Senator Richard Shelby(R-AL), Ranking Member on the Senate Banking Committee, joined by Senator Mike Crapo (R-ID), Senator Jerry Moran (R-KN), Senator Mike Johanns (R-NE) and Senator David Vitter (R-LA) sent a letter to the CFPB seeking details on how the agency will address GAO findings on internal
controls and security. The Senators reference a recent GAO report identifying issues warranting attention by CFPB management, including the lack of fully documented accounting procedures and an insufficient process for documenting internal controls over financial reporting, as well as the absence of an agency-wide information security program. This last is important, said the Senators, because the CFPB will have unprecedented access to confidential data, including personal identifiable consumer information and sensitive commercial data. Thus, the Senators emphasized that the CFPB needs to have in place the strongest possible information security systems to protect data provided by consumers and market participants.
The CFPB should promptly address these issues, said the Senators, who asked the agency to provide them with a written plan by July 6, 2012 to remedy the problems with its internal controls and accounting procedures. The plan should describe in detail how the Bureau plans to address each issue and specify when the Bureau expects each issue to be resolved. In addition, the plan should indicate which of the GAO recommendations the CFPB will implement and, for any recommendation it will not implement, the reasons it decided not to so implement.