May 20, 2009
Mr. Gene L. Dodaro
Acting Comptroller General of the United States
U.S. Government Accountability Office
441 G Street, NW
Washington, DC 20548
Re: FDIC Management Response on the GAO 2008 Financial Statements Audit Report
Dear Mr. Dodaro:
Than you for the opportunity to comment on the U.S. Government Accountability Office’s (GAO) draft report titled, Financial Audit: Federal Deposit Insurance Corporation Funds’ 2008 and 2007 Financial Statements, GAO-09-535. We are pleased that the Federal Deposit Insurance Corporation (FDIC) received an unqualified opinion for the seventeenth consecutive year on the financial statements of its funds: the Deposit Insurance Fund (DIF) and the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund (FRF). The unqualified opinion demonstrates our continued dedication to sound financial management.
The GAO reported that the funds’ financial statements were presented fairly, in all material respects, in conformity with U.S. generally accepted accounting principles (GAAP); FDIC had effective control over financial reporting and compliance with laws and regulations for each fund; and there was no reportable noncompliance with the laws and regulations that were tested. In addition, the GAO reported that there were no material weaknesses or significant deficiencies identified during the 2008 audits.
During 2008, new audit standards were issued that require management to provide a written assertion about the effectiveness of its internal control over financial reporting. In complying with this requirement, the FDIC prepared Management’s Report on Internal Control over Financial Reporting (see attachment). The report acknowledges management’s responsibility for establishing and maintaining internal control over financial reporting and provides FDIC’s conclusion regarding the effectiveness of its internal control.
This past year has been unusually challenging with greater emphasis and focus being concentrated on stabilizing the financial industry and promoting economic recovery. However, as FDIC commits additional resources to further the recovery of the financial markets and economy, we will continue to ensure that effective financial management remains a priority. Also, FDIC recognizes the significance that internal control plays in an agency achieving its mission and goals, and therefore, will seek continual improvement in its internal control environment.
As always, we appreciate the professionalism and dedication of the GAO staff during the audit. We look forward to continuing our productive and successful relationship during the 2009 audit. If you have any questions or concerns, please do not hesitate to contact me.
Steven O. App
Deputy to the Chairman and
Chief Financial Officer
Management’s Report on Internal Control over Financial Reporting
The Federal Deposit Insurance Corporation’s (FDIC) internal control over financial reporting is a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the preparation of reliable financial statements in accordance with U.S. generally accepted accounting principles (GAAP), and compliance with applicable laws and regulations. FDIC’s internal control over financial reporting and compliance reasonably assure that (1) transactions are properly recorded, processed and summarized to permit the preparation of financial statements in accordance with GAAP, and assets are safeguarded against loss from unauthorized acquisition, use, or disposition; and (2) transactions are executed in accordance with the laws and regulations that could have a direct and material effect on the financial statements.
Management is responsible for establishing and maintaining effective internal control over financial reporting. Management assessed the effectiveness of FDIC’s internal control over financial reporting as of December 31, 2008, through its enterprise risk management program that seeks to comply with the spirit of the following standards, among others: Federal Managers’ Financial Integrity Act (FMFIA); Chief Financial Officers Act (CFO Act); Government Performance and Results Act (GPRA); Federal Information Security Management Act (FISMA); and OMB Circular A-123. In addition, other standards that FDIC considers are the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission’s Internal Control - Integrated Framework and the U.S. Government Accountability Office’s Standards for Internal Control in the Federal Government. Based on that assessment, management concluded that, as of December 31, 2008, FDIC’s internal control over financial reporting is effective based on the criteria established in FMFIA.
Federal Deposit Insurance Corporation
May 20, 2009