KPMG Issues Independent Auditor Report for FFIEC, Covering 2025 and 2024

KPMG LLP served as the contracted independent auditor for the Federal Financial Institutions Examination Council and issued an independent auditor’s report dated March 3, 2026 for the Council’s financial statements for the years ended December 31, 2025 and 2024, according to the report excerpt provided, which cuts off mid-sentence and does not include the body or opinion language of that March 3, 2026 report. The only explicit wording in the Original Report excerpt is the firm’s issuance of the March 3, 2026 report; the excerpt terminates after the word, The, leaving the audit opinion and any findings unknown in the supplied text.

That March 3, 2026 engagement follows a prior KPMG Independent Auditors’ Report dated February 24, 2025, transmitted to the FFIEC in a Board of Governors Office of Inspector General transmittal labeled 2025-FMIC-B-002. The Feb. 24, 2025 transmittal, addressed to the Federal Financial Institutions Examination Council at 3501 Fairfax Drive, E-2035-C, Arlington, VA 22226-3550, explicitly states, “This letter transmits the Independent Auditors’ Report prepared by KPMG LLP on the Federal Financial Institutions Examination Council’s (FFIEC) financial statements,” and that, “We contracted with KPMG to audit the financial statements of the FFIEC as of and for the years ended December 31, 2024 and 2023.”

The OIG transmittal also records the contract requirements for the engagement, specifying the audit must be performed “in accordance with the auditing standards generally accepted in the United States of America and in accordance with the standards applicable to financial audits contained in Government Auditing Standards, which is issued by the comptroller general of the United States.” The transmittal signed by Mark Bialek, Inspector General, notes the OIG “reviewed and monitored the work of KPMG to ensure compliance with the contract,” and further states, “KPMG is responsible for the accompanying Independent Auditors’ Report, dated February 24, 2025.” The letter concludes the OIG position with, “We do not express an opinion on the FFIEC’s financial statements. In addition, we do not draw conclusions on the Independent Auditors’ Report.” The transmittal cc list in the excerpt includes Judith Dupre, Executive Secretary, FFIEC, and Allison Hester-Haddad, FFIEC Legal Advisory Group and Counsel, Office of the, the rest of the cc line is truncated.

The provided record leaves a sharp evidentiary gap: the March 3, 2026 excerpt confirms KPMG issued the report for 2025 and 2024 but does not include the opinion paragraph or any reporting on internal control, compliance, or management letters. The Feb. 24, 2025 KPMG opinion excerpt in the OIG transmittal begins, “In our opinion, the accompanying financial statements present fairly, in all material respects, the financial position of the Council as of,” but that sentence is truncated in the 2025 excerpt as well.

Context from other federal engagements in the assembled materials shows varied KPMG outcomes in recent years. In an Independent Auditors’ Report dated November 12, 2021 for the Department of Homeland Security, KPMG “has issued an unmodified (clean) opinion on DHS’ consolidated financial statements,” while also issuing “an adverse opinion on DHS’ internal control over financial reporting as of September 30, 2021,” identifying “material weaknesses in internal control in two areas and significant deficiencies in four areas,” and reporting “two instances of noncompliance.” The DHS transmittal cites Bruce Miller, Deputy Inspector General for Audits, (202) 981-6000. For the Department of Energy’s Western Area Power Administration, a 2025 KPMG engagement concluded that WAPA’s financial statements “present fairly, in all material respects, the financial position of WAPA as of September 30, 2025,” and that KPMG “did not identify any deficiency in internal control over financial reporting that was considered a material weakness,” noting the audit was performed “in accordance with generally accepted government auditing standards.”

The materials also include KPMG federal work going back to at least a November 8, 2016 signature on a U.S. General Services Administration Independent Auditors’ Report; the GSA excerpt includes KPMG’s Washington, DC office address, Suite 12000, 1801 K Street, NW, Washington, DC 20006, and a firm legal descriptor used in federal reports. Those federal-audit excerpts illustrate the contractual emphasis on U.S. GAAS and Government Auditing Standards that the FFIEC contract references.

Separately, congressional oversight documents in the packet underscore reputational scrutiny of KPMG’s bank audits: the Homeland Security and Governmental Affairs Committee material states, “KPMG issued an audit opinion for Silicon Valley Bank 14 days before it collapsed, Signature Bank 11 days before it collapsed, and First Republic Bank 62 days before it collapsed, representing KPMG’s assessment that the banks’ respective financial statements were fairly and accurately presented.” The HSGAC excerpt also reports that, “Early in the 2022 audit, KPMG learned of whistleblower allegations of widespread mortgage fraud that implicated portions of the bank’s financial statements pertaining to credit risk. KPMG did not conduct an independent review of these allegations, instead relying on an oral summary from the bank’s law firm. KPMG issued an unqualified audit opinion without accounting for the allegations.” A PSI interview quoted in that material captures an audit partner’s framing of scope and going concern: “[PSI]: Put another way, the bank could fail as a result of its risky or even reckless business strategy, but as long as the financial statements are sound, is it accurate that KPMG would have no cause for concern? . . . [Witness]: We would evaluate whether there is substantial doubt of the entity’s ability to continue its going concern. . . . And if the numbers were presented appropriately and if there is substantial doubt [sic] and we obtained the evidence that we needed, that would support our audit opinion,” attributed to Jack Pohlman, Audit Partner, KPMG, during a Feb. 15, 2024 interview cited in the excerpt.

To resolve what the March 3, 2026 FFIEC Independent Auditor’s Report actually concluded, the next necessary documents are the full text of the March 3, 2026 KPMG report and any OIG transmittal or management letters specific to that engagement, along with the contract terms governing the 2026 audit period. Obtaining those documents and any associated KPMG communications to FFIEC governance will determine whether the 2026 engagement reiterated prior opinion language or disclosed internal-control findings, compliance exceptions, or other matters.