How PPP data could help banks fight fraud

Fraud
The Paycheck Protection Program has been dogged by allegations of widespread fraud, and at the same time, banks are being forced to spend more to combat other types of fraud.
Adobe Stock

Loan-level data from the Paycheck Protection Program could offer a new way for banks to flag potential fraudsters.

In a recent data analysis, the identity verification technology firm SentiLink looked at individuals who received PPP loans from five nonbank lenders that were identified in a 2022 congressional report as having lax controls for identifying bad actors. The firm's analysis merged loan-level PPP data with separate data from financial institutions on check fraud.

The findings could help banks ferret out fraud risk. Individuals who used one of the five higher-risk PPP lenders accounted for only about 3% of checking account applications in the data, but they were responsible for roughly 13% of the check fraud.

SentiLink, which provides cybersecurity and identity theft services to over 300 financial institutions, including seven large U.S. banks, is making the data available to its clients as a way to prevent future fraud.

"Indeed, receiving a PPP loan from one of these lenders is a possible indicator of an individual's propensity to be involved in these check fraud schemes," SentiLink co-founder Maxwell Blumenfeld said in a statement.

Check fraud, which has been on the rise at financial institutions in recent years, is the use of paper or digital checks to fraudulently obtain money.

In February, the Financial Crimes Enforcement Network, a bureau in the U.S. Treasury Department, warned financial institutions about a "surge" in check fraud schemes targeting the U.S. postal system.

Between 2021 and last year, the number of suspicious activity reports that were filed in connection with check fraud nearly doubled to 680,000, according to Fincen.

And banks are having to pay more to combat increasing fraud, according to a LexisNexis Risk Solutions study published last November.

In a regulatory disclosure earlier this month, Regions Financial raised its guidance for adjusted non-interest expenses in 2023 by 6.5% due to an increase in operational losses from check fraud. The $154 billion-asset bank described check fraud as an "industry-wide issue."

Meanwhile, federal prosecutors continue to try to recoup billions of dollars in PPP funding lost to fraud during the height of the COVID-19 pandemic.

While a large portion of the $792.6 billion in PPP funding reached small businesses in need of aid to cover payroll expenses, experts have cited the program's fast implementation, reliance on a broad network of lenders and changing guidelines as reasons why tens of billions of dollars ended up in the hands of fraudulent applicants.

The five companies included in SentiLink's analysis were among several lenders that were discussed in a December 2022 congressional report on PPP loan fraud.

The lenders, which used the fintech companies Blueacorn and Womply to verify eligible applications, were Prestamos CDFI, Capital Plus Financial, Harvest Small Business Finance, Benworth Capital and Fountainhead SBF. 

In 2021, they were five of the six largest PPP participants by loan volume, according to the congressional report.

Blueacorn and Womply were criticized in the congressional report for failing to detect and prevent widespread PPP fraud, even as they collected substantial fees from the program.

The congressional report cited emails in which several of the five lenders raised concerns to their fintech partners about high levels of potentially fraudulent PPP loan applications. In a conversation with congressional staff, the CEO of Fountainhead described Womply's fraud prevention practices as "put together with duct tape and gum," according to the report.

Blueacorn, Womply and two of the five lenders included in SentiLink's analysis did not respond to requests for comment.

Prestamos, a non-profit community development financial institution that lends to underserved communities, is "confident in our lending practices," a spokesperson for the lender said in an email.

A lawyer for Benworth Capital said that the majority of loans that the firm funded through the PPP were referred by Womply. Benworth raised concerns about certain applications with Womply and requested that the fintech make changes, the lawyer said in an email.

"The changes we requested were not implemented, and we ended our relationship with them," Benworth's lawyer said.

Capital Plus Financial said in an email that regulators and companies worked together to minimize fraud and "keep millions of workers and hundreds of thousands of businesses open" during the pandemic.

But for roughly half of the PPP loans that the five lenders made, SentiLink couldn't verify that the businesses that borrowed money actually exist. Many individuals posed as small businesses in order to qualify for PPP funds.

The PPP may have "opened some fraudsters' eyes to how easy it is to create fictitious companies and financial documents to get money," said Tim McInnis, a former assistant U.S. attorney who represents PPP whistleblowers.

"My experience is that people who were committing other types of crimes saw PPP come up, and it just became part of their portfolio of criminal activity," McInnis said.

The SentiLink analysis appears to show a correlation between individuals who would engage in PPP fraud and those who would commit check fraud, said Jeffrey Taft, a cybersecurity and data privacy lawyer at Mayer Brown.

"If people commit fraud, you have to pursue those people and take action against them," Taft said. "You have to understand what they were doing in order to close off those avenues so that they're not used again."

Update
This story has been updated to add comments from Prestamos CDFI and Benworth Capital.
May 17, 2023 3:16 PM EDT
For reprint and licensing requests for this article, click here.
Consumer banking Fraud prevention Risk management
MORE FROM AMERICAN BANKER