| FHFA Has Laid the Groundwork to Integrate Consideration of Climate-Related Financial Risk into its Policies and Programs but Plans and Methodologies to Accomplish This Work Are in the Early Stages of Development |
AUD-2022-008 |
2022-06-23 |
| FHFA Did Not Always Follow its Procedures When Reviewing the Enterprises' Draft SEC Filings, But Plans to Take Corrective Action |
AUD-2022-007 |
2022-05-12 |
| FHFA Adequately Designed and Implemented Controls to Detect and Prevent Improper Vendor Payments During Fiscal Year 2021 |
AUD-2022-006 |
2022-03-30 |
| DER Followed its Guidance to Prepare, Review, and Issue the 2020 CSS Report of Examination |
AUD-2022-005 |
2022-03-23 |
| FHFA’s Ability to Fill Positions Was Hampered by an Unreliable Internal Management Reporting Tool, Failure to Review its Hiring Practices, and Lack of Training |
AUD-2022-004 |
2022-01-05 |
| FHFA Did Not Follow All of its Contingency Planning Requirements for the National Mortgage Database (NMDB) or its Correspondence Tracking System (CTS) |
AUD-2022-003 |
2021-12-13 |
| Audit of the Federal Housing Finance Agency Office of Inspector General's Information Security Program, Fiscal Year 2021 |
AUD-2022-002 |
2021-10-15 |
| Audit of the Federal Housing Finance Agency's Information Security Program, Fiscal Year 2021 |
AUD-2022-001 |
2021-10-15 |
| FHFA Did Not Follow its Interim Directive on a Requirement to Use a FAR Clause Intended to Protect Whistleblower Rights of Contractor Employees, But Has Since Taken Corrective Action |
AUD-2021-015 |
2021-09-30 |
| FHFA’s Division of Enterprise Regulation Did Not Follow or Train to its Procedures for Information Sharing of Enterprise Counterparty Performance Issues |
AUD-2021-014 |
2021-09-28 |
| FHFA’s Use of its Enterprise Examination Manual, in Practice, Does Not Align with its Goal of Promoting a Consistent Examination Approach or Meet Management’s Expectations |
AUD-2021-013 |
2021-09-28 |
| DBR Generally Followed its Guidance to Assess the Remediation of Adverse Examination Findings Issued to the FHLBanks and the Office of Finance |
AUD-2021-012 |
2021-09-02 |
| Audit of the Federal Housing Finance Agency’s 2021 Privacy Program |
AUD-2021-011 |
2021-08-11 |
| FHFA Lacked Documentation of its Validation of Data Used to Produce the Third Quarter 2020 Seasonally Adjusted, Expanded-Data FHFA HPI and Failed to Timely Review its Information Quality Guidelines |
AUD-2021-010 |
2021-07-22 |
| FHFA Did Not Record, Track, or Report All Security Incidents to US-CERT; 38% of Sampled FHFA Users Did Not Report a Suspicious Phone Call Made to Test User Awareness of its Rules of Behavior |
AUD-2021-009 |
2021-06-25 |
| FHFA Did Not Always Follow its Policies for Monetary Awards, Recruitment Bonuses, and Retention Allowances during Fiscal Years 2019 and 2020; FHFA’s Excellence Awards Were Not Included in Agency Policy |
AUD-2021-008 |
2021-06-17 |
| Despite FHFA’s Acknowledgement that Enterprise Reliance on Third-Parties Represents a Significant Operational Risk, No Targeted Examinations of Fannie Mae’s Third-Party Risk Management Program Were Completed Over a Seven-Year Period |
AUD-2021-007 |
2021-03-29 |
| Audit of an FHFA Sensitive Employment-Related Case Tracking System: FHFA Followed its Access Control Standard, But its System Is Adversely Impacted by Two Security Control Weaknesses |
AUD-2021-006 |
2021-03-29 |
| FHFA’s Failure to Include the Financial Crimes and Model Components in its CSS Risk Assessment Is Inconsistent with a Risk-Based Approach to Supervision |
AUD-2021-005 |
2021-03-23 |
| FHFA Followed OMB Guidance in Implementing its Enterprise Risk Management Program But its 2020 Risk Profile Failed to Identify a Significant Action Underway to Address Acknowledged Supervision Risk |
AUD-2021-004 |
2021-03-17 |
| Audit of FHFA’s Design of Procedures and Guidance to Prevent and Reduce Improper Payments |
AUD-2021-003 |
2021-03-11 |
| Audit of the Federal Housing Finance Agency Office of the Inspector General’s Information Security Program (Fiscal Year 2020) |
AUD-2021-002 |
2020-10-20 |
| Audit of the Federal Housing Finance Agency’s Information Security Program (Fiscal Year 2020) |
AUD-2021-001 |
2020-10-20 |
| Weaknesses in FHFA’s Monitoring of the Enterprises’ 97% LTV Mortgage Programs May Hinder FHFA’s Ability to Timely Identify, Analyze, and Respond to Risks Related to Achieving the Programs’ Objectives |
AUD-2020-014 |
2020-09-29 |
| FHFA Failed to Follow its Cloud-Based Computing Requirements when it Did Not Validate the Implementation of Minimum Security Requirements for Cloud-Based Tools and Did Not Include Required IT Security Provisions in Some of its Cloud Service Contracts |
AUD-2020-013 |
2020-09-17 |
