Government Accountability Office (GAO) officials told lawmakers at a House Small Business Committee hearing on March 6 that the Small Business Administration (SBA) still needs to implement key management improvements for COVID-19 relief programs to prevent further fraudulent activity.
“Although SBA helped millions of small businesses with its pandemic relief programs, our concerns about [implementation of the programs] led us to include emergency loans for small businesses on our High-Risk List in March 2021,” Dr. Courtney LaFountain, acting director-financial markets and community investments GAO, told lawmakers. “We identified significant program integrity risks, potential for fraud, and the need for improved management and oversight.”
In response to the economic decline caused by the COVID-19 pandemic, SBA quickly set up pandemic relief programs, including the Paycheck Protection Program (PPP) and the COVID-19 Economic Injury Disaster Loan (COVID-19 EIDL). PPP provided potentially forgivable loans to small businesses and the COVID-19 EIDL gave low-interest loans of up to $2 million for operating and other expenses and grants.
Over the course of the pandemic SBA disbursed approximately $1.2 trillion of COVID-19 EIDL and PPP funds. However, in the rush to swiftly disburse those funds, the agency weakened the controls necessary to prevent fraudsters from easily gaining access to these programs and provide assurance that only eligible entities received funds.
It was later discovered – via the agency’s inspector general – that SBA disbursed over $200 billion in potentially fraudulent relief loans; at least 17 percent of all COVID-19 EIDL and PPP funds were disbursed to potentially fraudulent actors.
“The COVID 19 pandemic showed some serious weaknesses within the SBA … this is unacceptable and it’s a high number,” said committee Chairman Roger Williams, R-Texas.
Since February 2020, GAO has made numerous recommendations to improve SBA’s pandemic relief programs and prevent future potential for fraud, including developing a cross-program data analytics that would better identify applicants who tried to defraud multiple programs.
In her testimony, LaFountain explained that SBA has progressed in improving its programs in response to GAO’s recommendations. Specifically, she testified to lawmakers that as of February 28, 2024, SBA had fully addressed about 57 percent of recommendations made from 2020 through 2023.
“We have evaluated the actions that SBA did take to address fraud as it emerged during the pandemic. And we did find that the controls that were added, such as data analytics, enhanced screening of applications as they came in and then doing post award reviews did help prevent fraud and help more readily detect it,” she said.
Rep. Williams remained unconvinced.
“When issues are identified by small business owners, they work tirelessly to find solutions for their business. With 41 open recommendations identified by the GAO, the SBA has shown little to no effort in resolving them. Simply put, the GAO calls the balls and strikes, and the SBA ought to heed their advice and implement their recommendations sooner rather than later,” said Rep Williams.
The congressman’s stance was backed up by LaFountain’s testimony that while SBA has made progress on the lengthy list of recommendations, more work remains to be done.
Johana Ayers, managing director of GAO’s Forensic Audits and Investigative Service team, echoed that assessment.
“I do think it is fair to say, based on our work as well as the work of the inspector general, that while there was progress made, there were at times plans that SBA put into place that weren’t always followed,” Ayers said.
One example she offered lawmakers is that SBA failed to run applications through the Treasury Department’s do-not-pay system to flag applicants with potential problems.
Ayers also explained to lawmakers that “there are key control that SBA does need to put in place … that focus on prevention.”
“If I could ask for one thing for SBA to do, it is to end the reliance on self-certification … SBA can appropriately screen applications as they come in and flag those that look suspicious and quickly take actions to resolve them [by enhancing data analytics]. And if the fraudster does happen to receive money, [having] those analytics in place can [help] readily detect when fraud has occurred,” she said.
