US banking regulator lacks agency-wide crisis readiness or training plan, audit finds

The US Federal Deposit Insurance Corporation, which insures deposits at banks and oversees their safety and soundness, had failed as of a year ago to develop an agency-wide readiness or personnel-training plan for economic crises, an internal audit said this week.

FDIC management said in a March 2020 response attached to the Inspector General report that it agreed with some conclusions and disputed others.

“The FDIC has a strong and recognized track record of effectively responding to crises,” said Arleas Upton Kea, deputy to chairman Jelena McWilliams. “The FDIC agrees that additional training could be used” in some instances.

The critical 82-page IG report said the FDIC also lacked a policy to define readiness roles that would help staff understand management directives, and fell short in training personnel to understand their responsibilities in carrying out disaster plans.

“The FDIC must be prepared for a broad range of crises that could impact the banking system,” the report said. “Readiness planning provides the ability to respond timely and effectively to crisis events.”

— Report not a pandemic response —

The IG report wasn’t conducted in response to the current pandemic, nor was it specific to any particular type of economic, natural disaster or cyberattack crisis.

But it cited the World Economic Forum’s 2018 Global Risks Report that identified a list of hazardous risks that could affect the international economy and potentially banks.

One example listed was “risks spread of infectious disease - bacteria, viruses, parasites or fungi that cause uncontrolled spread of infectious diseases (for example, as a result of resistance to antibiotics, antivirals and other treatments) leading to widespread fatalities and economic disruption.”

The report also said the FDIC conducts monthly operational review meetings attended by McWilliams and other senior officials.

A September 2019 document about one meeting showed the completion of a surge staffing simulation exercise and a planned cyber resolution exercise.

However, no evidence could be produced that McWilliams and other senior officials are regularly briefed on the status of agency-wide crisis readiness activities anticipating all types of hazards, the report said.