Oversight

IG: Federal Reserve should standardize its continuous monitoring

Federal Reserve building Washington DC. Shutterstock image. Photo credit Joseph Sohm 

The Federal Reserve headquarters in Washington, D.C.

Supervisory groups at Federal Reserve Banks are not consistent in their continuous monitoring practices, and can have trouble finding data on information systems due to unstandardized approaches to data uploading, according to a recent inspector general report.

The Federal Reserve System Board of Governors is in charge of issuing guidances for the supervision of its regional reserve banks. To measure the efficacy of its continuous monitoring, and to follow up on its 2014 recommendation for the board to improve its supervision, IG assessed the practices at four Federal Reserve Banks.

The purpose of continuous monitoring for the Federal Reserve is to help identify knowledge gaps and to keep supervisors up to date on potential strategic or operational changes at a financial institution, the report states.

According to the report, examiners in charge of supervising large financial institutions spend over half of their time conducting continuous monitoring. However, auditors found employees’ continuous monitoring and documentation practices to be inconsistent.

“Given the considerable time dedicated to continuous monitoring, maximizing its effectiveness should enhance the overall effectiveness of the supervisory program,” the report states.

Specifically, auditors found that while the board has issued guidance “on some aspects” of continuous monitoring, such as the establishment of meetings and management reports, the guidance does not standardize practices across the enterprise.

Auditors noted that each of the four banks they visited had its own guidance for continuous monitoring, and that expectations for continuous monitoring outcomes also vary by branch. Even among supervisory teams at the same reserve bank, continuous monitoring procedures differ, the IG reported.

Auditors noted that certain best practices are followed at Federal Reserve Banks, but added that they have not been “broadly implemented.”

In addition to the lack of standardized guidance, auditors found other limitations to effective continuous monitoring practices.

Examiners said the sheer volume of information that is provided by financial institutions prevents them from reviewing all of it before uploading it to bank systems. The IG also reported that examiners were “reluctant” to reduce the scope of continuous monitoring activities out of fear of “being unaware of important events at a firm.”

Additionally, auditors found that individual supervisory groups sometimes have multiple SharePoint sites, and that examiners can have difficulty finding and retrieving data on information systems because of teams’ inconsistent approaches to uploading the data.

The report recommended the Reserve’s Director of Supervision and Regulation to develop system-wide guidance and training on how to conduct continuous monitoring that requires data rationalization, and to clarify how employees should store and retrieve continuous monitoring documentation.

Michael S. Gibson, the Reserve's director of supervision and regulation, concurred with both recommendations, and stated that his organization has begun to take corrective action.

About the Author

Chase Gunter is a former FCW staff writer.

Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.