If your company accepted COVID-19 relief funds, avoiding a government audit requires getting your house in order now.
Health & Human Services inspectors general and the DOJ are looking at the accountability of businesses that accepted funds through the CARES Act last year in an effort to root out possible fraud. Even those companies with nothing to hide may be susceptible to scrutiny.
It’s hard to give out $2.4 trillion in a hurry without some of it going to the wrong people. When the COVID-19 pandemic hit the United States last year, the federal government quickly distributed emergency funds through the Coronavirus Aid, Relief, and Economic Security (CARES) Act. Funding included $349 billion for the Paycheck Protection Program (PPP), $25 billion in grants to commercial airlines, more than $360 billion in economic injury disaster loans (EIDL) and $178 billion for hospitals and healthcare providers.
As can so often happen, a lot of that money ended up in the hands of people with less-than-honorable intentions. Now, in an effort to get some of it back, the government has embarked on an aggressive multifront effort to investigate and prosecute organizations that took those funds for fraudulent, wasteful or abusive purposes.
For any organization that accepted funds under the CARES Act — from restaurants that took out modest PPP loans to hospitals that received hundreds of millions of dollars from Health and Human Services (HHS) — the stakes of these investigations are hard to overstate. Federal investigators are under enormous pressure from public watchdogs, politicians and the media to account for taxpayers’ money and are eager to make examples of companies that misused pandemic relief funds. Companies that end up in investigators’ crosshairs can expect a thorough audit, less-than-flattering publicity and the possibility of having to return all funds and pay steep penalties.
Knowing who is conducting the investigations, what they’ve said publicly, and the tools that are at their disposal could help you avoid being targeted, or at least help you navigate the scrutiny.
The False Claims Act
Among the most powerful tools at investigators’ disposal is the False Claims Act (FCA), a Civil War-era law that allows the government to collect “treble damages” (or triple the usual punitive damages) plus an extra penalty tied to inflation from anyone who knowingly submits a false claim to acquire federal funds.
The FCA also contains a powerful incentive for whistleblowers: a qui tam clause that empowers private citizens and nongovernment organizations to file FCA lawsuits against other companies and individuals — with rewards for reporting of up to 30% of the recovered funds.
Senator Chuck Grassley (R-Iowa), an author of key updates to the FCA during his time in Congress, recently spoke about its role in recovering misused COVID-19 funds at the Federal Bar Association’s fourth annual Qui Tam Conference. “As the country continues to battle the global pandemic, the False Claims Act has never been more important than it is right now,” he said, noting that in January, the U.S. Department of Justice (DOJ) had reported its first civil settlement for an allegation of PPP fraud against internet retail company SlideBelts.
“I hope that is a sign of things to come,” Grassley said.
Button Up Now
If those words strike fear into the heart of those who accepted CARES funding, well, that’s probably the idea. Which is why it’s important to be fully aware of the requirements attached to your particular funding program and keep close track of how your company uses the funds.
Your best bet is to prepare now as if you have already been flagged for an audit, especially because you may not have the luxury of time if, and when, that happens. That means understanding the various reporting requirements, timelines and record retention requirements tied to your funds.
Regardless of which specific program your funds came from, it’s essential that you are able to identify and trace — from end to end — the movement of those funds throughout your organization so you can clearly demonstrate that they were not used in noncompliant ways. Keep in mind that investigators are looking not just for fraud, but for waste. To that end, make sure you have the appropriate internal controls and documentation practices in place to show that your CARES funds were thoughtfully and responsibly dispersed.
Moreover, being able to articulate how the taxpayer funds were used to keep employees on the payroll or otherwise contributed to the nation’s collective recovery will be imperative to surviving more public scrutiny.
Know Your Investigator
There are several federal investigating bodies currently pursuing allegations of CARES Act fraud, with the DOJ perhaps the most prominent. Among others are the Pandemic Response Accountability Committee, the House Select Subcommittees on the Coronavirus Crisis, and the Inspectors General for the various federal agencies. Which one your company has to concern itself with may depend on the nature of your COVID-19 funding.
Determining which investigative team is targeting your particular kind of funding could help keep you out of their crosshairs. Congress, which has a large platform it can use to name and shame bad actors, tends to select its targets based on headlines and OIG reports. The HHS Office of the Inspector General (OIG) has telegraphed its priorities in its COVID-19 Strategic Plan. By examining the plan, healthcare companies can glean important information about the IG’s methods and priorities that could help them avoid trouble down the road.
The plan stated, for example, that the OIG would be “dedicating resources to evaluate the safety of beneficiaries in certain vulnerable settings, such as nursing homes.” It also noted that it would be “investigating and mitigating cybersecurity vulnerabilities and threats, including those related to networked medical devices, telehealth platforms, and other technologies being used in COVID-19 response.” For anyone working in those fields, the report was the closest they would get to a personal invitation to prepare for an audit.
Of course, there’s only so much any organization can do to avoid the gaze of federal investigators on a mission. If the inspector general of a federal agency decides to audit all providers of your particular kind of service in your particular region, no amount of preparation or awareness can help you escape the spotlight.
Ultimately, the best strategy when accepting public funding for any purpose is to take the time to study the fine print and maintain a relentless focus on compliance. If you track your spending and “keep your receipts,” you shouldn’t have too much to fear. The trick is to act from the very start as if you could become the target of an audit. Because there’s always a chance you will be.