WASHINGTON–A new report from its inspector general on a Federal Reserve audit is raising as many questions as answers related to security risks in the Fed’s systems.
An executive summary of the report issued by the Office of the Inspector General for the Board of Governors of the Federal Reserve System and CFPB, which primarily analyzes Fed's Statistics and Reserve System (STAR), is recommending that the Fed strengthen information controls related to planning, security assessment and authorization, contingency planning, auditing, access control, risk assessment, and system and information integrity.
The subject of the analysis, STAR, is a mainframe system developed in 1998 that supports the statistics and reserves functions at the Federal Reserve's Board and banks. It collects and edits more than 75 periodic statistical reports from financial institutions and also manages financial institutions' reserve requirements and term deposits.
"Given that this system is classified as a moderately critical system, we must appreciate that it will be targeted for intrusion and corruption,” the executive summary states.
The Fed is in the process of modernizing the system by moving to a web-based app, and the report notes that as a moderate-risk system any breach could place the agency at a significant disadvantage or result in major damage, requiring extensive repairs to assets or resources.