An audit and continued evaluation of the Consumer Financial Protection Bureau’s programs and operations has yielded three “major management challenges,” according to a report that was published yesterday by the Office of the Inspector General, which provides independent oversight of the CFPB and the Federal Reserve Board.
Those three challenges, in order of significance, are:
- Ensuring that an effective information security program is in place
- Managing the human capital program
- Continuing to refine the supervision and enforcement strategy
While it does not define what constitutes a “major” challenge, the report does drill down on each of the three areas, providing insights into what the CFPB needs to address in order to remove these categories from the OIG’s watchlist. For example, within the information security program, the OIG noted that there are issues with respect to access controls and collaboration tools, which has resulted in some employees having access to data and information they should not otherwise be able to see. The CFPB has also been “challenged” for five years to implement the necessary technology to scan its databases and applications for vulnerabilities.
The report also noted that the bureau is short staffed with respect to information technology personnel, which “may delay its ability to meet the requirements of an executive order that highlights the importance of building a strong cybersecurity workforce.” The CFPB is also attempting to address increased levels of employee dissatisfaction and has undertaken a compensation study to evaluate possible changes to the bureau’s compensation structure.
Given the vast amount of non-depository institutions under its purview, including collection agencies, the CFPB must continue to refine its supervision and enforcement strategy, to make sure it is looking in the right places, the report recommended.