On March 27, President Trump signed into law the $2 trillion coronavirus stimulus bill, named the Coronavirus Aid, Relief, and Economic Security Act (CARES Act).  The law, the most expensive single piece of legislation ever passed, includes hundreds of billions in funds to help businesses remain afloat.  To provide oversight into how these funds are used, the CARES Act establishes a Special Inspector General for Pandemic Recovery (SIGPR), along with two other oversight bodies.

This action is not without precedent, as Congress established a similar watchdog to oversee the stimulus funds disbursed in the wake of the 2008 financial crisis, the Special Inspector General for the Troubled Asset Relief Program (SIGTARP).  SIGTARP’s broad interpretation of its mandate, as well as its aggressive pursuit of fraud involving stimulus funds, are instructive to forecasting how SIGPR will fulfill its mission and to how recipients of CARES Act funds can protect themselves.

SIGPR Duties & Powers

The CARES Act tasks the SIGPR with monitoring fraud, waste and abuse involving the $500 billion of CARES Act funds allocated to the Treasury Secretary (Economic Stabilization Fund) to support businesses, states and municipalities impacted by the COVID-19 pandemic.

The SIGPR, who will be appointed by the president and requires Senate confirmation, will be empowered to “conduct, supervise, and coordinate audits and investigations of the making, purchase, management, and sale of loans, loan guarantees, and other investments” relating to the Economic Stabilization Fund.

The SIGPR will have broad powers to conduct audits and investigations, including the ability to do the following:

1. Subpoena documents.
2. Take testimony.
3. Make warrantless arrests and seek arrest and search warrants without first obtaining approval from the Attorney General.
4. Obtain documents and information from federal agencies.

The statutory responsibilities bestowed on SIGPR closely mirror those assigned to SIGTARP to oversee Troubled Asset Relief Program (TARP) funds.  SIGTARP aggressively utilized its mandate and powers to conduct investigations resulting in the total recovery of $11 billion as of July of 2019 (including $900 million in 2019 alone) and 381 criminal convictions.

Key Considerations for Companies Receiving Support from CARES Act

If the past is prologue and the SIGPR takes their cue from SIGTARP, businesses receiving support through the CARES Act fund should expect considerable scrutiny. Indeed, the pressure on the SIGPR to generate results will be particularly acute considering the vast sums of money to be disbursed under the CARES Act.  Likewise, SIGPR’s assignment is set to last just five years, further increasing pressure on the SIGPR to act swiftly and firmly.

The SIGTARP analog highlights the need for CARES Act applicants and recipients to proactively adopt procedures that minimize the risk of liability should they face a SIGPR audit or investigation.  In this vein, we are providing the following recommendations for companies to consider before and after securing CARES Act funds.  These recommendations will similarly mitigate risks posed by the other main CARES Act oversight agencies – Pandemic Response Accountability Response Committee and Congressional Oversight Commission.

1. Ensure applications for CARES Act funds and all other representations to the government are accurate.
2. Carefully identify the specific restrictions or conditions imposed by the CARES Act programs under which funds are received and adopt policies and procedures to achieve and document full compliance with them.
3. Monitor developments and guidance issued regarding the restrictions and conditions of the relevant CARES Act programs.
4. Implement control measures to thoroughly track and document the use of the disbursed funds and consider establishing a separate account to solely handle transactions involving those funds.
5. Establish procedures for identifying and internally escalating any potential compliance lapses involving CARES Act funds.
6. Take seriously any audit conducted by SIGPR. The auditors at SIGPR can easily refer matters to their colleagues in the investigations group should they become concerned that a party is being uncooperative, is hiding something, or had engaged in wrongdoing.
7. Finally, be mindful that SIPGR could follow SIGTARP’s playbook and assert its jurisdiction broadly. It is therefore important to treat with care and caution any investigatory contact or request from SIGPR, even if a company believes it merely has an attenuated connection to CARES Act funds.  For example, SIGTARP pursued individuals it believed had submitted false loan applications to TARP-recipient banks despite those individuals having had no direct involvement with any TARP program or funds. More broadly, SIGTARP helped to prosecute TARP-recipient companies for violative conduct that did not relate to the TARP funds.

While we recognize that most businesses are focused on immediate needs, such as making payroll and rent, to the extent a company is considering applying for loans under the CARES Act, we strongly recommend implementing policies or procedures carefully tailored to protect the business and employees should SIPGPR come knocking later.