Skip to main content
ESG Hero Pattern Circle

ESG Governance

We uphold our commitment to sound governance, responsible business practices and ethical behavior in everything we do. Our commitment to safety and soundness is anchored by our diverse, expert Board of Directors. Our Board has adopted Corporate Governance Guidelines to promote the effective functioning of the Board and its committees. The Board oversees risk policies and the integrity of our financial accounting and financial reporting systems and processes while maintaining high standards of corporate conduct and compliance. It also provides advice to management regarding significant issues facing Fannie Mae and may adopt policies and procedures to help promote the safety and soundness of the company. Our Corporate Governance page outlines the oversight of our Board of Directors in greater detail.

On this page:

Business ethics 

No matter the circumstance or challenge, it is our obligation to make responsible decisions, treat others with respect and get things done the right way. Our Code of Conduct for the Board of Directors and the Employee Code of Conduct outline guidance and responsibilities for board members and employees around ethical and lawful conduct. As outlined in the Employee Code of Conduct, Fannie Mae Ethics offers employees and third parties a forum to ask questions or raise concerns in a secure, confidential environment. Annually, employees are required to take an Employee Code of Conduct training and affirm commitment to upholding the code and abiding by our key values, vision, and behaviors.

ESG Governance Ethics
ESG Governance Lender Partners

Setting responsible standards for our lender partners 

We know our success, and ultimately the success of the families and communities we serve, depends on our partners’ observance of standards that help ensure safety and soundness in our business dealings. These contractual requirements are made clear and transparent in the following:

Single-Family Selling Guide

Single-Family Servicing Guide

Multifamily Selling and Servicing Guide

Setting responsible standards for our suppliers 

Fannie Mae works with suppliers to deliver products, services, and expertise that can be counted on in all markets, at all times. At Fannie Mae, we foster relationships with suppliers of integrity, with proven business practices, who provide our company with quality products and services for excellent value. We have a long-standing commitment to diversity and an active program for the inclusion of women, minorities, and individuals with disabilities, as well as women-, minority-, and disabled-owned businesses.

Commitment to supplier diversity

Expectations of our suppliers

ESG Governance Suppliers
ESG oversight and management

ESG oversight and management 

Building on our long history of supporting solutions that drive social and environmental progress, environmental sustainability, and responsible business practices,  we proactively integrate environmental, social, and governance (ESG) factors into our business strategy. Our Board of Directors established the Community Responsibility and Sustainability Committee to steward our mission-oriented efforts and our commitment to becoming a leader in ESG. The Board’s Audit Committee, Compensation and Human Capital Committee, Nominating and Corporate Governance Committee, and Risk Policy and Capital Committee also oversee certain ESG activities. Our six Board Committee Charters outline their responsibilities related to and beyond ESG. We continue to engage both internal and external stakeholders to identify and prioritize the ESG issues most important to our business.

Our dedicated, full-time ESG team focuses on further developing and implementing the company’s ESG strategy, including identifying opportunities to increase the company’s positive environmental and social impact and to report externally on this impact. As part of our commitment to transparent, consistent disclosure of relevant data, we provide ESG information in a variety of reports here. In addition, investors can obtain certain Fannie Mae securities data through transparent information and tools, such as Data Dynamics®. Investors can view historical loan performance, issuance profiles, and monthly performance, including:

Risk management 

Risk management is fundamentally part of our core business model and a primary consideration in our business decisions. Our Board of Directors and management-level risk committees are integral to our risk mitigation program. We manage risk by using the financial services industry standard “three lines of defense” structure: risk ownership and management, risk oversight, and risk assurance. Our Business Units and Operations, Enterprise Risk Management, Compliance & Ethics, Support Functions such as Finance and Human Resources, and Internal Audit units support these lines of defense. All our risk-oriented activities are based on principles set forth by the Committee of Sponsoring Organizations of the Treadway Commission’s Enterprise Risk Management (“ERM”): Integrating with Strategy and Performance framework.

ESG Governance Risk Management
ESG Regulatory Engagement

Regulatory engagement 

We continue to build a strong, collaborative relationship with the Federal Housing Finance Agency (FHFA), our regulator and conservator, and share in their commitment to ensuring Fannie Mae’s safety and soundness as we pursue making sustainable homeownership and workforce rental housing a reality for millions of people. As our regulator, FHFA continuously assesses our financial status and our response to continued stress in the mortgage markets and its effect on the risk profile, performance, and condition of both our Single-Family and Multifamily portfolios. As our conservator, FHFA provides additional guidelines to help us fulfill our mission of expanding access to mortgage credit while keeping the housing finance system stable. FHFA publishes an annual scorecard that governs/guides/directs our performance, available here.

Information security

Information security 

Fannie Mae works to secure and protect the financial information of millions of borrowers from data privacy and security risk, as well as information related to lenders, servicers, employees, investors, and website visitors. Our cybersecurity risk management program aligns to the Committee of Sponsoring Organizations of the Treadway Commission’s Enterprise Risk Management framework and the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity. It has evolved based on the changing needs of our business, the evolving threat environment, and FHFA regulatory guidance. It also extends to oversight of third parties that could be a source of cybersecurity risk, including lenders and servicers that use our systems and third-party service providers. We examine the effectiveness and maturity of our cyber defenses through various means, including internal audits, targeted testing, incident response exercises, maturity assessments, and industry benchmarking. Fannie Mae requires its employees and contractors to take annual training focused on cyber awareness and certify that they will comply with Fannie Mae’s information security policies, standards, and procedures to help protect the confidentiality, integrity, and availability of Fannie Mae’s information and assets.

Cybersecurity risk is overseen by the Board as well as the Risk Policy and Capital Committee and the Strategic Initiatives and Technology Committee of the Board. More information about our Cybersecurity Risk Management Oversight can found in our Form 10-K.

2020 Governance impact