COVID-19: CARES Act and False Claims Act Compliance

The COVID-19 pandemic has left us all in an embattled state, and the businesses that fuel our economy have probably been hit hardest of all. In an effort to help mitigate the damage, the government is funneling $2.2 trillion to hard-hit companies via the CARES Act (Coronavirus Aid, Relief, and Economic Security Act). While the potential is always high for fraud and abuse in relation to large, cumbersome governmental actions, this is never truer than when they are precipitated by an emergency – and in the case of COVID-19, an unprecedented emergency.

Expect Enhanced Scrutiny

Those companies that avail themselves of the CARES Act’s offerings should fully expect enhanced federal scrutiny going forward. Specifically, this means enhanced scrutiny related to each company’s compliance with the False Claims Act (FCA).

Individuals and entities who violate the FCA are liable for treble damages or three times the dollar amount the government is defrauded and can face additional civil penalties of $5,500 to $11,000 for each false claim submitted to the government.

COVID-19 Oversight and Enforcement

Accountability and oversight are built into the CARES Act, and their efforts are comprehensive. The Department of Justice (DOJ) has made it clear that it is committed to hotly pursing all violators of the FCA during this unprecedented crisis and it will prioritize the investigation and prosecution of COVID-19 related fraud, waste, and abuse schemes. Efforts include the appointment of a Coronavirus Fraud Coordinator in each district as well as the establishment of a national system for whistleblowers to report fraud.

• The District of New Jersey brought DOJ’s first criminal case related to the pandemic when it charged a Georgia man for his alleged involvement in a scheme to fraudulently bill Medicare for unnecessary COVID-19 tests.
• Federal prosecutors in the District of Rhode Island charged two businessmen with conspiring to seek forgivable loans under the Paycheck Protection Program after claiming the employed dozens of employees at four different business entities when no employees actually worked for any of the businesses.
• A federal grand jury returned an indictment charging a Norfolk, Virginia man with submitting fraudulent disaster-related loan applications in connection with the COVID-19 outbreak that resulted in the disbursement of over $190,000 in proceeds.

Precedent

There is considerable precedent supporting the expectation of heightened scrutiny in the time of COVID-19, including Hurricane Katrina and the financial crisis of 2008. In the following years, a task force created by the DOJ recouped about $6 billion annually as a result of fraud, waste and abuse investigations. There is no shortage of precedent on this one. Examples include:

• In 2006, Lighthouse Disaster Relief, a company hired to support the federal government’s Hurricane Katrina relief efforts, paid $5.3 million in fines and penalties for making false statements to FEMA in order to be paid prematurely and then failed to build and staff a basecamp sufficient to house the number of first responders called for in the contract.
• In 2009, the DOJ secured a $212.5 million settlement with First Tennessee Bank after its subsidiary, First Horizon Home Loans originated and endorsed mortgages for federal insurance by the Federal Housing Administration that did not meet eligibility requirements and failing to report such deficiencies to the authorities as required.
• In 2015, DaVita Healthcare Partners, a provider of dialysis services, paid $450 million to resolve allegations that it knowingly generated unnecessary waste in administering specific drugs to dialysis patients and then billed the government for those costs. DaVita paid an additional $350 million for violating the FCA by paying kickbacks to physicians to induce patient referrals to its clinics.

Proceed with Caution

Some industries are generally riskier at the best of times when it comes to FCA exposure, but every entity that partakes of financial relief proffered by the CARES Act should consider itself at increased risk. As such, every company moving forward with this brand of government relief should take a step back and focus on the implementation of appropriate checks and balances related to compliance – along with robust internal monitoring. If any potential missteps are detected, businesses must be prepared to aggressively address the breach of compliance.

Monitor and Mitigate Risk

The government is offering significant financial relief for businesses in a time that many have few – if any – alternatives. With this relief comes exposure to enhanced federal scrutiny, which is a risk that most companies are going to have to take. Monitoring and mitigating that risk, however, is imperative, and there are a variety of strategies that should be applied toward this end.

Focus on Compliance

We’re in the middle of extraordinary circumstances that are nothing if not excessively trying, and many businesses are simply trying to stay afloat. While some companies view compliance as a luxury they can’t afford at present, now is actually a good time to double down. Reinforcing all compliance policies and related transparency is critical.

Disseminate Pertinent Information

Keeping the compliance department in the loop ­– from the outset – is key. The CARES Act is complicated and carefully monitored, and an ounce of prevention is, indeed, worth a pound of cure. Implementing relevant training – as applicable – shows initiative and is a great early measure.

Read for Relevance

The CARES Act spells out its rules and regulations relatively clearly, and businesses are well-advised to focus and attend regarding anything and everything relevant to their particular enterprise:

• Ensure that all criteria for eligibility are met and that no federal restrictions apply;
• Ensure that applications are accurate and verifiable;
• Stay on top of evolving developments related to the CARES Act;
• When questions arise, request clarification from outside counsel (or a relevant authority); and
• Refrain from bypassing federal requirements and, instead, formally request applicable waivers or modifications.

Once You’ve Acquired Funding

Once greenlighted for federal funding, it’s time to get down to business, compliance-wise:

• Specify compliance procedures to all involved, including governmental requirements for reports and certifications; and
• Effectively track and record all expenditures related to government relief to help ensure not only federal compliance but also accurate documentation.

Keeping Track

When it comes to the federal government, it’s all about accountability, and that translates to solid recordkeeping. This means documenting all records in support of federal relief, all modifications and/or requirement waivers sought and obtained, all funding allocations, and all company-wide, coronavirus-related changes in compliance requirements. In other words, go ahead and keep track of it all.

Document Compliance

During this time of COVID, federal compliance is king, and the best path forward is careful documentation. Now that many employees are working remotely, ensuring staff understands what compliance looks like and recognizes there are whistleblower options available if compliance issues rear their ugly head is paramount. Businesses need to have not only strict compliance-plans but also mechanisms for accountability in place. If instances of noncompliance arise, companies are responsible for taking appropriate action. Importantly, the DOJ will take any such remedial actions into consideration during its investigations.

Going Forward

Companies, corporations, and businesses of every stripe are changing – or at least tweaking – the way they do business in light of COVID-19. Federal compliance is a critical component of this evolution for any entity receiving emergency funds from the government. The steps featured herein are not only good policy as it relates to the COVID crisis but also represent best practices for financial compliance generally.