To oversee the disbursement of funds and to curb fraud and misuse, the CARES Act created various oversight bodies that will function for at least the next five years. Beyond the CARES Act, multiple government agencies, including the FDA, FTC, and SEC have been working to detect and prevent all forms of COVID-19 related fraud. DOJ has been investigating and filing criminal charges for alleged PPP fraud, consistent with United States Attorney General William Barr mandate to prioritize such prosecutions, which we previously reported on here.
The bulk of the federal enforcement actions to date involve DOJ’s pursuit of alleged bank fraud, wire fraud, and false statements charges related to COVID-19 federally funded loans. In fact, DOJ began filing criminal complaints and indictments related to PPP and other federally funded COVID-19 aid since March coinciding with several states issuing shelter in place orders. Investigators from government agencies, with the cooperation of financial institutions, are meticulously reviewing loan applications and related submissions for any suspected fraudulent conduct. Some of the more glaring examples include:
But the headline-grabbing cases should not lull recipients of smaller loan amounts into a false sense of security. Multiple criminal charges have been brought over fraudulent schemes tied to amounts less than a million dollars. Just a few of many examples include:
Significantly, the Small Business Administration (SBA)’s “safe harbor” allowing borrowers to repay PPP loans they did not need (based on the certification requirement) is not a blanket exemption from applicable laws, such as criminal statutes that penalize false statements. Several defendants tried unsuccessfully to withdraw their applications or return the funds once they became aware of investigations into their activities.
Not to be outdone by the federal government, several states are also ramping up their COVID-19 related enforcement activities, especially against alleged price-gouging during the pandemic. For example:
Going forward, we also expect the government to bring additional claims related to financial fraud under the False Claims Act (FCA) and the Financial Institutions Reform, Recovery and Enforcement Act of 1989 (FIRREA).
Any entity that receives government funds can face FCA claims if those funds are misused and/or government requirements and conditions are not followed. The FCA allows the government to recover treble damages, and it also has a “whistleblower” provision that permits private plaintiffs to sue in the name of the United States. Plaintiffs who are successful are entitled to up to 30% of any recovery. Whistleblower provisions have created an active plaintiff’s bar that incentivizes people, especially employees (and disgruntled former employees), to file suit.
The DOJ is also likely to utilize the civil money penalty provision of FIRREA to investigate and prosecute persons suspected of defrauding government aid programs. FIRREA imposes liability for a series of predicate offenses including bank fraud, false statements, and mail or wire fraud affecting a financial institution. FIRREA can be a preferable enforcement mechanism for the government because of the more lenient burden of proof than in a criminal prosecution. FIRREA also allows for whistleblower suits.
History tells us that with the acceptance of government funds comes a heightened level of scrutiny. We have seen over a decade of enforcement related to the 2008 Troubled Asset Relief Program (TARP), which provided $700 billion – approximately one-third the size of the CARES Act – to stabilize the economy. Given that the CARES Act dwarfs TARP in both size and scope, we expect the resulting enforcement activity now to exponentially outpace that of TARP.
Businesses should be aware that loans in any amount may be audited by SBA, and DOJ can investigate companies’ loan applications and/or their use of funds to prosecute fraud with or without a referral from SBA.
We recommend companies that applied for government aid related to the pandemic implement the following best practices immediately: