COVID-19, the CARES Act and the need for robust compliance

July 2020  |  SPECIAL REPORT: WHITE-COLLAR CRIME

Financier Worldwide Magazine

July 2020 Issue


The coronavirus (COVID-19) pandemic has wreaked havoc on millions of lives and the global economy. In an effort to try to keep the US economy afloat, the US government has provided economic stimulus funds to struggling individuals and businesses. On 27 March 2020, the US Congress passed the Coronavirus Aid, Relief, and Economic Securities (CARES) Act. The $2 trillion economic relief package was “to provide emergency assistance and health care response for individuals, families, and businesses affected by the 2020 coronavirus pandemic”

With regard to small businesses, the CARES Act provided $377bn in emergency grants and forgivable loans to cover expenses such as immediate operating costs, payroll and payments toward existing small business administration (SBA) loans. The CARES Act set aside $500bn in loans for big businesses, which are subject to public disclosures and other requirements.

Despite assistance from the stimulus funds, most companies have had to implement certain cost-cutting measures to ensure their viability during this difficult time. While it is important to cut costs where necessary, one area that should not be forsaken is compliance. In addition to creating the economic stimulus funds, the US government has created oversight bodies and enforcement measures to ensure that recipients of stimulus funds comply with the terms and conditions associated with receiving those funds. Therefore, it is critically important that businesses create or retain a robust compliance programme to ensure they are operating in accordance with applicable law and applying the CARES funds consistent with the letter and spirit of the Act.

US and global enforcement

With the creation of an economic stimulus relief package comes the increased risk of fraud. There is a need for oversight and an elevated level of scrutiny of the individuals and businesses that receive stimulus funds. To ensure the proper and effective use of stimulus funds, the US has developed new oversight bodies and enforcement teams specifically for the purpose of monitoring and investigating recipients of funds under the CARES Act. Additionally, it is likely that as other countries disperse stimulus funds, there will be similar oversight and enforcement measures.

The CARES Act created three oversight bodies empowered to investigate companies’ use of funds: the Office of the Special Inspector General for Pandemic Recovery (SIGPR), the Pandemic Response Accountability Committee (PRAC), and the Congressional Oversight Commission. In addition to the three oversight bodies, states have formed their own federal and state task forces to thwart any COVID-19 related fraud.

The SIGPR is responsible for monitoring fraud, waste and abuse of the $500bn allocated to support big businesses in the wake of the COVID-19 pandemic. In 2008, the US Congress established a similar oversight body to oversee the stimulus funds dispersed during the 2008 financial crisis. The SIGPR is authorised to “conduct, supervise and coordinate audits and investigations” related to the $500bn granted under the CARES Act. The SIGPR will have subpoena power and the ability to take testimony, make warrantless arrests, and obtain documents and information from federal agencies.

Next, the PRAC is comprised of federal Offices of Inspector General in order to “promote transparency and conduct and support oversight of covered funds and the Coronavirus response to prevent and detect fraud, waste, abuse and mismanagement, as well as mitigate major risks that cut across program and agency boundaries”. The PRAC’s mission is to ensure that funds intended to support businesses and individuals are used “efficiently, effectively, and in accordance with the law”.

Finally, the Congressional Oversight Commission will review the activities of the Treasury Secretary and Federal Reserve and evaluate the impact and effectiveness of the activities on the economy and markets. The Congressional Oversight Commission has the authority to convene hearings, call witnesses and take testimony.

In addition to the oversight bodies created under the CARES Act, some states have formed joint federal and state COVID-19 fraud task forces to combat malfeasance related to COVID-19. For example, on 6 May 2020 in Connecticut, US attorney John H. Durham, state attorney general William Tong, chief state’s attorney Richard Colangelo and FBI special agent in charge David Sundberg announced the formation of a COVID-19 task force to combat COVID-19 related fraud in the state. The task force will be responsible for investigating claims of misconduct related to the COVID-19 pandemic, including healthcare and government fraud, consumer and small business scams, lending scams and cyber fraud. It is likely that more states will develop COVID-19 fraud task forces to monitor and oversee potential misconduct at a local level.

Monitoring and overseeing potential misconduct related to COVID-19 will not only be a focus in the US, but internationally as well. If they have not done so already, other countries will most likely create economic stimulus packages and oversight bodies to ensure that there is no improper use of stimulus funds. For example, though the European Union (EU) is still in the process of determining the specifics of its economic stimulus packages, it has acknowledged the need to implement enforcement measures to ensure cooperation with forthcoming laws. The European Public Prosecutor’s Office is not scheduled to begin full operation until later this year, but the head of the Public Prosecutor’s Office has already begun assembling her team of prosecutors in preparation for the influx of fraud related to COVID-19. It is evident that overseeing and prosecuting claims related to COVID-19 fraud will be a focus both in the US and internationally.

Current COVID-19 fraud enforcements

Moreover, recent indictments by the US Department of Justice (DOJ) demonstrate the focus on prosecuting fraud related to COVID-19. On 5 May 2020, DOJ announced its first CARES Act fraud indictments. The indictment charged two men with fraudulently filing bank loan applications for more than $500,000 in loans guaranteed by the SBA. Since then, DOJ has charged more individuals with alleged CARES Act violations. DOJ has not yet indicted any companies with fraud related to the CARES Act, but that will most likely change in the coming months. Therefore, because of the oversight bodies and intense focus on prosecuting CARES Act violations or COVID-19 related fraud, in both the US and internationally it will be critical for companies to have robust compliance programmes that clearly document their use and dissemination of funds received.

Importance of a robust compliance programme

Due to the heightened scrutiny of economic stimulus funds under the CARES Act, and the potential for COVID-19 related fraud, it is more important than ever that companies have complete and robust compliance programmes in place. This compliance programme can ensure adherence to stimulus funds requirements, dissuade employees from committing fraud and be a mitigating factor if there is alleged misconduct within a company.

DOJ’s ‘Evaluation of Corporate Compliance Programs’ details the necessary components for a robust compliance programme, which includes adequate risk assessment, policies and procedures, training and communications, confidential reporting structure and investigation process, third-party management and comprehensive due diligence of any acquisition targets. Prosecutors consider the adequacy and effectiveness of a company’s compliance programme at the time of the offence and at the charging stage; therefore, it is critical to have an active and robust programme related to all stimulus funds and company operations.

Furthermore, the Office of Foreign Assets Control (OFAC), which administers and enforces economic trade sanctions in the US, recently issued a notice pertaining to COVID-19’s impact on companies’ trade compliance programmes. The notice stated that OFAC would consider, on a case-by-case basis, a business’ need to allocate fewer funds to compliance because of cost-cutting measures due to COVID-19 and the impact on the global economy.

However, there is nothing in the notice that indicates that OFAC will reduce its enforcement programmes or ignore misconduct. Instead, the notice appears to be a recognition only of the economic reality caused by the pandemic, but it is not a free pass. In fact, OFAC is still actively pursuing enforcement actions. Therefore, even though OFAC will take into consideration the need to reallocate internal costs due COVID-19, it makes clear the importance of a robust compliance programme, especially during these times.

The trade compliance programme in operation at the time of any violation and any reductions in compliance spent will need to be objectively defensible to obtain any mitigation benefit from OFAC. In the face of a clear violation, this may be a difficult conversation with OFAC. Further, and in any event, other enforcement agencies have not made similar announcements, and have instead made the opposite clear. Aggressive and stepped-up enforcement is the new normal.

Due to COVID-19’s effect on the global economy, companies have been forced to cut costs. However, this is not the time for companies to divert funds from compliance, as there is an increased risk of fraud and a heightened level of oversight and scrutiny. An ineffective compliance programme could potentially have a greater negative impact on a company than the COVID-19 pandemic.

It will be critically important to make sure the structure, operation and effectiveness of a programme is tailored to the new normal and the receipt and use of any related stimulus funds. Audits and investigations are best addressed before they occur, and an effective compliance programme will ensure that the company can respond to aggressive governmental inquiries on stimulus funds use and business operations in a timely and proper manner.

Colin R. Jennings is a partner, Marisa Darden is a principal and Christina Knox is an associate at Squire Patton Boggs. Mr Jennings can be contacted on +1 (216) 479 8420 or by email: colin.jennings@squirepb.com. Ms Darden can be contacted on +1 (216) 479 8627 or by email: marisa.darden@squirepb.com. Ms Knox can be contacted on +1 (202) 457 6439 or by email: christina.knox@squirepb.com.

© Financier Worldwide


©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.