Bank regulators should collect and analyze data from IT exams across institutions to better identify trends and target reviews, the Government Accountability Office said in a report Thursday.
The report found that while each regulator collects some information, they do not have standardized methods for collecting data that would help them readily analyze trends. It also noted that while regulators devote considerable resources to overseeing information security at larger institutions, examiners with little or no IT experience perform exams at smaller institutions.
“Collecting trend information and analyses could further increase regulators’ ability to identify patterns in problems across institutions, better target reviews, and better deploy the IT experts among their staff,” the report concluded. The agencies indicated they would take steps to implement the report’s recommendations.