The Office of Inspector General (OIG) is the independent “watchdog” for DFC. We protect America’s investment in international development initiatives through independent oversight of DFC programs and operations.

Audit Announcements, Reports, Open Recommendations, and Correspondence

The OIG conducts and supervises audits of DFC’s programs and operations around the world. These include audits mandated by law (e.g., Data Act, Payment Integrity Information Act (PIIA), Federal Information Security Modernization Act (FISMA), charge card, and annual financial statements), as well as performance audits determined by the IG. At the end of each audit, the OIG issues a report to the appropriate DFC management official detailing the findings and recommendations to address their causes. These recommendations are intended to improve the efficiency and effectiveness of DFC programs and operations. DFC management has an opportunity to comment on OIG findings and recommendations. Recommendations are considered closed when DFC has implemented corrective action. Open recommendations may be resolved or unresolved:

  • An open recommendation is resolved when the OIG agrees with the agency's plan of action.
  • An open recommendation is unresolved when the agency has yet to share a plan of action, or the OIG disagrees with the plan.

 

Audit Announcements

Audit Reports

Open Recommendations
Report TitleReport NumberDate of ReportRecommendation NumberRecommendation
Fiscal Year 2023 DFC Federal Information Security Modernization Act of 2014 AuditDFC-24-001-C10/2/20231Prioritize efforts to enhance DFC's existing vulnerability management process to ensure sufficient identification, prioritization, and remediation of critical and high vulnerabilities in a timely manner in accordance with DFC's policy.
   2Implement the necessary oversight to monitor Cybersecurity Security Assessment and Management (CSAM) to ensure that SSPs are reviewed and authorized in accordance with the timeliness requirements in DFC's policy.
DFC Can Improve Oversight of Renewable Energy and Financing Projects in IndiaDFC-24-003-C11/13/20237Direct DFC’s Chief Development Officer and Chief Risk Officer, in coordination with the Office of Accountability, to advise the Office of Development Policy and the Office of Financial and Portfolio Management on strategic goals for annual site visit monitoring. This should include a process for publicly reporting plans, goals, and actual performance.
   8Ensure all divisions update and finalize site visit monitoring policies and procedures to align with the agency’s strategic goals.
   9Develop a system to centrally track site visit reporting results that is accessible to staff for cross-monitoring purposes. The system should facilitate the formal sharing of lessons learned and trends identified during site visits for all phases of DFC’s investment decision-making.
   11Develop a system to track all significant environmental and social events (fatalities and serious injuries) related to lack of adherence to DFC’s contractual commitments.
   12Report significant environmental and social events (fatalities and serious injuries) related to lack of adherence to DFC’s contractual commitments to DFC’s Board of Directors and report such incidents in the Annual Report.
   13Revise relevant policies and procedures to better define how significant environmental and social events (fatalities and serious injuries) related to lack of adherence to DFC’s contractual commitments impact DFC’s monitoring site visit priorities, annual plans, and/or schedule.
Correspondence