Results of Scoping of the Evaluation of the Board's Practices and Controls for Safeguarding Confidential Supervisory Information in OASIS

Date Issued

Tuesday, February 3, 2026

Submitting OIG

Federal Reserve Board & CFPB OIG

Agencies Reviewed/Investigated

Board of Governors of the Federal Reserve System

Report Number

2026-SR-B-001

Report Type

Inspection / Evaluation

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Report updated under NDAA 5274

External Link

Open Recommendations

This report has 4 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
1	No	$0	$0
Develop and implement a plan for restricting user access for Large Institution Supervision Coordinating Committee and Large and Foreign Banking Organization users in OASIS consistent with the need-to-know requirement in Board policy and the Federal Reserve Administrative Manual and National Institute of Standards and Technology’s least privilege principle.
2	No	$0	$0
Define an access approach for the eventual transition of the Community Banking Organization and Regional Banking Organization portfolios into OASIS appropriate for the Community Banking Organization and Regional Banking Organization supervisory framework and based on users’ need to know.
3	No	$0	$0
Update existing OASIS guidance to clarify how examiners should use sensitive file folders, including expectations for the types of files that should be stored in the folders and who should have access to the folders.
4	No	$0	$0
Develop guidance that a. defines the need-to-know principle and how it should be applied when granting user access to confidential supervisory information in OASIS. b. describes the expectations for performing the Board’s annual access review process for OASIS, including designating responsibility for performing the attestation to individuals with knowledge of the user’s roles and responsibilities, such as the user’s supervisor or other possible alternatives.