November 20, 2020
Between AML Compliance and a Hard Place: PPP Loan Considerations
Since the onset of the COVID-19 economic crisis, over $525 billion in Paycheck Protection Program (PPP) loans were issued by the U.S. Treasury as part of the CARES Act. The result has been business-saving support for over 5 million borrowers, 78% of which said they were able to retain their workforce at or near pre-pandemic numbers. For all the good the PPP brought to businesses around the country, it has also raised significant compliance and fraud concerns. On the tightrope between issuing speedy economic support and remaining compliant with Small Business Administration (SBA) and Bank Secrecy Act (BSA) / anti-money laundering (AML) regulations, many lenders did not operate with the standard of care that is typically required with respect to identity and eligibility verification. As we enter the window for loan forgiveness, investigators and auditors are ramping up for a national reckoning with the type of fraud and noncompliance that comes from emergency federal funding on such a massive scale.
At the core of the PPP’s compliance challenge is a lack of information verification caused by the speed at which the program had to be executed and the comparatively relaxed nature of the SBA’s verification requirements. Further complicating the situation for lenders, are the competing requirements and objectives of the SBA PPP Program and other regulations in place to govern lending institutions, specifically the BSA and False Claims Act (FCA). Adherence to SBA requirements does not absolve lenders from their requirements under BSA/AML rules. The below graphic depicts the crosscutting requirements between the two regulations.
On September 1, 2020, the House Select Committee on the Coronavirus Crisis released their preliminary analysis of the PPP loan program that found over $1 billion in fraudulent loans were issued to over 11,000 borrowers. To date, crackdowns on PPP loan abuse have focused primarily on instances of fraud by borrowers. However, as we enter the forgiveness stage – which borrowers became eligible for in August— lenders may come under greater scrutiny and perhaps liability or regulatory action if they did not meet their obligations under the BSA and related AML laws.
With over 48% of PPP loan recipients claiming that they will need additional assistance and an uncertain economy, we are likely to see a second round of federal assistance, with lenders facing the same compliance issues. While it will be difficult to remedy data and compliance gaps for previously issued PPP loans, financial institutions can prepare for future rounds by tech-enabling compliance programs to ensure higher data quality and aggregation across the organization and functions, including the linking of KYC and AML data. In doing so, lenders will be better prepared for future federal funding programs and avoid the associated risks and costs of noncompliance.