On the Heels of the CARES Act, Companies Should Prepare for Increased Prosecutions and Enforcement Activity

Alerts / April 7, 2020

The Coronavirus Aid, Relief and Economic Security Act (the “CARES Act” or the “Act”) provides over $2 trillion in economic relief to eligible businesses and individuals affected by the COVID-19 pandemic. As with prior disaster relief stimulus packages, companies should expect the CARES Act stimulus to be followed by strict government oversight, whistleblower reports and bounties on alleged abuse, and targeted audits, investigations, and enforcement actions. Indeed, Congress established three oversight bodies to ensure that the extraordinary amount of funds provided by the CARES Act are properly and legally distributed and used.

Even before the CARES Act was passed, Attorney General Barr directed all U.S. Attorneys “to prioritize the detection, investigation, and prosecution of all criminal conduct related to the [COVID-19] pandemic” and appoint a Coronavirus Fraud Coordinator.[1] U.S. Attorney’s Offices from around the country also have been establishing task forces focused on specific COVID-19-related crime and encouraging the general public to report fraud allegations to the National Center for Disaster Fraud – the national coordinating agency within the Department of Justice’s (the “DOJ”) Criminal Division that reviews disaster relief fraud complaints and refers them to appropriate federal, state, and local authorities. It is likely that the DOJ will establish a Department-wide task force to address alleged misconduct arising from the COVID-19 pandemic, as it did after Hurricane Katrina and other disasters.

It will come as no surprise that the consequences of fraudulently obtaining and misusing CARES Act funds will be severe. If the past is prologue, companies and individual executives will face criminal felony mail, wire, and bank fraud charges for CARES Act-related fraud. The government also will heavily utilize its broad criminal and civil enforcement powers under the federal False Claims Act (the “FCA”). In addition, we likely will see an uptick in bribery, money laundering, and other corruption cases due to the massive amount of funds that are being injected into the economy. The reputational damage of being convicted of, or even being perceived as, defrauding a disaster relief fund would be devastating as well.

While eligible companies should quickly take advantage of the much-needed economic relief provided by the CARES Act, including its business loans program, “an ounce of prevention is worth a pound of cure.” Companies should ensure that they properly and accurately complete loan applications. Given the rush to draft the CARES Act and enact it into law, the Treasury Department has had to release a flurry of almost daily clarifying guidance announcements since the Act was passed. This changing guidance, plus the fact that each bank is using its own loan applications because there is no single unified loan application, can cause confusion as to how to complete the applications. As a result, companies will be faced with the decision of whether to submit information as it is requested by the bank’s application as opposed to what they and their accountants and lawyers believe should be submitted. Companies should also ensure that their compliance programs have the proper policies and procedures in place now to mitigate the risk of a costly government investigation or enforcement action down the road. Companies will be well-advised to consult attorneys with expertise, such as members of BakerHostetler’s CARES Act SWAT Team, in these areas.

CARES Act Business Loans Program

Generally, the business loans program under the CARES Act: (i) authorizes the U.S. Small Business Administration (“SBA”) to guarantee forgivable loans under a new program called the Paycheck Protection Program (the “PPP”); (ii) provides funding to the Federal Reserve’s lending initiatives for mid-size businesses; and (iii) allocates funds to the Treasury Secretary to make direct loans to other businesses, such as airlines, who do not otherwise qualify for relief under the Act.

The PPP sets aside $349 billion for loans to small businesses guaranteed by the SBA. This is an unprecedented amount as reflected by the fact that the SBA guaranteed loans of approximately $23 billion for all of 2019. Loan proceeds may be used for costs of qualified payroll, healthcare benefits, and utilities and rent, interest payments on mortgage and certain other debt obligations, and refinancing of certain other SBA loans. Funds cannot be spent on employee compensation that exceeds $100,000 in annual salary or for principal debt payments. Funds spent on qualified payroll, mortgage interest, and rent and utilities may be forgiven for companies who continue paying their employees at normal levels during the eight weeks following the origination of the loan. Notably, the application process under the PPP is streamlined and lenders are not required to comply with the SBA’s normal lending criteria. Instead, the SBA will allow lenders to rely on borrower certifications to determine the borrower’s eligibility and use of loan proceeds and to rely on specified documents provided by the borrower to determine the qualifying loan amount and eligibility for loan forgiveness. Among other things, borrowers must certify that current economic uncertainty makes the loan request necessary to support its ongoing operations and that the funds will be used to retain workers and maintain payroll or make mortgage interest payments, lease payments, and utility payments.[2]

The CARES Act also allocates $500 billion to the Treasury’s Exchange Stabilization Fund to provide direct loans and loan guarantees to eligible businesses, states, and municipalities, including the airline industry, that have not otherwise received adequate economic relief provided under the Act. Limitations on these loans include a prohibition from paying dividends or repurchasing stock while the loan or loan guarantee is outstanding, employee compensation restrictions, and restrictions on reducing employees.[3]

Part of the $500 billion allocation is dedicated to low-interest loans for eligible businesses with between 500 and 10,000 employees through the implementation of a Federal Reserve lending program. Businesses that apply for these loans will be required to certify that uncertainty of economic conditions make the loan necessary, they will maintain 90 percent of their current workforce as of March 24 and restore at least 90 percent of the workforce that existed as of February 1, not pay dividends or repurchase stock, not outsource or offshore jobs during the loan period and for two years thereafter, they are not a debtor in bankruptcy, and they will comply with certain restrictions related to labor unions.[4]

Oversight Bodies Created by the CARES Act

The CARES Act establishes three oversight bodies to ensure relief funds are being disbursed and used properly: the Pandemic Response Accountability Committee (the “PRAC”), the Special Inspector General for Pandemic Recovery (“SIGPR”), and the Congressional Oversight Commission (the “Commission”).

The PRAC has subpoena power and may use Inspectors General of other agencies to conduct investigations to “detect and prevent fraud, waste, abuse, and mismanagement.” The PRAC also has the power to conduct its own investigations, audits, and reviews related to covered funds and refer matters to the DOJ.[5]

SIGPR’s duty is to “conduct, supervise, and coordinate audits and investigations of the making, purchase, management, and sale of loans, loan guarantees and other investments” made by the Treasury pursuant to the Act. The SIGPR also has the ability to refer cases to the DOJ.[6]

The Commission is tasked with overseeing whether private entities receiving funds under the Act have acted in accordance with the Act’s obligations and with conducting investigations and hearings. The Commission will consist of five members of Congress selected by the majority and minority leadership from the House and Senate.[7]

Increased Federal Enforcement After National Emergencies

There is a long history of increased federal investigations and prosecutions in the wake of national emergencies due to the intense public pressure on the government to prevent abuse of federal disaster relief programs.

For example, billions of dollars in federal disaster relief funds poured into the Gulf Coast region after Hurricane Katrina. Immediately after the hurricane, the DOJ established the Hurricane Katrina Fraud Task Force. Through September 2011, federal prosecutors brought 1,439 actions against companies and individuals for disaster relief fraud, including numerous cases for FCA violations.[8] In one notable example, in 2010, the DOJ brought a civil FCA case against C. Henderson Consulting, Inc. and its owner and executive vice president for falsely holding itself out as an ambulance company to obtain a contract for ambulance services from FEMA. Judgment was entered against Henderson Consulting for over $6 million, against its owner for $2.9 million, and against its executive vice president for $285,000.[9]

Congress also took action to strengthen the government’s enforcement capabilities as a result of Hurricane Katrina and passed the Emergency and Disaster Assistance Fraud Penalty Enhancement Act in 2007. The law made it a specific crime to engage in fraud in connection with major disaster or emergency benefits and increased criminal penalties for engaging in mail or wire fraud in relation to disaster relief fraud.[10]

Similarly, there was a flurry of federal investigations and prosecutions against companies who received relief funds after the 2008 financial crisis. The 2008 financial crisis resulted in the Troubled Asset Relief Program (“TARP”) in which the office of the inspector general for TARP (“SIGTARP”) was established to investigate financial fraud related to TARP.[11] SIGTARP worked with the DOJ to prosecute individuals, banks, and corporations for fraud related to TARP and continues its work today. Since its inception, SIGTARP has collected over $11 billion and secured 381 criminal convictions.[12] Notable cases include:

  • The prosecution of the former CEO of The Bank of Commonwealth for bank fraud related to concealment of $800 million in losses from past due loans. The Bank of Commonwealth had applied for $28 million in TARP funds using false books and records and SIGTARP’s investigation uncovered the fraud. The CEO was sentenced to 23 years in prison and a former executive vice president was sentenced to 17 years in prison.[13]
  • Goldman Sachs, Ally Bank, and Morgan Stanley were investigated by SIGTARP and prosecuted by the DOJ when these banks traded securities through a TARP program resulting in losses to investors. Additionally, the entities received TARP money knowing they made fraudulent misrepresentations to investors. Ally discontinued operations and paid a $52 million penalty, Goldman Sachs paid a $5.06 billion penalty and Morgan Stanley paid a $2.06 billion penalty. All three entities received TARP funds.[14]
  • General Motors was a recipient of TARP funds while knowing of faulty ignition switches that led to driver deaths. SIGTARP was involved in the DOJ investigation and enforcement action that resulted in General Motors ultimately paying $900 million to help offset the $11 billion received from TARP.[15]
Companies Should Take Steps Now in Anticipation of the Expected Intense Government Scrutiny on CARES Act Disbursements

This latest round of government relief spending will create a new set of potential risks of corporate liability, including for misrepresentations of a business’s economic or other conditions to obtain funds under the CARES Act. The emergency nature of the stimulus portions of the legislation are specifically designed to allow businesses to quickly get their hands on much needed liquidity as soon as possible. To expedite the process, certain applicants will be permitted to self-certify the accuracy of their submissions. It is an almost certainty that law enforcement as well as the various oversight mechanisms created by the Act will pore over these applications in the months and years to come to determine whether representations were accurate and funds were properly disbursed, accounted for, and used. There is no question that the government will be looking long and hard to make a quick example of bad actors who take advantage of the Act’s financial assistance provisions.

Companies that intend to avail themselves of the Act’s financial relief should strengthen their controls to ensure that all applications, certifications, and supporting information are accurate. Companies should also implement the proper controls to be certain that, on an ongoing basis, the conditions associated with receiving the disaster funds are being maintained and that the funds are being used only as directed in the loan terms, such as for qualified payroll expenses and rent or mortgage interest payments. Companies should create an auditable paper trail that justifies disclosures made and documents the appropriate use of proceeds to be provided to government auditors and investigators in the event of an audit or investigation.

The scope of the relief provided under the Act will also likely lead to new rules and regulations implementing the disaster relief provisions. Recipients of CARES Act relief should stay informed of regulatory expectations and stay ahead of the enforcement curve.

At the appropriate time, officers and employees responsible for the deployment of CARES Act assistance should be trained on compliance unique to the Act. Finally, companies should continue focusing on and strengthening the anti-corruption components of their compliance programs to ensure that money exchanges hands properly if they can. The CARES Act will also increase the opportunity for bribery and money laundering and companies should carefully guard against this additional risk.

Authorship Credit: Patrick T. Campbell, Lauren P. Lyster, Jimmy Fokas and George A. Stamboulidis

[1] Mem. from Attorney General William Barr (Mar. 16, 2020), available at
[2] See CARES Act (H.R. 748) § 1102 (2020).
[3] See id. at § 4003(b)(1)-(3); (c)(2).
[4] See id. at §§ 4003(b)(4); (c)(3).
[5] See id. at § 15010.
[6] See id. at § 4018.
[7] See id. at § 4020.
[8] Disaster Fraud Task Force, Report to the Attorney General for Fiscal Year 2011, at 3, available at
[9] United States v. C. Henderson Consulting, Inc. et al., 3:10-cv-00258 (M.D. La. 2010).
[10] 18 U.S.C. § 1040.
[11] 12 U.S.C. § 5230.
[12] Letter from the Special Inspector General, TARP (First Quarter 2020), available at
[13] Press Release, Former CEO of TARP Applicant Bank Sentenced to 23 Years in Federal Prison for Massive Bank Fraud, SIGTARP (Nov. 6, 2013), available at
[14] Press Release, Goldman Sachs Agrees to Pay More than $5 Billion in Connection With Its Sale of Residential Mortgage Backed Securities, SIGTARP (Apr. 11, 2016), available at; Press Release, Morgan Stanley Agrees to $2.6 Billion Penalty in Connection With Sale of Residential Mortgage Backed Securities, SIGTARP (Feb. 12, 2016), available at; Press Release, Ally Financial Agrees to Pay $52 Million to Resolve Investigation Into Improper Conduct Related to Issuance of Mortgage Backed Securities, SIGTARP (Nov. 21, 2016), available at
[15] Press Release, SIGTARP Investigative Efforts Lead to Criminal Charges Against General Motors and Deferred Prosecution Agreement With $900 Million Financial Penalty, SIGTARP (Sept. 17, 2015), available at

Baker & Hostetler LLP publications are intended to inform our clients and other friends of the firm about current legal developments of general interest. They should not be construed as legal advice, and readers should not act upon the information contained in these publications without professional counsel. The hiring of a lawyer is an important decision that should not be based solely upon advertisements. Before you decide, ask us to send you written information about our qualifications and experience.