BANK CAPITAL REFORMS
The Office of the Comptroller of the Currency Should Clarify Policy for Retaining Documents
Report to the
Chairman,
Committee on Financial Services,
House of Representatives
United States Government Accountability Office
A report to the Chairman, Committee on Financial Services, House of Representatives
For more information, contact: Michael Clements at clementsm@gao.gov.
What GAO Found
To promote global financial stability, U.S. and foreign banking regulators negotiate and develop nonbinding minimum capital standards for banks through the Basel Committee on Banking Supervision. U.S. members are the Board of Governors of the Federal Reserve System (FRB), Federal Reserve Bank of New York, Federal Deposit Insurance Corporation (FDIC), and Office of the Comptroller of the Currency (OCC).
The Basel Committee expects members to treat Committee work as confidential. Its internal regulations state that internal discussions and the analyses on which they are based should be kept confidential. It also has a process for collecting sensitive bank data (for assessing the effect of standards on select banks), which requires analysts to sign a confidentiality agreement intended to protect the data. The Committee imposes no penalties for violating these expectations, but could take informal action (e.g., restrict a member’s access to information).
U.S. members vary in the extent to which they are subject to the Federal Records Act and have different policies for retaining Basel Committee and related documents as records under the act:
· FRB’s policy expressly covers its work on international organizations, including the Committee, and FRB also issued related guidance.
· FDIC’s policy does not expressly cover its Committee work, but FDIC officials said the policy applies. FDIC also has a procedure directing staff to document their Committee work to share with leadership.
· OCC’s policy does not expressly cover its Committee work. OCC officials said that only documents used as background or working files in rulemaking to implement Basel standards are considered records under their policy.
OCC’s policy does not instruct staff whether to treat—and thus retain—Basel Committee or related documents as records under the Federal Records Act when first created or received. The act requires covered agencies to preserve records documenting the organization’s functions and decisions and to communicate records management responsibilities to staff. However, OCC has not clarified how to treat Committee and related documents, citing its current policy as sufficient. Taking such action could help OCC ensure staff retain documents needed to support rulemaking, consult leadership during Committee negotiations, and demonstrate accountability.
U.S. members said they process Freedom of Information Act (FOIA) requests for Basel Committee or related records in the same way as other FOIA requests. In 2019–2024, FRB received two FOIA requests related to the Committee and FDIC received one. FRB identified information responsive to the requests but deemed it confidential and therefore exempt from FOIA disclosure. FDIC provided the requested information.
Why GAO Did This Study
In 2025, GAO reported on U.S. participation in the Basel Committee’s development of Basel III bank capital standards. U.S. members told GAO that Committee discussions and related information are governed by confidentiality expectations.
GAO was asked to review these expectations and their potential implications. Among its objectives, this report examines the Basel Committee’s confidentiality expectations; U.S. members’ records retention policies for their Committee work; and U.S. members’ processes for handling FOIA requests for Committee or related records.
GAO reviewed Committee and U.S. member documents on confidentiality expectations and associated penalties. GAO assessed relevant records retention policies of U.S. members against provisions in the Federal Records Act and its associated regulations. GAO also reviewed relevant FOIA regulations and data on related requests and interviewed U.S. Committee members.
What GAO Recommends
GAO recommends that OCC revise its records retention policy or issue supplemental guidance to clarify which documents created for or received from the Basel Committee should be treated as records. OCC agreed with the recommendation.
No table of contents entries found.
|
Abbreviations |
|
|
|
|
|
FDIC |
Federal Deposit Insurance Corporation |
|
FOIA |
Freedom of Information Act |
|
FRB |
Board of Governors of the Federal Reserve System |
|
FRBNY |
Federal Reserve Bank of New York |
|
OCC |
Office of the Comptroller of the Currency |
|
RCAP |
Regulatory Consistency Assessment Program |
This is a work of the U.S. government and is not subject to copyright protection in the United States. The published product may be reproduced and distributed in its entirety without further permission from GAO. However, because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately.
January 29, 2026
The Honorable French Hill
Chairman
Committee on Financial Services
House of Representatives
Dear Mr. Chairman:
To promote global financial stability, U.S. and banking regulators worldwide negotiate and develop nonbinding minimum capital standards for banks through the Basel Committee on Banking Supervision (Basel Committee or Committee).[1] The Basel Committee’s U.S. members are the Federal Deposit Insurance Corporation (FDIC), Board of Governors of the Federal Reserve System (FRB), Federal Reserve Bank of New York (FRBNY), and Office of the Comptroller of the Currency (OCC).[2] We reported in March 2025 that, according to U.S. members, Basel Committee discussions and related information are governed by confidentiality expectations.[3]
The Committee is the primary global standard setter for the prudential regulation of banks. Although Basel standards are nonbinding, its members are expected to apply generally consistent requirements to large, internationally active banks in their respective jurisdictions. Members may decide to go beyond the standards and, in some cases, deviate to accommodate national laws, accounting requirements, or banking system structures. Historically, U.S. members issued regulations that generally aligned U.S. capital requirements with Basel standards, according to the U.S. members.[4]
The Federal Records Act, as amended, establishes requirements for the management of records in certain federal agencies.[5] These agencies must preserve records that document their organizational matters, functions, policies, decisions, procedure, and essential transactions.[6] The Freedom of Information Act, as amended (FOIA), requires federal agencies to provide the public with access to federal agency records and information that is not exempt from disclosure.[7]
You asked us to review the Basel Committee’s confidentiality expectations for U.S. banking regulators and the potential implications of such expectations on their records retention and public disclosure policies and procedures. This report examines
· the confidentiality expectations applicable to Basel Committee members, including U.S. banking regulators;
· the penalties or other repercussions that may result if U.S. banking regulators breach the Committee’s confidentiality expectations;
· the extent to which the Committee’s confidentiality expectations cover its monitoring and assessments of U.S. implementation of the Basel standards;
· the extent to which U.S. banking regulators established policies and procedures for retaining records they created or received as Committee members; and
· U.S. banking regulators’ processes for handling requests for Basel Committee or related records under FOIA, including the number of such requests over the last 6 years.
For the first and second objectives, we examined the confidentiality section of the Basel Committee’s Organizational Regulations, which govern members’ confidentiality expectations for Basel Committee participation generally, and the model confidentiality agreement in its Framework for Basel Committee data collection exercises, which governs Committee members and staff participating in quantitative impact studies using sensitive bank data.[8] To analyze actions the U.S. banking regulators could take against employees for breaching the Committee’s confidentiality expectations, we reviewed agency policies on disciplinary and related actions. We also reviewed our prior 2025 report on the Basel Committee.
For the third objective, we reviewed information on the Basel Committee’s website about the Regulatory Consistency Assessment Program to document its purpose, scope, and methodology. We examined the Committee’s Handbook for Jurisdictional Assessments and a sample confidentiality agreement governing these assessments to document how such assessments are conducted and how the collected information is protected.[9] We also reviewed Committee reports issued in 2014–2023 assessing U.S. adoption of Basel standards.
For the fourth objective, we examined the extent to which records retention policies and related guidance covered documents that U.S. banking regulators created for and received from the Basel Committee. We compared the policies and guidance against relevant provisions of the Federal Records Act and National Archives and Records Administration regulations.[10]
For the fifth objective, we reviewed FOIA and U.S. banking regulators’ implementing regulations as well as our prior reports on FOIA compliance.[11] We examined FOIA requests that each U.S. banking regulator received for Basel Committee or related documents from 2018 through 2024 (the general records retention period is 6 years) and their disposition. We also reviewed publicly available FOIA annual reports each U.S. banking regulator filed to determine the total number of FOIA requests received and processed in that period.
For all the objectives, we interviewed officials from FDIC, FRB, FRBNY, and OCC (hereafter, U.S. agency officials). Topics included the Basel Committee’s confidentiality expectations and penalties for breaches, the information U.S. regulators provided for assessments, their records retention policies, and processes for handling FOIA requests for Basel Committee or related records.
We conducted this performance audit from January 2025 to January 2026 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.
Background
U.S. Banking Regulators
The U.S. banking regulators that are Basel Committee members—FRB, FDIC, and OCC—supervise banking organizations for their safety and soundness. Their responsibilities include issuing regulations to establish capital, liquidity, and other requirements for the institutions they supervise, with the goal of promoting the health and stability of the banking system.
According to the banking regulators, they have authority to take actions that are reasonable and appropriate to effectuate their statutory responsibilities, including participating in the Basel Committee and other international organizations. There are also specific representational authorities in statute.[12]
Basel Committee
The Basel Committee comprises 45 members from 28 jurisdictions, consisting of central banks and authorities with formal responsibility for the supervision of banks. It was established in 1974 and is headquartered at the Bank for International Settlements in Basel, Switzerland.[13] The Basel Committee is the primary global standard setter for the prudential regulation of banks and provides a forum for regular cooperation on banking supervisory matters.
The Committee’s governance structure includes a Chair, standing groups, and the Secretariat hosted by the Bank for International Settlements (see fig. 1).[14] The Committee reports to the Group of Central Bank Governors and Heads of Supervision, which appoints the Committee chair.[15] The Committee has four standing groups to undertake its work on risk assessments, supervision, standard setting, and outreach. In addition, the Committee establishes task forces to work on priority projects. The standing groups and task forces are supported by working groups with expertise in specific areas of policy and supervision.
The Basel Committee Expects Members to Treat Their Committee Work as Confidential
The Basel Committee expects its members, including FDIC, FRB, FRBNY, and OCC, to treat their Committee discussions and supporting documents as confidential under two sets of expectations.
Organizational Regulations
The Basel Committee adopted its Organizational Regulations in 2013 (revised in 2018) to govern its internal operations, according to U.S. agency officials. A confidentiality section specifies that discussions within the Committee and its bodies, including the internal or confidential papers and analyses on which they are based, be treated as confidential.[16] It establishes the expectation that all parties exercise due care and take all reasonable measures to protect any data and information shared by Basel Committee members and observers with the Secretariat. According to U.S. agency officials, the Committee adopted the regulations by consensus. Members and their staffs do not sign an agreement to abide by the regulations but do so voluntarily.
U.S. agency officials highlighted the importance of adhering to these confidentiality expectations, as contained in the Organizational Regulations. The confidentiality expectations serve to promote international cooperation through open and honest dialogue between and among member jurisdictions on the Committee, according to U.S. agency officials. For example, FDIC officials said agency staff attend meetings at the direction of their agency principals and need to be able to share their principals’ policy positions in developing Basel standards. U.S. agency officials also told us the Committee does not want its predecisional positions to be disclosed publicly, because it may not ultimately adopt such positions.
According to U.S. agency officials, their agencies do not have written policies specifically covering the disclosure of Basel Committee or related information to Congress.
· FDIC officials told us the agency is responsive to all congressional inquiries and would not assert privilege or confidentiality in relation to any formal request for information or documents from a congressional committee duly authorized to conduct investigations or oversight of FDIC under the rules of its chamber.
· FRB officials told us the agency is responsive to requests from congressional committees duly authorized to conduct oversight of the Federal Reserve and would be responsive to any formal request for Basel Committee information from such a committee.
· OCC officials told us the agency would disclose confidential, supervisory, or nonpublic OCC information, including Basel Committee information, to the chairs of congressional committees of jurisdiction, if requested.
Framework for Basel Committee Data Collection Exercises
The Basel Committee’s Framework for Basel Committee data collection exercises establishes guidelines for collecting sensitive bank data for its quantitative impact studies (which analyze the impact of proposed and final Basel standards on select banks), according to U.S. agency officials.[17] The framework requires staff from the Committee or its member jurisdictions who participate in such studies to keep the data confidential.
The framework also includes a model confidentiality agreement that each study participant must sign. Under the agreement, each participant agrees (1) to keep all data confidential, even after the study is completed; (2) not to transfer data from the Bank for International Settlements’ premises, including electronically; and (3) not to use the data for their personal or home organization’s (that is, U.S. federal regulator) purposes.
According to U.S. agency officials, confidentiality agreements for data collection exercises serve to protect banks and the sensitive data they submit to their regulators for Committee use. The officials said if the Basel Committee or its members did not protect the data’s confidentiality, then banks might not voluntarily provide the data. In such case, the Committee would lack the data needed to assess the impact of its standards.
Basel Committee Does Not Impose Formal Penalties for Breaches, but U.S. Regulators May Take Actions
The Basel Committee’s confidentiality expectations—stated in the Organizational Regulations and model confidentiality agreement—do not expressly impose penalties or other sanctions for a breach of confidentiality. But the Committee could take informal actions against a member for breaching its confidentiality expectations, according to U.S. agency officials. For example, it could restrict a member entity’s access to information, including to the electronic system through which the Committee shares information with members. U.S. agency officials also said the Committee ultimately could expel a member entity (by consensus) for confidentiality breaches.
We did not identify any public notices on the Basel Committee website of actions taken against a member for breaching confidentiality expectations. U.S. agency officials told us they have been reminded of the confidentiality expectations, but they were not aware of any incidents involving U.S. agency staff.
U.S. agency officials told us they can take disciplinary or other actions against staff for breaching the Basel Committee’s confidentiality expectations. Agency staff must protect confidential supervisory and other sensitive information, which includes Committee information. The officials said that agency disciplinary policies, adverse action procedures, and standards of ethical conduct apply. In addition, civil or criminal penalties could be applied to staff who disclose certain confidential information, according to agency officials.[18]
Basel Committee’s Jurisdictional Assessments Have Their Own Confidentiality Agreements
The Basel Committee assesses the alignment of each member jurisdiction’s regulations with the Basel standards, and these assessments are covered by their own confidentiality agreements. In 2012, the Basel Committee established the Regulatory Consistency Assessment Program (RCAP) to help promote full, timely, and consistent implementation of Basel standards and contribute to global financial stability. The program consists of two workstreams: monitoring and assessments. According to the Committee, all member jurisdictions contribute to the program and participate in its monitoring and assessments.
Monitoring
The Basel Committee monitors the timeliness of the adoption of its standards in domestic regulations through information self-reported by member jurisdictions. U.S. agency officials told us they provide the Committee with publicly available information, namely regulations they proposed or finalized to implement the Basel standards in the United States.[19] The Committee summarizes the information in a publicly available “dashboard” to show the implementation status of its standards as reported by member jurisdictions.
Jurisdictional Assessments
The Basel Committee conducts jurisdictional assessments to evaluate the consistency and completeness of the standards adopted by member jurisdictions, including the significance of any deviations from standards.[20] The United States underwent five jurisdictional assessments from 2014 through 2023.[21] The assessment and review teams included participants from 18 member jurisdictions, the Secretariat, and two international organizations.
According to the Committee’s Handbook for Jurisdictional Assessments, a team leader manages the assessment, which an assessment team conducts. The team then drafts the report and determines preliminary assessment grades.[22] A review team examines each draft report before the Basel Committee reviews and approves it.[23] Once approved, the Basel Committee publicly issues the report.
The handbook requires the assessment and review teams to follow confidentiality expectations that specifically govern these RCAP assessments. This confidentiality agreement is separate from the confidentiality agreements signed by participants in quantitative impact studies and from the Basel Committee’s Organizational Regulations. Specifically, the handbook notes that the RCAP confidentiality agreement, provided in template form in the handbook, is subject to the approval of the assessed jurisdiction.[24] We found the RCAP confidentiality agreement and the confidentiality agreement used for data collection exercises incorporated similar confidentiality protections.
U.S. agency officials told us jurisdictional assessments are based primarily on publicly available information, such as U.S. laws and regulations. However, they said that when a domestic regulation is not aligned with a Basel standard, the assessment team will analyze nonpublic data from banks to assess the effect of the difference. The officials told us the Committee’s confidentiality agreement for jurisdictional assessments would cover the data.
Regulators Have Policies to Retain Basel Committee and Related Documents, but OCC’s Policy Does Not Provide Clear Instructions
U.S. Basel Committee members vary in the extent to which they are subject to the Federal Records Act and in their policies for retaining Basel Committee and related documents as records.[25] Dependent on agency policy, such records can include documents (1) received from the Basel Committee, such as draft standards; and (2) created by regulators as part of their Committee work (Committee-related records), such as meeting notes and briefings.
U.S. Basel Committee Members’ Records Retention Policies Informed by the Federal Records Act
U.S. Basel Committee members maintain records retention policies that are subject to or informed by the Federal Records Act.[26] FRB and OCC are subject to and have policies informed by the act and established records retention programs that include policies and procedures for creating, managing, and disposing of their records according to a retention schedule.[27]
Although FRBNY itself is not subject to the Federal Records Act, FRB and FRBNY officials told us FRBNY staff follow FRB’s records retention policy and guidance for their Basel Committee work.[28] Similarly, FDIC is not a federal agency under the act but has a records retention program informed by it.[29]
U.S. Basel Committee Members Generally Have Policies on Retaining Committee and Related Documents
U.S. Basel Committee members have policies that generally direct their staff to retain Committee or related documents that they create or receive during their participation. However, the scope of these policies and related guidance varies.
· FRB and FRBNY. FRB’s records retention policy specifically covers documents staff create or receive when officially participating in international organizations, including the Bank for International Settlements.[30] FRB officials told us their policy cites these documents because they determined documentation of their work on the Basel Committee constituted agency records. In January 2024, FRB updated its guidance setting expectations for managing documents and data created and received by FRB and Reserve Bank staff who participate in international committees and workgroups. The guidance requires staff to document their decisions, actions, and deliberations, which may take the form of meeting notes or minutes, briefings, or memorandums. FRB officials said the guidance was intended to ensure that records generated as part of their international work are not inappropriately destroyed.
· FDIC. FDIC’s records retention policy does not expressly reference the agency’s work on the Basel Committee. However, FDIC officials told us the policy covers all records the agency maintains, including documents staff create or receive when participating on the Committee. FDIC also developed a documentation procedure for staff to follow when actively participating on the Committee. Staff must prepare meeting notes, archive all their group meeting documents, and share them with the agency’s subject matter experts and management for feedback.
· OCC. Like FDIC, OCC’s records retention policy does not expressly reference the agency’s Basel Committee work. However, OCC officials told us their policy covers only documents used as background or working files for OCC’s rulemaking activities related to the Basel standards. Thus, OCC does not consider documents staff created through participation in the Committee as records unless and until staff use them to form the basis of or inform agency rulemaking decisions.
OCC Has Not Clarified Treatment of Basel Committee and Related Documents
OCC’s records retention policy does not instruct staff on whether to treat Basel Committee and related documents as records when first created or received. According to OCC officials, staff can use Basel-related documents immediately after they are created or years later when the agency conducts Basel-related rulemaking activities.[31]
Unlike FRB and FDIC, OCC has not issued supplemental guidance clarifying that staff should prepare and retain Basel Committee and related documents as records to capture their decisions, actions, and deliberations when participating on the Committee. Such documents may include papers received from the Committee or meeting notes and briefing documents used to inform senior executives and obtain guidance on their policy positions.
Under the Federal Records Act and OCC policy, a covered agency must maintain and preserve records containing adequate and proper documentation of the organization and its functions, decisions, policies, procedures, and essential transactions.[32] If the agency cannot clearly determine whether a document is a record, then it must treat the document as a record.[33]
Furthermore, to comply with the Federal Records Act, covered agencies must incorporate records maintenance, storage, and disposition requirements into their programs, processes, systems, and procedures. Agencies also must provide guidance and training to all staff to communicate their records management responsibilities, among other requirements.[34]
OCC officials told us they have not provided more specific guidance to staff on the treatment of Basel Committee or related documents because they view their current policy as adequate. However, the lack of clarity on whether such documents should be treated as records and retained creates risks. First, by deferring that determination until documents form the basis of or help inform agency rulemaking decisions, OCC risks not consistently retaining them if needed for that purpose. Second, OCC risks staff not adequately documenting or retaining documents needed to inform and obtain feedback from leadership during standards negotiations and to demonstrate accountability to external stakeholders. By revising its policies or issuing guidance to clarify which Basel Committee and related documents are records, OCC could help ensure staff retain documents needed to support the implementation of Basel standards, consult with leadership during standards negotiations, and demonstrate accountability.
Basel FOIA Requests Are Rare and Handled Like Other FOIA Requests
U.S. banking regulators said they process FOIA requests for Basel Committee or related records in the same way as other FOIA requests. FDIC, FRB, and OCC are subject to FOIA and adopted regulations to implement its requirements.[35] Although FRBNY is not an agency subject to FOIA, it has a public records policy that generally aligns with FOIA and is similar to FRB’s regulations, according to FRBNY officials.[36]
FOIA provides the public with access to agency information by (1) affirmatively publishing information in the Federal Register, making it available online, and making it available at public information centers; or (2) responding to public requests for disclosure. Any person may request information held by covered agencies without showing a need or reason, so long as the request is submitted in a format and contains information the agency requires. The agency must provide records responsive to the request or identify any exemptions for withheld information.[37] Figure 2 provides an overview of the FOIA request and appeal process.
U.S. banking regulators told us they received few FOIA requests for Basel Committee or related records over the last 6 years, the general records retention period. Specifically, from 2019 through 2024, FRB received two FOIA requests related to the Basel Committee, FDIC received one, and OCC none.[38]
· FRB. One FOIA request sought information on the Committee’s Basel III standards and another on the Task Force on Climate-Related Financial Risks. FRB located information responsive to the requests but determined that it consisted of confidential financial information and predecisional deliberative communications. As a result, FRB withheld the information based on FOIA’s exemption 4 (trade secrets and other confidential business information) and exemption 5 (interagency or intra-agency communications that are protected by legal privileges).
· FDIC. The request asked for data to analyze the impact of Basel I standards. FDIC provided the requested data.
FOIA requests for Basel Committee or related records made up a very small percentage of the agencies’ total FOIA requests. From 2019 through 2024, FDIC, FRB, and OCC received over 3,300, 4,300, and 9,200 FOIA requests, respectively, according to agency data.[39]
OCC officials told us that industry consultations and outreach may account for the low number of requests. As we previously reported, the Basel Committee published consultative documents for public comment, and U.S. banking regulators met with industry officials to discuss them.[40] FRB officials also told us they proactively conducted outreach with industry officials to discuss issues during the negotiation process.
Conclusions
U.S. members of the Basel Committee generally maintain policies and guidance that support confidentiality and records retention. FRB and FDIC took steps to clarify expectations for documenting and preserving their Basel Committee work in their guidance to staff. However, OCC policy does not clearly instruct staff on which Committee or related documents to retain as records. By revising its policies or issuing guidance to clarify which Basel Committee documents are records, OCC could help ensure staff retain documents needed to support the implementation of Basel standards, consult with leadership during standards negotiations, and demonstrate accountability.
Recommendation for Executive Action
The Comptroller of the Currency should revise the agency’s current records retention policy or issue supplemental guidance to clarify which documents created for, or received from, the Basel Committee should be treated as records. (Recommendation 1)
Agency Comments
We provided a draft of the report to FDIC, FRB, and OCC for review and comment. We also provided certain sections of the draft report to the Basel Committee for review and comment. OCC provided written comments that are reprinted in appendix I. FDIC and FRB did not provide written comments. All the agencies and the Committee also each provided technical comments, which we incorporated as appropriate.
In its comments, OCC agreed with our recommendation. OCC stated that it would develop supplemental guidance for OCC staff to clarify the treatment of documents created for, or received, as part of OCC participation in the Committee as records. OCC anticipates providing the supplemental guidance to staff no later than April 2026.
We are sending copies of this report to the appropriate congressional committee, Chair of the Board of Governors of the Federal Reserve System, Chairman of the Federal Deposit Insurance Corporation, Comptroller of the Currency, and other interested parties. In addition, the report is available at no charge on the GAO website at https://www.gao.gov.
If you or your staff have any questions about this report, please contact me at clementsm@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this report. GAO staff who made key contributions to this report are listed in appendix II.
Sincerely,
Michael E. Clements, Director
Financial Markets and Community Investment
GAO Contact
Michael E. Clements, clementsm@gao.gov
Staff Acknowledgments
In addition to the contact named above, Richard Tsuhara (Assistant Director), Philip Curtin (Analyst in Charge), Lena Burleson, Lauren Capitini, Barbara Roesmann, and Jena Sinkfield made key contributions to this report.
The Government Accountability Office, the audit, evaluation, and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO’s commitment to good government is reflected in its core values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony
The fastest and easiest way to obtain copies of GAO documents at no cost is through our website. Each weekday afternoon, GAO posts on its website newly released reports, testimony, and correspondence. You can also subscribe to GAO’s email updates to receive notification of newly posted products.
Order by Phone
The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO’s website, https://www.gao.gov/ordering.htm.
Place orders by calling (202) 512-6000, toll free (866) 801-7077,
or
TDD (202) 512-2537.
Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information.
Connect with GAO
Connect with GAO on X,
LinkedIn, Instagram, and YouTube.
Subscribe to our Email Updates. Listen to our Podcasts.
Visit GAO on the web at https://www.gao.gov.
To Report Fraud, Waste, and Abuse in Federal Programs
Contact FraudNet:
Website: https://www.gao.gov/about/what-gao-does/fraudnet
Automated answering system: (800) 424-5454
Media Relations
Sarah Kaczmarek, Managing Director, Media@gao.gov
Congressional Relations
David Powner, Acting Managing Director, CongRel@gao.gov
General Inquiries
[1]The Basel Committee comprises 45 members—central banks and authorities with formal responsibility for the supervision of banks—from 28 jurisdictions.
[2]FRBNY, which is not a prudential regulator but supervises financial institutions pursuant to FRB’s delegated authority, is involved in FRB’s international engagement due to its role in the financial system and expertise in international financial matters, according to agency officials.
[3]GAO, Bank Capital Reforms: U.S. Agencies’ Participation in the Development of the International Basel Committee Standards, GAO‑25‑107995 (Washington, D.C.: Mar. 26, 2025).
[4]For example, see Office of the Comptroller of the Currency and Board of Governors of the Federal Reserve System, Regulatory Capital Rules: Regulatory Capital, Implementation of Basel III, Capital Adequacy, Transition Provisions, Prompt Corrective Action, Standardized Approach for Risk-weighted Assets, Market Discipline and Disclosure Requirements, Advanced Approaches Risk-Based Capital Rule, and Market Risk Capital Rule, 78 Fed. Reg. 62018 (Oct. 11, 2013). However, U.S. members have issued regulations that deviate from Basel standards—for example, to reflect specific characteristics of U.S. markets or align with U.S. generally accepted accounting principles, practices of U.S. banking organizations, and U.S. law and policy objectives, according to U.S. agency officials.
[5]The relevant provisions of the Federal Records Act, as amended, are codified in Chapters 21, 29, 31, and 33 of Title 44 of the United States Code. Relevant National Archives and Records Administration regulations implementing the Federal Records Act are found at 36 C.F.R. parts 1220–1239.
[6]Entities meeting the definition of a “federal agency,” defined at 44 U.S.C. § 2901, will be subject to the Federal Records Act. The National Archives and Records Administration concluded that certain federal agencies, including FDIC, as relevant here, do not meet this definition and therefore are not required to comply with the Federal Records Act. See https://www.archives.gov/records‑mgmt/agency/non‑fra for a list of these federal agencies.
[7]FOIA is codified at 5 U.S.C. § 552.
[8]Basel Committee on Banking Supervision, Organizational Regulations (Basel, Switzerland: June 2018); and Framework for Basel Committee data collection exercises (Basel, Switzerland: Feb. 29, 2024).
[9]Basel Committee on Banking Supervision, Regulatory Consistency Assessment Programme (RCAP) Handbook for Jurisdictional Assessments (Basel, Switzerland: September 2022).
[10]As previously noted, the relevant provisions of the Act are codified in Chapters 21, 29, 31, and 33 of Title 44 of the United States Code. The regulations implementing the Act are found at 36 C.F.R. parts 1220–1239.
[11]5 U.S.C. § 552; 12 C.F.R. part 309 (FDIC); 12 C.F.R. part 261 (FRB); and 12 C.F.R. part 4, subpart B (OCC).
[12]See 12 U.S.C. § 5373(c) (applicable to FRB); Section 305(b)(2) of the Federal Deposit Insurance Corporation Improvement Act of 1991, Pub. L. No. 102-242 (codified at 12 U.S.C. § 1828 note) (applicable to all federal banking agencies); 12 U.S.C. § 3901 (applicable to all federal banking agencies); 12 U.S.C. §§ 3907(b)(3)(C) (applicable to all federal banking agencies); 3911(a) (generally applicable to FDIC); and 22 U.S.C. § 9522 note (applicable to all federal banking agencies), as we reported in GAO‑25‑107995.
[13]The objectives of the Bank for International Settlements are to promote cooperation among central banks, to provide additional facilities for international financial operations, and to act as trustee or agent for international financial settlements. The Bank for International Settlements is an international financial institution that was established pursuant to the Hague Agreements of 1930 and the bank’s constituent charter and its Statutes.
[14]The Secretariat supports the work of the Basel Committee and consists of permanent and temporary staff from member jurisdictions. The Secretary General reports to the Committee Chair and directs the work of the Secretariat.
[15]The Group of Central Bank Governors and Heads of Supervision consists of the heads of supervision and central bank governors from 28 member jurisdictions. The U.S. representatives to this group are the Vice Chair for Supervision and the Chair of the Board of Governors of the Federal Reserve System, the President of the Federal Reserve Bank of New York, the Chairman of FDIC, and the Comptroller of the Currency.
[16]Basel Committee on Banking Supervision, Organizational Regulations.
[17]Framework for Basel Committee data collection exercises.
[18]See, for example, 18 U.S.C. § 1905.
[19]U.S. banking regulators proposed regulations to implement many of the final Basel III standards in September 2023. Regulatory Capital Rule: Large Banking Organizations and Banking Organizations with Significant Trading Activity, 88 Fed. Reg. 64028 (Sept. 18, 2023). As of January 5, 2026, the rulemaking had not been finalized.
[20]The Basel Committee also has conducted thematic assessments that examine implementation of Basel requirements at the bank level and seek to ensure that banks calculate prudential ratios consistently across jurisdictions to improve comparability across outcomes. The most recent thematic assessment report was issued in 2016. In 2020, the Committee established an evaluation program to assess whether implemented Basel III reforms had achieved their overarching objective of increasing banking sector resilience. According to its monitoring instructions, the Committee will treat all individual bank data collected in this exercise as strictly confidential and not attribute them to individual banks. See Basel Committee on Banking Supervision, Instructions for Basel III monitoring (Basel, Switzerland: Feb. 3, 2025).
[21]Bank for International Settlements, Basel Committee on Banking Supervision, Regulatory Consistency Assessment Programme (RCAP) Assessment of Basel III regulations – United States of America (Basel, Switzerland: December 2014); Regulatory Consistency Assessment Programme (RCAP) Assessment of Basel III G-SIB framework and review of D-SIB frameworks – United States (Basel, Switzerland: June 2016); Regulatory Consistency Assessment Programme (RCAP) Assessment of Basel III LCR regulations – United States of America (Basel, Switzerland: July 2017); Regulatory Consistency Assessment Programme (RCAP) Assessment of Basel large exposures regulations – United States (Basel, Switzerland: July 2023); and Regulatory Consistency Assessment Programme (RCAP) Assessment of Basel NSFR regulations – United States (Basel, Switzerland: July 2023).
[22]Regulatory Consistency Assessment Programme (RCAP) Handbook for Jurisdictional Assessments (2022). The Secretary General selects the team leader, who typically is a Basel Committee member or an official of similar seniority from the organizations of committee members. The Secretariat, in consultation with the team leader, selects the assessment team, which comprises experts drawn from member or observer organizations.
[23]The Secretariat sets up the review team, which is drawn from the Committee’s Policy and Standards Group and other committee working groups and includes a senior member of the Secretariat.
[24]The sample confidentiality agreement in an internal version of the RCAP handbook was approved by the Basel Committee, including U.S. members. Jurisdictions may request changes to the sample agreement, but agency representatives were unaware of situations where this had occurred.
[25]“Records” are defined in 44 U.S.C. § 3301, for purposes of chapter 3 of the Federal Records Act, as “all recorded information, regardless of form or characteristics, made or received by a Federal agency under Federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency or its legitimate successors as evidence of the organization, functions, policies, decisions, procedures, operations, or other activities of the United States Government or because of the informational value of data in them.” The statute also includes certain exclusions from the definition.
[26]The Federal Records Act establishes requirements for the management of records in federal agencies. Every federal agency is required to preserve records that document its organization, functions, policies, decisions, procedures, and essential transactions. The act also gives the National Archives and Records Administration regulatory responsibilities for records management, as well as general responsibilities for archiving records.
[27]A records retention schedule is a printed agency manual or directive containing records descriptions and disposition instructions approved by the National Archives and Records Administration.
[28]For example, FRB’s guidance for managing documents and data related to staff participation in interagency and international committees and workgroups expressly states it covers FRB and Reserve Bank staff.
[29]FDIC’s records retention policy references the Federal Records Act and the National Archives and Records Administration’s regulations.
[30]According to FRB’s policy, when staff participate in a professional capacity but do not officially represent FRB, the resulting documents are nonrecord materials and, thus, not covered by the records retention policy.
[31]For example, OCC staff created documents on finalizing Basel III standards in 2017 and 2019. U.S. Basel Committee members then proposed rules to implement them in 2023, but as of January 2026, no final rule had been issued.
[32]44 U.S.C. § 3101 and 36 C.F.R. § 1222.22. To meet this obligation, an agency must prescribe the creation and maintenance of records that (1) document matters dealt with by the agency, including formulation of basic policies and decisions, and important committee meetings; (2) facilitate action by agency officials and their successors; and (3) make possible proper scrutiny by Congress or other government officials, among other things.
[33]36 C.F.R. §1222.16(b)(1).
[34]36 C.F.R. §1220.34.
[35]12 C.F.R. § 309 (FDIC); 12 C.F.R. § 261 (FRB); and 12 C.F.R. part 4, subpart B (OCC).
[36]The Transparency and Accountability Policy is available at https://www.newyorkfed.org/aboutthefed/freedom-of-information-requests.
[37]FOIA authorizes agencies to withhold information that falls under nine specific exemptions covering (1) national defense or foreign policy; (2) internal agency personnel rules and practices; (3) certain nondisclosure provisions in other statutes; (4) trade secrets and commercial or financial information that is privileged or confidential; (5) privileged interagency or intra-agency memorandums or letters; (6) personal privacy; (7) law enforcement; (8) the regulation or supervision of financial institutions; and (9) geological and geophysical information and data. For additional information, see GAO, Freedom of Information Act: Update on Federal Agencies’ Use of Exemption Statutes, GAO‑21‑148 (Washington, D.C.: Jan. 12, 2021).
[38]FRB rejected one FOIA request for being overly broad, and the requester refiled a revised version. We counted these as a single request.
[39]FOIA requires agencies to submit an annual FOIA report to the Department of Justice. 5 U.S.C. § 552(e)(1). It also requires the Chief FOIA Officer of each agency to review and report to the Attorney General on the agency’s performance in implementing FOIA, in accordance with guidance from the Attorney General. 5 U.S.C. § 552(j)(2)(D). For the purposes of FOIA, “agency” is defined as each authority of the U.S. government, whether it is within or subject to review by another agency, but excludes, among others, Congress, federal courts, territories or possessions, and the District of Columbia. 5 U.S.C. § 551(1).