and Defined Measures of Risk Levels, supra note 17, at 12, 14. These numerous differences may be
attributed, in part, to the broad discretion over ROE form and content afforded to DER EICs. FHFA also has
reported significant turnover in EICs and DER Deputy Directors during the review period. As we previously
observed in the context of DER’s preparation of semi-annual risk assessments for the Enterprises, detailed
examination standards would reduce variability in content from year to year and mitigate the effects of high
employee turnover within DER.




                                    OIG  EVL-2016-008  July 14, 2016                                         14
for the Fannie Mae 2013 ROE (for the 2012 supervisory cycle). DER continued the practice
in the Freddie Mac 2013 ROE, but in the 2014 ROE shifted its discussion in these sections
away from specific actions that needed to be taken by the Freddie Mac board and
management and instead put an emphasis on FHFA’s areas of planned supervision.
DER discontinued its prior practice entirely in the Freddie Mac 2016 ROE.

While DER organized supervisory concerns and conclusions by each component rating in
each of the 10 ROEs, our review found that DER did not expressly prioritize its supervisory
concerns within each component rating area or among them.20 For the most part, DER did
not expressly link specific deficiencies and shortcomings in the narrative section for each
component rating to outstanding MRAs, when they were identified in the ROEs. As a
consequence, the ROE does not effectively communicate FHFA’s supervisory expectations
for the corrective actions to be taken by management and overseen by the board. In minutes
from a 2014 Enterprise board meeting at which the EIC presented a summary of DER’s
supervisory findings and conclusions, directors voiced their concern about the lack of
supervisory guidance from DER. The minutes report that, in relation to the EIC’s
presentation of DER’s findings for the earnings component, directors pressed the EIC to
focus the ROE narrative on shortcomings “within management’s control” that gave rise to
supervisory concerns, which could facilitate the board’s oversight of management’s efforts to
address those matters.

Our review also identified inconsistent practices with respect to identification of open MRAs
in the ROEs. As discussed earlier, FHFA’s most serious examination findings are MRAs for
which FHFA requires prompt remediation. The five ROEs issued to Freddie Mac during the
review period contained a list of open MRAs, but three of the five ROEs issued to Fannie
Mae during this period did not.21 While FHFA insists upon prompt correction of the deficient
practices giving rise to an MRA, none of the seven ROEs that identified open MRAs tied each
open MRA to specific deficient practices that gave rise to it. In addition, none of these seven
ROEs prioritized the order in which open MRAs should be remediated. As we explained in a
recent evaluation, FHFA historically did not notify Enterprise directors when MRAs issued,
nor did it provide them with approved remediation plans. By failing to identify open MRAs


20
   As we highlighted earlier, other federal financial regulators require examiners to prioritize supervisory
concerns and findings in an ROE to focus directors’ attention on the most pressing supervisory concerns,
including MRAs.
21
   DER’s Supervision Handbook 2.1, in effect until FHFA published the Examination Manual in December
2013, required that the ROE include a section listing Matters Requiring Board Attention. The Fannie Mae
2012 ROE (for 2011 examination activities) contained a list of MRAs; the Fannie Mae 2013 ROE did not. In
a recent evaluation, FHFA’s Supervisory Standards for Communication of Serious Deficiencies to Enterprise
Boards and for Board Oversight of Management’s Remediation Efforts Are Inadequate, we recommended that
the 2016 ROEs include “all open MRAs and the expected timetable to complete outstanding remediation
activities for each open MRA.” FHFA accepted, and has complied with, this recommendation.



                                      OIG  EVL-2016-008  July 14, 2016                                       15
in three of the last five ROEs issued to Fannie Mae, and by failing to explain the deficient
practices giving rise to each of the open MRAs reported in the other seven ROEs, DER failed
to provide in its ROEs critical information on its most serious examination findings to
Enterprise directors, which necessarily constrained the directors’ ability to exercise effective
oversight.

Based on our review of a sample of ROEs issued by DBR to the 12 FHLBanks between 2012
and 2016, we found that DBR examiners used the division’s ROE template and followed
DBR’s internal guidance. Among other things, we determined that these ROEs included a
table of principal examination findings with remediation dates and identified all open
principal findings from prior examinations.

     DER’s ROE Review Process Continues to Create the Appearance that the Enterprises
     Influence the Content of the Final ROEs

Unlike the “joint effort” used by FHFA to manage the Enterprises in conservatorship, FHFA’s
actions as the regulator of the Enterprises are, according to FHFA Director Watt, conducted
“with a deliberate distance” to ensure that FHFA executes its safety and soundness
supervision responsibilities. According to FHFA, its prudential supervision of the Enterprises
should:

        Be at arm’s length from the Enterprises to ensure objectivity;

        Be fair in that the same rules are applied consistently to both Enterprises;

        Report accurately and fully in each annual ROE the examination results and
         conclusions, findings, supervisory concerns, and composite and component ratings
         assigned in accordance with FHFA’s rating system.

Only when an Enterprise board is presented by FHFA with sufficient information about the
substantive examination results and conclusions, findings, and supervisory concerns can it
effectively oversee management’s efforts to correct the deficiencies giving rise to the
findings.

In 2011, FHFA’s internal Office of Quality Assurance (OQA)22 reviewed the process used by
DER to compile its ROE for 2010 examination activities for each Enterprise and identified
“significant concerns” with DER’s process. Those concerns included:



22
  OQA is an internal control established by FHFA to assist it in meeting its mission, goals, and objectives and
minimizing risks associated with its programs and operations. Pursuant to its charter, OQA is responsible for
evaluating the quality of work performed by DER, DBR, and the Division of Housing Mission and Goals.



                                     OIG  EVL-2016-008  July 14, 2016                                           16
      DER examiners shared draft ROEs with Enterprise employees without guidance in
       place that governed the scope of the Enterprises’ review of draft ROEs;

      DER allowed the Enterprises to edit and even rewrite sections of draft ROEs, some of
       which changed the language and tone of the ROEs; and

      DER agreed to remove a number of findings from draft ROEs, without documenting
       the rationale for its decisions, after Enterprise officials reviewed the draft findings and
       raised objections.

OQA found that DER’s process created the “appearance that the Enterprises have too much
influence over the contents.” In its September 2012 response to the OQA report, DER did not
challenge any of OQA’s findings. DER represented that it had revised its process to prepare
ROEs to “significantly reduce the Enterprises’ role in preparation of examination reports” and
that its revised process limited Enterprise review of draft ROEs to the correction of factual
errors. According to DER, the revised process would “reduce[] the Enterprises’ input into
supervisory written products, while improving the engagement” between DER and the
Enterprises. DER also committed to increase training of examiners to strengthen their skill
sets.

While the Enterprises’ role in DER’s process to prepare the annual ROE has been reduced
from the role they played in 2011 (which gave rise to the OQA findings), we found that
Enterprise management continued to offer proposed changes to draft ROEs in language and
tone that were more favorable to the Enterprise than the language DER drafted. For each
of the five annual supervisory cycles in the review period covered by our evaluation, DER
provided draft ROEs to the management of each Enterprise for what DER called a “fatal
flaw” review, supposedly limited to correction of factual errors. We found, in the sample we
reviewed, that Enterprise management did not limit its comments to correcting factual errors.
Enterprise management provided a range of comments to DER as part of its fatal flaw review:
while some proposed edits involved factual corrections or clarifications, such as changing a
figure or date for accuracy, others proposed changes in DER’s examination narrative and
conclusions that were more favorable to the Enterprises than those drafted by DER.

By way of example, DER transmitted by email earlier this year the draft ROEs for the 2015
supervisory cycle to the chief compliance officer or a regulatory affairs official at each
Enterprise and requested “fatal flaw” comments or edits. While DER committed in 2012 that
proposed changes by Enterprise management would be limited to factual corrections, we
found that management at both Enterprises did not confine their comments to the correction
of factual errors in the draft ROE. We observed, in the annotated draft ROEs returned to DER
by management for each Enterprise, that management offered a number of line edits to DER




                                OIG  EVL-2016-008  July 14, 2016                                   17
which, in our view, affected the tone or reframed conclusions contained in the examination
narrative.

We reviewed two sets of comments from Fannie Mae management on the draft ROE for 2015
examination activities. One assessed the accuracy of the draft ROE’s financial information
while the other, labeled “ROE Redline,” included more substantial comments and edits.
We found that the review of financial information primarily contained numeric factual
corrections. In contrast, we found that a number of the edits and comments that Fannie Mae
management provided in the ROE Redline attempted to reframe DER’s language, tone, or
conclusions beyond factual correction. DER rejected the majority of these suggested edits.
However, it accepted two of them, in part, that went to DER’s draft governance conclusions.
While FHFA maintains that these edits conformed the conclusions to governing FHFA
guidance, we believe, based on our review of these edits, that the edits softened the tone of
the conclusions, beyond governing FHFA guidance. Similarly, Freddie Mac management
provided comments and changes related to DER’s draft of its ROE for the 2015 supervisory
cycle, of which several sought to reframe or contest DER’s language, tone, or conclusions
beyond factual correction. DER accepted each of the several instances of these revisions.
DER issued both revised ROEs in March 2016.




                              OIG  EVL-2016-008  July 14, 2016                                18
FINDINGS .................................................................................

1. Guidance issued by FHFA and DER on the structure and content of the annual ROE
   is incomplete compared to guidance issued by DBR and by three other federal
   financial regulators and has led to inconsistent and incomplete ROEs.

In contrast to three other federal financial regulators, neither FHFA nor DER provides
examiners with baseline standards for ROE structure and content or a template. DBR,
however, has issued internal guidance that mirrors the requirements of these three other
federal financial regulators.

During the review period, DER issued no requirements or guidance regarding identification
and prioritization of MRAs or other supervisory concerns in the ROE, or the underlying
deficiencies that gave rise to the MRAs or supervisory concerns. Based on our review of
ROEs issued for five annual supervisory cycles, we found: (1) that the content of the ROEs
varied by Enterprise and across the five supervisory cycles; (2) specific deficiencies in
management practices and the root causes of supervisory deficiencies were not consistently
reported in the ROEs; and (3) FHFA’s supervisory expectations for the corrective actions to
be taken by management and overseen by the board for each supervisory concern or
deficiency were not clearly communicated in the ROEs.

2. ROEs issued to each Enterprise during the five annual supervisory cycles failed to
   consistently provide Enterprise directors with critical information on the most
   serious examination findings which necessarily constrained the directors’ ability
   to exercise effective oversight.

According to FHFA, the annual ROE has provided the primary means to communicate to the
board of each regulated entity FHFA’s examination conclusions, findings, and supervisory
concerns.23 These directors can only satisfy their oversight responsibilities to ensure that
the regulated entity is operating in a safe and sound manner and that executive officers have
addressed all of FHFA’s supervisory concerns when they are made aware of all deficient,
unsafe, or unsound practices that led to supervisory concerns and/or deficiencies, including
MRAs.



23
   As noted above, prior to March 2016, DER only addressed the initial communication of examination
findings, contained in conclusion letters, to Enterprise management. In response to a recent OIG
recommendation, FHFA will now require that any conclusion letter that includes an MRA be sent to the chair
of the board’s Audit Committee.




                                    OIG  EVL-2016-008  July 14, 2016                                       19
We found no consistency among the 10 ROEs we reviewed regarding disclosure of specific
deficiencies in management practices or the root causes of those deficiencies giving rise to an
open MRA.24 In those instances where the open MRAs were reported in an ROE, we found
that the deficient, unsafe, or unsound practices identified in the narrative section for each
component rating typically were not linked to specific open MRAs, constraining directors’
ability to exercise effective oversight of management’s remedial efforts.

3. DER’s ROE review process continues to create the appearance that the Enterprises
   exert influence over ROE content.

In 2011, DER was criticized internally for allowing the Enterprises to edit and rewrite
sections of draft ROEs, some of which changed the language and tone of the ROEs. DER
committed that it had revised its processes to limit Enterprise input into draft ROEs to
correction of factual errors. While the scope of comments by Enterprise management to draft
ROEs has been reduced since 2011, we found that proposed line edits suggested by Enterprise
management went beyond correction of factual errors to include changes to language, tone, or
conclusions. Proposed edits and comments to the draft ROEs for the 2015 supervisory cycle
by management of each Enterprise, and DER’s willingness to accept some of the proposed
changes to language and tone, call into question the “deliberate distance” with which FHFA
conducts its safety and soundness supervision of the Enterprises.


CONCLUSION ............................................................................

The annual report of examination has been the primary means by which FHFA communicates
its supervisory findings from its targeted examinations and ongoing monitoring activities—
including serious deficiencies and violations of laws and regulations—and its examination
ratings. Consistent with the importance of these findings and ratings, FHFA directs that
examiners issue the ROE to an Enterprise’s board of directors, which is ultimately responsible
for correcting deficiencies and ensuring the safety and soundness of the Enterprise.

Other federal financial regulators have adopted comprehensive standards and guidance
for ROE structure and content and DBR has issued internal guidance that mirrors the
requirements of these regulators. By comparison, the guidance issued by FHFA and DER is
minimal and vests substantial discretion over the content and structure of the ROE to the EIC
for each exam team. We found, based on our review of 10 ROEs issued for the past five
annual supervisory cycles, that the content of the ROEs varied by Enterprise and across the

24
  In accordance with a prior OIG recommendation, FHFA corrected this weakness in the 2016 ROEs by
providing the boards of both Enterprises with similarly formatted MRA tables, which included MRA
remediation timelines.



                                  OIG  EVL-2016-008  July 14, 2016                                20
five supervisory cycles and that specific deficiencies in management practices and the root
causes of supervisory deficiencies were not consistently reported in the ROEs. The lack of a
consistent, standardized approach to preparation of ROEs weakens the value of the ROE to
Enterprise boards, creates the risk that Enterprise boards may not be fully knowledgeable of
matters addressed in the ROE, and constrains their ability to oversee remediation of
supervisory concerns.


RECOMMENDATIONS ...............................................................

OIG recommends that FHFA:

   1. Direct DER to develop and adopt a standard template for Enterprise ROEs, issue
      instructions for completing that template, and promulgate guidance that establishes
      baseline elements that must be included in each ROE, such as: clear communication
      of deficient, unsafe, or unsound practices; explanation of how those practices gave
      rise to supervisory concerns and deficiencies; and prioritization of remediation of
      supervisory concerns and deficiencies.

   2. Direct DER to revise its guidance to require ROEs to focus the boards’ attention on
      the most critical and time-sensitive supervisory concerns through (1) the prioritization
      of examination findings and conclusions and (2) identification of deficiencies and
      MRAs in the ROE and discussion of their root causes; and

   3. Develop written procedures for the “fatal flaw” review of the ROE by Enterprise
      management that establish the purpose of the review, its duration, and a standard
      message for conveying this information to Enterprise management.




                               OIG  EVL-2016-008  July 14, 2016                                21
FHFA COMMENTS AND OIG RESPONSE .....................................

We provided FHFA an opportunity to respond to a draft report of this evaluation. FHFA
provided technical comments on the draft report, which we incorporated as appropriate. In its
management response, which is reprinted in its entirety in Appendix B, FHFA partially agreed
with recommendation 1, disagreed with recommendation 2, and agreed with recommendation
3.

FHFA “partially” agreed with recommendation 1. FHFA agreed to adopt a standard template
and instructions for completing the template and stated that the instructions will establish
baseline elements that must be included in each ROE. However, FHFA’s response does not
address whether its instructions will require clear communication of deficient, unsafe, or
unsound practices; explain how those practices gave rise to supervisory concerns and
deficiencies; or prioritize remediation of supervisory concerns and deficiencies. In this report,
we found that ROEs issued by DER did not clearly communicate to Enterprise boards during
the last five annual supervisory cycles all deficient, unsafe, or unsound practices and did not
consistently explain how those practices gave rise to supervisory concerns and deficiencies.
As a consequence, we found that the ROEs issued by DER failed to consistently provide
Enterprise directors with critical information necessary for them to exercise their oversight
responsibilities, as required by FHFA. Because FHFA has advised OIG that its template and
accompanying instructions “will likely not require enumeration of all supervisory concerns,”
we do not consider FHFA’s response as fully responsive to our recommendation. If FHFA
does not intend to adopt this portion of our recommendation, we expect that FHFA will
provide us with the remediation it intends to take to address the shortcomings sought to be
corrected by this portion of the recommendation.

FHFA disagreed with recommendation 2. It stated that conclusion letters, which are issued
from targeted examinations, along with ROEs and unnamed “other supervisory
communications,” are sufficient to enable board oversight to remediate MRAs and other
supervisory concerns. FHFA’s corporate governance regulation requires each Enterprise
board to ensure that management addresses “all supervisory concerns of FHFA in a timely
and appropriate manner.” While FHFA requires conclusion letters to report all MRAs arising
from the targeted examination, DER did not require examiners to provide those conclusion
letters to Enterprise directors until June 2016, when FHFA only changed its guidance in
response to an OIG recommendation in a report issued earlier this year. Neither FHFA nor
DER require DER examiners to identify all supervisory concerns that do not rise to the level
of an MRA in a conclusion letter. Consequently, Enterprise directors would not learn about
any such supervisory concerns from conclusion letters. Following the publication of the
Examination Manual in December 2013, DER was not required to identify all open MRAs in
ROEs until June 2016, when, in response to the same OIG report issued in March 2016, DER


                                OIG  EVL-2016-008  July 14, 2016                                  22
adopted formal internal guidance requiring the inclusion of MRAs in ROEs. As we found
in this report, only one of the three ROEs issued to Fannie Mae during that period identified
open MRAs. DER’s new guidance does not require supervisory concerns or the basis for
those concerns to be identified in an ROE. FHFA has not identified the “supervisory
communication” in which it communicates supervisory concerns to Enterprise directors, apart
from the ROE and conclusion letters. As matters now stand, there is no clear foundation for
FHFA’s assertion that Enterprise directors will learn about supervisory concerns from
conclusion letters, “other supervisory communications,” or the ROE. In our recommendation,
we sought to address a related shortcoming identified in this report: namely, to require DER
to identify all supervisory concerns and deficiencies in each ROE and the root causes of such
concerns and deficiencies to Enterprise directors to enable them to satisfy their governance
obligations. We urge FHFA to reconsider its response to this recommendation.

 FHFA agreed with recommendation 3. The Agency committed to issue internal guidance
governing the process of the Enterprises’ review of draft ROEs to “avoid the appearance of
inappropriate influence.”




                              OIG  EVL-2016-008  July 14, 2016                                23
OBJECTIVE, SCOPE, AND METHODOLOGY .................................

We conducted this evaluation to compare ROEs issued by DER to the Enterprises between
2012 and 2016 to FHFA’s established requirements and guidance, and to the ROE practices
used by DBR. We also looked to the ROE requirements established by other federal financial
regulators.

To achieve these objectives, we met with FHFA personnel involved with the creation and
transmission of the ROEs. We conducted both an entrance conference and a follow-up
document production clarification meeting with FHFA to better understand their processes
and to obtain relevant documents. We also reviewed publicly available documents, internal
DER and DBR documents, and non-public information provided by FHFA, which included
official minutes and materials of the boards of directors from both Enterprises.

This evaluation was conducted under the authority of the Inspector General Act and in
accordance with the Council of the Inspectors General on Integrity and Efficiency’s Quality
Standards for Inspection and Evaluation (January 2012). These standards require us to plan
and perform an evaluation based upon evidence sufficient to provide a reasonable basis to
support its findings and recommendations. We believe that the findings and
recommendations discussed in this report meet those standards.

The fieldwork for this report was completed between November 2015 and May 2016. The
review period for this evaluation was between January 1, 2012, and March 31, 2016.




                              OIG  EVL-2016-008  July 14, 2016                              24
APPENDIX A .............................................................................

Examination Manuals and ROE Templates and Instructions of the OCC,
Federal Reserve, and FDIC

   OCC

Comptroller’s Handbook (Dec. 2015)

      Safety and Soundness Booklets: Bank Supervision Process (last updated Sept. 2007)
       (online at www.occ.gov/publications/publications-by-type/comptrollers-
       handbook/pub-ch-ep-bsp.pdf)

   Federal Reserve

Commercial Bank Examination Manual (Apr. 2016)

      Section 1000: Examination Strategy and Risk-Focused Examinations (online at
       www.federalreserve.gov/Boarddocs/SupManual/cbem/1000.pdf)

      Section 5000: Assessment of the Bank (last updated Apr. 2013) (online at
       www.federalreserve.gov/Boarddocs/SupManual/cbem/5000.pdf)

      Section 6000: Federal Reserve Examinations (last updated Oct. 2013) (online at
       www.federalreserve.gov/Boarddocs/SupManual/cbem/6000.pdf)

   FDIC

Risk Management Manual of Examination Policies (Feb. 2016)

      Section 1.1: Basic Examination Concepts and Guidelines (online at
       www.fdic.gov/regulations/safety/manual/section1-1.pdf)

      Section 16.1: Report of Examination Instructions (last updated Apr. 2015) (online at
       www.fdic.gov/regulations/safety/manual/section16-1.pdf)

      Section 17.1: Bank of Anytown – Report of Examinations (last updated Apr. 2015)
       (online at www.fdic.gov/regulations/safety/manual/section17-1.pdf)




                              OIG  EVL-2016-008  July 14, 2016                              25
APPENDIX B..............................................................................

FHFA’s Comments on OIG’s Findings and Recommendations




                            OIG  EVL-2016-008  July 14, 2016                       26
OIG  EVL-2016-008  July 14, 2016   27
OIG  EVL-2016-008  July 14, 2016   28
OIG  EVL-2016-008  July 14, 2016   29
OIG  EVL-2016-008  July 14, 2016   30
ADDITIONAL INFORMATION AND COPIES .................................


For additional copies of this report:

      Call: 202-730-0880

      Fax: 202-318-0239

      Visit: www.fhfaoig.gov



To report potential fraud, waste, abuse, mismanagement, or any other kind of criminal or
noncriminal misconduct relative to FHFA’s programs or operations:

      Call: 1-800-793-7724

      Fax: 202-318-0358

      Visit: www.fhfaoig.gov/ReportFraud

      Write:

                FHFA Office of Inspector General
                Attn: Office of Investigations – Hotline
                400 Seventh Street SW
                Washington, DC 20219




                                OIG  EVL-2016-008  July 14, 2016                         31