Congress Has a New Scapegoat for COVID Fraud: Banking Apps

Fintech platforms facilitated fraud in the Paycheck Protection Program, according to a new congressional report.


App-based financial service firms like PayPal and Square have revolutionized how American consumers and businesses move money around—and now, they're being blamed for COVID-19 relief fraud.

Yes, really. In a congressional report published last week, lawmakers on the Subcommittee on the Coronavirus Crisis say widespread fraud in the Paycheck Protection Program (PPP), which was supposed to pay shuttered businesses to keep employees on the payroll during the pandemic, should spur calls for new regulations on so-called "fintech" companies.

"While the PPP delivered vital relief to millions of eligible small businesses, at least tens of billions of dollars in PPP funds were likely disbursed to ineligible or fraudulent applicants, often with the involvement of fintechs, causing tremendous harm to taxpayers," the report reads, in part.

That's a bit like blaming a bank robbery on whichever company manufactured the getaway car.

And when it comes to the PPP, there were a lot of robberies. Between a quarter and a third of the $835 billion distributed via the program is suspected of having been stolen by fraudsters, in part because of lax oversight over the PPP's loans and in part because, well, that's what always happens when the government starts throwing money around in a crisis.

Was some of that fraud facilitated by some fintech firms? Yep. As the congressional report details, a pair of fintech companies—specifically Womply and Blueacorn—were responsible for a larger share of shady transactions related to PPP loans. Both "failed to implement systems capable of consistently detecting and preventing fraudulent and otherwise ineligible PPP applications."

Another fintech, Kabbage, which has subsequently filed for bankruptcy, "missed clear signs of fraud in a number of PPP applications," according to the report.

Do you know who else failed to implement systems and missed clear signs of fraud in much the same way? The Small Business Administration (SBA).

But, OK, maybe that's beside the point. Let's accept the congressional committee's premise that some fintech firms were unwilling or unable to vet users in a way that made the PPP fraud mess even worse than it would have been with only government incompetence in the equation. Calling out those bad actors in a government report might have some value to the rest of the industry or to consumers. Maybe there could be law enforcement actions to track down the fraudsters who used those services, and maybe the specific services themselves could be hauled into court if they failed to meet contractual obligations that came along with being trusted to disseminate those PPP loans.

Those, of course, are not the conclusions that the committee reached.

"Based on these findings, Congress and the SBA should consider carefully whether unregulated businesses such as fintechs, many of which are not subject to the same regulations as financial institutions, should be permitted to play a leading role in future federal lending programs," the committee concludes.

In other words, an entire industry that has emerged to compete with traditional financial institutions like banks ought to be banned from being involved in federal lending programs because a few members of that industry engaged in some bad behavior—behavior that was rampant within the same government that now should regulate them. Does this make any sense at all?

To carry the getaway-car metaphor forward, this would be like banning all cars from driving on public roads because Bonnie and Clyde drove a Ford. The horse-drawn carriage and bicycle makers of the time might have loved that idea, of course.

A similar thing could be happening here. "The report will be cited to justify putting more roadblocks before the fintech industry and more protections for the legacy banking system, neither of which is warranted," warns Nicholas Anthony, a policy analyst for the libertarian Cato Institute. That wouldn't only be unfair to those businesses and their investors; it would be unfortunate for the millions of people who use those services for nonfraudulent activities.

Again, PPP fraud should be almost entirely blamed on the federal government's own actions, which included removing safeguards designed to prevent fraud so loans could be distributed as quickly as possible. The PPP program clearly overloaded any capacity the SBA may have had for reviewing loans, as the agency was charged with distributing more than 20 times as much as it had handled in any full year in the span of just 33 days in March and April 2020. As the SBA's inspector general pointed out in a report published in May, the agency did not have "a centralized entity to design, lead, and manage fraud risk" until February 2022—nearly two years after the PPP loans began being distributed and long after the bulk of them had been forgiven.

But, yeah, the fintech industry is definitely to blame.