Skip to main content


How Bad is PPP Fraud in Financial Services?

By Blog

There seems to be a sharp correlation between the scientific and banking industries’ efforts to abate the harm caused by the COVID-19 pandemic and criminals trying to exploit those efforts for illicit gains. No sooner was the virus upon us that scammers, fraudsters, and novice exploiters began to try to find ways to abuse peoples’ fear and the support programs emplaced. The Paycheck Protection Program (PPP) has been especially vulnerable. Here’s a look at the different types of PPP fraud that have taken place throughout the pandemic and how financial firms are responding.

PPP’s Good Intentions Lead to Bad Acts

The Small Business Administration issued a series of loan programs in early 2020 that were designed to aid small businesses impacted by the quarantine and so-called “lockdown” restrictions. The Paycheck Protection Program alone has given out over USD $523 billion since the program’s inception. Between the urgency to get the program launched and the minimal guidance in place to spot-check for potential fraud, banks found themselves processing hundreds or even thousands of these loans with little-to-no compliance and risk management.

As of September, the Department of Justice (DOJ) had already brought 40 cases against individuals who may have fraudulently obtained loans through these programs.

A few highlights of PPP fraud cases:

  • A current player in the NFL who was charged as part of a USD $24 million PPP loan fraud scheme. According to the DOJ,  the subject participated in a broader scheme to solicit straw buyers to take out forgivable loans in exchange for a kickback/percentage of those loans. In addition, the subject obtained over USD $1.2 million in loans for his own company, then withdrew over USD $300,000 in cash after buying a Rolex and going shopping.
  • In another scheme, the subjects applied for over 80 PPP loans, falsifying tax and payroll expenses. At the time of their arrest, they had over 1,100 fake paychecks, the proceeds of which were used to buy a new Porsche and a Lamborghini.  

A duo claiming to be farmers who applied for over USD $1.1 million in loans. Declaring funds for a number of businesses, one subject in the case said that they had a farm in their Miami-area yard, and employed 18 staffers in necessitation of over USD $800,000 in payroll. 

Financial Firms Go On Offense

Another dubious fraud scheme that has arisen since the pandemic is counterfeit and fraudulent PPE, supplies, and treatments. The FTC has routinely warned about fake preventative treatments, and the FDA has noted that there is only one approved at-home test kit. Since February, stories have surfaced about counterfeit masks, respirators, and other PPE. On almost the same day that a vaccine was approved for emergency use, Homeland Security Investigations issued red flags for counterfeit vaccines. In fact, EUROPOL simultaneously confirmed investigations into organized crime groups engaging in the sale of counterfeit vaccines.  

As with any other fraud, financial institutions have shifted from defense to offense. One senior compliance officer speaking anonymously noted that their institution was heavily investigating pandemic-related lending fraud, looking specifically for small businesses that appeared to be spending PPP loan proceeds in an unusual way. Other compliance practitioners noted that transaction monitoring parameters and analytics-driven searches were yielding a staggering number of cases of potential fraud. At the heart of these cases, per one investigator, was the inability to verify the recipient’s loan documentation or substantiate the legitimacy of their business, noting that many of the companies they had investigated were, in reality, established days before applying for the loan. 

Uncertain Impact on Financial Regulation

The true depth of the fraud remains to be seen, but as with many other lessons learned, the pandemic has yielded a number of key takeaways for financial services going forward. The hope is that, like the virus itself, the need for those lessons will soon be in decline.  

Until then, it’s likely that these acts of fraud will continue to shape financial regulation, especially in how regulators will treat relief programs in the future. For now, it’s important for compliance teams to not only monitor the rule changes and updates that result from the pandemic response, but also to create a system of record when implementing them. 

Ascent is a regulatory knowledge solution that can pinpoint financial firms’ regulatory obligations and keep them updated as rules change. This dynamic regulatory knowledge can be mapped to applicable areas of business and seamlessly connected to a separate GRC solution to create a traceable system of compliance.

INFOGRAPHIC: Regulatory Knowledge Automation, Explained


To learn how Ascent can help you identify your regulatory obligations and changes, contact us.

For more articles like these, subscribe to our monthly Cliff Notes newsletter below.