Fintech firms’ lack of fraud controls made them the “paths of least resistance” for criminal gangs and fraudsters looking to exploit the coronavirus relief program, the subcommittee’s report concluded.

“Even as these companies failed in their administration of the program, they nonetheless accrued massive profits from program administration fees, much of which was pocketed by the companies’ owners and executives,” Clyburn said in a statement accompanying the report.

The committee’s investigation into PPP fraud among fintechs Kabbage and Bluevine was spurred by a May 2021 report by ProPublica, which detailed how Kabbage made 378 PPP loans totaling $7 million to fake business entities.

The subcommittee expanded its investigation to include Blueacorn and Womply, which Thursday’s report concluded were the worst offenders. 

Womply, which collected $2 billion in PPP fees, and Blueacorn, which took in $1 billion, “failed to implement systems capable of consistently detecting and preventing fraudulent and otherwise ineligible PPP applications,” the subcommittee said.

The fintechs’ lending partners, Capital Plus and Harvest, “did little to oversee the activities of the companies to which they delegated their responsibilities,” the panel added. 

Blueacorn chased higher fees by giving priority and less scrutiny to high-dollar loans, designating them as “VIPPP,” according to the report.

“Blueacorn’s ownership directed reviewers to prioritize ‘monster loans [that] will get everyone paid,’” while urging employees to dismiss applications for smaller loans, the committee wrote.

Womply’s fraud prevention practices were criticized by the fintech’s lending partners, one of which described its systems as “put together with duct tape and gum,” according to the report.

Womply also refused to cooperate with the Small Business Administration (SBA) inspector general’s office and lending partner Fountainhead, which requested information to investigate potential fraudulent loan activity carried out by PPP borrowers.

Fountainhead was forced to get “a temporary restraining order against [Womply], so they can’t destroy these [PPP loan] documents,” according to the report.

Blueacorn and Womply did not immediately respond to requests for comment.

In Kabbage’s case, the subcommittee cited internal documents that showed the fintech missed “clear signs of fraud” in a number of its PPP applications. 

The firm’s 2020 acquisition by American Express exacerbated its PPP issues, the subcommittee found. 

“PPP borrowers were left at the mercy of an underfunded and understaffed spin-off company that failed to properly service their loans and would later file for bankruptcy,” the panel said.

In a statement to ProPublica, Kabbage said it was proud of the role it played in supporting businesses during the pandemic. 

“Kabbage’s existing online lending platform was able to process the sudden flood of loan applications, in a timely manner, in the midst of a national crisis and in light of ever-changing federal lending rules,” the company said. “Kabbage adhered to the applicable rules and regulations in good faith.” 

While Bluevine initially had its own issues with fraud, the fintech adapted to ongoing threats better than Kabbage, Womply and Blueacorn, because its partner bank, Celtic Bank, urged the fintech to invest in fraud controls and comply with SBA standards, the subcommittee found.

Bluevine, however, still faced difficulties in facilitating timely reporting of fraud to law enforcement, according to the report. 

Those delays caused Celtic Bank to submit late suspicious activity reports (SARs), which likely impeded law enforcement efforts to address ongoing fraud, the subcommittee concluded.

As fintechs and lenders observed high rates of PPP fraud, some placed the blame on the SBA and the Trump administration, the panel reported.

“[T]he industry should push hard to make sure the SBA accepts the fraud risk,” Reese Howell, CEO of Celtic Bank, said in an internal email obtained by the subcommittee.

The report also cited a September 2020 email in which Kabbage’s head of policy wrote: “At the end of the day, it’s the SBA’s sh***y rules that created fraud, not [Kabbage].” 

A spokesperson for Bluevine told Reuters the company “has remained committed to establishing and maintaining robust internal controls and governance processes" since its founding in 2013. 

A Celtic Bank spokesperson told the wire service the bank "made extensive and effective” efforts to combat fraud, “as recognized in the report.” 

The report follows an SBA proposal to end a 40-year moratorium on admitting new nonbank lenders to its flagship 7(a) lending program, a move that would allow fintech firms to participate for the first time. 

The authors of Thursday’s report, however, urged Congress and the SBA to exercise caution when weighing whether fintechs should be involved in future government lending programs.  

“Based on these findings, Congress and the SBA should consider carefully whether unregulated businesses such as fintechs, many of which are not subject to the same regulations as financial institutions, should be permitted to play a leading role in future federal lending programs,” the report’s authors wrote. “In addition to requiring stricter oversight during emergency programs, the experience of the PPP should inform the SBA’s ongoing activities.” 

Greater oversight by the SBA must accompany any expansion of the agency’s programs to unregulated lenders or agents, the report’s authors wrote.

By Anna Hrushka on Dec 2, 2022
Original link