Although federal regulators repeatedly have assured banks that they can make Paycheck Protection Program (“PPP”) loans without fear of later reprisals, there remains the potential for liability under the federal False Claims Act. Absent a legislative fix or specific guidance from the Department of Justice (“DOJ”), this risk will continue to deter many lenders from participating and force those who do make loans to do so more slowly than intended by the CARES Act or desperately needed by so many small businesses.
Lender Liability Under the False Claims Act
Under the Civil False Claims Act (“FCA”), DOJ may bring an enforcement action against any party who, among other things, “knowingly presents or causes to present a false claim for payment or approval” or “knowingly makes, uses, or causes to be made or used, a false record or statement material to a false or fraudulent claim.” Potential penalties under the FCA include treble damages, shareholder suits, and a whole host of other unfavorable outcomes. With respect to criminal liability, DOJ may rely on 18 U.S.C. § 287, which provides up to five years of imprisonment for any person who “makes or presents . . . any claim upon or against the United States, or any department or agency thereof, knowing such claim to be false, fictitious, or fraudulent.” Crucially, the term “knowingly” is not limited to actual knowledge, and also includes knowledge that a party, including a lender, “should have known” or “had reason to know.”
While the SBA has previously indicated that PPP lenders “will be held harmless for borrowers’ failure to comply with program criteria” and can rely on borrower certifications, and that “[t]he Administrator will hold harmless any lender that relies on . . . borrower documentations and [an] attestation from the borrower,” these assurances from SBA do not necessarily preclude an investigation or enforcement action by DOJ, a separate agency. Thus, notwithstanding the SBA’s guidance, which we would argue is intended to provide broad protection for lenders, current and prospective PPP lenders should not assume there is absolutely no FCA risk.
To start with, the hold harmless language is coupled with the caveat that the lender has BSA/AML and CIP compliance in place. Second, an argument could be made down the road by an FCA whistleblower or DOJ that the hold harmless language does not eliminate lender liability where the lender or its employee has evidence or knowledge that the information provided by a borrower is false. For example, a lender may have documentation or knowledge indicating that while a small family-owned business is ostensibly “owned” by a family member, it is in fact legally owned by another family member who is ineligible. Additionally, a lender may have knowledge of the borrower’s number of employees or know that most of a borrower’s employees are paid minimum wage, but the amount of the loan earmarked to be used for payroll is much higher than what would be expected given those facts. The examples described above could be used to form the basis of an FCA claim against a lender, or worse, a criminal fraud claim brought by the DOJ against a lender.
The potential for an onslaught of FCA whistleblowers, or liability for a newly and rapidly instituted BSA/AML compliance program, may be a significant barrier for many lenders who, if better protected, would join the PPP. Congress and the Administration can reduce the risk of these outcomes by clarifying and broadening lenders’ immunity for any negligent actions and limiting liability to clear intentional and willful misconduct, as it has tried to do for hospitals. Absent such action by the government, lenders who make PPP loans should strongly consider verifying that borrowers’ PPP application information is consistent with what they know about the borrowers. Lenders also should review their current BSA/AML and CIP programs for compliance.