The CARES Act and Mitigating False Claims Act Risk

April 13, 2020

The Coronavirus Aid, Relief, and Economic Security (“CARES”) Act provides $2.2 trillion of government funds to combat the effects of the COVID-19 pandemic.

The financial assistance available to impacted companies comes in various forms, including loans, loan guarantees, grants, direct rebates, and other tax relief[1]. The potential for fraud and abuse involving large government programs is high, particularly those that are new and evolved from a crises situation like the COVID-19 pandemic.  Companies taking advantage of CARES Act funding will therefore be subject to heightened scrutiny, including with respect to their compliance with the False Claims Act (“FCA”), which imposes liability on any person who knowingly submits a false claim to the government or causes another to submit a false claim to the government or knowingly makes a false record or statement in order to have a false claim paid by the government.  31 U.S.C. § 3729 et seq.

This was the case in prior crises involving significant government emergency funding, including the 2008 financial crisis. The U.S. Department of Justice (“DOJ”), for example, created a task force to investigate fraud in federally insured mortgage and lending programs, which led to annual recoveries of upwards of $6 billion through the FCA in the years following the financial crisis.

The CARES Act includes accountability and oversight provisions, including one which creates a Special Inspector General for Pandemic Recovery to monitor the $500 billion corporate relief fund[2]. In addition, the DOJ has already announced that it will “prioritize the investigation and prosecution of Coronavirus-related fraud schemes” and has set-up a national whistleblower hotline to report potential fraud[3]. The DOJ has also affirmed that it remains “committed to pursuing” violations of the FCA “especially during this critical time as our nation responds to the outbreak of COVID-19[4].” Individual whistleblowers will also be focusing on companies’ participation in the CARES Act programs and whether companies are abusing government funding.  These individuals may report the suspected fraud to the government or file a complaint on their own alleging violations of the FCA.

While certain industries are more exposed to FCA-related risk in normal times, any company taking advantage of CARES Act relief may face a heightened risk of potential exposure. Accordingly, any entity applying for and receiving government relief through the program should ensure they have appropriate compliance programs in place and strong internal controls to meet all relevant CARES Act requirements and prevent potential violations of the FCA, and to the extent that there are potential violations, be in a position to detect and address them.

Steps to Mitigate the Risk of Potential FCA Violations:

  • Reinforce the importance of complying with the law and company policies.This is particularly important now when there may be temptation to sideline compliance issues to address more immediate business concerns.Targeted communications to those involved in any CARES Act activity, particularly those tasked with monitoring and administering the use of the funding, may be appropriate and, if done, should be sent in writing and retained.
  • Ensure the compliance department is involved at the early stages of discussions about receiving federal assistance through the CARES Act.
  • Carefully review the relevant provisions of the CARES Act and any regulations and guidance issued by the government.
    • Focus on eligibility criteria and any restrictions or conditions imposed on the receipt and use of federal assistance under the program.
    • Ensure any representations or certifications contained in the application for funding are accurate, particularly since any false or inaccurate statement can be the basis for a claim under the FCA.
    • Monitor announcements by the government regarding changes or other developments in the relief provided under the CARES Act.
    • When the implications of a change or development are unclear, request confirmation that your understanding is correct, including through outside advice.
    • Request formal modifications or waivers to funding requirements from the government when necessary.Avoid unilaterally deciding to forego any requirements attached to the government funding.
  • Consider training for relevant personnel on the CARES Act and any new policies, procedures or controls that are implemented relating to the funding and the COVID-19 crisis more generally.
  • Once funding has been received:
    • Implement specific compliance procedures and controls for any certifications or reports that need to be provided to the government in connection with the funding received.
    • Coordinate with financial control functions to track the use of funding to ensure it is being appropriately spent, in compliance with all relevant requirements.
  • Maintain effective record keeping procedures[5].
    • Document support for any applications for financial relief.
    • Document modifications to or waivers of requirements obtained from the government.
    • Document how the company used the funding.
    • Document any changes to the company’s normal compliance procedures made in reaction to the COVID-19 pandemic.
  • Remind employees about channels for reporting potential compliance issues, including whistleblower hotlines.This is particularly important with much of the workforce dispersed and working remotely.Ensure that such communications are documented and retained.
  • To the extent internal reports are made, investigate the reports promptly and implement any necessary remediation.This may include disciplining or replacing individuals responsible for misconduct or even self-reporting to the DOJ.Note that the DOJ considers a company’s remedial measures when deciding whether to award a company cooperation credit in connection with its FCA investigation[6].

These steps, if taken, will not only help decrease the risk of future FCA claims, but they will also help reduce the risk of criminal investigation and related civil litigation more generally.  As a result, companies receiving funds under the CARES Act should consider implementing these changes, either independently or as part of any broader revisions to compliance policies, procedures, controls and monitoring undertaken in light of COVID-19[7].

This article was republished by Pratt’s Government Contracting Law Report.


[1] For a more in-depth analysis of the CARES Act and available financial assistance, refer to: President Signs CARES Act: Emergency Relief Provided to Businesses and Consumers, and Financial Assistance Programs and Facilities for Corporates Affected by COVID-19.

[2] For additional information about the accountability and oversight provisions built into the CARES Act, refer to Accountability and Enforcement Under the CARES Act.

[3] U.S. Dep’t of Justice, Memorandum from Attorney General William P. Barr (Mar. 16, 2020), Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Attorney General William P. Barr Urges American Public to Report COVID-19 Fraud (Mar. 20, 2020).

[4] Lydia Wheeler, Bloomberg News, Coronavirus False Claims Task Force Urged at Justice Department (Mar. 17, 2020).

[5] Notably, the CARES Act provides the Special Inspector General for Pandemic Recovery with powers to conduct audits and issue subpoenas in connection with any investigations it undertakes, which further emphasizes the need for keeping appropriate records.

[6] For additional information on the circumstances in which the DOJ will grant cooperation during FCA investigations, refer to DOJ Issues Guidance on Cooperation In False Claims Act Investigations.

[7] For additional information on mitigating compliance risk, refer to Navigating COVID-19: Best Practices for Managing Compliance Risk; COVID-19 and the Compliance Risks Related to Sales and Marketing Practices.