Thus far, the federal government has spent over $3 trillion to address the COVID-19 pandemic crisis, with additional monies expected to be provided by Congress in the next month or two. The sheer number of government assistance programs and volume of funding combined with the need to distribute quickly have presented significant challenges and increased the risk of fraud and misuse of the funds.
To provide oversight of the pandemic response fund, Congress, through the Coronavirus Aid, Relief, and Economic Security (CARES) Act, created the Pandemic Response Accountability Committee (PRAC) in March 2020. The PRAC is composed of twenty Inspectors General (IGs) from across the federal government. The PRAC released its first Management Challenges report in June of 2020, in which it identified the following as common areas of concern:
- Financial Management of Relief Funding: The need for accurate information about pandemic spending and the risk that federal agencies will lose a significant amount of money from improper payments.
- Grants and Guaranteed Loan Management: Oversight of grant funds; timely receipt of accurate financial and performance reporting from grantees; and assessment of performance to determine if grants achieved the intended results.
- IT Security and Management: Management of federal IT systems to permit maximum telework and ensure continued agency operations and safeguarding of federal systems against cyber-attacks.
- Protecting Health and Safety: Maintenance of effective operations and protection of federal employees and facilities; inmates and detainees in federal custody; and patients, consumers, and private sector workers in industries regulated by the federal government.
To update Congress and the administration on the response efforts, the PRAC reached out again to the same IGs for their input into a new report. The updated report was issued on February 3, 2021 and added four new management challenges. One of the newly identified challenges relates to federal workforce safety and the re-opening of work sites, challenges similar to what many businesses are facing. The other three challenges, discussed below, have broad implications across government programs.
New Challenge 1: Preventing and Detecting Fraud Against Government Programs
The Office of Inspector General investigations have identified two primary fraud risks associated with the administration of pandemic response funds: (1) self-certification and (2) lack of due diligence into applicants.
- Self-certification was determined to be the sole or a significant control for pandemic response programs that facilitated the improper disbursement of billions of taxpayer dollars. The Department of Labor IG previously identified self-certification as a top fraud vulnerability for the pandemic unemployment assistance program, putting $26 billion in taxpayer funds at a higher risk of fraud and improper payment. Relying solely on self-certification to demonstrate applicants’ eligibility created a high fraud risk vulnerability evidenced by numerous publicly announced investigations involving high-dollar loan fraud and multi-victim identity schemes.
- Lack of due diligence into applicants. PRAC determined that federal agencies and banks, in an effort to increase the speed of disbursing relief funding, did not conduct full due diligence checks to ensure that the information, such as a social security number or business registration date, was correct. PRAC found that nearly every Paycheck Protection Program (PPP) loan fraud investigation shows the same pattern: The defendants submitted false business records, payroll documents or tax records to lenders in an attempt to fraudulently obtain the loans. Examples include false business formation dates when the businesses were actually formed after the eligibility date. As of December 2020, the Department of Justice had initiated 66 criminal fraud investigations involving over $250 million in PPP loans.
Relying on self-certifications combined with a lack of due diligence checks to ensure that information provided by applicants was accurate has led the PRAC to call on federal agencies and banks to review each application thoroughly to safeguard funds from being disbursed to potential criminals.
New Challenge 2: Informing and Protecting the Public From Pandemic-Related Fraud
Not only has fraud against the government increased during the pandemic, but dishonest individuals are taking advantage of the crisis to harm individuals and businesses through scams and harassment.
Protecting identities. Identity theft is on the rise and has been exploited to obtain pandemic response funds, such as unemployment insurance benefits, PPP loans and Economic Injury Disaster Loan (EIDL) disbursements. On December 16, 2020, a woman pleaded guilty for fraudulently obtaining more than $500,000 in pandemic-related unemployment benefits by using stolen personal identifiable information, including dates of birth and social security numbers. What is even more shocking is that she watched YouTube videos that provided instructions on how to commit unemployment insurance fraud in California using the personally identifiable information that she had purchased on the dark web.
Protecting patients. Fraud schemes targeting patients and health care beneficiaries have been on the rise. Medical labs targeted retirement communities claiming to offer COVID-19 testing while in reality only obtaining blood samples and then falsely billing health care programs for testing services. Medical insurance fraud has also occurred when fraudsters hack social media accounts to obtain personal information and health information, per the PRAC findings.
Protecting consumers. Programs intended to help protect the public and consumers have been stressed by the increase in complaints received and additional responsibilities that have come with administering pandemic-related programs. The Consumer Financial Protection Bureau (CFPB) has experienced an increase in consumer complaints due to the pandemic and faces risk with respect to the timeliness of its response to those complaints. The same challenge is likely faced by a number of other federal, state and local government agencies.
Protecting homeowners and renters. The CARES Act provided protections designed to alleviate the economic and public health consequences of home ownership and tenant displacement. The challenges in implementing these programs focused on ensuring that individuals are aware of their rights and relief options. In addition, it ensures that servicers and landlords provide consistent and accurate information, including all available relief options.
As a result of the increase in scams, Congress enacted the Combating Pandemic Scams Act of 2020 on December 17, 2020, requiring the Federal Trade Commission to develop and disseminate information to the public about various mail, telemarketing and internet scams related to COVID-19. Fraud alerts and bulletins continue to be released to help educate individuals and businesses. These alerts can be found on PandemicOversight.gov. The PRAC has called on both public and private agencies to readily make available to the public any information on these and other fraudulent trends relating to the pandemic and the government’s response. Numerous other agencies, including the Financial Crimes Enforcement Network (FinCEN) continue to issue warnings on COVID-related fraud schemes.
New Challenge 3: Data Transparency and Completeness
PRAC has found the policy makers, leaders and program managers do not have access to all the data needed to inform program and funding decisions for their pandemic response programs and has released a separate study, “Transparency in Pandemic-Related Federal Spending: Report of Alignment and Gaps,” to inform policymakers and other stakeholders about the gaps in available data. The study found that existing data sources have key gaps related to completeness, accuracy and timeliness, and that these gaps may impair the PRAC’s ability to provide full transparency for pandemic-related spending. Examples of particular areas of concern related to pandemic response data include:
- Limited demographic data for pandemic response programs. The IG of the Small Business Administration (SBA) found that the SBA did not collect the required demographic data to determine if the loans went to intended prioritized markets despite the CARES Act requirement that small busses in underserved and rural markets receive priority for PPP loans.
- Incomplete of missing coronavirus relief fund data. The IG of the Department of the Treasury identified challenges with the completeness and transparency of the Coronavirus Relief Fund data submitted by its prime recipients.
Without complete and accurate data, leaders and program managers are limited in their ability to make informed funding decisions and to determine whether funds have been used as intended.
An additional and critical concern of the government’s pandemic relief efforts is the opportunity for double and triple dipping. For example, a business could receive both a PPP loan and a Payroll Support Program payment since both programs offer relief funds for the same payroll justification. That same business also could have applied for funding under the Federal Reserve’s Main Street Lending Program. Without the assurance of complete and accurate data that can be viewed across all government programs, unscrupulous players will continue to find ways to game the system.
For the conduits of COVID relief, whether governmental entities, financial institutions or not-for-profit agencies, the messages are clear. More work needs to be done to ensure that speed to help does not undermine the intent and integrity of the government assistance programs. There will be continued scrutiny of how funds have been used. Now is the time to make sure supporting documentation is in order; not when the inspectors come knocking.