U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Open Recommendations


Audit of EXIM’s Fiscal Year 2023 Compliance with the Payment Integrity Information Act of 2019

  • Recommendation #1

    OIG recommends that EXIM’s Chief Financial Officer revise the payment integrity risk assessment questionnaires, and the associated training, to ensure clarity and tailor questions specifically to the unique aspects of each program to avoid ambiguities and promote consistency in responses.



Audit of EXIM’s Enhanced Personnel Security Program

  • Recommendation #1

    The Security Services Office determines the number of pending investigations, including pending investigations awaiting a PD update and PDT.


  • Recommendation #2

    The Security Services Office communicates and coordinates with the Human Resources Office to obtain the PDs and PDTs needed for reinvestigations.


  • Recommendation #3

    The Office of the Chief Management Officer and Security Services Office assign the staffing and resources necessary to conduct pending reinvestigations.


  • Recommendation #4

    The Security Services Office develops and implements adequate internal policies and standard operating procedures.


  • Recommendation #5

    The Security Services Office develops and implements a required training framework for its Security Specialists and program personnel.


  • Recommendation #6

    The Security Services Office implements an internal database to house investigation and clearance documentation.



Evaluation of EXIM’s Sub-Saharan Africa Mandate

  • Recommendation #1

    EXIM's Office of the Chair should designate a lead office or officials responsible for coordinating development, oversight, and implementation of a sub-Saharan Africa specific strategy to address the Sub-Saharan Africa Mandate (hereafter referred to as the "Lead Office or Officials"). The Lead Office or Officials should have an explicit responsibility and authority to coordinate and guide the mandate's implementation across all relevant EXIM offices, liaise with external stakeholders, including but not limited to the Sub-Saharan Africa Advisory Committee (SAAC) and other U.S. Government agencies and between sub-Saharan Africa importers and U.S. exporters to rebuild relationships, establish and monitor key performance indicators, and report regularly to the Board of Directors, EXIM Chair, and SAAC.


  • Recommendation #2

    The Lead Office or Officials should develop a sub-Saharan Africa specific strategy to address the Sub-Saharan Africa Mandate. This strategy should provide a unified direction and shared vision of EXIM offices and staff and communicate EXIM’s commitments and strategy to interagency partners in the U.S. Government and other stakeholders with a focus to promote the expansion of EXIM’s financial commitments in sub-Saharan Africa.


  • Recommendation #3

    EXIM’s Office of the Chair should integrate the Sub-Saharan Africa Mandate strategy within the broader EXIM Strategic Plan to re-enforce that the Sub-Saharan Africa Mandate is central to EXIM’s overall strategic planning.


  • Recommendation #4

    The Lead Office or Officials should develop an actionable plan to enhance collaborative efforts with the Department of Commerce, the Trade Promotion Coordinating Committee (TPCC), and other relevant government agencies, such that EXIM could play a more prominent role in trade discussions and initiatives concerning sub-Saharan Africa.


  • Recommendation #5

    The Lead Office or Officials should establish effective metrics to measure EXIM’s Sub-Saharan Africa Mandate performance to inform the growth strategy (e.g., the number of U.S. exporters, lenders, and importers in sub-Saharan Africa reached, relationships established, total commitments and authorizations, and export value). The Sub-Saharan Africa Mandate performance metrics should also be incorporated within the next EXIM Annual Performance Plan.


  • Recommendation #6

    EXIM’s Office of Board Authorized Finance and Office of General Counsel should conduct a comprehensive review of the post-authorization process to identify the primary factors within the documentation phase that contribute to the lag between authorization and disbursements and devise strategies to remedy these shortcomings.


  • Recommendation #7

    EXIM’s Office of Global Business Development should devise a detailed plan to directly engage importers in sub-Saharan Africa that are not already engaging with EXIM’s sub-Saharan Africa programs. The office must ensure that the plan is incorporated as an integral part of the overarching strategy devised by the Lead Office or Officials.


  • Recommendation #8

    The Lead Office or Officials should devise a plan to directly engage U.S. businesses that are not already engaging with EXIM’s sub-Saharan Africa programs.


  • Recommendation #9

    EXIM’s Office of Policy Analysis and International Relations should conduct an analysis of the potential impacts of lowering the mandated domestic content policy for EXIM programs targeted to sub-Saharan Africa on U.S. jobs and present its findings to EXIM’s Board of Directors.



External Vulnerability Scan and External Penetration Test of EXIM’s Network and System – Fiscal Year 2024

  • Recommendation #1

    The Report is subject to extensive redactions based on applicable Freedom of Information Act (FOIA) exemptions.


  • Recommendation #2

    The Report is subject to extensive redactions based on applicable Freedom of Information Act (FOIA) exemptions.


  • Recommendation #3

    The Report is subject to extensive redactions based on applicable Freedom of Information Act (FOIA) exemptions.



Management Advisory: Risk Assessment of EXIM’s Government Purchase Card and Travel Card Programs

  • Recommendation #1

    The Chief Management Officer should update purchase card, convenience check, and travel card program policies and procedures to ensure training, reporting, and micro-purchase threshold requirements are accurate.


  • Recommendation #2

    The Chief Management Officer should develop and implement a process for tracking purchase and travel cardholder activity status and training due dates.


  • Recommendation #3

    The Chief Management Officer should develop and implement a process to ensure compliance with the requirements of OMB Circular No. A-123, Appendix B, including, but not limited to, convenience checks, data analytics, sustainability and environmental purchasing, maintaining narrative and statistical reports for agency’s own use, and reporting statistical data to GSA.


  • Recommendation #4

    The Chief Management Officer should develop and implement a process to ensure that travel vouchers are completed properly.



Management Advisory: Lack of Clarity in EXIM’s Conduct, Performance, and Discipline Policy

  • Recommendation #1

    EXIM’s Office of Human Capital, in coordination with the Office of General Counsel, should revise the Conduct, Performance, and Discipline Policy to either define the standards of conduct or cite EXIM’s Code of Business Conduct and Ethics as well as clarify policy language to ensure that all EXIM employees are held to the same standards of conduct, regardless of the employee's appointment status.



Management Alert: EXIM’s Process for Vetting Conference Sponsors Needs Improvement

  • Recommendation #1

    The Chief Ethics Officer, in coordination with other EXIM senior officials, should conduct an analysis to determine whether EXIM’s practice of soliciting sponsorship fees sufficiently mitigates the appearance of favoritism towards any potential conference sponsor.


  • Recommendation #2

    The Chief Ethics Officer, in coordination with other EXIM senior officials, should consider developing updated criteria for reviewing sponsorship applications to mitigate potential favoritism concerns.


  • Recommendation #3

    The Chief Ethics Officer, in coordination with other EXIM senior officials, should update its procedures to include steps for documenting the decision to accept or reject each potential sponsor.


  • Recommendation #4

    The Chief Ethics Officer, in coordination with other EXIM senior officials, should develop and implement a process to ensure that the office’s involvement in matters pertaining to conference sponsorship is consistent with its role as described in the EXIM Charter.



Review of Access Control Measures at EXIM Headquarters

  • Recommendation #1

    EXIM’s Chief Management Officer, in coordination with the Vice President for the Administrative Services Division, should spearhead the establishment of an interagency working group with key stakeholders to address physical access controls, including EXIM’s lack of authority for physical access controls, as well as other life-safety and security issues the group may identify at EXIM headquarters.


  • Recommendation #2

    EXIM’s Chief Management Officer, in coordination with the Vice President for Administrative Services Division, should develop an action plan, including a cost benefit analysis, to address the EXIM headquarters turnstile access issues identified in this report.


  • Recommendation #3

    EXIM’s Chief Management Officer, in coordination with the Vice President for Administrative Services Division, should finalize the updated EXIM Building Security Policy and ensure the final version of the revised Policy mandates EXIM employee use of the turnstiles at EXIM headquarters.



Management Alert: EXIM Has Not Fully Complied with Antideficiency Act Reporting Requirements

  • Recommendation #1

    Coordinate with OMB, and if necessary, obtain clearance for EXIM to immediately report the 2019 Antideficiency Act violation the agency identified, consistent with 31 U.S.C. § 1517(b) and the requirements of OMB Circular A-11.


  • Recommendation #2

    If applicable, and after obtaining clearance from OMB, EXIM’s President and Chair should immediately report the 2019 Antideficiency Act violation the agency identified to the President, Congress, and the Comptroller General, consistent with 31 U.S.C. § 1517(b).


  • Recommendation #3

    Formally document EXIM’s internal processes for maintaining records and reporting future Antideficiency Act violations to all required parties in a timely manner.



Comparative Analysis of U.S. and OECD Arrangement Export Credit Agencies

  • Recommendation #1

    Direct staff to conduct an analysis to determine suggested policy changes to further reduce the impact of a potential future loss of a Board quorum on EXIM’s medium- and long-term lending.


  • Recommendation #10

    In advance of EXIM’s next reauthorization, engage with interagency stakeholders to develop legislative proposals that would modify the agency’s charter to address the limitation in Sec. 2(a)(2), which prevents EXIM from matching recent updates to the OECD Arrangement.


  • Recommendation #11

    Direct staff to conduct a study exploring the potential for revising EXIM’s domestic content policy so that lowering minimum down payments to 5 percent would not also require exporters to meet or exceed a heightened 95 percent domestic content threshold (rather than the standard 85 percent threshold) to receive full financing and down payment support.


  • Recommendation #12

    Have the Office of General Counsel support efforts to consider recommendation of revisions to the Board’s delegated authority policy to allow for expedited reviews of larger deals, particularly when there is no Board quorum.


  • Recommendation #13

    Have the Office of Chief Information Officer and Office of Chief Management Officer pair with the Office of General Counsel to develop a plan for decreasing the administrative burden on EXIM underwriters and third-party lenders and increasing employee expertise to facilitate faster transaction execution, to include technology options that may help in streamlining its processes and reduce cycle time, as well as centralize the administrative process and decrease the time spent by underwriters on compliance.


  • Recommendation #14

    Support a study led by the Office of Human Capital, strategic planning, and other internal stakeholders, to identify specific factors impacting EXIM’s ability to attract and retain staff and implement recommendations to address workforce recruitment, retention, and succession planning needs in this area.


  • Recommendation #2

    Direct staff to conduct an analysis to determine what changes should be made to further mitigate the risks to EXIM’s medium- and long-term export credit financing that were generated by the lack of Board quorum.


  • Recommendation #3

    Direct staff to conduct a study exploring the potential for varying EXIM’s domestic content requirement by industry or sector for all exporters—not just those that qualify under the narrow exceptions of the CTEP program—and adopt policy changes to reflect any modifications or revisions to domestic content requirements based on the results of the study.


  • Recommendation #6

    Direct the Senior Vice President for Policy Analysis and International Relations to seek updates to EXIM’s MOU with MARAD to reflect changes in EXIM’s policies and priorities and consider revisiting the $20 million threshold for U.S.-flagged shipping.


  • Recommendation #7

    Develop a comprehensive plan, in coordination with MARAD, to provide clearer and more effective guidance on EXIM’s website for U.S. exporters to assist them in complying with EXIM’s domestic shipping requirements and procedures, including processes for requesting a MARAD waiver on the use of U.S. flagged vessels.


  • Recommendation #8

    In advance of EXIM’s next reauthorization, engage with interagency stakeholders to develop proposals that address the challenges associated with the impact on EXIM’s competitiveness of requiring exporters to use U.S. flagged shipping vessels.


  • Recommendation #9

    Direct staff to conduct a study exploring the potential for adopting a policy of implementing future changes to the OECD Arrangement automatically if no constraints exist in EXIM’s charter or enabling legislation.



Audit of EXIM's Domestic and International Non-Sponsored Travel

  • Recommendation #1

    Develop and implement procedures to ensure that travelers have complied with all pre-travel training requirements.


  • Recommendation #2

    Develop and implement procedures to ensure that travel vouchers are submitted within five business days upon return from travel.


  • Recommendation #3

    Develop and implement training that ensures all staff and approving officials are aware of their roles, responsibilities, and requirements for the travel process.


  • Recommendation #4

    Develop and implement a process to communicate travel policy and requirement updates to staff in a periodic manner.



Independent Audit on the Effectiveness of EXIM’s Information Security - Fiscal Year 2022

  • Recommendation #1

    Update and implement the Enterprise Risk Management program, including applicable policies and procedures, to align with the new requirements outlined in the NIST SP 800-53, Rev. 5, Security and Privacy Controls for Information Systems and Organizations, dated September 23, 2020.



Review of EXIM’s Default Rate Management Practices

  • Recommendation #1

    Identify suitable aggregate measure(s) of portfolio risk to inform organizational decision-making.


  • Recommendation #2

    Ensure EXIM has timely, accurate, and centralized information on all non-performing credits.



Audit of EXIM's Approach for Determining Additionality

  • Recommendation #

    Update the additionality guidelines and checklist to: a) explicitly state the minimum documentation requirements for establishing additionality whether that be source documentation or contemporaneous memos with the required elements of source, timing, and context

    Separated on 6/21/2023 into Rec 1a and 1b


Independent Auditors’ Report on EXIM’s Data Act Submission

  • Recommendation #1

    We recommend that the SAO and EXIM’s DATA Act Working Group determine the root cause of the errors in EXIM-provided data identified during the testing of the second quarter FY 2021 Files D1 and D2, and take necessary corrective action to: (a) correct the errors for records shown in USASpending.gov; (b) identify the risk of reporting incorrect data for each data element containing the error; and (c) update the policies and procedures for recording data in Comprizon, FPDS, and FABS to address the risks and include adequate verification and validation review processes performed by the data owner and a supervisor or other independent party.


  • Recommendation #10

    We recommend that the SAO in coordination with the OCFO continue to implement its corrective action plan to ensure that object class codes are accurately and completely reported in all financial and award data submissions (Files B and C).


  • Recommendation #2

    We recommend that the SAO and EXIM’s DATA Act Working Group continue to improve the design of its review of the procurement award data in FPDS and financial assistance award data submissions to FABS by identifying the root cause for the exceptions in those data elements for which EXIM is responsible, and by developing more effective review procedures for those data elements, as well as the data elements that the SAO and DATA Act Working Group identify as having a high risk of not being accurate, complete, or reported timely.


  • Recommendation #3

    We recommend that the SAO and EXIM’s DATA Act Working Group review EXIM’s policies and procedures for submitting contract award data in FPDS, including procedures for reviewing and confirming the accuracy of the CAR, to ensure proper design and compliance with FAR guidelines for timeliness. Update the policies and procedures based on this review, as necessary, to ensure EXIM meets FAR timeliness guidelines.


  • Recommendation #4

    We recommend that the SAO and EXIM’s DATA Act Working Group review EXIM’s policies and procedures that address timelines for submitting complete and accurate FABS files containing financial assistance award data, to ensure proper design and compliance with DAIMS guidance. Update the policies and procedures based on this review, as necessary, to ensure EXIM meets DAIMs timeliness guidelines.


  • Recommendation #5

    We recommend that the SAO and EXIM’s DATA Act Working Group complete a data inventory for File D1 that defines each data element based on government-wide financial data standards, and that EXIM seeks clarification from OMB and Treasury, as necessary, in order to ensure appropriate interpretation of the DATA Act Standards.


  • Recommendation #6

    We recommend that the SAO and EXIM’s DATA Act Working Group establish policies and procedures to help ensure that all data reported in FABS and included in EXIM’s certified File D2 are reported as intended by the Data Act Standards, and that EXIM seek clarification from OMB and Treasury, if necessary, in order to ensure appropriate interpretation of the Data Act Standards.


  • Recommendation #7

    We recommend that the SAO and EXIM’s DATA Act Working Group complete a data inventory for each of Files A through D1 to govern EXIM’s DATA Act activities and help ensure compliance with government-wide financial data standards.


  • Recommendation #8

    We recommend that the SAO and EXIM’s DATA Act Working Group develop and document a review process of the data inventories for Files A through D2 that EXIM will perform at regular intervals and after each DAIMS update.


  • Recommendation #9

    We recommend that the SAO and EXIM’s DATA Act Working Group develop, test, and implement a DQP that covers significant milestones and major decisions pertaining to:
    • Organizational structure and key processes providing internal control activities for spending reporting;
    • Management’s responsibility to supply quality data to meet the reporting objectives for the DATA Act in accordance with OMB Circular No. A-123;
    • EXIM’s testing plan and identification of high-risk reported data, including:
    (1) specific data the agency determines to be high-risk that are explicitly referenced by the DATA Act; and (2) confirmation that these data are linked through the inclusion of the award identifier in the agency’s financial system, and reported with plain English award descriptions; and
    • Actions taken to manage identified risks.



Evaluation of Risk Management Procedures and Chief Risk Officer Responsibilities

  • Recommendation #1

    To clarify the authority and responsibility of the CRO with respect to the current allocation of risk management responsibilities across the agency, EXIM Bank should formally document the risk management roles, responsibilities and authority of its line of defense functions; clarify responsibilities and interaction between different senior management committees and divisions; identify the individuals and functions to be responsible for each; and address any gaps in those responsibilities.



Report on EXIM Bank's Credit Guarantee Facility Program

  • Recommendation #5

    Review and update the reachback policy for the CGF program to be consistent with actual practice and reduce the need for waivers. In reviewing and updating the reachback policy, the Bank should analyze the case-by-case determination of a reachback relative to the average policy date (i.e., operative date); consider establishing limits on the utilization of the facility for reachback transactions; set requirements for communicating analysis of reachback issues to decision makers including the Board; and establish procedures for consideration of waivers to the policy. This would include documenting the supporting evidence in the credit file.