Audit – Audit of the Division of Banks – Mass.gov

Official websites use .mass.gov
A .mass.gov website belongs to an official government organization in Massachusetts.

Secure websites use HTTPS certificate
A lock icon ( ) or https:// means you’ve safely connected to the official website. Share sensitive information only on official, secure websites.
Top-requested sites to log in to services provided by the state
Top-requested sites to log in to services provided by the state
The audit examined whether DOB whether DOB ensured that its employees had the cybersecurity awareness training required by the Executive Office of Technology Services and Security (EOTSS) as well as oversight over foreign transmittals, and whether the DOB collected, acted on and shared information about licensee holders appropriately. The audit examined the period of July 1, 2017 through June 30, 2019.

In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted a performance audit of the Division of Banks (DOB) for the period July 1, 2017 through June 30, 2019.
In this performance audit, we determined whether DOB (1) ensured that foreign transmittal agencies maintained three years of records in accordance with Section 10 of Chapter 169 of the General Laws; (2) collected, and acted on, information on mortgage lenders or brokers that may have had their licenses suspended or revoked by the licensing authority of any other state, as required by Sections 42.04(2)(b)(4) and 42.06(2)(b)(4) of Title 209 of the Code of Massachusetts Regulations; and (3) shared its information regarding Massachusetts-licensed lenders and brokers that had been subjected to formal enforcement action from other states, as required by Section 5107 of Title 12 of the United States Code and Section 1508(d)(3) of Title V of Public Law 110-289 (the Secure and Fair Enforcement for Mortgage Licensing Act of 2008). In addition, as part of our data reliability assessment, we determined whether DOB ensured that its employees had the cybersecurity awareness training required by the Executive Office of Technology Services and Security (EOTSS).
Below is a summary of our findings and recommendations, with links to each page listed.
Finding 1
 
DOB did not ensure that all of its employees promptly completed cybersecurity awareness training.
Recommendations
 
 
A PDF copy of the Audit of the Division of Banks is available here.
We will use this information to improve the site.
Do not include sensitive information, such as Social Security or bank account numbers.
This form only gathers feedback about the website.
Would you like to provide additional feedback to help improve Mass.gov?
How much do you agree with the following statements in the scale of 1, Strongly Disagree, to 5, Strongly Agree?
If you would like to continue helping us improve Mass.gov, join our user panel to test new features for the site.
© 2021 Commonwealth of Massachusetts.
Mass.gov® is a registered service mark of the Commonwealth of Massachusetts.

source