A congressional report found financial technology companies, or fintechs, largely fueled PPP loan fraud. Bluevine, a fintech noted in the report, told NPR it adapted to threats of fraud better than other companies mentioned.
Caption

A congressional report found financial technology companies, or fintechs, largely fueled PPP loan fraud. Bluevine, a fintech noted in the report, told NPR it adapted to threats of fraud better than other companies mentioned. / LightRocket via Getty Images

Updated on Dec. 8 at 1:06 p.m. ET

A sprawling congressional report accuses several little-known financial technology companies, or fintechs, of reaping "billions in fees from taxpayers while becoming easy targets for those who sought to defraud the PPP," or Paycheck Protection Program.

PPP provided more than 11 million potentially forgivable low-interest loans to small businesses to help them keep employees on the payroll as COVID-19 shutdowns decimated profits. Congress hastily rolled out the program in spring 2020, eventually racking up a price tag of nearly $800 billion.

Fintechs, a nebulous term broadly defined as businesses that use technology to improve or automate financial services, told Congress they could issue PPP loans to struggling small businesses faster than traditional banks — and they did. Fintechs also reached more independent contractors, as well as businesses run by women and people of color, than long-established banks did. They were lauded for those efforts.

But that speed and reach came at an expense, says Samuel Kruger, an assistant professor of finance at the University of Texas at Austin.

"While they were doing that, did they also open up the system to potential fraud and abuse?" he asks. "If you look at the data, the answer seems to be yes."

Kruger and his colleagues reported in a study they published last year that 1.4 million PPP loans show signs of fraud. That amounts to $64 billion in potentially wasted taxpayer money. This week's congressional report appears to confirm those allegations of widespread fraud.

During an 18-month-long investigation preceding Thursday's report, the House Select Subcommittee on the Coronavirus Crisis reviewed about 83,000 pages of internal emails, messages and other documents from more than a dozen fintechs and interviewed former employees, executives and lending partners.

Congressional investigators filled 130 pages of the report with their findings, including:

  • Many fintechs "failed to stop obvious and preventable fraud" because they had little to no fraud prevention efforts in place.
  • Fintechs profited off processing fees for each approved loan, meaning they had little incentive to find fraud that would cut into their revenues.
  • Banks and lending partners collaborating with fintechs admitted doing little to check for fraud in fintech-approved loan applications.

Fintechs invested little in fraud prevention

In the spring of 2020, a fintech called Kabbage furloughed half of its workers who were dedicated to assessing risk and reviewing accounts, yet Kabbage funded billions of dollars in PPP loans by relying on temporary contractors, the report says.

The fintech Womply had fraud prevention systems described in the report as "put together with duct tape and gum." Meanwhile, Womply's CEO had been convicted of insider trading yet was leading the company's fraud prevention efforts.

The fintech Blueacorn spent just a few million dollars on fraud prevention even as it raked in more than $1 billion in PPP processing fees. Blueacorn employees claim they received no training on the loan underwriting process or how to spot fake driver's licenses and tax documents, according to the report.

Blueacorn's loan reviewers were told "the faster the better" by managers who recommended spending no more than 30 seconds on each application. Internal documents encouraged Blueacorn workers to only flag applications with "extremely obvious fraud" because the Small Business Administration, or SBA, "would handle any fraud we didn't stop."

On the contrary, as NPR previously reported, the SBA was hardly an effective backstop for fraud. It had limited ability to police the program and did vanishingly few fraud checks during the loan application or forgiveness process. It also made loans increasingly easy to forgive even as evidence of widespread fraud became clear.

"Monster loans will get everyone paid"

As Congress hurriedly unveiled PPP in April 2020, it offered to pay a percentage of each loan to banks and lenders. These processing fees were meant to incentivize their participation, and page after page of internal communications included in the report shows the incentive worked.

"The more you submit, the more we get paid," Blueacorn managers allegedly told employees.

The report also claims that Blueacorn offered preferential treatment and less scrutiny to large-dollar loans they dubbed "VIPPP."

"Closing these monster loans will get everyone paid," wrote Blueacorn co-founder Stephanie Hockridge in internal company messages included in the report, adding that loan reviewers should "delete" certain smaller loans.

"Who f***ing cares?" she allegedly wrote. "We're not the first bank to decline borrowers who deserve to be funded."

Not only did several fintechs earn billions of dollars in processing fees, but PPP loans were 100% guaranteed by the government.

"The risk here is not ours — it is SBA's risk," a manager at Kabbage told his fraud specialists, according to the report. Investigators say this comment refers to SBA's promise that it wouldn't pursue penalties against lenders whose borrowers had attested that their loan documents were accurate.

Kruger, the University of Texas researcher, told NPR that the prospect of lucrative processing fees became a substantial inducement "to try and generate as many loans as possible."

Few backstops existed for fintechs with little lending experience

Fintechs often sent approved loan applications to other banks and lenders to issue the loans, and the report claims these partners also did little to check for fraud.

"Multiple lenders described their oversight as being limited to 'spot checks' conducted at random on a small percentage of fintech-referred application files," the report states.

One such lender is Prestamos, which grew to be PPP's third-largest lender, with nearly a half-million loans rapidly issued after it contracted Blueacorn to screen applications in 2021.

"We didn't spend a lot of time on the front end to try to understand what [Blueacorn was] doing to prevent or eliminate any fraud," Prestamos' CEO told the subcommittee.

Prestamos added that its random spot checks of Blueacorn-referred loans didn't involve "digging into every file" and were "not formally logged or documented."

Nearly every lender the subcommittee investigated admitted delegating fraud prevention and eligibility verification to fintechs. These lenders reported "windfall profits" for participating in PPP despite "this lack of oversight," according to the report.

Fintechs place the blame for rampant fraud on the government

As PPP wore on, fintechs tried to deflect responsibility onto the Trump administration for the significant amount of fraud occurring, the report says.

"It's the SBA's s***** rules that created fraud," wrote Kabbage's head of policy in an internal email quoted in the report. In a separate internal email, Celtic Bank's CEO wrote that "the industry should push hard to make sure the SBA accepts the fraud risk."

NPR reached out to five companies named prominently in the report. Two of them — Blueacorn and Womply, which investigators found were involved in about a third of all PPP loans funded in 2021 — did not respond. The other three — Bluevine, Celtic Bank and Kabbage — told NPR they cooperated with the committee's investigation and are proud of the work they did during an unprecedented situation.

"Celtic made extensive and effective efforts to combat fraud, while at the same time adhering to Congress' and SBA's direction to get money out to companies quickly, in a time of national emergency," wrote Celtic Bank's general counsel, Leslie Rinaldi.

The report says that Celtic Bank pushed fintech partner Bluevine to improve fraud controls, likely reducing fraud, a fact Bluevine highlighted to NPR.

"As the subcommittee noted, all fintech companies are not the same, and Bluevine 'adapted to the ongoing threats better' than some of the other fintech companies examined in the inquiry," Bluevine spokesperson Sarah Jewett wrote.

Kabbage's spokesperson, Alison Miller, said her company adhered to PPP's rules in good faith and remains committed to borrowers.

"Unfortunately, the report does the American people a disservice by parsing bits of information out of context to reach a predetermined conclusion," Miller wrote.

Kabbage, as well as an affiliated company called K Servicing, recently declared bankruptcy and is facing a class-action lawsuit that alleges it failed to process forgiveness applications in a timely manner.

Government officials from the Trump and Biden administrations are well aware of PPP's shortcomings. Michael Faulkender, an assistant Treasury secretary under Trump, unapologetically told NPR that speed took precedence over safeguarding against fraud when the government designed PPP.

"What would bread lines during a pandemic have looked like? Do we want to know? I didn't. And so we were going to get that program up and running," Faulkender said.

The report makes several recommendations for the future, including that the SBA should review the way it oversees lenders, issue fraud-screening guidelines, and reconsider working with fintechs.

It also recommends that, in any future government aid programs, the SBA aggressively review loans on a wide scale before forgiving them. That didn't happen with PPP; most loans could be forgiven with a simple one-page form and, as NPR previously reported, the SBA has manually reviewed only about 2% of PPP loans for fraud or eligibility. Yet 93% of all loans have been forgiven as of the SBA's latest updated data, issued on Oct. 24.

To catch scammers, the Department of Justice has named a chief prosecutor for pandemic fraud and President Biden has given prosecutors up to 10 years to bring charges in PPP fraud cases, although the SBA's inspector general has expressed doubt about how many fraudulent loans will ever be recovered.

Update: On Dec. 7, the SBA announced that it has suspended Blueacorn and Womply "from working with the SBA in any capacity." The agency also said it "will be investigating appropriate action against their management, owners, and successor companies." The latter is an apparent reference to Womply having recently created a new company called Solo. In addition, the SBA said it has "launched a full investigation" of several other fintechs: Benworth, Capital Plus, Celtic Bank, Customers Bank, Cross River Bank, Fountainhead, Harvest and Prestamos.

Meg Anderson edited this story for radio and digital.

Copyright 2022 NPR. To see more, visit https://www.npr.org.