Federal Reports

The U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG), assisted the U.S. Department of Justice (DOJ), Washington, DC, and the U.S. Attorney’s Offices for the District of Kansas and the Northern District of Texas in the civil investigation of PrimeLending, a PlainsCapital company. The investigation was of PrimeLending’s origination, underwriting, and quality control of Federal Housing Administration (FHA)-insured mortgage loans between 2008 and 2012. PrimeLending has its principal place of business in Dallas, TX. On October 23, 2018, PrimeLending entered into a settlement agreement with the Federal Government to pay more than $6.75 million to avoid the delay, uncertainty, inconvenience, and expense of lengthy litigation of certain civil claims the Government stated it had against PrimeLending. The United States contends that for 79 FHA-insured loans, PrimeLending failed to follow all HUD requirements in connection with its origination, underwriting, and quality control. Specifically, the United States contends that between January and December 2008, PrimeLending failed to ensure that the 79 loans qualified for FHA insurance, improperly incentivized underwriters, and failed to perform quality control reviews as required by HUD regulations. The settlement was neither an admission of liability or wrongdoing by PrimeLending nor a concession by the United States that its claims were not well founded. Of the $6.75 million settlement, HUD FHA received more than $3.37 million.PrimeLending also entered into an indemnification agreement with HUD to pay more than $6.74 million in restitution to indemnify FHA for the portion of losses associated with 160 FHA-insured loans that were not eligible for FHA insurance because of alleged material underwriting defects. These 160 FHA-insured loans were originated by PrimeLending between January 1, 2009, and December 31, 2012. The indemnification agreement did not constitute an admission of liability or fault on the part of either PrimeLending or HUD.

The U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG), assisted the U.S. Department of Justice (DOJ), Washington, DC, in the civil investigation of Quicken Loans, Inc. The investigation was of Quicken’s origination, underwriting, endorsement, and related certifications of Federal Housing Administration (FHA)-insured mortgage loans between September 1, 2007, and December 31, 2011. Quicken has its principal place of business in Detroit, MI. On June 3, 2019, Quicken entered into a settlement agreement with the Federal Government to pay $32.5 million. The United States contends that Quicken knowingly approved loans that violated FHA rules while falsely certifying compliance with those rules. Between 2007 and 2011, Quicken allegedly submitted claims for hundreds of improperly underwritten FHA-insured loans. The settlement was reached through mediation. The settlement was neither an admission of liability by Quicken nor a concession by the United States that its claims were not well founded.

The U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG), assisted HUD’s Office of Program Enforcement in a civil investigation of Pacific Horizon Bancorp, Inc., and two former loan officers at Pacific Horizon. Pacific Horizon has its principal place of business in La Crescenta, CA.Based on OIG’s civil investigation, on April 2, 2019, HUD notified Pacific Horizon and the two loan officers that it believed they were liable under the Program Fraud Civil Remedies Act of 1986 for violating HUD requirements in connection with four FHA-insured loans for Pacific Horizon and two FHA-insured loans for the loan officers. To avoid the time and expense of further administrative proceedings and to reach a satisfactory resolution of the matter, all of the involved parties entered into settlement agreements. The agreements did not constitute an admission of liability or fault on the part of any party. On July 1, 2019, Pacific Horizon entered into an agreement to pay $325,000 plus accrued interest to HUD. On July 11, 2019, the two loan officers entered into an agreement and collectively agreed to pay a total amount of $15,000 to HUD.

This report presents the OIG’s assessment of GAO’s compliance with Federal Information Security Modernization Act of 2014 (FISMA) requirements.FISMA requires federal agencies to develop, document, and implement an agency-wide information security program for the information and systems that support their operations and assets, including those provided or managed by another agency or contractor. Although GAO, as a legislative branch agency, is not subject to FISMA, its management has chosen to use FISMA as a set of best practices for its information security program. While GAO has defined an information security program that is generally aligned with FISMA the OIG identified several opportunities for GAO to improve the implementation of its information security program and to ensure alignment with federal best practices.The OIG identified opportunities for GAO to strengthen its risk management program. Specifically, GAO needs to better document a key element of its risk management program, complete impact assessments for all systems, and update it procedures to ensure that standard contract language aligns with NIST guidelines as appropriate.In addition to improvements in risk management, there are also opportunities for GAO to better protect its systems. Information system vulnerabilities, especially those designated as high and critical, need to be remediated in a timely manner. Further, baseline configurations, which help ensure consistent secure deployment of hardware and software, had not been documented for all existing environments.GAO also has opportunities to improve its disaster recovery program. Contingency plan testing did not occur in fiscal year 2018 and one high-impact system did not have a contingency plan defined. Finally, GAO did not complete a business impact analysis which helps to inform contingency planning decisions.The OIG made eight recommendation to strengthen GAO's information security program and practices.

U.S. Customs and Border Protection’s (CBP) Office of Field Operations (OFO) has spent nearly $25.6 million on 279 small scale chemical screening devices that do not identify fentanyl and other illicit narcotics at lower purity levels (10 percent or less). We also found CBP OFO does not have adequate policies for deploying, using, and updating the chemical screening devices. We made four recommendations that will help OFO officers better identify fentanyl and other illicit narcotics at ports of entry. Specifically, we recommended that OFO Executive Assistant Commissioner develop and implement a strategy to ensure all deployed devices are able to identify narcotics at purity levels less than or equal to 10 percent, or provide ports of entry with an alternative method. Further, the Executive Assistant Commissioner should develop a formal strategy to deploy, use, and keep the chemical screening devices updated. CBP concurred with all of the recommendations.