PPP firms gave selves loans, bought Porsche, $8M home, says report on COVID loan fraud

Some of the most prolific online lenders in the federal Paycheck Protection Program had remarkably lax fraud protection controls even as they approved billions of dollars worth of loans in the COVID-19 small business relief program.

What’s more, executives tied to these online lenders obtained millions in PPP loans themselves that might have been fraudulent in their own right. And much like the dozens of PPP borrowers who have been arrested so far for defrauding the program, these executives appear to have used the proceeds from the loans and the millions they reaped in fees from their work in the program to make all-cash purchases of luxury properties and buy flashy sports cars.

That’s according to an eye-popping report released Thursday by the House Select Subcommittee on the Coronavirus Crisis that looked into the lending practices of several financial technology, or fintech, companies that processed loans in the signature federal small business relief program created as part of the CARES Act in March 2020.

Under the terms of the program, the loans, which could be as high as $10 million, would be forgiven if used for approved purposes, such as payroll.

The money for the program came from the federal government, but private lenders were tasked with vetting small business applicants for the program, with the size of loans tied to the pre-pandemic payroll of applicants. Lenders were paid fees on a sliding scale based on the size of the loans they approved.

The U.S. Small Business Administration, which administered the program, advised lenders to effectively take borrowers at their word, which experts said from the beginning would likely lead to rampant fraud in the program.

The House report cites reporting from the Miami Herald and other news outlets early in the program that flagged millions of dollars in potentially fraudulent PPP loans, many of which had been processed by fintechs, which aren’t subject to the same regulations as traditional banks.

One estimate pegged the overall amount of potentially fraudulent loans at more than $64 billion and said that fintech lenders, which had more lax approval standards, bore much of the blame.

Samuel Kruger, a co-author of the study and a finance professor at the University of Texas at Austin, said the fact that lenders didn’t have to put any of their own money at risk — and faced few penalties for approving fraudulent loans — created a ripe atmosphere for fraud.

“A lot of the mechanisms that would typically discipline lending were absent in this program,” he said.

Rep. James Clyburn, the South Carolina Democrat who chairs the committee, called out the companies highlighted in the report for failing to take adequate steps to prevent fraud while enriching themselves.

“Even as these companies failed in their administration of the program, they nonetheless accrued massive profits from program administration fees, much of which was pocketed by the companies’ owners and executives,” Clyburn said in a statement. “On top of the windfall obtained by enabling others to engage in PPP fraud, some of these individuals may have augmented their ill-gotten gains by engaging in PPP fraud themselves.”

‘Potential criminal violations’

The House report stops short of recommending criminal charges against any of the companies reviewed but encourages the SBA’s inspector general to conduct a comprehensive review of the lenders and several executives referenced in the report and “refer any potential criminal violations to appropriate law enforcement agencies.” Clyburn added that he had “informed [the Justice Department] that some of our findings may warrant its attention.”

In addition to the meager fraud controls and potentially fraudulent loans obtained by some of the executives themselves, the report also highlights attempts by the founders of Blueacorn, one of the fintechs reviewed in the report, to charge PPP borrowers fees for processing PPP loans, which was forbidden by the program rules.

As the Herald previously reported, Kabbage, one of the fintech companies examined in the report, has indicated that it is currently facing investigations by U.S. attorneys in Massachusetts and Texas.

Lenders in a federal program could theoretically be held liable if they knowingly approved ineligible loans, or didn’t do enough to prevent fraudulent loans from being approved, said Caleb Hayes-Deats, a former federal prosecutor in the Southern District of New York and partner at MoloLamken.

“In the past, DOJ has sued lenders under the False Claims Act based on the allegation that they “recklessly” failed to detect and prevent the submission of fraudulent or ineligible loans to the government,” Hayes-Deats said.

He pointed out, however, that it could be challenging for prosecutors to succeed in bringing cases against lenders who participated in the PPP program because the program promised that lenders wouldn’t face any penalties for approving fraudulent loans so long as they acted “in good faith.”

Lax controls

The report encourages the SBA to consider the “systemic risks” posed by the participation of fintechs in SBA lending programs, better vet new lenders that participate in SBA lending programs and better clarify the compliance requirements of lenders who participate in their programs and third-party contractors those lenders employ.

In the PPP program, fintech companies partnered with traditional banks and other lenders to process loans in the program, relying more on algorithms than people to do the work of speedily approving applications. The fintechs and lenders split the fees generated from approving the loans, which amounted to billions of dollars.

Despite the cash windfall from these fees, the report found that many of the fintechs spent little on fraud protection and in some cases even downsized their fraud protection teams, ignoring early indications that many of the PPP applications they had already approved were fraudulent. And while the lenders that partnered with these fintech companies raised concerns about the high levels of seemingly ineligible loans approved by the fintech companies, they took limited action to force the fintechs to improve their practices.

Online lender Kabbage reduced its full-time fraud prevention staff by nearly half during the peak time it was processing PPP loans, according to the report. And at one point a manager supervising fraud specialists advised them to be less diligent in reviewing PPP loans as opposed to normal Kabbage loans because “the risk here is not ours — it is SBA’s risk.”

Meanwhile, Blueacorn, an Arizona fintech created in April 2020 solely for the purpose of processing PPP applications, earned more than $1 billion in fees from its work on the program, but spent less than 1% of that money on fraud prevention and had only one direct employee responsible for processing the 1.7 million loans the company reviewed.

Instead, Blueacorn outsourced much of the vetting to another Arizona company called Elev8 Advisors. The owners of Elev8 saw their work as an opportunity to cash in, and hired more than 30 close friends and family to vet PPP loans for Blueacorn, even though few had any experience doing so.

Former employees at both Blueacorn and Kabbage raised concerns about the high level of fraud they suspected in loans their companies had approved, but those concerns were brushed aside, according to records obtained by the congressional committee and interviews it conducted with former employees.

‘Life changing money’

One of Elev8 Advisors’ founders, Kristen Spencer, laid bare her intentions in a text message obtained by the committee.

“We are doing this for the people we hired to make money. Our friends and family,” Spencer wrote. “That is where the money is going. And it will be life changing money for anyone who does it.”

For the Spencers, it certainly was.

Kristen and husband Adam Spencer, a co-founder of the company and former payments processing executive, used the proceeds from the program to purchase a nearly $8 million Scottsdale, Arizona, home with cash in July 2021. Adam Spencer also bought a Porsche Taycan Turbo, which retails for more than $150,000.

In a social media post celebrating the acquisition of the house, Adam Spencer wrote, “Started from the Bottom…now we here…Life is what you make of it.”

Elev8 Advisors and companies tied to the Spencers and their children also received more than $100,000 in PPP loans in addition to the fees they were paid for their work vetting loans for Blueacorn. All the PPP loans they received came through Blueacorn, with the principals of Blueacorn personally involved in submitting their paperwork. The House committee found inconsistencies in the information submitted as part of the applications, suggesting that they might have been fraudulent.

Elev8 posted a statement to its website disputing the findings of the House report and indicating that it would “quickly” provide a rebuttal of the report.

“elev8 and Adam and Kristen Spencer, unlike others, fully cooperated with the Subcommittee, providing over 800 pages of documents and answering every one of their approximately one-hundred questions and did so with no request for anonymity,” the statement said. “elev8 did not engage in any self-dealing and their own loans were completely appropriate and would pass muster in any objective review.”

The founders of Blueacorn, husband and wife Nathan Reis and Stephanie Hockridge, also obtained more than $300,000 in loans in their own names and on behalf of their businesses, the report found, with the majority of the loans coming from Blueacorn’s partner banks. Those loans, too, contained seemingly false information, including misidentifying Reis as African American and a veteran.

The fintech firm Womply obtained even more in PPP loans, receiving upward of $5 million in 2020 and 2021 from the partner bank it did the most business with. It asked for the loans to be forgiven in 2021, despite Womply reportedly taking in more than $2 billion in revenue in 2021, largely due to fees it earned by approving PPP loans. The SBA ultimately determined that Womply was ineligible for the loans and required them to be repaid.

The report questioned whether Womply should have been allowed to participate in the program in the first place. The SBA can prohibit entities from participating in its lending program that have a history of unethical or illegal conduct and Womply’s CEO, Toby Scammell, had previously pleaded guilty to fraud in connection to an insider trading scheme and was barred from the securities industry. Scammell oversaw Womply’s fraud prevention operation.

Blueacorn, Womply and the SBA didn’t immediately respond to requests for comment.

Beyond lax fraud controls, the congressional report found that many of the fintech companies and some of the financial institutions they partnered with didn’t have the operational and technological resources to properly handle the volume of applications they processed.

One lender that partnered with Womply described Womply’s software as “put together with duct tape and gum.”

And as the Herald previously reported, Kabbage has struggled mightily to process forgiveness loans for thousands of PPP borrowers after the company was sold to American Express in 2020, which left the PPP portfolio behind in a poorly funded holding company.

Kabbage, now doing business as KServicing, provided a statement indicating that it had cooperated with the House committee, but criticizing the report’s characterization of the role fintechs played in administering PPP loans.

“Kabbage worked diligently with the Subcommittee to provide timely and transparent information as they engaged in this investigation. Unfortunately, the report does the American people a disservice by parsing bits of information out of context to reach a predetermined conclusion,” the statement said. “Looking back on the tumultuous time of the height of the COVID-19 pandemic, the fintech community played a vital role in helping bolster the US small business community and we are proud to have been part of that endeavor.”

The House provides a slightly more favorable view of one fintech company, Bluevine, which improved its fraud controls at the behest of its lending partner, Celtic Bank, after high initial levels of fraud.

Bluevine said in a statement that it was proud of the work it did in the PPP program and appreciated the report’s recognition of improvements it made to better prevent fraud.

“As the Subcommittee noted, all fintech companies are not the same, and Bluevine “adapted to the ongoing threats better” than some of the other fintech companies examined in the inquiry,” the statement said.

Jim Richards, a former top financial risk officer at Wells Fargo and Bank of America and principal of RegTech consulting, said that Bluevine shouldn’t be congratulated for doing what it should have done in the first place.

“You’ve got a firm that knows it’s supposed to have fraud controls in place, they didn’t do it, they get called out by the actual lender and then they get better at it,” he said.

He also said the traditional banks that many fintechs partnered with, such as Celtic Bank, Cross River Bank and Customers Bank, deserve more of the blame for the rampant PPP fraud facilitated by fintechs.

“These are heavily regulated entities that know what their responsibilities are and they punted their responsibilities to these entities that couldn’t possibly process this many loans and they knew they couldn’t,” he said.