Earlier this year, we anticipated that DOJ would “focus not only on more sophisticated corporate-level pandemic fraud but also on banks and other financial institutions that allegedly aided and abetted these frauds.”  The future is now.

DOJ’s COVID-19 Fraud Enforcement Task Force is shifting its focus to banks, launching investigations into whether banks turned a blind eye to clear indicia of fraud on loan applications or conspired with loan applicants.

The Task Force is expected to take a risk-based investigative approach. According to Task Force leadership, by using data analytics, DOJ “can identify particular lenders, particular financial institutions that really enabled this to happen.”  Similarly, the Small Business Administration, which oversees this area, plans to review COVID-19 relief loans over $2 million.  DOJ’s investigative approach is expected to put a large swath of regional banks and fintech companies (among others) under the proverbial microscope.

DOJ and other regulators are expected to examine banks under three lenses:

(1) criminal fraud violations (e.g., wire fraud under 18 U.S.C. § 1343, or bank fraud under 18 U.S.C. § 1344);

(2) Bank Secrecy Act violations (e.g., failure to maintain adequate controls under 31 U.S.C. § 5318(h), or failure to report suspicious transactions under 31 U.S.C. § 5318(g)); and

(3) False Claims Act violations under 31 U.S.C. § 3729.

What can banks do to minimize the chances of a bad outcome if DOJ initiates an investigation?  We suggest a proactive audit or internal compliance review of a meaningful sample of loan files, as well as a re-examination of customer due-diligence policies and procedures.  For example, a bank could examine whether any loans went to borrowers who have a known history of engaging in facially suspicious transactions. Banks would do well to demonstrate, before receiving investigative process, a strong commitment to compliance.  Such a demonstrable commitment might help assure DOJ that charges should not be brought and that its limited time and resources should be devoted elsewhere.

Further, where those proactive audits or reviews reveal issues, we recommend strong remedial measures, and consideration regarding whether additional steps are necessary.  An ounce of prevention is worth a pound of cure; but in this environment, where examination or investigation is all but certain, prevention is even more important and valuable.