The Federal Reserve should beef up its controls over the handling of minutes for its policy-setting meetings after the top-secret documents were inadvertently released a day early to a select group in April, the U.S. central bank's watchdog said on Thursday.
Fed Chairman Ben Bernanke asked for a review of the Fed's handling of the documents after a staff member emailed minutes of the U.S. central bank's March policy meeting to more than 100 congressional staffers and bank lobbyists on April 9, about 24 hours ahead of their scheduled release.
The lapse was the Fed's worst security breach in years. Minutes of policy-setting meetings can have a major impact on global financial markets because they can give hints on future Fed action.
That said, the market reaction to the March minutes was muted, and several recipients of the email told Reuters they had not even realized they received it until the Fed publicized the error.
The Fed should limit access to the minutes to board staff who "have a need to know," and remove any staff who do not, the Fed's Office of Inspector General said in its report.
The OIG's office also recommended the Fed develop written policies and better training to safeguard confidential documents.
The Fed has begun to implement the OIG's recommendations, it said in a letter attached to the report, including a requirement that emails regarding minutes contain only a brief note and a link to the Fed's public website, rather than an attached document.
After discovering the breach early on April 10, the Fed decided to publish the minutes at 9 a.m. EDT (1400 GMT), or five hours ahead of the scheduled release time.
Among those who received the minutes early were people with email addresses that identified them as working for a number of financial firms, including Goldman Sachs (GS.N), Barclays Capital (BARC.L), Wells Fargo & Co (WFC.N), Citigroup Inc (C.N), UBS UBSN.VX and JPMorgan Chase & Co (JPM.N), which trade on new information about U.S. monetary policy.
The staff member responsible for the breach told the Fed's watchdog he was confused about the release date, and accidentally sent the email a day early, the report said.
Fed officials met three days after the breach to fix some issues, including limiting the contact list for the congressional liaison's office to government officials.