The joint Federal Reserve/CFPB Office of the Inspector General (OIG) recently issued its first listing of “major management challenges” facing the CFPB. These challenges represent what the OIG believes to be “the areas that, if not addressed, are most likely to hamper the CFPB’s accomplishment of its strategic objectives.” To identify the challenges, the OIG used audit and evaluation work it performed and audits performed by the U.S. Government Accountability Office, along with CFPB documents.
The OIG identified the following five management challenges for the CFPB:
- Improving the operational efficiency of supervision. The OIG’s evaluation work found that the CFPB needs to (1) improve its timely issuance of examination reports, (2) establish standards for the timely input of data into its supervisory examination system, and
(3) establish a formalized policy for scheduling and tracking examination staff hours.
- Building and sustaining a high-performance workforce. The OIG observes that the CFPB faces challenges in building its workforce due to competition for qualified staff with the unique skill sets needed. To accomplish that goal, the OIG believes that the CFPB will need to (1) strengthen workforce planning, including by identifying mission-critical technical, managerial, and leadership skills, (2) recruit, appropriately train, and retain a highly skilled, diverse workforce, and (3) develop an effective human capital infrastructure, including improving the CFPB’s compensation and benefit policies and establishing a new performance management system (to replace the system that resulted in disparities in evaluations based on factors such as race and age).
- Implementing new management operations. The OIG believes the CFPB needs to focus on establishing internal controls, including policies and procedures that clearly define roles and responsibilities, and effectiveness measures. The OIG identified the CFPB’s civil penalty fund (CPF) and consumer complaint database as specific program areas on which the CFPB needs to focus. With regard to the CPF, the OIG observes that the CFPB may face challenges in distributing funds to victims in a timely manner as the CPF continues to grow. The CFPB must use the CPF to compensate consumers harmed by the activities for which civil penalties have been imposed and to the extent victims have already been compensated, cannot be located, or payment is otherwise not practicable, the CFPB can use the CPF for consumer education and financial literacy. (As we have commented, although the CFPB cannot use CPF for operating expenses, the CFPB presumably has more funds available to use for other purposes (such as enforcement activities) to the extent it uses the CPF for consumer education and financial literacy programs.) As to the complaint database, the OIG observes that the expansion of the products and services covered by the database will challenge the CFPB’s ability to manage complaints, improve data quality, and maintain the effectiveness of the complaint process. The OIG also observes that the CFPB’s plan to publish consumer narratives will create additional challenges in ensuring that personally identifiable information is properly protected. (We previously commented that the CFPB’s plan appears to be turning the database into a gripe site.)
- Providing for space needs. The OIG observes that the CFPB’s headquarters renovation project presents various challenges for the CFPB, including managing and mitigating risks such as potential scope changes, schedule delays, unanticipated expenses, and cost overruns. (As we have reported, the ballooning costs of the renovation have been the subject of Congressional criticism.) The OIG also observes that space planning will be required during and after the headquarters renovation. Surprisingly, the OIG observes that once the renovation is complete, the CFPB will still need additional space.
- Ensuring an effective information security system. The OIG believes the CFPB needs to (1) continue to improve its information security program, (2) take additional steps to ensure contractors used by the CFPB to operate and maintain information systems meet applicable information security requirements, (3) fully transition from Treasury’s information security and IT resources and complete development of the CFPB’s own IT infrastructure, and (4) take steps to ensure that personally identifiable information is adequately protected. (In September 2014, the GAO issued a report on the CFPB’s data collection efforts in which it found that the CFPB needed to do more to reduce the risk of improper collection, use or release of such data. The CFPB’s data collection efforts have also been the focus of criticism from lawmakers.)
The OIG also provides an outline of its ongoing and planned work relevant to the management challenges it has identified.