T3
FHFA
Medium Confidence
Advisory
Enterprise Fraud Reporting
Enhanced fraud risk management and regulatory reporting for GSEs and FHLBanks
MODERATE
Impact Level
Top: reporting disclosure (4)
Classification
- Regulatory Program
- FHFA Enterprise Safety and Soundness
- Doc Type
- Advisory
- Effective Date
- 2026-11-13 (est.)
- Days to Action
- 120
- Comment Deadline
- —
- Published
- —
Urgency Basis
Advisory bulletin with no specified effective date - guidance implementation typically expected within 90-180 days
Operational Context
Flags
Examination Focus
Systems Change Required
Legal Review Required
Affected Functions
Compliance
Risk Management
Operations
Legal
Internal Audit
Institution Applicability
Fannie Mae
Freddie Mac
Federal Home Loan Banks
Impact by Category
Compliance
3
Operational
3
Data Governance
2
Model Risk
1
Reporting & Disclosure
4
Capital & Liquidity
1
Consumer Protection
2
Third-Party Risk
2
Key Requirements
- Implement comprehensive fraud detection and reporting systems
- Establish fraud incident notification procedures to FHFA
- Develop fraud risk assessment and monitoring capabilities
- Maintain detailed fraud incident documentation and records
- Provide regular fraud reporting updates to FHFA
Scoring Rationale
Moderate impact advisory requiring new fraud reporting infrastructure and procedures across FHFA-regulated entities. Primary impact on reporting/disclosure (4) and operational/compliance (3 each) functions. Lower impact on other risk categories as this focuses on reporting rather than fundamental business changes.
AI Analysis Disclosure — This record, including its scores, impact assessments, and Advisory
Assessment (impact, risk, and recommended actions), was generated by an AI model and may contain errors or
omissions. The Advisory Assessment is a starting point for analysis, not a substitute for professional judgment.
Effective dates, applicability determinations, impact assessments, and any recommended actions should be
independently verified against primary regulatory source documents and reviewed by qualified compliance or legal
personnel before taking compliance action. This output does not constitute legal or compliance advice.