| Enterprise Multifamily Variable-Rate Mortgages |
WPR-2021-005 |
2021-08-25 |
| Audit of the Federal Housing Finance Agency’s 2021 Privacy Program |
AUD-2021-011 |
2021-08-11 |
| FHFA Lacked Documentation of its Validation of Data Used to Produce the Third Quarter 2020 Seasonally Adjusted, Expanded-Data FHFA HPI and Failed to Timely Review its Information Quality Guidelines |
AUD-2021-010 |
2021-07-22 |
| Compliance Review of FHFA’s Handling of Fannie Mae’s Confidential Conservator Requests |
COM-2021-006 |
2021-07-21 |
| Summary of Administrative Inquiry: The Office Inspector General's Review of Allegations that a Senior Agency Executive Asked Job Candidates and Subordinate Employees about Their National Origin and Made Racially Insensitive Comments |
OIG-2021-002 |
2021-07-14 |
| FHFA Did Not Record, Track, or Report All Security Incidents to US-CERT; 38% of Sampled FHFA Users Did Not Report a Suspicious Phone Call Made to Test User Awareness of its Rules of Behavior |
AUD-2021-009 |
2021-06-25 |
| Risk Assessment of FHFA’s Government Purchase Card and Travel Card Programs April 1, 2020 – March 31, 2021 |
OIG-RA-2021-001 |
2021-06-17 |
| FHFA Did Not Always Follow its Policies for Monetary Awards, Recruitment Bonuses, and Retention Allowances during Fiscal Years 2019 and 2020; FHFA’s Excellence Awards Were Not Included in Agency Policy |
AUD-2021-008 |
2021-06-17 |
| Compliance Review of DBR's Assessment and Documentation of Critical Cybersecurity Controls in Examinations of the FHLBank System |
COM-2021-005 |
2021-06-15 |
| FHFA’s Failure to Define and Clearly Communicate “Supervisory Concerns” Hinders the Enterprise Boards’ Ability to Execute Their Oversight Obligations Under FHFA’s Corporate Governance Regulation and Renders the Regulation Ineffective as a Supervisory Tool |
EVL-2021-003 |
2021-03-30 |
| Despite FHFA’s Acknowledgement that Enterprise Reliance on Third-Parties Represents a Significant Operational Risk, No Targeted Examinations of Fannie Mae’s Third-Party Risk Management Program Were Completed Over a Seven-Year Period |
AUD-2021-007 |
2021-03-29 |
| Audit of an FHFA Sensitive Employment-Related Case Tracking System: FHFA Followed its Access Control Standard, But its System Is Adversely Impacted by Two Security Control Weaknesses |
AUD-2021-006 |
2021-03-29 |
| Disaster Risk for Enterprise Single-Family Mortgages |
WPR-2021-004 |
2021-03-23 |
| Landscape Report: Survey of the Impact of the SolarWinds Orion Supply Chain Compromise on FHFA and its Regulated Entities |
OIG-2021-001 |
2021-03-23 |
| FHFA’s Failure to Include the Financial Crimes and Model Components in its CSS Risk Assessment Is Inconsistent with a Risk-Based Approach to Supervision |
AUD-2021-005 |
2021-03-23 |
| Enterprise Business Resiliency: Risk Mitigation and Plan Development |
WPR-2021-003 |
2021-03-22 |
| For Nine Years, FHFA Has Failed to Take Timely and Decisive Supervisory Action to Bring Fannie Mae into Compliance with its Prudential Standard to Ensure Business Resiliency |
EVL-2021-002 |
2021-03-22 |
| Update on Enterprise Transition from LIBOR to an Alternative Index for Single-Family ARMs |
WPR-2021-002 |
2021-03-17 |
| FHFA Followed OMB Guidance in Implementing its Enterprise Risk Management Program But its 2020 Risk Profile Failed to Identify a Significant Action Underway to Address Acknowledged Supervision Risk |
AUD-2021-004 |
2021-03-17 |
| Corporate Governance: Fannie Mae Senior Executive Officers and Ethics Officials Again Failed to Follow Requirements for Disclosure and Resolution of Conflicts of Interest, Prompting the Need for FHFA Direction |
EVL-2021-001 |
2021-03-15 |
| Compliance Review of DER's Assessments of Enterprise MRA Closure Packages |
COM-2021-004 |
2021-03-15 |
| Audit of FHFA’s Design of Procedures and Guidance to Prevent and Reduce Improper Payments |
AUD-2021-003 |
2021-03-11 |
| Update on Mortgage Insurers as Enterprise Counterparties |
WPR-2021-001 |
2021-03-08 |
| Compliance Review of FHFA’s Quality Control Reviews of Enterprise Supervision Activities |
COM-2021-003 |
2021-02-12 |
| After Four and a Half Years, DER Still Fails to Ensure that Enterprise Boards are Notified of Serious Deficiencies in a Timely Manner |
COM-2021-002 |
2021-01-21 |
