oversight

Corporate Governance: Review and Resolution of Conflicts of Interest Involving Fannie Mae's Senior Executive Officers Highlight the Need for Closer Attention to Governance Issues by FHFA

Published by the Federal Housing Finance Agency, Office of Inspector General on 2018-01-31.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                               REDACTED

                      Federal Housing Finance Agency 
                          Office of Inspector General 




    Corporate Governance: Review and
     Resolution of Conflicts of Interest
      Involving Fannie Mae’s Senior
     Executive Officers Highlight the
       Need for Closer Attention to
       Governance Issues by FHFA




This report contains redactions of information that is protected under the Privacy Act
of 1974 (Pub.L. 93-579, 88 Stat. 1896, enacted December 31, 1974, 5 U.S.C. § 522a).




    Evaluation Report  EVL-2018-001  January 31, 2018
                    Executive Summary 
                    As we have explained in prior reports, the Federal Housing Finance Agency
                    (FHFA), as conservator for Fannie Mae and Freddie Mac (collectively, the
                    Enterprises), has delegated to each Enterprise responsibility for a significant
                    portion of day-to-day management and risk management controls. For this
                    governance approach to succeed, FHFA must be confident that the
 EVL‐2018‐001       Enterprises’ directors and committees are properly exercising the powers they
                    have been given and fulfilling their responsibilities. Otherwise, there is a
January 31, 2018    substantial risk that the Enterprises will operate in an unsafe and unsound
                    manner, suffer losses, and expose U.S. taxpayers to further financial risks.

                    During a recent administrative investigation, we reviewed the Charter for the
                    Nominating and Corporate Governance Committee (NGC Charter or the
                    Charter), Fannie Mae’s Code of Conduct for Employees (Employee Code),
                    Conflict of Interest Policy (COI Policy) and Conflict of Interest Procedure
                    (COI Procedure), and Code of Conduct for Directors and Conflict of Interest
                    Policy. We found that Fannie Mae, in adopting these governance authorities,
                    recognizes that potential, actual, or apparent, conflicts of interest, when not
                    disclosed or addressed properly, pose significant risk to its reputation and
                    undermine its goal of operating in accordance with “the highest ethical
                    standards.” The purpose of this evaluation was to assess FHFA’s oversight, as
                    conservator, of the Fannie Mae Board of Directors’ (Board) execution of its
                    responsibilities regarding potential conflicts of interest involving Senior
                    Executive Officers (SEOs).

                    We first sought to understand whether Fannie Mae’s governance documents
                    reserve to either the Board or the Nominating and Corporate Governance
                    Committee (NGC or Committee) the authority to resolve conflict of interest
                    issues involving SEOs. The NGC Charter, adopted by the Board, charges the
                    NGC with reviewing activities by Designated Executive Officers (also called
                    SEOs) that “may result in a potential or actual conflict of interest” under the
                    COI Policy or COI Procedure and interpreting Fannie Mae’s COI Policy and
                    COI Procedure where the interpretation relates to Fannie Mae’s Chief
                    Executive Officer (CEO), who is also an SEO. According to FHFA, the
                    NGC’s duty to “review” those activities does not vest the NGC with the
                    exclusive authority to resolve whether those activities constitute a conflict of
                    interest for SEOs.

                    From time to time, the Board has updated and clarified its delegation of duties
                    to Fannie Mae’s CEO who, in turn, updated and clarified the authorities
                    delegated to subordinate employees. Delegations of authority from the CEO
                    to his subordinates are recorded in the Executive Officer Delegations of
                    Authority (EDoA), as amended, which is drafted by Fannie Mae management.
                    We identified provisions in the NGC Charter, approved by the Board, and the
                    EDoA, approved only by Fannie Mae management, that are in tension and
                    create interpretive challenges regarding the responsibilities of the NGC. The
                    EDoA contains Annex A, titled “Matters Requiring Approval of the Board of
                    Directors, a Committee thereof, or FHFA and/or the Conservator,” which was
                    approved by the Board. Annex A does not identify resolution of conflict of
                    interest matters involving SEOs as requiring Board approval which, according
 EVL‐2018‐001       to FHFA, means that the NGC is not vested with sole authority to resolve such
                    matters.
January 31, 2018 
                    Fannie Mae’s COI Policy and COI Procedure were drafted and revised by
                    Fannie Mae’s Office of Compliance and Ethics, the office responsible for
                    assisting the NGC in fulfilling its duties (and known within Fannie Mae and
                    throughout this report as FM Ethics) and approved by Fannie Mae’s Chief
                    Compliance and Ethics Officer (CCO). The COI Policy establishes “more
                    detailed Company-wide requirements for avoiding Conflicts” than what is
                    specified in the Employee Code. It directs that the NGC is responsible for
                    “approving Conflict requests of Senior Executive Officers as outlined in the
                    accompanying Procedure.” Likewise, the COI Procedure contemplates no
                    role for FM Ethics and the CCO to review and resolve conflicts of interests
                    involving SEOs and directs that the NGC “is responsible for reviewing and
                    approving all [conflicts] requests made by Senior Executive Officers.” To
                    assist the NGC in fulfilling these responsibilities, Section 10.2.7 of the COI
                    Procedure sets forth a clear, unambiguous procedure that must be used by FM
                    Ethics to escalate all conflicts requests involving SEOs to the NGC for
                    resolution by the NGC.

                    According to FHFA, Fannie Mae’s relevant governance documents are
                    internally inconsistent with respect to responsibility for resolution of conflicts
                    of interest involving SEOs. To understand the practice followed by the NGC
                    for conflicts involving SEOs, we interviewed the NGC Chair, who has been
                    an NGC member since December 2008 and chair since October 2015;
                    however, he provided two conflicting explanations of the NGC’s practice.
                    We sought to determine what practice, if any, had been consistently followed
                    by the NGC over a five-year period (January 2012 – December 2016) (Review
                    Period) with respect to SEO conflicts. We identified a total of 57 potential
                    conflicts involving SEOs, which were documented in the company’s Case
                    Management System (CMS), NGC meeting materials, and/or minutes. Using
                    minutes of NGC meetings related to these matters and CMS entries, we
                    mapped how each potential conflict was ultimately resolved. Of these 57
                    potential conflicts involving SEOs, we found:
                          For 24 of the 57 potential conflicts (42%), minutes for relevant NGC
                           meetings reported that FM Ethics presented the potential conflict
                           involving the SEO and its recommended determination to the NGC for
                           its determination;

                          For 16 of the 57 (28%), minutes for relevant NGC meetings showed
                           that FM Ethics determined, on its own, whether a conflict of interest
 EVL‐2018‐001              involving an SEO existed, and, where it found a conflict, took steps to
                           address it and subsequently notified the NGC of its determinations.
January 31, 2018           We found no evidence that any NGC member: asked FM Ethics to
                           explain why it presented some SEO potential conflicts to the NGC for
                           its resolution, but retained and resolved other potential SEO conflicts
                           and subsequently notified the NGC of its determination; pressed FM
                           Ethics to explain the basis of its authority to resolve conflicts
                           determinations for SEOs; provided direction to FM Ethics about its
                           role in resolving SEO conflicts; or raised the potential inconsistencies
                           between its duties under the Charter and its duties under the COI
                           Procedure with the Board and asked the Board to clarify its
                           responsibilities.

                          For 17 of the 57 (30%), CMS entries showed that FM Ethics
                           determined, on its own, whether a potential conflict of interest
                           involving an SEO existed and took steps to resolve any conflict that it
                           identified. However, neither CMS entries nor NGC meeting minutes
                           report that FM Ethics ever notified the NGC of any of these 17
                           conflicts disclosures or determinations, which deprived the NGC of its
                           ability to satisfy its duties under its Charter.

                    We also looked at FHFA’s oversight of NGC’s review of conflict of interest
                    matters involving SEOs. While we found that FHFA employees attended
                    NGC meetings at which FM Ethics presented conflicts questions involving
                    SEOs to the NGC for its determinations and notified the NGC of its decisions
                    regarding SEO conflicts requests, we found no evidence that FHFA
                    employees identified the lack of consistent approach and process in the
                    resolution of these conflicts or escalated those issues to senior FHFA
                    management. We also found no evidence that FHFA’s senior management
                    was aware of these issues until we brought them to FHFA’s attention.

                    This evaluation found failures, both by Fannie Mae’s NGC and by FHFA,
                    which created a weakness in Fannie Mae’s risk management structure.
                    Without enhancements to the NGC’s oversight, there is a significant risk
                    that the NGC will continue to fall short in exercising its governance
                    responsibilities.
                    We made eight recommendations to FHFA to address these shortcomings.
                    FHFA agreed with all of our recommendations.

                    We appreciate the cooperation of FHFA staff, as well as the assistance of all
                    those who contributed to the preparation of this report.

                    This report has been distributed to Congress, the Office of Management and
 EVL‐2018‐001       Budget, and others and will be posted on our website, www.fhfaoig.gov.

January 31, 2018 


                    Kyle D. Roberts
                    Deputy Inspector General for Evaluations
TABLE OF CONTENTS ................................................................  
EXECUTIVE SUMMARY .............................................................................................................2 

ABBREVIATIONS .........................................................................................................................7 

BACKGROUND .............................................................................................................................8 
      Duties of Enterprise Directors and Board Committees Under FHFA Regulations and
      the Conservator’s Delegations..................................................................................................9 
             Duties and Responsibilities of NGC Members Under the NGC Charter........................10 
             The Committee’s Duties and Responsibilities Under the EDoA and the Annex
             to the EDoA ....................................................................................................................11 
      The NGC’s Duties Under the COI Policy and COI Procedure Adopted by Fannie
      Mae Management ...................................................................................................................13 

FACTS AND ANALYSIS.............................................................................................................14 
      FHFA’s Oversight ..................................................................................................................20 

FINDINGS.....................................................................................................................................21 

CONCLUSIONS............................................................................................................................23 

RECOMMENDATIONS ...............................................................................................................24 

OBJECTIVE, SCOPE, AND METHODOLOGY .........................................................................26 

APPENDIX: FHFA MANAGEMENT RESPONSE.....................................................................27 

ADDITIONAL INFORMATION AND COPIES .........................................................................30 
 




 
                                           OIG    EVL-2018-001    January 31, 2018                                                         6 
ABBREVIATIONS .......................................................................  

Board              Fannie Mae Board of Directors

CCO                Chief Compliance & Ethics Officer

CEO                Chief Executive Officer



CMS                Case Management System

COI Policy         Conflict of Interest Policy

COI Procedure      Conflict of Interest Procedure

EDoA               Executive Officer Delegations of Authority

Employee Code      Code of Conduct for employees

Fannie Mae         Federal National Mortgage Association

FHFA or Agency     Federal Housing Finance Agency

FM Ethics          Fannie Mae’s Office of Compliance and Ethics

Freddie Mac        Federal Home Loan Mortgage Corporation

NGC                Fannie Mae Board of Directors’ Nominating and Corporate Governance
                   Committee

OIG                Federal Housing Finance Agency Office of Inspector General

Review Period      January 2012 – December 2016

SEO                Senior Executive Officer

 




 
                          OIG    EVL-2018-001    January 31, 2018                     7 
BACKGROUND ..........................................................................  

In September 2008, Fannie Mae and Freddie Mac were placed into conservatorship by FHFA
because FHFA determined that their financial condition threatened their ability to operate in
a safe and sound manner.1 As conservator, FHFA succeeded to all rights, titles, powers, and
privileges of the company, and of any stockholder, officer, or director of the company with
respect to the companies and their assets.

After it placed the Enterprises into conservatorship, FHFA reconstituted the boards of
directors. FHFA, as conservator, established a delegated approach to managing the
Enterprises’ operations, which it believes is the most efficient way to manage their
conservatorships. FHFA has delegated to the board of each Enterprise a significant portion of
day-to-day management and risk controls and its regulations authorize the boards to delegate
execution of day-to-day operations to Enterprise employees.

FHFA views operational risk management as an important financial safety and soundness
challenge facing the Enterprises. The Agency defines operational risk as the exposure to loss
from inadequate or failed internal processes, people, and systems, or from external events.
FHFA views effective corporate governance to be one element of an acceptable operational
risk management program. Pursuant to FHFA’s governance regulations, Enterprise boards
retain “ultimate responsibility” for oversight of Enterprise operations and that responsibility is
“non-delegable.”2 For its delegated governance model to succeed, FHFA recognizes that
Enterprise directors and board committees must fulfill their delegated responsibilities.

In a recent report to Congress, FHFA emphasized that the Agency “oversees and monitors”
Enterprise activities as one of its four key approaches to managing the conservatorships of
Fannie Mae and Freddie Mac.3 The FHFA Director has stated that FHFA is involved in
“virtually every decision” that each Enterprise makes.4 Consistent with those representations,

                                                            
1
 See Statement of FHFA Director James B. Lockhart at News Conference Announcing Conservatorships of
Fannie Mae and Freddie Mac (Sept. 7, 2008) (online at www.fhfa.gov/Media/PublicAffairs/Pages/Statement-
of-FHFA-Director-James-B--Lockhart-at-News-Conference-Annnouncing-Conservatorship-of-Fannie-Mae-
and-Freddie-Mac.aspx); Statement by Secretary Henry M. Paulson, Jr. on Treasury and Federal Housing
Finance Agency Action to Protect Financial Markets and Taxpayers (Sept. 7, 2008) (online at
www.treasury.gov/press-center/press-releases/Pages/hp1128.aspx).
2
    See 12 C.F.R. § 1239.4(a) (2017).
3
 See FHFA, 2017 Report to Congress, at 18-19 (online at
www.fhfa.gov/AboutUs/Reports/ReportDocuments/FHFA-2017-PAR.pdf).
4
 See House Committee on Financial Services, Testimony of FHFA Director Melvin L. Watt, Hearing on
Sustainable Housing Finance: An Update from the Director of the Federal Housing Finance Agency, 114th
Cong. (Jan. 27, 2015).
 
                                                         OIG    EVL-2018-001    January 31, 2018        8 
FHFA reported to us that employees from its Division of Conservatorship attend meetings of
the Enterprise boards and their committees.

Duties of Enterprise Directors and Board Committees Under FHFA Regulations and the 
Conservator’s Delegations 

FHFA’s governance regulations direct that the management of each Enterprise “shall be by or
under the direction of its board of directors.”5 These regulations direct that each Enterprise
director shall carry out his or her duties “in good faith, in a manner such director believes to
be in the best interests” of the Enterprise and exercise “reasonable inquiry” in the execution of
these duties.6

FHFA governance regulations require each Enterprise board to “adopt a formal written
charter for each committee that specifies the scope of a committee’s powers and
responsibilities, as well as the committee’s structure, processes, and membership
requirements.”7 By order issued in November 2008, FHFA, as conservator, established the
“Nominating/Governance Committee” as one of four standing committees for the board of
each Enterprise. FHFA’s governance regulations permit each Enterprise board to determine
the authority reserved to each of its committees, provided that Enterprise directors serving on
board committees “comply with the charter, independence, composition, expertise, duties,
responsibilities, and other requirements set forth under rules issued by the [New York Stock
Exchange].”8 Those regulations charge the Enterprises with establishing and administering
“a written code of conduct and ethics that is reasonably designed to assure that its directors,
officers, and employees discharge their duties and responsibilities in an objective and
impartial manner.”9 Effective execution of those responsibilities requires that committee
members ensure they receive accurate, timely, and sufficient information about the matters
for which they are responsible, robustly participate in candid discussions about the possible
conflict, diligently seek to understand the facts underlying the possible conflict, actively press
management on the basis for its representations, and vet management’s recommendations.

                                                            
5
    See 12 C.F.R. § 1239.4(a) (2017).
6
    See 12 C.F.R. § 1239.4(b)(1) (2017).
7
    See 12 C.F.R. § 1239.5(c) (2017).
8
 See 12 C.F.R. § 1239.5(b) (2017). See also Section 4.15, Fannie Mae Bylaws (online at
www.fanniemae.com/resources/file/aboutus/pdf/bylaws.pdf).
9
  By regulation, Fannie Mae is required to establish and administer a written code of conduct and ethics
that is reasonably designed to assure that its directors, officers, and employees discharge their duties and
responsibilities in an objective and impartial manner that “promotes honest and ethical conduct,” adherence to
the code, and prompt internal reporting of violations of the code. See 12 C.F.R. § 1239.10 (Code of Conduct
and Ethics).

 
                                                         OIG    EVL-2018-001    January 31, 2018               9 
       Duties and Responsibilities of NGC Members Under the NGC Charter 

The NGC Charter was approved by the Board. That Charter defines the NGC’s duties and
responsibilities as they relate to conflict of interest matters involving members of the Board
and “Designated Executive Officers.” The term Designated Executive Officer includes the
company’s most senior executive officers, such as the CEO, Chief Financial Officer, General
Counsel, the Executive Vice Presidents for the company’s single-family and multifamily
business lines, the Chief Audit Executive, and the CCO. While management’s COI Policy
and COI Procedure use the term “Senior Executive Officers” (SEOs), not Designated
Executive Officers, Fannie Mae confirmed to us that the two terms refer to the same set of
executives and are interchangeable. For purposes of our report, we refer to this group as
SEOs.

Section 4 of the NGC Charter, titled “Duties and Responsibilities of the Committee,” charges
the NGC with specific duties, which include:

             “Reviewing directorships in other public companies . . . held by or offered to senior
              management of Fannie Mae, specifically [SEOs].”10

             “Reviewing other activities engaged in by [SEOs] that may result in a potential or
              actual conflict of interest under the Employee Code of Conduct or Conflict of Interest
              Policy and Conflict of Interest Procedure, subject to the Conservator’s approval for
              activities that in the reasonable business judgment of the Board are likely to cause
              significant reputation risk.”11

             “Interpreting Fannie Mae’s Conflict of Interest Policy and Conflict of Interest
              Procedure in instances where the interpretation relates to the Chief Executive Officer,
              subject to the Conservator’s approval for activities that in the reasonable business
              judgment of the Board are likely to cause significant reputation risk.”12

                                                            
10
     NGC Charter, Section 4.xii.
11
   Id., Section 4.xiii. Fannie Mae’s Board has adopted an Employee Code which directs that “it is essential
that we act with the highest ethical standards in everything we do.” The Employee Code sets forth “the
guiding principles” for all Fannie Mae employees. One of these guiding principles is “We Avoid Conflicts of
Interest.” According to that principle:
              Each of us has interest and responsibilities outside of work, but we seek to avoid any conflict
              or the appearance of a conflict between Fannie Mae’s business interests and our own personal
              interest or those of our family members.
Employee Code, at 10. The Employee Code directs that all employees must “review and follow the Conflict of
Interest Policy and Conflict of Interest Procedure in order to address a conflict or the appearance of a conflict.”
Id.
12
     NGC Charter, Section 4.xiv.

 
                                                         OIG    EVL-2018-001    January 31, 2018                    10 
             “Approving transactions with any director, nominee for director, or executive officer
              of Fannie Mae, or . . . immediate family members that are required to be disclosed
              pursuant to Item 404 of Regulation S-K.”13

             “Approving any loan agreement, credit agreement or similar agreement with an
              employee of Fannie Mae.”14

In a Management Alert issued on March 23, 2017, we reported that the NGC Charter vests
exclusive authority in the NGC (1) to interpret Fannie Mae’s COI Policy and COI Procedure
in instances where the interpretation relates to        and (2) to resolve conflict of interest
                                        15
issues involving Fannie Mae directors. In our fieldwork for that Management Alert, we
interviewed            for Fannie Mae, who did not take issue with that understanding of the
authority reserved to the NGC. We also interviewed the current NGC Chair, who has been
an NGC member since December 2008 and chair since October 2015, to obtain his
understanding. The NGC Chair asserted that the authority to resolve conflicts of interest
involving           was reserved to the NGC and stated that the NGC never delegated that
authority to the CCO. After receipt of our Management Alert, FHFA did not question our
understanding of the authority reserved to the NGC with respect to conflicts of interest
involving

Subsequently FHFA commented to us that Sections 4.xv and 4.xvi of this Charter expressly
task the NGC with the duty to approve two specific categories of action while the remaining
sections do not. According to FHFA, the NGC’s duty to “review” certain activities, pursuant
to Section 4.xiii, does not vest the NGC with the exclusive authority to resolve whether
certain activities constitute a conflict of interest for SEOs. FHFA was unclear whether the
NGC’s obligation to “interpret” the COI Policy and COI Procedure where the interpretation
relates to the CEO, in Section 4.xiv, was intended to be triggered upon the CEO’s disclosure
of a potential conflict of interest or only when FM Ethics (which reports to the CCO who, in
turn, reports to the CEO) seeks an interpretation from the NGC.

       The Committee’s Duties and Responsibilities Under the EDoA and the Annex to the 
       EDoA 

Prior to 2012, the Board delegated certain authorities to the CEO and authorized the CEO to
delegate certain of his delegated authorities to subordinate Fannie Mae employees. From time

                                                            
13
     Id., Section 4.xv.
14
     Id., Section 4.xvi.
15
  See OIG, Administrative Investigation into Anonymous Hotline Complaints Concerning Timeliness and
Completeness of Disclosures Regarding a Potential Conflict of Interest by a Senior Executive Officer of an
Enterprise at 8, 10 (Mar. 23, 2017) (OIG-2017-004) (online at www.fhfaoig.gov/reports/managementalerts).

 
                                                         OIG    EVL-2018-001    January 31, 2018           11 
to time, the Board has updated and clarified its delegation to the CEO who, in turn, updated
and clarified the authorities delegated to subordinate employees. Delegations of authority
from the CEO to his subordinates are recorded in the Executive Officer Delegations of
Authority (EDoA), as amended, and the applicable annex to the EDoA. Version 11.1 of the
EDoA, dated February 17, 2016, is the most current version provided to us. Pursuant to Part
V, Section H, this EDoA states:

              The CCO-SVP is delegated broad authority by the CEO to manage the
              Compliance and Ethics organization, including overseeing legal and regulatory
              compliance: promotion of compliance with federal, state, and local laws and
              regulations; ethics; privacy; anti-fraud; mortgage fraud; investigations; records
              management; delegations of authority; and Company-wide mandatory training.
              The CCO-SVP reports to the CEO and independently to the Audit Committee of
              the Board on matters related to compliance and ethics.

There are tensions between the NGC Charter, approved by the Board, and the EDoA,
approved only by Fannie Mae management, that create interpretive challenges, such as the
following examples:

             As discussed, the NGC Charter tasks the NGC with responsibilities to review conflicts
              matters involving SEOs. The EDoA, which tasks the CCO to manage the Compliance
              and Ethics “organization,” does not explain whether that delegation includes the
              authority to resolve actual and potential conflicts of interest involving SEOs, many
              of whom are senior to the CCO, including the CEO to whom the CCO reports on
              compliance matters.16

             Notwithstanding the conflicts responsibilities reserved to the NGC in its Charter, the
              EDoA directs that the CCO’s duty is to report independently to the Audit Committee




                                                            
16
   In its management response to our recent Management Alert involving the lack of clarity in the charter for
the Nominating and Governance Committee of the board of directors of Freddie Mac, FHFA maintained that
the broad delegation by Freddie Mac’s CEO to its CCO of authority for all activities related to maintaining an
ethics program acted to authorize the CCO and the Freddie Mac Ethics Office to review and resolve executive
officers’ conflicts of interest matters. FHFA Response to Management Alert, Need for Increased Oversight by
FHFA to Ensure Freddie Mac’s Policies and Procedures for Resolution of Executive Officer Conflicts of
Interest Align with the Responsibilities of the Nominating and Governance Committee of the Freddie Mac
Board of Directors (Sept. 27, 2017) (OIG-2017-005) (online at www.fhfaoig.gov/Content/Files/OIG-2017-
005%20%28Redacted%29.pdf). Because the EDoA for Fannie Mae contains similar language, FHFA may
take the same view. That interpretation would mean that an Enterprise Board, through a delegation of
authority to the CEO and, in turn, by the CEO to the CCO, could render meaningless the duties and obligations
of the Board and its committees, which would violate FHFA’s governance regulation.

 
                                                         OIG    EVL-2018-001    January 31, 2018               12 
              on matters “related to” compliance and ethics but contains no duty to present conflicts
              matters involving SEOs to the NGC.17

The Board approved Annex A of the EDoA, titled “Matters Requiring Approval of the Board
of Directors, a Committee thereof, or FHFA and/or the Conservator.” Annex A sets forth
specific matters for which such approvals are required.18 Resolution of conflict of interest
matters involving SEOs is not identified on Annex A. According to FHFA, the failure to
include resolution of conflict of interest matters involving SEOs on Annex A should be
understood to mean that the NGC is not vested with exclusive authority to resolve such
conflicts.

The NGC’s Duties Under the COI Policy and COI Procedure Adopted by Fannie Mae 
Management 

Fannie Mae’s ethics program is comprised of a number of interrelated codes, policies, and
procedures that include the Employee Code, the COI Policy, and the COI Procedure. Fannie
Mae’s COI Policy and COI Procedure were drafted and revised by FM Ethics, the office
responsible for assisting the NGC in fulfilling its duties, and approved by Fannie Mae’s CCO,
who oversees FM Ethics.19

The COI Policy establishes “more detailed Company-wide requirements for avoiding
conflicts of interest” than what is specified in the Employee Code. The COI Policy explains,
with far greater granularity than the Employee Code, the types of activities that give rise to
potential conflicts of interest and instructs employees to disclose such activities to FM Ethics
for review and approval in accordance with the COI Procedure.20 Section 5 of the COI
Policy, captioned “Roles and Responsibilities,” states that the NGC is responsible for

                                                            
17
  Whatever authority was intended to be delegated to the CCO by this provision, which is unclear, that
authority does not exist in a vacuum. Because the NGC Charter requires the NGC to review “activities
engaged in by [SEOs] that may result in a potential or actual conflict of interest under the Employee Code of
Conduct or Conflict of Interest Policy and Conflict of Interest Procedure,” this provision of the EDoA cannot
be understood to relieve the CCO of the obligation to present such situations to the NGC for its review.
18
  In November 2015, the Board approved an update to its delegation of authority that resulted in the list of
matters requiring Board, Committee, or FHFA and/or conservator approval to become “Annex B” of the
EDoA.
19
   During all but the last month of the Review Period, the CCO was the Policy Approver for the COI Policy.
As of December 2016, the Enterprise’s Management Committee replaced the CCO as the Policy Approver.
The Management Committee consists of twelve members of Fannie Mae senior management, most of whom
are SEOs, including the CEO and CCO.
20
  The COI Policy instructs employees to avoid “situations” that could, among other things: (1) impair the
employee’s objectivity in performing duties and responsibilities at Fannie Mae; (2) otherwise interfere with the
employee’s ability to perform duties and responsibilities at Fannie Mae; or (3) “embarrass” Fannie Mae. See COI
Policy, Section 6.1 (Overview).
 
                                                         OIG    EVL-2018-001    January 31, 2018              13 
“approving Conflict requests of Senior Executive Officers as outlined in the accompanying
Procedure.”21

The COI Procedure establishes the process employees must follow to raise and resolve
potential, apparent, and actual conflicts of interest outlined in the COI Policy. Section 7 of
the COI Procedure contemplates no role for FM Ethics and the CCO to review and resolve
conflicts of interests involving SEOs:

              The [NGC] is responsible for reviewing and approving all [conflicts] requests
              made by Senior Executive Officers. (emphasis added)

To assist the NGC in fulfilling these responsibilities, Section 10.2.7 of the COI Procedure sets
forth a clear procedure that must be used by FM Ethics to escalate all conflicts requests
involving SEOs to the NGC.22 It instructs:

              With respect to all Conflict of Interest requests received from Senior Executive
              Officers, FM Ethics will present such requests along with a recommended
              determination to the [NGC]. The recommended determination will state whether
              or not a Conflict exists and will outline any steps that should be taken to address
              the Conflict. The [NGC] will approve, deny, or further condition the
              recommended determination, and forward the final determination to FM Ethics,
              which, in turn, will forward the final determination to the Senior Executive
              Officer. (emphasis added)

Both the COI Policy and COI Procedure, which were drafted by FM Ethics, the management
function responsible for assisting the NGC in fulfilling its duties, reflect the same
understanding of the NGC’s responsibilities under its Charter: that the NGC is obligated to
review and resolve conflicts of interest involving SEOs.


FACTS AND ANALYSIS ...............................................................  

We sought to determine what practice, if any, had been consistently followed by the NGC
during the five-year Review Period with respect to SEO conflicts. We interviewed the current
                                                            
21
     COI Policy, Section 5.
22
   Relying on Section 10.2.3 of the COI Procedure, FHFA maintains that FM Ethics is authorized to determine
that a matter disclosed by an SEO, including the CEO, is not a conflict of interest requiring review and
approval by the NGC. That interpretation, however, would negate two other provisions of the COI Procedure:
Section 7, which directs that the NGC “is responsible for reviewing and approving all requests made by Senior
Executive Officers” and Section 10.2.7, which requires FM Ethics to “present . . . all Conflict of Interest
requests received from Senior Executive Officers” to the NGC.

 
                                                         OIG    EVL-2018-001    January 31, 2018              14 
NGC Chair, who has been an NGC member since December 2008 and chair since October
2015, to understand the practice followed by the NGC for SEO conflicts. He provided two
conflicting explanations of the NGC’s practice. First, he explained that the NGC has not
delegated authority to the CCO to resolve SEO conflicts of interest and that the NGC relies
on the CCO to bring to it all information related to potential conflicts of interest disclosed by
SEOs. That explanation essentially tracks the procedure set forth in Section 10.2.7 of the COI
Procedure. However, he also reported that the NGC relies on the CCO to determine whether
a matter disclosed by the CEO (or any other SEO)23 constitutes a potential conflict of interest
under Fannie Mae’s COI Policy and expects that the CCO will bring to the NGC only those
matters where a potential conflict may exist.

We identified a total of 57 potential conflicts involving SEOs,24 which were documented in
Fannie Mae’s CMS,25 NGC meeting materials, and/or minutes of NGC meetings. Using
minutes of NGC meetings related to these matters26 and CMS entries, we mapped how each
potential conflict was ultimately resolved.


                                                            
23
  We understood that the NGC Chair’s description of the conflicts practice followed by the NGC applied to all
SEOs.
24
   This total of 57 includes matters disclosed during an SEO’s onboarding process and includes matters
involving SEOs who subsequently left Fannie Mae after the matter was resolved.
25
   CMS is FM Ethics’ system of record. According to the COI Procedure, “To ensure that Fannie Mae
consistently applies the [Employee] Code, the [COI] Policy, and this Procedure, FM Ethics maintains a
confidential file of requests and determinations. All Conflict determinations, recusal notifications, and
supporting documents are maintained in [CMS].” See COI Procedure Section 10.5. CMS contains log entries
that track, in chronological order, the details of actions taken by FM Ethics and other Fannie Mae personnel,
and also by FHFA and outside counsel, in conjunction with each matter.
26
   Under Delaware law, minutes of a meeting of a board of its directors, or board committee, are considered to
be prima facie evidence of actions taken by the board or committee. See Young v. Janas, 34 Del. Ch. 287, 103
A.2d 299, 303 (1954). See also Brehm v. Eisner (In re Walt Disney Co. Derivative Litig.), 906 A.2d 27, 56-57
(Del. 2006) (court relies on compensation committee minutes for evidence of whether members were
adequately informed); Third Point LLC v. Ruprecht, C.A. No. 9469-VCP, slip. op. 29-30 (Del. Ch. Ct. May 2,
2014) (court recites the minutes as evidence of what board considered and deliberated upon during board
meeting); In re Netsmart Techs., Inc. S’holders Litig., 924 A.2d 171, 187 (Del. Ch. 2007) (court notes that, in
the absence of minutes, one cannot determine who was at a meeting or what specifically was said or done).
Fannie Mae has elected to follow Delaware corporate governance law. See Section 1.05, Fannie Mae Bylaws
(as amended through July 21, 2016); see also Section 7, Fannie Mae’s Corporate Governance Guidelines
(minutes “will reflect the deliberative process and actions taken in those meetings”) (online at
www.fanniemae.com/resources/file/aboutus/pdf/corpgovguidelines.pdf). While such minutes are not
stenographic records or transcripts of meetings, Delaware courts have treated them as reflecting the level of
review and deliberation by the board or its committee. Like Delaware, both Fannie Mae and FHFA recognize
that minutes of meetings of a board of directors (or a board committee) provide the record of what occurred at
that meeting. See Fannie Mae’s Corporate Governance Guidelines; FHFA Examination Module, “Board of
Directors and Senior Management,” (online at
www.fhfa.gov/SupervisionRegulation/Documents/Board_of_Directors_and_Senior_Management_Oversight_
Module_Final_Version_1.0_508.pdf) at 5 (“Each board committee must keep minutes of its meetings
documenting the discussions of each item considered at the meeting”) and 6 (“The board of directors should
 
                                                         OIG    EVL-2018-001    January 31, 2018                15 
NGC minutes reflect that the NGC was asked by FM Ethics to resolve 24 of the 57 potential
SEO conflicts (42%).27 Typically, FM Ethics provided the NGC with a written analysis of the
possible conflicts issue and recommended a determination for these 24 matters for decision by
the NGC. That practice was consistent with the process set forth in Section 10.2.7 of the COI
Procedure and in the duties reserved to the NGC in the COI Policy and COI Procedure,
drafted by the function responsible with assisting the NGC in carrying out its Charter
responsibilities.

For 16 of the 57 (28%), CMS entries show that (1) FM Ethics determined, on its own,
whether a conflict of interest existed, (2) where it found a conflict, took steps to address it,
and (3) subsequently notified the NGC of its determinations to facilitate the NGC’s “review”
of SEO activities “that may result in a potential or actual conflict of interest” under the COI
Policy and COI Procedure. We found no evidence that any NGC member: asked FM Ethics
to explain why it presented some SEO potential conflicts to the NGC for its resolution, but
retained and resolved other potential SEO conflicts and subsequently notified the NGC of
its determination; pressed FM Ethics to explain the basis of its authority to resolve conflicts
determinations for SEOs; provided direction to FM Ethics about its role in resolving SEO
conflicts; or raised the potential inconsistencies between its duties under the Charter and its
duties under the COI Procedure with the Board and asked the Board to clarify its
responsibilities.

For the remaining 17 (30%), CMS entries reflect that FM Ethics determined, on its own,
whether a potential conflict of interest existed and took steps to resolve any conflict that it
identified. We found no evidence that FM Ethics ever notified the NGC of any of these
17 conflict disclosures or determinations. Those actions by FM Ethics ran afoul of clear
provisions in the COI Policy and COI Procedure, drafted by FM Ethics and approved by the
CCO, which mandate NGC review and resolution of SEO conflicts. Even had FM Ethics
come to the view, currently held by FHFA, that Section 4.xiii of the NGC Charter did not
require the NGC to resolve conflicts involving SEOs, including the CEO, Section 4.xiii of the
Charter requires the NGC to “review” activities engaged in by SEOs “that may result in a
potential or actual conflict of interest” under the COI Policy and COI Procedure. Failure by
FM Ethics to notify the NGC of its resolution of these 17 conflict requests by SEOs deprived
the NGC of its ability to satisfy its duties under its Charter.


                                                            
ensure that an accurate record of its actions is maintained in the form of minutes of each board and committee
meeting. . . . Minutes should document the board’s review and discussion of all agenda items”).
27
   For 17 of these 24 matters, FM Ethics, in a written memorandum to the NGC, analyzed the potential
conflicts issue and reported that it recommended approval by the NGC. For 7 of the 24, FM Ethics analyzed,
in a written memorandum to the NGC, potential conflicts issues that arose during the on-boarding process, and
presented its “determination” for review by the NGC.

 
                                                         OIG    EVL-2018-001    January 31, 2018               16 
Because the composition of the NGC changed over the Review Period, we sought to
determine whether the NGC consistently followed the same process with respect to potential
conflicts of interest disclosed by SEOs during a 10-month period in 2016 (February 2016
through November 2016). Of the four directors who served on the NGC during this period,
two
                   and remains a member. Of the 57 potential conflicts involving SEOs,
including the CEO, that we identified during the Review Period (and discussed earlier), 11
potential conflicts arose during this 10-month period. Minutes of NGC meetings and CMS
entries reflect that the inconsistent practice in resolving SEO potential conflicts remained
unchanged during this 10-month period.

                              , minutes for an NGC meeting show that a potential conflict
              disclosed by an SEO was presented to the NGC, pursuant to the process set forth in
              Section 10.2.7 of the COI Procedure, and the CMS entry reports that the CCO notified
              FM Ethics that the NGC approved the requested activity.

             According to Fannie Mae,                                 disclosed to FM Ethics,        ,
                                                                               Fannie Mae
              counterparty and FM Ethics determined that no conflict of interest existed. There is
              no contemporaneous CMS entry memorializing the conflict of interest analysis by FM
              Ethics or its decision                that no conflict existed. There is also no evidence
              that FM Ethics followed Section 10.2.7 of the COI Procedure and presented this
              conflicts question to the NGC for its resolution or notified the NGC of its
              determination for NGC review at the NGC’s                         meetings.

                           , minutes for an NGC meeting show that a potential conflict disclosed by
              an SEO to FM Ethics arising from the employment of an adult relative by a Fannie
              Mae counterparty was presented to the NGC for its resolution, pursuant to the process
              set forth in Section 10.2.7 of the COI Procedure.

                          , minutes for an NGC meeting show that four potential conflicts involving
              three SEOs were presented by FM Ethics to the NGC for its resolution, pursuant to the
              process set forth in Section 10.2.7 of the COI Procedure.28

             Minutes for an                , NGC meeting report that        notified the NGC
              that FM Ethics previously determined,               , that         disclosure of
                                                    Fannie Mae counterparty did not constitute a



                                                            
28
     Of these four potential conflicts,                                                                   .

 
                                                         OIG    EVL-2018-001    January 31, 2018            17 
        conflict. Minutes for the                 NGC meeting do not reflect that any NGC
        member:

           o Asked            to articulate the reasons that FM Ethics presented a potential
             conflict disclosed by a different SEO arising from the employment of an adult
             relative at a Fannie Mae counterparty for NGC review and resolution in
                   but did not present a potential conflict disclosed by         arising from
                                                                                 counterparty
             for NGC review and resolution in                 ;

           o Pressed            to explain why FM Ethics resolved in                the
             potential conflict arising from
                                        counterparty but presented different potential conflicts
             involving            to the NGC for its resolution in           ;

           o Sought to understand the reasons why FM Ethics presented to the NGC for its
             resolution all potential conflicts involving SEOs between February and July
             2016 except the one arising from
                                   counterparty;

           o Questioned            to explain why FM Ethics failed to follow Section 10.2.7
             of the COI Procedure, which it had drafted and           had approved, with
             respect to this one potential conflict involving       ;

           o Asked            to articulate the basis of authority for FM Ethics to resolve
             a potential conflict of interest involving           when it presented other
             potential conflicts involving            for NGC resolution;

           o Questioned whether                                             , was sufficiently
             independent of               to analyze whether
                                                           counterparty constituted a potential
               conflict of interest; and/or

           o Challenged             to justify the failure to notify the NGC of this potential
             conflict of interest involving            prior to             , which impaired its
             ability to meet its responsibilities under the NGC Charter.

                          , minutes for an NGC meeting show that FM Ethics informed the
        Committee of two potential conflicts of interest involving             negotiations with
        prospective employers. FM Ethics presented one matter to the NGC for its resolution,
        consistent with the process set forth in Section 10.2.7 of the COI Procedure. For the
        second matter, FM Ethics notified the NGC that it determined that Fannie Mae had no

 
                              OIG    EVL-2018-001    January 31, 2018                            18 
        business relationship with the prospective employer. Minutes from this meeting do
        not reflect that FM Ethics followed the process set forth in Section 10.2.7 for this
        second matter and we found no written analysis by FM Ethics to support the
        determination it apparently made. The minutes do not reflect that any NGC member
        pressed FM Ethics to explain its inconsistent approach or questioned FM Ethics why
        it presented one potential conflict involving            discussion with a potential
        employer, pursuant to the process set forth in Section 10.2.7 of the COI Procedure, but
        resolved the second potential conflict involving             discussions with a different
        potential employer on its own.

                            , FM Ethics notified the NGC by email that FM Ethics had
        become aware of “potential issues” relating to            prior disclosure of
                                                              Fannie Mae counterparty and
        “concluded that an appearance of a conflict of interest may be presented under the
        circumstances.” FM Ethics further reported to the NGC that it had prepared a recusal
        agreement that          executed. In this same email, FM Ethics invited NGC
        members to contact FM Ethics with any questions. Fannie Mae reported to us that the
        NGC took no action in response to this notification. We found no documentation that
        any NGC member:

           o Sought or received details from FM Ethics regarding the “potential issues” that
             it identified arising out of        prior disclosure;

           o Requested a written or oral analysis of the “potential” conflicts issues;

           o Asked FM Ethics to explain why it failed to follow Section 10.2.7 of the COI
             Procedure, which it had drafted and          had approved, with respect to this
             one potential conflict;

           o Pressed FM Ethics to explain the reasons why FM Ethics presented to the
             NGC, pursuant to Section 10.2.7, all potential conflicts involving SEOs
                            between February and October 2016, but treated three potential
             conflicts, two of which involved
                             counterparty, differently;

           o Required FM Ethics to explain the basis of its authority to determine that a
             “potential” conflict involving          should be addressed with a recusal
             agreement, rather than presented to the NGC, pursuant to Section 10.2.7;
             and/or




 
                              OIG    EVL-2018-001    January 31, 2018                             19 
           o Flagged to the Board the inconsistent approach in handling potential
             conflicts of interest involving        and asked the Board to clarify its
             responsibilities.

                           , minutes for an NGC meeting show that a potential conflict of
        interest disclosed by an SEO was presented to the NGC for its resolution, pursuant to
        Section 10.2.7 of the COI Procedure.

As discussed earlier, FHFA views operational risk management as an important financial
safety and soundness challenge facing the Enterprises and considers effective corporate
governance to be one element of an acceptable operational risk management program. FHFA
has delegated to the board of each Enterprise a significant portion of day-to-day management
and risk controls, and under its regulations, Enterprise boards retain “ultimate responsibility”
for oversight of Enterprise operations that is “non-delegable.” For this delegated governance
model to succeed, FHFA understands that Enterprise directors and board committees must
fulfill their delegated responsibilities. For many of the 57 potential conflicts of interest
involving SEOs raised during the Review Period, the record shows that NGC members failed
to: diligently understand the facts underlying these matters; demand accurate, timely, and
sufficient information from management about the matters; participate in candid discussions
about the matters; actively press management on the basis for its representations; and vet
management’s recommendations. Minutes for NGC meetings show that NGC members did
not exercise reasonable inquiry commensurate with the reputational risk to Fannie Mae (and
to FHFA) from possible conflicts of interest involving SEOs.

FHFA’s Oversight 

We confirmed that employees from FHFA’s Division of Conservatorship attended most NGC
meetings at which FM Ethics discussed potential conflicts involving SEOs but the minutes of
those meetings do not reflect participation by those employees in such discussions. Similarly,
the minutes of those NGC meetings do not report any concerns raised by FHFA employees
about inconsistencies in Fannie Mae’s corporate governance documents regarding
responsibility to resolve potential conflicts of interest raised by SEOs or about inconsistent
practices by FM Ethics and the NGC to resolve such conflicts. We found no evidence that
FHFA’s senior management was aware of these inconsistencies until we brought them to
FHFA’s attention.




 
                              OIG    EVL-2018-001    January 31, 2018                            20 
FINDINGS .................................................................................  

    1. According to FHFA, the NGC’s duty to “review” certain activities, pursuant to
       Section 4.xiii, does not vest the NGC with the exclusive authority to resolve whether
       certain activities constituted a conflict of interest for SEOs.

    2. FM Ethics, which reports to Fannie Mae’s CCO, is the office responsible for assisting
       the NGC in fulfilling its duties. The COI Policy, drafted by FM Ethics and approved
       by the CCO, establishes “more detailed Company-wide requirements for avoiding
       Conflicts” than what is specified in the Employee Code. Section 5 of the COI Policy,
       captioned “Roles and Responsibilities,” states that the NGC is responsible for
       “approving Conflict requests of Senior Executive Officers as outlined in the
       accompanying Procedure.”

    3. The COI Procedure, similarly drafted by FM Ethics and approved by the CCO,
       establishes the process employees must follow to raise and resolve potential, apparent,
       and actual conflicts of interest outlined in the COI Policy. Similar to the COI Policy,
       the COI Procedure contemplates no role for FM Ethics and the CCO to resolve
       conflicts of interest involving SEOs but requires them to “present” all such conflict of
       interest requests to the NGC for its resolution.

    4. Analysis of 57 potential conflicts involving SEOs, which were documented in CMS,
       NGC meeting materials, and/or minutes, during the five-year Review Period found:
       the NGC was asked by FM Ethics to resolve 24 of the 57 potential SEO conflicts
       (42%); FM Ethics determined, on its own, whether a conflict of interest existed for 16
       of the 57 (28%) and subsequently notified the NGC of its determinations, which ran
       afoul of the mandates in the COI Policy and COI Procedure; and FM Ethics
       determined, on its own, whether a potential conflict of interest existed for 17 of the
       57 (30%), in violation of the COI Policy and COI Procedure, and no documentary
       evidence shows that FM Ethics notified the NGC of any of its unilateral conflict
       determinations, which deprived the NGC of its ability to satisfy its duties under its
       Charter.

    5. For many of these 57 potential conflicts of interest involving SEOs, the record shows
       that NGC members failed to: diligently understand the facts underlying these matters;
       demand accurate, timely, and sufficient information from management about the
       matters; participate in candid discussions about the matters; actively press
       management on the basis for its representations; and vet management’s
       recommendations. Minutes for NGC meetings show that NGC members did not


 
                             OIG    EVL-2018-001    January 31, 2018                            21 
       exercise reasonable inquiry commensurate with the reputational risk to Fannie Mae
       (and to FHFA) from possible conflicts of interest involving SEOs.

    6. Because the composition of the NGC changed over the Review Period, we sought to
       determine whether the NGC consistently followed the same process with respect to 11
       potential conflicts of interest disclosed by SEOs during a 10-month period in 2016
       (February 2016 through November 2016). Of the four directors who served on the
       NGC during this period,
                                                           , and remains a member. Minutes
       of NGC meetings and CMS entries reflect that the inconsistent practice in resolving
       SEO potential conflicts remained unchanged during this 10-month period.

    7. Analysis of those 11 actual or apparent conflicts involving SEOs, which were
       documented in the CMS, NGC meeting materials, and/or minutes, during this
       10-month period found that the NGC was asked by FM Ethics to resolve 8 of the 11
       (73%). For the remaining 3, all of which involved              , FM Ethics determined,
       on its own, whether a conflict of interest existed, took steps to address any conflict it
       identified, and subsequently notified the NGC of its determinations. According to
       Fannie Mae governance documents, FM Ethics reports to the CCO who, in turn,
       reports to the CEO. For each of the 3 conflicts involving             that FM Ethics
       resolved and subsequently notified the NGC, no documentary evidence was found to
       reflect that any NGC member:

           a. Asked FM Ethics and/or the CCO to explain why FM Ethics failed to follow
              Section 10.2.7 of the COI Procedure, which it had drafted and the CCO had
              approved, but followed Section 10.2.7 for the remaining 8 potential conflicts;

           b. Pressed FM Ethics to explain the reasons why FM Ethics presented to the NGC,
              pursuant to Section 10.2.7, all potential conflicts involving SEOs
                   between February and October 2016, but treated three potential conflicts,
              two of which involved
                         counterparty, differently;

           c. Asked            and/or FM Ethics to articulate the basis of authority for FM
              Ethics to resolve 3 potential conflicts of interest involving         when it
              presented other potential conflicts involving            for NGC resolution;

           d. Required FM Ethics to explain the basis of its authority to determine that a
              “potential” conflict involving          should be addressed with a recusal
              agreement, rather than presented to the NGC, pursuant to Section 10.2.7;



 
                              OIG    EVL-2018-001    January 31, 2018                            22 
           e. Questioned whether                                        , was sufficiently
              independent of            to analyze and make any determinations respecting
              potential conflicts involving          ; and/or

           f. Flagged to the Board the inconsistent approach by FM Ethics in handling
              potential conflicts of interest involving        and asked the Board to clarify
              the responsibilities of the NGC, FM Ethics, and the CCO.

    8. While FHFA employees attended NGC meetings at which many of these 57 potential
       conflicts of interest were discussed, we found no evidence that these FHFA employees
       raised questions or concerns about inconsistencies in Fannie Mae’s corporate
       governance documents regarding responsibility to resolve potential conflicts of
       interest raised by SEOs or about inconsistent practices by FM Ethics and the NGC to
       resolve such conflicts. We found no evidence that FHFA’s senior management was
       aware of these inconsistencies until we brought them to FHFA’s attention.


CONCLUSIONS ..........................................................................  

Fannie Mae, in adopting its governance authorities, recognizes that potential, actual, or
apparent conflicts of interest, when not disclosed or addressed properly, pose significant risk
to its reputation and undermine its goal of operating in accordance with “the highest ethical
standards.” According to FHFA, Fannie Mae’s relevant governance documents are internally
inconsistent with respect to responsibility for resolution of conflicts of interest involving
SEOs.

We mapped the resolution of 57 potential, actual, and apparent conflicts of interest involving
SEOs that were disclosed during the five-year Review Period. Of these 57 potential conflicts
involving SEOs, we found: the NGC was asked by FM Ethics to resolve 24 of the 57 potential
SEO conflicts (42%); FM Ethics determined, on its own, whether a conflict of interest existed
for 16 of the 57 (28%) and subsequently notified the NGC of its determinations, which ran
afoul of the mandates in the COI Policy and COI Procedure; and FM Ethics determined, on its
own, whether a potential conflict of interest existed for 17 of the 57 (30%), in violation of the
COI Policy and COI Procedure, and no documentary evidence shows that FM Ethics notified
the NGC of any of its unilateral conflict determinations, which deprived the NGC of its ability
to satisfy its duties under its Charter.

We also looked at FHFA’s oversight of NGC’s review of conflict of interest matters involving
SEOs and found that FHFA employees attended NGC meetings at which FM Ethics presented
conflicts questions involving SEOs to the NGC for its determinations and notified the NGC of
its decisions regarding SEO conflicts requests. We found no evidence that FHFA employees
 
                              OIG    EVL-2018-001    January 31, 2018                             23 
identified the internal inconsistencies or lack of clarity in Fannie Mae’s governance
documents or escalated those issues to senior FHFA management. We also found no
evidence that FHFA’s senior management was aware of these issues until we brought them to
FHFA’s attention.

This evaluation found failures, both by Fannie Mae’s NGC and by FHFA, which created a
weakness in Fannie Mae’s risk management structure. Without enhancements to the NGC’s
oversight, there is a significant risk that the NGC will continue to fall short in exercising its
governance responsibilities.


RECOMMENDATIONS ...............................................................  

To address the shortcomings identified in this evaluation, we recommend that FHFA:

    1. Provide guidance to Fannie Mae on FHFA governance expectations regarding
       authority to review and resolve actual, potential, and apparent conflicts of interest
       involving SEO positions;

    2. Direct Fannie Mae to conduct a comprehensive internal review of its governance
       documents (both board and management generated) for consistency and clarity, with
       specific emphasis on the assignment of authority to review and resolve conflict of
       interest matters involving SEO positions, by seniority and rank, and the process to
       be used to review and resolve such conflicts;

    3. Direct the Fannie Mae Board of Directors to review the results of the comprehensive
       internal review and determine whether authority to review and resolve conflict of
       interest matters involving specific SEO positions, by seniority and rank, should be
       vested in a Board committee or delegated to Fannie Mae management, and determine
       the process to be used to review and resolve such conflicts. Should the Board
       determine to delegate to management authority to review and resolve all potential,
       actual, or apparent conflicts of interest involving the CEO and the CEO’s direct
       reports, counsel the Board on the process that should be put into place to require
       management to report its resolution of all such conflicts to a Board committee for its
       review;

    4. To the extent that the Fannie Mae Board of Directors determines to delegate authority
       to the CCO and FM Ethics to review and resolve certain conflicts of interest involving
       SEOs, counsel the Board to amend the relevant governance documents and establish a
       reporting relationship between the NGC, FM Ethics, and the CCO;


 
                              OIG    EVL-2018-001    January 31, 2018                             24 
    5. Direct FHFA employees to monitor the review and resolution of SEO disclosures of
       potential, actual, or apparent conflicts of interest to ensure that revised Board
       committee charter(s) and management policies and procedures are being followed.

    6. Direct the NGC to use its authority to retain, as appropriate, independent outside
       corporate governance experts to assist it in fulfilling its obligations under the NGC
       Charter.

    7. Direct the Fannie Mae Board of Directors to assess the skills and professional
       experiences of current board members and, as vacancies occur, prioritize candidates
       with demonstrable expertise in corporate governance;

    8. Require the NGC to fully document, in meeting minutes, its discussions, deliberations,
       and actions at each meeting to ensure an effective flow of information between the
       NGC and other directors and to provide FHFA with sufficient information to enable it
       to assess whether the NGC is meeting the responsibilities and obligations set forth in
       its Charter.

OIG provided FHFA an opportunity to respond to a draft report of this evaluation. In its
management response, which is reprinted in its entirety in the Appendix, FHFA agreed with
the recommendations.




 
                              OIG    EVL-2018-001    January 31, 2018                         25 
OBJECTIVE, SCOPE, AND METHODOLOGY .................................  

We conducted this evaluation to assess FHFA’s oversight, as conservator, of the Fannie Mae
Board of Directors’ execution of its responsibilities to administer Fannie Mae’s Employee
Code and COI Policy for Senior Executive Officers of Fannie Mae. To achieve this objective,
we reviewed relevant Fannie Mae policies, procedures, and codes; Board materials and
minutes; and CMS logs and documents related to potential conflicts of interest involving
SEOs. We also relied on interviews with Fannie Mae employees and Board members
conducted for related OIG matters.

Our analysis of potential conflicts of interest involving SEOs was based on the documents
provided to us by Fannie Mae in response to document requests. In December 2016, we
requested all Conflict of Interest Review and Approval Forms—the form employees are
required by the COI Procedure to submit when requesting review of a potential conflict—for
all SEOs submitted between January 1, 2012, and December 2016. In response, Fannie Mae
notified us that that form is not used for SEOs, who generally disclose potential conflicts to
FM Ethics orally, or in response to annual ethics questionnaires. In lieu of the forms, Fannie
Mae provided to us folders from CMS that recorded potential conflicts involving SEOs that
arose within the Review Period.

The folders each contained a log documenting events and actions taken by FM Ethics in
relation to potential conflict of interest matters, along with other documents relevant to the
matters discussed in the log. In some folders, we found no potential SEO conflicts—for
example, a folder contained an annual ethics questionnaire with no disclosures, or the
potential conflicts involved an employee that did not qualify as an SEO. In other instances,
we found that a folder contained multiple potential conflicts—for example, a folder contained
an annual ethics questionnaire on which an SEO disclosed multiple potential conflicts. Based
on our review of the CMS documents and NGC meeting materials and minutes, we identified
a total of 57 potential conflicts involving SEOs that arose during the Review Period. Using
minutes of NGC meetings related to these matters and CMS entries, we mapped how each
potential conflict was ultimately resolved.

This evaluation was conducted under the authority of the Inspector General Act and in
accordance with the Council of the Inspectors General on Integrity and Efficiency’s Quality
Standards for Inspection and Evaluations (January 2012). These standards require us to plan
and perform an evaluation based on evidence sufficient to provide a reasonable basis to
support its findings and recommendations. We believe that the findings and
recommendations discussed in this report meet those standards.



 
                             OIG    EVL-2018-001    January 31, 2018                           26 
APPENDIX: FHFA MANAGEMENT RESPONSE .............................  

 




 
                   OIG    EVL-2018-001    January 31, 2018    27 
 




 
    OIG    EVL-2018-001    January 31, 2018    28 
 
    OIG    EVL-2018-001    January 31, 2018    29 
ADDITIONAL INFORMATION AND COPIES .................................  


For additional copies of this report:

       Call: 202-730-0880

       Fax: 202-318-0239

       Visit: www.fhfaoig.gov



To report potential fraud, waste, abuse, mismanagement, or any other kind of criminal or
noncriminal misconduct relative to FHFA’s programs or operations:

       Call: 1-800-793-7724

       Fax: 202-318-0358

       Visit: www.fhfaoig.gov/ReportFraud

       Write:

                 FHFA Office of Inspector General
                 Attn: Office of Investigations – Hotline
                 400 Seventh Street SW
                 Washington, DC 20219




 
                               OIG    EVL-2018-001    January 31, 2018                   30