Security & Fraud

What Lenders Are Learning About Emerging PPP Loan Fraud

Giact Uncovering Lessons Amid Emerging PPP Loan Fraud

In the mad dash to secure Paycheck Protection Program (PPP) funds, small businesses have faced confusion, anxiety and often a lack of clarity as to when they would receive capital – if at all. The process was chaotic for the lenders, too, creating greater potential for fraud amid an unprecedented SMB stimulus effort.

Only days ago, the first case confirmed these expectations. Two individuals from New England have been charged by the U.S. Department of Justice (DOJ) for allegedly fraudulently seeking PPP loans totaling more than $500,000. The DoJ accuses the individuals of making false statements in their applications and reporting inflated payroll volumes.

As regulators issue warnings to the lending community about the potential for such fraud, banks and FinTechs are on high alert. But there are a lot of moving parts that muddle the picture of PPP loan fraud, according to David Barnhardt, chief experience officer at GIACT.

The PPP loan program was “really quickly put together,” he told Karen Webster in a recent interview. “We’ve already seen reports of regulators who are critical of how lenders handled the granting of the PPP funds.”

The haste with which these lenders were expected to receive applications and dole out funding created many opportunities for fraudulent activity — but not every instance will mirror the New England case.

Due Diligence Shortcomings

The opportunity for fraudulent activity in any lending scenario exists from the beginning, with customer onboarding. But the unprecedented nature of the PPP program meant less time for Know Your Customer (KYC) and other due diligence checks that are so important for financiers.

It’s likely why financial institutions (FIs) initially decided to prioritize their existing small business customers when processing the first round of PPP loan applications, said Barnhardt, a decision that was ultimately reversed by the bank after widespread backlash.

“The idea was, presumably, that they didn’t have time for their normal due diligence,” he said. “Time is of the essence, because the money is going to run out.”

The onboarding process is a prime moment to catch potentially fraudulent activity, including misinformation on applications, like the alleged inflation of payroll figures seen in the DOJ’s New England case. Yet, as Barnhardt explained, fraudulent activity can take many forms.

In addition to this kind of first-party fraud, there is also the opportunity for business account takeovers, in which a fraudster obtains data from a small business to apply for funding. Barnhardt said he expects more of these cases to surface over time.

Complicating the picture even further is the lack of transparency and communication, which many small business applicants complained about in the first hectic round of PPP funding. A small business that had applied with one lender for capital and didn’t receive word of the status of that application may have gone to a second lender to apply again.

Incoming Waves

As more rounds of PPP stimulus funding roll in, and as the first round of funds is disbursed, FIs, small businesses and watchdogs will gradually gain a clearer picture of where the fraudulent activity is occurring.

Lenders must be wary of other opportunities for bad actors even after a loan is issued: When funds are disbursed via ACH, are they landing in the intended account? Are small businesses actually using the capital for payroll? Will the correct businesses qualify for loan forgiveness?

While fraud mitigation must be a continual process, Barnhardt emphasized the importance of onboarding and due diligence processes at the start of the funding process in preventing many issues before they occur. Fraud-scoring tools are important, but they are only as good as the data fed into them.

By implementing automated modeling technology that can aggregate and independently verify borrower information like payroll data, and identify anomalies in applicant behavior, FIs can protect themselves without slowing down the funding process.

FIs will be looking toward policymakers for guidance, too, but it’s vital for lenders to take the initiative. Indeed, while small business borrowers will themselves be under scrutiny, issuers of PPP funds must ensure that the appropriate steps are taken to verify applications.

“Preparedness really comes into play. These KYC regulations will not go away,” said Barnhardt, adding that the real picture of PPP loan fraud and criminal activity surrounding other federal stimulus initiatives will continue to develop in the months and years ahead, likely culminating in eventual congressional hearings. Bad actors are everywhere, and there are very likely PPP loan fraud cases poised to slip through the cracks, with loan applications far below $500,000.

With every new stimulus round, lenders will become more prepared to combat fraud through adequate onboarding procedures. But it won’t be until the dust settles that banks, FinTechs and regulators gain a clear picture of where the missteps occurred and how to avoid them in the future.

“Banks are waiting for guidance and are concerned about liability,” Barnhardt said. “There’s going to be a lot of onus placed on the lenders to see whether they did the proper verifications or just rubber-stamped these applications. I’m sure this will be a story that will unfold as more of these funds get disbursed.”

——————————

LIVE PYMNTS ROUNDTABLE: MODERNIZING & SCALING FOR THE NEW NORMAL

The pressure on banks to modernize their payments capabilities to support initiatives such as ISO 20022 and instant/real time payments has been exacerbated by the emergence of COVID-19 and the compelling need to quickly scale operations due to the rapid growth of contactless payments, and subsequent increase in digitization. Given this new normal, the need for agility and optimization across the payments processing value chain is imperative.

TRENDING RIGHT NOW