On April 2, 2019, the FDIC issued Financial Institution Letter FIL-19-2019 (the “Letter”) to remind financial institutions about certain contractual provisions and other requirements pertaining to technology service provider contracts. Apparently, during recent routine examinations, the FDIC found several technology service provider contracts that were inadequate under existing guidance. These contracts were missing or inadequately

The most notable items added by the Office of Inspector General (OIG) to its work plan, updated as of July 7, 2014, are audits of the CFPB’s information security program, pay and compensation program, and distribution of civil penalty funds.

Information Security

Pursuant to the Federal Information Security Management Act of 2002 (“FISMA”), each

The Bureau’s Office of Inspector General (OIG) (which it shares with the Fed) recently issued its 2013 report card on the CFPB’s information security system.  While the OIG states in the audit report that the CFPB has made “significant progress in developing, documenting, and implementing its information security program,” the OIG nevertheless found “opportunities” for

The CFPB’s latest report card on its information security system, delivered last week by the Bureau’s Office of Inspector General (OIG), indicates that the system still needs improvement.  In May 2012, the Government Accountability Office issued a report that identified various problems with the CFPB’s internal controls and accounting systems that included the absence of