News & Resources

COVID-19 Client Alert: Preparing for Increased CARES Act Oversight

The Coronavirus Aid, Relief, and Economic Security Act (“CARES Act” or “the Act”) will provide more than $2 trillion in relief to those hardest hit by the economic impacts of the COVID-19 pandemic.  Under the CARES Act, the federal government will provide checks to an estimated 150 million American households, set up loan programs for businesses, increase unemployment insurance programs, provide funds to hospitals and local governments, among other actions.  For an overview of the CARES Act’s provisions relevant to government contractors, please see our client alert published on April 1, 2020

As the largest economic stimulus package in history, there is a natural focus in the Act on making sure that funds are used for their intended purpose.  To address this concern, the Act created three new oversight bodies: the Office of the Special Inspector General for Pandemic Recovery within the Treasury Department (“SIGPR”); the Pandemic Response Accountability Committee (the “PRAC”); and a Congressional Oversight Commission.  The high-profile media coverage of the President’s signing statement on the CARES Act has brought significant attention to the SIGPR’s possible role and what its activities may look like in practice.  Historically, the criminal convictions against 380 individual defendants and the 24 corporate enforcement actions resulting from investigations conducted by the Special Inspector General for the 2008 Troubled Asset Relief Program (“TARP”) provide even more reasons for businesses who seek relief under the CARES Act to pay close attention to their own compliance with the Act and to the SIGPR’s activities.    

Businesses benefiting from the much-needed relief the CARES Act provides should take the opportunity now to prepare for the increased scrutiny of a special Inspector General.  Both during the pandemic response and after it subsides, we can expect that the SIGPR will probe how CARES Act funds were deployed with the full benefit of hindsight.  While these are unprecedented times in many respects, the 2008 financial crisis offers important lessons for understanding how the SIGPR and other oversight mechanisms might go about executing their mandates.             

SIGPR Scope, Responsibilities, Powers, and Reporting

Under the CARES Act, the SIGPR has a broad mandate to conduct, supervise, and coordinate audits and investigations on the use of CARES Act relief.  The responsibilities associated with its mandate cover both maintaining a system to enable SIGPR to track and report on how CARES Act funds are administered, in addition to ensuring that funds are used for their intended purpose and in a manner consistent with CARES Act requirements. 

With respect to the former, the Act requires the SIGPR to collect and summarize “[a]n explanation of the reasons the Secretary determined it to be appropriate to make each loan or loan guarantee,” including “a justification of the price paid for, and other financial terms associated with, the applicable transaction.” The SIGPR must provide this information in quarterly reports to Congress, covering the three-month period preceding each report.  In the quarterly reports, the SIGPR must also include a summary of its activities for the same period.

The responsibilities regarding oversight of the use of the funds are incorporated by reference to the responsibilities and duties defined in the Inspectors General Act of 1978, which includes, among others, a duty to report on “fraud and other serious problems, abuses, and deficiencies relating to the administration of programs and operations administered or financed by such establishment…”  In executing its mandate, the SIGPR has all the powers traditionally associated with an inspector general’s office including subpoena power.    

CARES ACT Oversight v. TARP Oversight

It is apparent from the circumstances, language, and structure of the oversight mechanisms established by the CARES Act that it drew extensively from the 2008 Emergency Economic Stabilization Act of 2008 (“EESA”). While the CARES Act is far broader in scope, the 2008 EESA, like the CARES Act, was a reaction to a national crisis and provided emergency relief to key businesses—in that case the financial industry—during a time of extreme vulnerability.  In both cases, concerns regarding the need for oversight of dispersed funds led to the creation of three primary oversight mechanisms: a special Inspector General an oversight board/committee, and a congressional committee. Further, the key statutory language creating the special Inspectors General in both Acts are strikingly similar with respect to basis for selection of the Inspector General (“IG”), duties and responsibilities, powers, and quarterly reporting to the appropriate congressional committee on the disbursement of relief funds.   

Despite these similarities, there are notable differences in the 2008 and 2020 statutes that provide some insights into how the SIGPR may operate in practice.  These include differences with respect to: 1) the relationship established with other executive branch oversight mechanisms in the statutes; 2) termination dates for the Special IG; and 3) Special IG funding. 

1.  SIGPR Relationship with other Executive Branch Oversight Mechanisms

The 2008 EESA statute clearly established the SIGTARP as the primary executive branch oversight mechanism for preventing misuse of TARP funds.  The other executive branch oversight mechanism under EESA—the Financial Stability Oversight Board (the “Oversight Board”)—is geared toward oversight in the sense of ensuring the effectiveness of the exercise of policy discretion under the TARP program (i.e., is the relief having its intended effect and how can this be improved).  With respect to identifying any misuse or fraud under the TARP program, the Oversight Board is directed by the statute to report “any suspected fraud, misrepresentation, or malfeasance to the Special Inspector General” rather than pursue its own investigation.  The act further establishes SIGTARP as the primary executive branch oversight mechanism by requiring the Government Accountability Office, in its exercise of administrative oversight, to report to both Congress and SIGTARP. 

Unlike SIGTARP, the SIGPR will divide its oversight role with the PRAC, which provides oversight for not only CARES Act funds, but other phases of COVID-19 pandemic relief.  While the 2008 Oversight Board focused largely on policy issues, the PRAC has a clear mandate to prevent and detect fraud, waste, abuse, and mismanagement.  Instead of referring matters for investigation to the Special Inspector General as EESA required, under the CARES Act, the PRAC has the power to conduct independent investigations, support other IG investigations, issue subpoenas and hold public hearings. 

It is unclear how the SIGPR and the PRAC will collaborate to execute their somewhat overlapping roles and what this overlap means for how active the SIGPR will be compared to SIGTARP. With the PRAC serving as the “public face” of oversight for CARES Act accountability, including with responsibility for maintaining an outward-facing accountability and transparency website, it is possible that the SIGPR will have a more “low-key” approach than the SIGTARP.      

2.  Termination Dates for Special IGs

Another significant difference is the open-ended nature of the SIGTARP’s term compared to the SIGPR.  The EESA establishes a five-year termination date for both the SIGPR and the PRAC, while the SIGTARP’s termination date is the latter of either the government’s sale of the last troubled asset it acquired or the expiration of the last insurance contract issued.  The open-ended nature of the SIGTARP’s term has meant that SIGTARP remains active today with thirteen individual convictions and two company enforcement actions being attributed to SIGTARP investigations just last year. 

The five-year defined term provides some possible insights.  One possibility is that the shorter time window will mean that the SIGPR and the PRAC will be less active than SIGTARP.  However, given the scale and scope in CARES Act relief, the likelihood of public pressure to ensure COVID-related funds are used for their intended purposes, and recent statements from the administration (discussed in greater detail in our March 20, 2020 client alert), we find this possibility unlikely.  A second possibility, that we consider more likely, is that the defined term will force the PRAC and SIGPR into a highly collaborative posture with other agencies.  Without the luxury of time, the PRAC and SIGPR may have to bring agency IGs or the DOJ into their investigations earlier than it would if time were not as significant a constraint.  Indeed, the Act itself appears to contemplate a heightened level of collaboration with other IGs because the PRAC itself will be composed of IGs from various federal agencies.  

3.  Funding for the Special IG

Related to the SIGPR’s limited term is its smaller budget.  Even though the CARES Act is broader in scope and more than three times the size of TARP ($475B), the SIGPR’s budget ($25M) is half the budget originally allocated to SIGTARP ($50M) and more than three times smaller than PRAC’s budget ($80M).  These budgets suggest that PRAC will likely shoulder more of the oversight burden and reinforces pressure for the SIGPR to rely on close collaboration with other agencies to execute its mandate.  It also suggests that SIGPR will have to be more judicious and selective when deploying its investigative resources, likely focusing on larger and more egregious violators. 

Guiding Principles as Companies Prepare for Future CARES Act Audits, Reviews and Investigations

As businesses scramble to adjust and maintain operations while keeping personnel safe, one contribution Legal and Compliance departments can make is to ensure appropriate steps are taken to prepare their business for the increased scrutiny that will come with CARES Act relief.  Of course, every business will have their own needs and a tailored approach is paramount, but below are some guiding principles that may be helpful to consider:   

  • Familiarize yourself with the type of relief your company has received or plans to receive and any requirements or limitations on use for that funding. The speed at which COVID-19 developments are unfolding means that all of us are forced to react in real time.  The size and complexity of the CARES Act can make that difficult.  Legal and Compliance departments should be prepared to serve as expert resources and be a part of the conversation regarding how CARES Act funds are used, what steps the company takes to maintain operations and whether those steps are consistent with CARES Act requirements.  This may mean designating a specific staff person with CARES Act responsibility, developing a CARES Act compliance task force and/or reaching out to outside counsel familiar with the Company to help develop an approach that makes sense for the business. 
  • Reinforce Compliance messaging during the crisis. With old routines disrupted and new pressures to react in a crisis, it is a good opportunity to reinforce Compliance messaging and, where appropriate, engage in targeted communication to key departments and personnel not only regarding CARES Act compliance, but all levels of legal, regulatory and ethical compliance.  This sort of messaging will help ensure that Compliance remains “top of mind,” but will also serve as important documentation of the steps the Company took to ensure compliance with CARES Act and other regulatory requirements during the crisis.
  • Collaborate with other departments that support the business divisions to ensure compliance with the CARES Act. A collaborative approach with other departments responsible for supporting the business will help secure broader “buy-in” and efficiency.  As discussed in our April 1, 2020 post, for example, there are several employment and compensation related “deal-breakers” built into the CARES Act.  Working closely with HR will allow the company to maintain eligibility for relief and compliance with relief requirements once funds are received.  Similarly, given the importance of ensuring that relevant transactions and decisions are appropriately documented and auditable, Legal, Compliance and HR should consider working with Internal Audit to develop an audit and oversight plan to ensure expectations regarding documentation are met.  Whether a task-force format or something less formal is warranted is a decision that should be tailored to particular business needs and realities.  However, companies should consider how best to develop a coordinated approach to compliance and ensure the approach is well documented.

Smith Pachter McWhorter is monitoring COVID-19 pandemic developments and will continue to bring you updates and analysis to help navigate the crisis through our COVID-19 Response Resource Center.  For additional guidance regarding your company’s response please contact the authors identified below or any member of our team.     

Cormac T. Connor     

Carlos A. Grover

Nora K. Brent