SBA Inspector General Reports ‘Widespread’ Fraud in Economic Injury Disaster Loan Program
On July 28, 2020 the Office of the Inspector General for the U.S. Small Business Administration issued a memo reporting findings of "widespread potential fraud" in the agency’s flagship Economic Injury Disaster Loan (EDIL) program (separate from the Paycheck Protection Program) for coronavirus relief. SBA Inspector General Hannibal "Mike" Ware said more than 5,000 cases of suspected fraud have already been identified by financial institutions while monitoring customer account activity, with nine financial institutions reporting a total of $187.3 million in potentially fraudulent transactions. The Inspector General also reported that the SBA had already approved over $250 million (6,132 in disaster loans and 20,692 in grants) for businesses possibly ineligible for funds and potentially $45.6 million in duplicate payments.
"SBA should take immediate action to reduce or eliminate fraud risks by strengthening existing controls and implementing internal controls to address potential fraud," stated Ware. "Strong controls will ensure the Economic Injury Disaster Loan program can effectively and efficiently help eligible disaster victims who have suffered real economic injury because of the COVID-19 pandemic."
In response, SBA Administrator Jovita Carranza stated “that SBA has developed and implemented a comprehensive, rigorous, end-to-end infrastructure to reduce the risk of fraud in the EIDL COVID program” and that the concerns raised in the report were “unexpected”. She said the agency would not be able to provide a more detailed response at this time because the OIG did not provide enough specifics regarding the complaints it has been receiving.
CFPB to Issue ANPR on Consumer-Authorized Financial Data Access
The Consumer Financial Protection Bureau (CFPB) has announced that the agency plans to ask for input later this year via an advance notice of proposed rulemaking (ANPR) regarding implementation of Section 1033 of the Dodd-Frank Act, which governs consumers’ access to their financial data.
The CFPB’s scope of authority for setting data privacy rules under Section 1033 is unclear. “Since enactment of Section 1033, the extent to which financial institutions, data aggregators and fintechs are using consumer-authorized access to provide new products and services to millions of American consumers has grown in scope and scale,” the Bureau stated. By issuing the ANPR, the Bureau will inquire how it could “effectively and efficiently implement the financial access rights described in Section 1033,” as well as seek comment on the scope of consumer data subject to protected access. It will also question whether there may be a detrimental regulatory gap considering the current scope of existing laws such as the Fair Credit Reporting Act, which provides regulation for certain instances of collection and use of consumer financial data.
FDIC Issues RFI Re: Potential Voluntary Certification Program Promoting Innovative Technologies
On July 20, 2020 the Federal Deposit Insurance Corporation (FDIC) announced the agency has issued a new Request for Information (RFI) as part of its FDiTech initiative. The RFI is asking for public comment regarding the potential creation of a public-private partnership to set standards and a voluntary certification program, both to promote and help facilitate innovative fintech adoption at FDIC-supervised financial institutions.
FDIC Chair Jelena McWilliams has stated that “fostering innovation in the financial sector is a top priority for the FDIC” and that efforts must be made to “remove unnecessary regulatory impediments that banks must overcome when developing or deploying new technologies."
All comments to the RFI must be received within 60 days from the publication date in the Federal Register.