Reports

We evaluated the U.S. Small Business Administration’s (SBA) controls to flag or prevent potentially fraudulent Coronavirus Disease 2019 (COVID-19) Economic Injury Disaster Loan (EIDL) applications submitted from foreign Internet Protocol (IP) addresses. Although the agency implemented several layers of controls to prevent or reduce fraud from foreign countries, individuals at foreign IP addresses were able to access the COVID-19 EIDL application system. SBA received millions of attempts to submit COVID-19 EIDL applications from foreign IP addresses and stopped most of them; however, the agency...

The Office of Inspector General (OIG) found that the Small Business Administration (SBA) did not have an organizational structure with clearly defined roles, responsibilities, and processes to manage and handle potentially fraudulent Paycheck Protection Program (PPP) loans across the program.

The audit found the agency had significant issues implementing the Coronavirus Aid, Relief, and Economic Security (CARES) Act. The agency did not sufficiently review CARES invoices due to changing guidelines, reduced contract oversight staffing during the pandemic, overreliance on contractor-provided information, and the lack of clear and comprehensive Contracting Officer Representative (COR) oversight procedures for CARES invoices. As a result, the OIG questioned more than $16.4 million, or 40 percent of the sampled CARES invoice charges. As of June 8, 2021, NSA reported $917 million in CARES...