[Senate Hearing 118-242]
[From the U.S. Government Publishing Office]


                                                          S. Hrg. 118-242

                      EXAMINING FEDERAL COVID-ERA
                  SPENDING AND PREVENTING FUTURE FRAUD

=======================================================================

                                HEARING

                               BEFORE THE

                            SUBCOMMITTEE ON
                EMERGING THREATS AND SPENDING OVERSIGHT

                                 OF THE

                              COMMITTEE ON
               HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
                          UNITED STATES SENATE

                    ONE HUNDRED EIGHTEENTH CONGRESS


                             FIRST SESSION

                               __________

                           NOVEMBER 14, 2023

                               __________

        Available via the World Wide Web: http://www.govinfo.gov

                       Printed for the use of the
        Committee on Homeland Security and Governmental Affairs
        
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]


                               __________

                   U.S. GOVERNMENT PUBLISHING OFFICE                    
54-421 PDF                  WASHINGTON : 2024                    
          
-----------------------------------------------------------------------------------     
 
        COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS

                   GARY C. PETERS, Michigan, Chairman
THOMAS R. CARPER, Delaware           RAND PAUL, Kentucky
MAGGIE HASSAN, New Hampshire         RON JOHNSON, Wisconsin
KYRSTEN SINEMA, Arizona              JAMES LANKFORD, Oklahoma
JACKY ROSEN, Nevada                  MITT ROMNEY, Utah
JON OSSOFF, Georgia                  RICK SCOTT, Florida
RICHARD BLUMENTHAL, Connecticut      JOSH HAWLEY, Missouri
LAPHONZA BUTLER, California          ROGER MARSHALL, Kansas

               David M. Weinberg, Majority Staff Director
           William E. Henderson III, Minority Staff Director
                     Laura W. Kilbride, Chief Clerk
                   Ashley A. Gonzalez, Hearing Clerk


        SUBCOMMITTEE ON EMERGING THREATS AND SPENDING OVERSIGHT

                 MAGGIE HASSAN, New Hampshire, Chairman
KYRSTEN SINEMA, Arizona              MITT ROMNEY, Utah
JACKY ROSEN, Nevada                  JAMES LANKFORD, Oklahoma
JON OSSOFF, Georgia                  RICK SCOTT, Florida

               Jason M. Yanussi, Majority Staff Director
                Allison Tinsey, Majority Senior Counsel
           Scott Maclean Richardson, Minority Staff Director
            John Poulson, Minority Professional Staff Member
                      Kate Kielceski, Chief Clerk
                           
                           
                           C O N T E N T S

                                 ------                                
Opening statements:
                                                                   Page
    Senator Hassan...............................................     1
    Senator Romney...............................................     2
    Senator Scott................................................    13
    Senator Ernst................................................    15
    Senator Ossoff...............................................    21
Prepared statements:
    Senator Hassan...............................................    29

                                WITNESS
                       TUESDAY, NOVEMBER 14, 2023

Hon. Michael E. Horowitz, Chair, Pandemic Response Accountability 
  Committee Inspector General, U.S. Department of Justice........     4
Hon. Hannibal ``Mike'' Ware, Inspector General, U.S. Small 
  Business Administration........................................     6
Hon. Brian D. Miller, Special Inspector General for Pandemic 
  Recovery U.S. Department of The Treasury.......................     7
Rebecca Shea, Director, Forensic Audits and Investigative Service 
  U.S. Government Accountability Office..........................     9

                     Alphabetical List of Witnesses

Horowitz, Hon. Michael E.:
    Testimony....................................................     4
    Prepared statement...........................................    31
Miller, Hon. Brian D.:
    Testimony....................................................     7
    Prepared statement...........................................    59
Shea, Rebecca:
    Testimony....................................................     9
    Prepared statement...........................................    67
Ware, Hon. Hannibal ``Mike'':
    Testimony....................................................     6
    Prepared statement...........................................    45

                                APPENDIX

Minority Report..................................................    94
Flush with COVID-19 aid, schools steer funding to sports exhibit.   112
Vaccine bonuses, aid to businesses and a golf course?............   113
Documents: CT City used COVID relief funds to hire a marching 
  band...........................................................   114
Biden Admin to Fund Crack Pipe Distribution to Advance Racial 
  Equity.........................................................   115
Follow-up to SIGPR Subcommittee Appearance.......................   116

 
    EXAMINING FEDERAL COVID-ERA SPENDING AND PREVENTING FUTURE FRAUD

                              ----------                              


                       TUESDAY, NOVEMBER 14 2023

                                     U.S. Senate,  
                       Subcommittee on Emerging Threats and
                                        Spending Oversight,
                    of the Committee on Homeland Security  
                                  and Governmental Affairs,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 2:46 p.m., in 
room SD-562, Dirksen Senate Office Building, Hon. Maggie 
Hassan, presiding.
    Present: Senators Hassan [presiding], Ossoff, Romney, and 
Scott.
    Also present: Senator Ernst.

             OPENING STATEMENT OF SENATOR HASSAN\1\

    Senator Hassan. Good afternoon. Our hearing today focuses 
on Federal spending in response to the Coronavirus Disease 2019 
(COVID-19) pandemic, efforts to conduct oversight of those 
funds, and opportunities to work together to prevent fraud in 
the future. I want to begin by thanking Ranking Member Romney 
for his work on these critical issues and for his proposal to 
hear from our distinguished panel of witnesses on how Congress 
and the Federal Government can strengthen efforts to prevent 
waste, fraud, and abuse of emergency spending.
---------------------------------------------------------------------------
    \1\ The prepared statement of Senator Hassan appears in the 
Appendix on page 29.
---------------------------------------------------------------------------
    In early 2020, few could have imagined the impact that the 
Coronavirus would have had on global health and our economy. It 
quickly became apparent, however, that Congress had an 
obligation to respond. In those early days, Congress came 
together to pass the bipartisan Coronavirus Aid, Relief, and 
Economic Security Act (CARES Act). This package included the 
first round of economic stimulus payments to individuals and 
families.
    It also established the Paycheck Protection Program (PPP) 
designed to provide loans to small businesses to ensure that 
they could stay afloat and continue to pay their employees. It 
expanded access to healthcare and life-saving personal 
protective equipment (PPE). As the world grappled with the 
fallout of the global pandemic, over the next 2 years, our 
country faced additional medical and economic challenges 
requiring additional emergency relief packages that we passed 
into law. The majority of those funds were provided in the 
forms of loans, grants, and direct financial assistance.
    These programs were overwhelmingly successful. Investing in 
our economy during the pandemic helped limit negative effects 
on our economy and prevent a recession. These programs also 
shored up supplies and resources for hospitals, expanded access 
to crucial medical care, and deployed COVID-19 vaccines to slow 
the disease's rapid spread and save lives. All of that allowed 
us to get back to work and to school.
    The Federal Government's response to the pandemic was 
obviously unprecedented though in its size and scope. Because 
of that, Congress also put in place mechanisms for strong 
oversight. Toward that end, Congress provided funding for the 
Government Accountability Office (GAO) and inspectors general 
(IG) across the government to oversee COVID-19 spending. 
Congress also established the Special Inspector General for 
Pandemic Recovery (SIGPR), as well as the Pandemic Response 
Accountability Committee (PRAC) to better coordinate oversight 
and promote transparency among COVID-19 relief programs.
    These oversight entities have uncovered hundreds of 
billions of dollars in scams, fraud, and improper payments 
involving pandemic relief programs, and are working with law 
enforcement officials to hold fraudsters accountable. The 
staggering amount of fraud that they have uncovered is 
outrageous and unacceptable. With what we know now, it's 
incumbent upon agencies and Congress to improve our stewardship 
of taxpayer dollars. We can and we must do better.
    Again, I thank our witnesses and all of their colleagues 
for their tireless work and for appearing today. I look forward 
to a robust bipartisan discussion on the Federal Government's 
response to COVID-19, and how we can work together to hold 
criminals accountable for stealing taxpayer dollars, and how we 
can prevent fraud in the future. With that, I will now 
recognize Ranking Member Romney for his opening remarks.

              OPENING STATEMENT OF SENATOR ROMNEY

    Senator Romney. Thank you, Chair Hassan. I am pleased to 
see a number of colleagues that I respect enormously who are 
here telling us how we can use our money better and, assure 
that it is being spent wisely. I hate taking you away from your 
work and having you have to sit here and speak with us, and yet 
this becomes part of our record. As part of that, I guess we 
each get a chance to speak, and I apologize for slowing you 
down by listening to me speak, but I also want to make this 
part of the record. Far be it for me to change the traditions 
of the U.S. Senate.
    We agreed that the CARES Act was critically important for 
the country at a critical time. I applaud the efforts that were 
carried out then as I do today, but it has become clear, 
particularly as a result of the work that you all have done, 
that the oversight of funds tied to the CARES Act and other 
COVID relief legislation was lacking.
    I looked just that better to understand how we can recover 
some of the things which have been fraudulently taken, but what 
we can do to prevent mistakes like this in the future. In April 
2020, a week after the passage of the CARES Act, Senator Tester 
and I wrote a letter to then President Trump, asking him to 
provide Congress with a detailed plan on how the government 
would execute the use of those funds and accountability 
measures that would be put in place to ensure that our dollars 
were spent efficiently and effectively. We also noted the vital 
role played by inspectors general in ensuring the public's 
trust in our government.
    Chief among those concerns was the level of fraud reported 
by the Small Business Administration (SBA). It concluded there 
was some $36 billion of waste, fraud, and abuse in the Pandemic 
Assistance loan programs. But General Ware and his team have 
estimated the true number closer to $200 billion. What the true 
number is, we won't know precisely, but it is an alarming 
figure in and of itself.
    I am also concerned about the pending expiration. The 
Treasury Department's Special Inspector General for Pandemic 
Recovery, currently scheduled to sunset at the end of March 
2025. Considering this timeline also coincides with the 
maturing of loans at the Treasury Department's Main Street 
Lending Program (MSLP). It would be wise to have these 
authorities expire at that time.
    The COVID pandemic was, of course, a unique crisis. It 
upended much in our country. But I believe we have much to 
learn for how we can do a better job in the future when there 
are tragedies of that nature. That is the purpose I believe of, 
at least for me in our hearing today. I look forward to hearing 
you with regards to your testimony from what you have learned, 
but also your advice on what you think we can do in the future 
to be better guardians of the people's money.
    I know that it is not your job to tell Congress how to do 
our job better. That is not why you are inspectors general, but 
nonetheless you have been around long enough to say, ``Why did 
these guys not do this? They should have done that instead.'' 
We want to learn from that, that experience. With that Madam 
Chair, I am happy to turn back to our testimony.
    Senator Hassan. Thank you Ranking Member Romney. It is the 
practice of the Homeland Security and Government Affairs 
Committee (HSGAC) to swear in witnesses. If you will all please 
stand and raise your right hand.
    Do you swear that the testimony you give before this 
Subcommittee will be the truth, the whole truth, and nothing 
but the truth, so help you, God?
    Mr. Horowitz. I do.
    Mr. Ware. I do.
    Mr. Miller. I do.
    Ms. Shea. I do.
    Thank you very much. Please be seated. We will now proceed 
to each witness. I will introduce you and then you will go for 
5 minutes of testimony in turn.
    We will start with our first witness, who is Michael 
Horowitz, who serves as Inspector General for the Department of 
Justice (DOJ) and the Chair of the Pandemic Response 
Accountability Committee. Mr. Horowitz was confirmed to be the 
Inspector General of DOJ in 2012 and was tapped to lead the 
PRAC in 2020.
    Prior to becoming an IG, he served a 6-year term as the 
Commissioner on the US Sentencing Commission, worked as an 
attorney in private practice, and spent several years as an 
Assistant United States Attorney (AUSA). Welcome Inspector 
General Horowitz, you are now recognized for your opening 
statement.

   TESTIMONY OF HON. MICHAEL E. HOROWITZ,\1\ CHAIR, PANDEMIC 
  RESPONSE ACCOUNTABILITY COMMITTEE, INSPECTOR GENERAL, U.S. 
                     DEPARTMENT OF JUSTICE

    Mr. Horowitz. Thank you, Chair Hassan, Ranking Member 
Romney, Members of the Subcommittee. Thank you for inviting me 
to testify at this very important hearing and for the 
Committee's continued support of the IG community and 
independent oversight.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Horowitz appears in the Appendix 
on page 31.
---------------------------------------------------------------------------
    The Pandemic Response Accountability Committee partners 
with IGs to oversee more than $5 trillion in Federal pandemic 
relief emergency spending. Over the past 3\1/2\ years, the PRAC 
and its partner IGs have, among other things, promoted 
transparency by developing a state-of-the-art website, 
pandemicoversight.gov, that allows the public to see how its 
money has been spent, and provides links to over 1000 audits 
and reviews by Federal IGs, the GAO, and our State and local 
oversight partners.
    We have also established close working relationships and 
shared information with our State and local oversight partners 
at a level not previously seen in Federal oversight efforts. We 
have also used advanced data analytics to improve program 
integrity, prevent and detect fraud, and hold accountable those 
who have defrauded public programs. The PRAC has issued two 
lessons learned reports to date, detailing how to improve 
program integrity and prevent fraud--I am looking forward to 
talking about those during today's hearing--and we have heard 
repeatedly from individuals in our work about the important 
role pandemic programs have played in helping individuals, 
businesses, and communities respond to the pandemic.
    However, we have also reported on the serious failures that 
occurred in implementing many of these programs, including at 
the outset of the pandemic, failing to use even the most basic 
fraud prevention controls. These failures resulted in hundreds 
of billions of dollars in taxpayer funds going to fraudsters, 
instead of the small businesses, unemployed, and other 
individuals and entities for whom that money was intended. It 
also resulted in historic levels of identity fraud, leaving 
scores of identity theft victims.
    How do we prevent fraud in the future? In addition to 
implementing basic program controls, agencies must collect and 
make public complete data on how money is being spent. There 
are far too many data gaps currently, which we will talk about 
I am sure today. Additionally, existing data sources and data 
analytics must be used to improve program integrity, and 
prevent fraud before funds are sent out.
    Unfortunately, when the pandemic hit in March, 2020 and the 
PRAC was created, we did not have a data analytics tool because 
in 2015 when the Recovery and Accountability Transparency Board 
sunset, the IG community's highly successful Analytics Pro 
Platform also sunset, despite controller General Gene Dodaro's 
plea to Congress and the administration at the time.
    Six years later in 2021, Congress had to appropriate $40 
million for the PRAC to build a new analytics center, the 
Pandemic Analytics Center of Excellence (PACE), and give us the 
funding, which it did, to operate it through our sunset in 
September, 2025. Congress also importantly provided us with 
special hiring authority that enabled us to attract remarkably 
talented data scientists, that was critical to our efforts. The 
PACE has been instrumental in advancing our efforts to improve 
program integrity.
    Earlier this year, we used the PACE to analyze over 33 
million PPP and Economic Injury Disaster Loan (EIDL) 
applications to identify questionable social security numbers 
(SSNs). We then had the Social Security Administration (SSA) 
tell us, pursuant to legal authorities Congress gave us in the 
CARES Act, whether the names, dates of birth, and social 
security numbers used in those PPP and EIDL applications match 
the information in the Social Security administration's 
database.
    As we publicly reported at the time, we determined that 
over 69,000 questionable SSNs had been used to obtain $5.4 
billion in PPP and EIDL funds, and that another 175,000 
questionable social security numbers had been used in 
applications that were ultimately not paid. We identified 
another $38 million in funds that were sent to applicants using 
social security numbers of deceased individuals, all of that 
through our effort to match data using the PACE.
    Had the PACE been available to us at the outset of the 
pandemic, we could have worked with SBA and the Small Business 
Administration's Office of Inspector General (SBAOIG) to flag 
these suspicious applications before the money went out. By the 
way, the $5.4 billion is over 300 times the annual cost for the 
operation of the PACE, which is $16 million. The PACE is also 
providing investigative support to more than 600 pandemic 
related investigations that are currently ongoing, with an 
estimated fraud loss of about $1.8 billion.
    The PACE's ability to prevent and detect improper payments 
and reduce the instance of fraud cannot be overstated. That is 
why it is critical for Congress to pass legislation, allowing 
IGs to use it to oversee all Federal spending and to make it 
permanent. The extension would not create a super IG that 
duplicates the audit, investigative, and oversight efforts of 
IGs. Rather, it would simply ensure that IGs continue to have 
access to this critical fraud prevention tool.
    Thank you for your time, for holding the hearing, and I 
look forward to answering your questions.
    Senator Hassan. Thank you very much. Our next witness is 
Mike Ware, who serves as the Inspector General of the Small 
Business Administration. During the COVID-19 pandemic, SBA 
played an important role in distributing emergency grants and 
loans to small businesses during the pandemic. The SBA Office 
of Inspector General led by Mr. Ware was tasked with ensuring 
that those funds were used to help small businesses continue to 
operate in the face of a historic economic downturn.
    The Senate confirmed Mr. Ware to be the Inspector General 
of SBA in 2018. In total, he has 30 years of experience in the 
Inspector General community, including as Deputy Assistant 
Inspector General for Management at the Department of the 
Interior (DOI), and before assuming his current role as deputy 
and later Acting Inspector General of SBA. Welcome Inspector 
General Ware. You are now recognized for your opening 
statement.

TESTIMONY OF HON. HANNIBAL ``MIKE'' WARE,\1\ INSPECTOR GENERAL, 
               U.S. SMALL BUSINESS ADMINISTRATION

    Mr. Ware. Thank you, Chair Hassan, Ranking Member Romney, 
Senator Ernst, and distinguished Members of the Subcommittee. 
Thank you for the privilege of testifying before you today and 
for your continued support of the Small Business 
Administration's Office of Inspector General.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Ware appears in the Appendix on 
page 45.
---------------------------------------------------------------------------
    I am proud of the dedication of the men and women of my 
office who work hard every day to detect, deter, and combat 
fraud in SBAs programs for the benefit of the American people, 
particularly their work in providing oversight of SBAs more 
than $1.2 trillion in pandemic assistance programs. Since 2020, 
SBAOIG has been leading the charge to uncover pandemic fraud 
and hold fraudsters accountable, providing an exponential 
return on investment.
    Our work has resulted in more than $13 billion in dollar 
accomplishments, including investigative recoveries, fines, and 
forfeitures, representing a nearly 200 full return on 
investment (ROI) to the taxpayer. Additionally, our work has 
resulted in another more than $8 billion in EIDL funds returned 
to SBA by financial institutions, $20 billion in EIDL funds 
returned by borrowers, and over $1 billion in United States 
Secret Service (USSS) bulk seizures.
    Our investigations involving SBAs pandemic programs have 
resulted in almost 1,200 indictments, 940 arrests and 630 
convictions as of October 31st of this year. We have issued 37 
pandemic related reports, with 95 recommended corrective 
actions to strengthen internal controls and promote integrity, 
efficiency, and effectiveness within SBAs programs.
    Our recommendations for corrective action to the agency 
have resulted in SBA tightening their internal control systems, 
and our work continues to focus on ensuring only eligible 
recipients received funds, facilitating the return of funds 
received by ineligible recipients, and bringing those who 
willfully exploited the programs to justice.
    We have leveraged data analytics to prioritize our 
investigative efforts in conjunction with our law enforcement 
partners. To date, hotline complaints have exceeded more than 
270,000 from which our office has identified more than 104,000 
actionable leads. This represents more than 100 years of 
investigative case work with our available resources.
    Now, this was possible through data analytics that 
leveraged machine learning as well as our partnership with the 
PRAC. The unprecedented level of fraud in SBAs pandemic 
programs led us to publish our fraud landscape report in June 
of this year. In our comprehensive review of potential fraud in 
SBAs pandemic assistance loan programs, we estimate that SBA 
disbursed more than $200 billion in potentially fraudulent 
COVID-19 EIDLs and PPP loans, representing approximately 17 
percent of disbursed funds.
    Specifically, more than 4 million loans totaling 136 
billion COVID-19 EIDLs, and $64 billion in PPP funds. Now, the 
growth of SBAs programs coupled with an estimated 200 billion 
in potential pandemic related fraud, has significantly expanded 
SBAOIG's oversight responsibilities. Our oversight capacity is 
very much dependent upon the availability of sufficient 
budgetary resources.
    Support of the President's proposed Fiscal Year (FY) 2024 
budget of 63.3 million is vital, since it would allow our 
office to maintain its current staffing levels, while also 
allowing for much needed increase in our investigative 
resources. Absent the proposed budget for fiscal year 2024, we 
will be unable to capitalize on the laws that extended the 
statute of limitations for fraud in the PPP and EIDL programs 
to 10 years, as well as provide effective oversight of SBAs 
flagship programs that present significant management and 
performance challenges.
    Quite simply, more resources to my office means more 
investigative capacity and more wrongdoers brought to justice. 
We have the authority, the proven track record, the expertise, 
and an engaged workforce that is singularly focused on this 
mission. We will continue leading the fight against fraud along 
with our law enforcement partners. We will leverage data 
analytics, agile methodology, and our expertise in SBAs 
programs, to course correct and bring those who abused the 
programs to justice.
    Rest assured, with these additional resources, taxpayers 
will continue to receive significant return on investment as 
well as benefit from a more efficient and effective SBA. Thank 
you for the opportunity to speak to you today. I am happy to 
answer any questions you may have of me.
    Senator Hassan. Thank you very much, Mr. Ware. Our next 
witness is Brian Miller, who serves as the Special Inspector 
General for Pandemic Recovery. Before being confirmed to be the 
Inspector General in 2020, Mr. Miller held positions as 
Inspector General of the General Services Administration (GSA), 
Senior Associate White House Counsel, and as an Assistant 
United States Attorney. Welcome Inspector General Miller. You 
are now recognized for your opening statement.

TESTIMONY OF HON. BRIAN D. MILLER,\1\ SPECIAL INSPECTOR GENERAL 
     FOR PANDEMIC RECOVERY, U.S. DEPARTMENT OF THE TREASURY

    Mr. Miller. Good afternoon Chair Hassan, Ranking Member 
Romney, and Members of the Subcommittee, I am Brian Miller, 
Special Inspector General for Pandemic Recovery. Thank you for 
the opportunity to appear here today. We appreciate it. We 
appreciate your support for our office.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Miller appears in the Appendix on 
page 59.
---------------------------------------------------------------------------
    As I explained in my submitted written testimony, it is 
essential for Congress to promptly extend SIGPR beyond the 
current sunset date of March, 2025. SIGPR is investigating 
cases nationwide with potential fraud totaling over $565 
million. So far, SIGPR has opened a total of 64 complex fraud 
investigations, with 130 potential defendants. SIGPR's 
investigations have resulted in multiple arrests, indictments, 
guilty pleas, in addition to millions in court ordered 
restitution, forfeiture, seizure orders, and a large civil 
settlement.
    We have made 22 recommendations for suspension and 
debarment to the Treasury debarring official. In addition, 
approximately $21 million in multiple Main Street Loan Program 
funds have been returned and repaid by borrowers because we 
contacted them notifying them that we were looking into their 
loan and they immediately repaid.
    What is particularly notable about SIGPR is that we have 
developed these cases by our own initiative. It is our own 
proactive work in developing these cases. 89 percent of our 
investigations were started by our office. SIGPR has also 
completed several audits related to Treasury's direct loans to 
air carriers and businesses critical to national security, and 
is in the process of auditing the Main Street Lending Program 
and the effects the program's loan losses are having on 
Treasury's investment in the program.
    Borrowers who received direct loans or Main Street Lending 
Program loans, were not required to make payments whatsoever in 
the beginning. That is, no principal, no interest, for the 
first year of the loan. Even before principal became due in 
year three, SIGPR observed an alarming rate of defaults by 
borrowers who failed to make interest payments. Interest 
payments became due in year two. Even the interest payments 
people were defaulting on.
    As a result, SIGPR is concerned that the default rate will 
grow exponentially in years three through five of the MSLP 
program, as repayment of principle becomes due. The MSLP 
program loss figure reported by the Federal Reserve has 
steadily increased and even this morning, they reported $310 
million in loan losses. We believe that this trend of 
increasing defaults will not only continue, but is likely to 
accelerate as MSLP loans reach their 5-year maturity date when 
borrowers must repay 70 percent of the loan principal. These 
balloon payments will undoubtedly lead to significant numbers 
of borrower defaults, just as my office sunsets.
    Not all the defaults will necessarily indicate fraud, but a 
default is a red flag that merits further investigation. SIGPRs 
recent review of information about MSLP loans that are either 
in default or considered impaired resulted in the opening of 
criminal investigations. Thus, in mid-2025, we are going to 
enter a period in which an even larger number of frauds may be 
revealed. But by the terms of our authorizing statute, SIGPR is 
scheduled a sunset in March, 2025. At the time when SIGPR is 
needed most. We will not be able to undertake the thorough and 
effective investigations that will be warranted at that time.
    For this reason, I ask Congress to move quickly to 
authorize extending SIGPRs operations to September 30, 2030. 
SIGPR is the only agency that focuses specifically on potential 
fraud that has been committed by Treasury's direct loan 
programs and the Main Street Lending Program, and it should be 
permitted to continue doing that. For these reasons, I urge 
this Subcommittee and Congress in general to move quickly as 
possible to extend SIGPRs operations. I welcome any questions, 
and thank you for the opportunity to be here.
    Senator Hassan. Thank you very much. Last, testifying on 
behalf of the Government Accountability Office, is Rebecca 
Shea. Congress authorized GAO to conduct sweeping oversight and 
analysis of pandemic relief programs. To date, GAO has authored 
more than 200 reports on the pandemic, and made nearly 400 
recommendations to improve service delivery and prevent waste, 
fraud, and abuse of pandemic relief funds.
    Ms. Shea is a director of the GAO's forensic audits and 
investigative service team, which conducts audits to identify 
waste, fraud, abuse, and mismanagement of taxpayer dollars 
across numerous Federal programs, including those created to 
provide relief during the pandemic.
    Ms. Shea has more than 20 years of audit experience, and 
she and her team frequently employ advanced data analytics to 
help agencies predict and prevent fraud. Welcome, Ms. Shea. You 
are now recognized for your opening statement.

TESTIMONY OF MS. REBECCA SHEA DIRECTOR,\1\ FORENSIC AUDITS AND 
  INVESTIGATIVE SERVICE, U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Ms. Shea. Thank you, and good afternoon. Chairwoman Hassan, 
Member Romney, and Members of the Subcommittee, thank you for 
inviting me to discuss insights into fraud prevention, based on 
cases of COVID-19 fraud and the recommendations and resources 
GAO has developed to address fraud and payment integrity risks.
---------------------------------------------------------------------------
    \1\ The prepared statement of Ms. Shea appears in the Appendix on 
page 67.
---------------------------------------------------------------------------
    Congress and the Administration have provided trillions in 
COVID-19 relief funds to help the Nation respond to and recover 
from the pandemic. Many of these funds went to the right 
recipients in the right amounts, providing needed assistance to 
unemployed workers, small businesses, and many others. These 
programs were critical for assuring public health and economic 
stability.
    Along with the good these programs offered, comes the fact 
that fraud is inevitable where there is opportunity for gain, 
and with the trillions of dollars in program benefits, along 
with certain risk factors present in many of these relief 
programs, there is an unprecedented opportunity for fraudsters 
to gain.
    For example, many of the COVID-19 relief programs had known 
risk factors for fraud, such as those that were new, expanded, 
or significantly changed, that made a large volume of payments 
and quick disbursements that involve payment or eligibility 
decisions made outside of the agency, such as by grantees or 
States; or lacked information or data systems to confirm 
eligibility, along with a reliance on self-certification.
    Although we will never know the full extent of fraud 
associated with these programs, estimates for the two largest, 
SBA and Department of Labor (DOL) programs, indicate hundreds 
of billions lost to fraud. Given its inevitability, finding 
fraud when it does occur, is a good thing, and preventing it 
from occurring in the first place is the goal, to avoid costly 
pay and chase.
    Looking at fraud schemes from pandemic programs to identify 
where things went wrong, can provide insights into better 
controls, analytic readiness, and policy design choices for 
normal operations, as well as emergency situations. For 
example, misrepresentation is the hallmark of fraud, and many 
cases saw falsified eligibility and identity information.
    This is the basis for two insights from GAO's written 
statement. Self-certification alone is not sufficient as a 
fraud control, and agencies should assume identity information 
is compromised and apply upfront verification controls.
    Data analytics are a key way agencies can move beyond 
insufficient controls like self-certification, but the cases 
reflect challenges in doing so. This is the basis for another 
two insights, that agencies need to address interoperability 
issues to support data analytics, and use free resources for 
fraud prevention and detection like Treasury's Do Not Pay 
system for flagging ineligible recipients, as well as data 
available across their own programs.
    All of the cases and challenges associated with preventing 
COVID-19 fraud--reinforce the importance of strategic fraud 
risk management, the basis for two other insights. These 
include agencies consider emerging and complex fraud schemes 
affecting similar programs when developing their fraud risk 
assessments, and ensuring payment integrity checks and fraud 
controls are part of program design, with an emphasis on 
assuring data access and use.
    Congress and agencies can learn from and act on these 
insights as well as from the numerous recommendations and 
resources GAO has provided for fraud risk management. For 
example, GAO has suggested actions Congress can take, including 
increasing oversight by reinstating requirements for agencies 
to report on their progress with fraud prevention, making 
permanent a data analytics function in the oversight community, 
and making permanent Treasury's access to Social Security's 
full death data to help prevent payments to deceased 
individuals.
    Requirements have been in place for many years for agencies 
to manage fraud risk and the importance of prevention is the 
cornerstone of GAO's Fraud Risk Framework that we issued in 
2015. Using that framework as a guide, we have made 173 
recommendations to over 40 program offices for improving fraud 
prevention and detection. 95 of those remain open. Implementing 
these recommendations would help ensure programs safeguard 
taxpayer dollars.
    In addition, GAO has developed resources like our web-based 
Antifraud Resource, and the recent Framework for Managing 
Improper Payments, in Emergency Assistance Programs which 
provide a roadmap for fraud prevention and payment integrity. 
We have also started examining the challenges agencies face in 
strategically managing fraud risk, and possible incentives to 
do this better. We will be exploring this in greater depth in 
the coming year.
    With insights from past fraud schemes, taking actions GAO 
has recommended to agencies and Congress leveraging available 
resources to prevent fraud, and by considering possible 
incentives for fraud prevention, the Federal Government as a 
whole will be better able and positioned to prevent fraud in 
any environment. I thank you for this opportunity and I look 
forward to answering your questions.
    Senator Hassan. Thank you very much, Ms. Shea. We are now 
going to start with a round of questions for each senator. I am 
going to begin and then we will alternate off and some other 
senators may be in and welcome Senator Ernst, who is not 
generally a Member of this Subcommittee, but who asked to 
participate and we are very glad to have her here.
    I am going to start with a question to Inspector General 
Ware. As I mentioned in my opening statement, Congress moved 
quickly in the early days of the pandemic to provide critical 
relief for healthcare facilities, businesses, schools, and 
families. However, while Congress intentionally strengthened 
oversight over COVID spending, criminal fraudsters, were able 
to take advantage of COVID relief programs and steal billions 
of taxpayer dollars.
    With the benefit of hindsight, what could Congress do 
differently in the future to strengthen oversight and 
accountability with regard to emergency spending, even when we 
need to act quickly?
    Mr. Ware. Thank you. It is interesting in that with the 
benefit of hindsight, often everybody at this table says that 
we are in the hindsight business. But I tried from the very 
beginning to get way out of the hindsight business. I am going 
to get there, but to put what we thought should be done at the 
onset of the programs, which we did with the first two lesson 
learned reports that went out before the first loan went out, 
and we kind of detailed at that point what we thought should be 
done on the onset.
    It is the same thing that IG Horowitz and myself and many 
others in the community have been discussing. It is one of the 
things I know that he probably will speak about is leaving a 
legacy document that defines just that. Many of us are already 
working on that very document at this moment.
    But relative to hindsight, I believe one of the things that 
has to be a critical part of our thought process, is internal 
controls as a primary ingredient when baking, if you will, the 
Bills and the Acts. In this case, the controls that would have 
normally been in place, let us say for the flagship programs--
and I know this was not designed to be that, right--were gutted 
and removed from the onset.
    Many of the control mechanisms that would have been in 
place to catch things on the onset simply were not there. That 
is why about, 14, 30 days later, I was sounding the alarm 
saying, we have a problem. We have to improve the control 
environment. But that is one of the primary things. One other 
is also ensuring that we have the ability to share data across 
government agencies. I understand the Privacy Act concerns, I 
get that. But it could be for key reasons at key times. In my 
opinion, I feel that this would have been a key time. It would 
have allowed us to set up controls in the beginning, and not 
end up in the pay and chase model that we are in currently. It 
would allow us to more quickly catch wrong doers as well, if we 
were able to share that information.
    Senator Hassan. I appreciate that. Then of course, one of 
the key issues here is making sure that as we exercise internal 
controls, we have the resources to do it quickly and 
effectively in this kind of setting.
    Ms. Shea, a question for you. As Inspectors General and GAO 
have pursued their important oversight work, they have made 
hundreds of recommendations to Federal agencies and to Congress 
to improve program operations and avoid additional fraud. 
Earlier this year, GAO issued a report that included several 
recommendations to Congress for preventing improper payments 
and other forms of waste, fraud, and abuse of taxpayer dollars, 
specifically by mandating stricter anti-fraud controls within 
agencies.
    How would congressional action on these recommendations 
help improve program delivery and prevent fraud in future 
emergency spending efforts?
    Ms. Shea. Yes. Thank you. So the Comptroller General in our 
previous testimony talked about 10 matters for Congress. I will 
mention two here that could help address these payment 
integrity issues. The first is partly what IG Ware was talking 
about the preparedness issue. One of the matters that we have 
recommended is helping agencies get better prepared by Congress 
reinstating reporting requirements for agencies in their annual 
financial reports to report on their progress with fraud risk 
management.
    That requirement sunset in 2020, right as we were entering 
the pandemic, and agencies had not made significant progress on 
that. Had they been better prepared, had they established 
dedicated entities for fraud risk management, had they assessed 
their fraud risk, had they identified data sets and got them in 
place and addressed some of those interoperability issues prior 
to the emergency situation, they would have been better able to 
pivot when they had to plus up those programs.
    Reinstating that reporting requirement, we think would help 
with that. That provides needed transparency for oversight for 
the IG and the GAO community, but also for Congress. I also 
think that having that reporting requirement each year they 
have to report it, kind of, nudges the behavior that you are 
looking for. That would be one significant thing.
    Another thing that we have recommended Congress do, is to 
continue the oversight and analytic capability of the PACE. As 
Chair Horowitz mentioned earlier, that capability existed in 
our experiences with the Recovery Act. When we had that 
capability, there were data Memorandum of Understanding (MOUs), 
there were expertise in place, and all of that sunset right 
before the pandemic and all of that expertise was lost. This 
expertise exists now. They were able to accomplish 95 MOUs, 
data sharing MOUs, all of that would be lost.
    There's a significant upfront investment that was made in 
the PACE. We think it is cost effective to continue that. The 
capability exists there, with Council of the Inspectors General 
on Integrity and Efficiency (CIGIE) to be able to carry forward 
those MOUs and those data analytic capabilities.
    Senator Hassan. Thank you. I think one of the concerns 
people express is that sometimes the concern is implementing 
stricter controls prevent or slow down relief from reaching 
those in need. Can you explain why that may not be the case?
    Ms. Shea. Yes. I won't say it isn't the case. There is 
always a friction there when you think about eligibility and 
identity verification versus getting things out quickly. But I 
think the important thing to think about is: there is a 
distinction between getting any payment out the door and 
getting reasonably accurate payments out the door. You do want 
a little bit of friction there.
    I think also it is important to think about how because of 
the scope and scale of identity theft, there were a large 
number of people who legitimately deserved unemployment and 
other benefits. When they went to try and claim those benefits, 
the benefits had already been claimed by fraudsters. When you 
think about that friction, it is actually in the benefit of the 
taxpayers to have a little bit of friction there so that they 
can make sure that they access their needed benefits, that they 
are rightly deserved.
    Senator Hassan. I will follow up a little bit more, but 
there is obviously technology that can help us do some of those 
fraud prevention measures very quickly in this day and age. 
Senator Romney.
    Senator Romney. Thank you. I am going to yield my time to 
Senator Scott.

               OPENING STATEMENT OF SENATOR SCOTT

    Senator Scott. Thank you, Senator Romney. First of all, I 
want to thank you for what you do. I have been up here 5 years, 
and I think the Inspector Generals, the Independent Inspector 
Generals, the GAO, the control and currency, they actually give 
us pretty good information to be able to do our oversight job. 
I want to thank you for that.
    In my State, people are sort of sick and tired of the 
Federal Government. There is not a lot of trust left in the 
Federal Government. It was not before, but with the pandemic, 
they just see this unbelievable waste. I have talked to people 
that say, ``We got money when we are not supposed to get, and 
they told us, 'Eh, just keep it.'''
    This stuff's crazy. From the day we looked at the CARES 
Act, I opposed the State and local bailouts because I did not 
believe the revenues were going to go down that much. I had 
been a Governor, and I knew where my tax base was going to be, 
and it was not going away. But it happened. I think the State 
and local bailouts total about $500 billion. $500 billion. I 
think the total revenue under the State budgets, the collection 
by the States is about a trillion dollars.
    That is a lot of darn money. But here is some of the 
headlines. ``Biden administration to fund crack pipe 
distribution to advance ``racial equity''. Out of State and 
local bailout money. That is one. ``Vaccine bonuses aid to 
businesses and a golf course.'' I thought the money was 
supposed to go over COVID and to save people's lives. ``Cities 
and States put $350 billion stimulus windfall to widely varied 
use.'' ``Flash with COVID-19 aid schools steer funding to 
sports.'' That's interesting. ``Connecticut City used COVID 
relief funds to hire a marching band.'' Probably we all like 
marching bands but does not seem smart.
    I have a list. I have a mile long of different things. 
Examples, luxury hotels, golf courses, boathouse construction, 
aquarium maintenance, basketball hall of fame, art festivals, 
municipal anniversary celebrations, weeded eaters, weed eaters, 
auto repairs, horse feed, sea urchin hatcheries, walkways at 
zoos, fire hydrants and trash cans and swag bags. State and 
local bailout for to save people's lives.
    Now, here I try to think about how my voters think about 
this. I think we have been in a rush, we went to a fast food 
place, and we ordered a meal through the darn line. We rushed 
out, we got our food, and we got on the highway, and we found 
out those darn French fries were not there. Sort of way I think 
a lot of people think of the Federal Government now.
    They say, ``I am willing to pay my taxes, but I am not 
getting what I paid for.'' Then I also thought about we have 
all bought houses, right? Remember how we always hire those 
darn inspectors that cost us money? We think we are going to 
know what we got. Then afterwards we find that the pool does 
not work. It was, ``Oh, they did not check that.'' Oh gosh, 
there is a leak in the roof.
    You guys bust your butts. You do. I like all your reports 
and everything. So put yourself in my position. I got the 
people in my State saying, why do we spend the money like this? 
You guys are trying to do your job. Why does this not work? 
First off, have you guys had the experience with the fast food 
place? Probably have, right? Houses? We all have.
    I just talked to a friend of mine that said she had no 
idea, they did not even check her pool, and she just bought a 
house. But what would your response be to people in Florida? 
Any of you. Because this fraud is just rampant.
    Mr. Horowitz. Yes. Look, I think this is something we have 
seen over and over again. Particularly, the problem here was, 
as the legislation was put forward and the agencies implemented 
it, the legislation did not require, for example, certain 
checks and controls. The legislation could have been tightened 
up to do that. Then the agency's view was going back to the 
chair's question all about speed. It was, we just need to get 
the money out. The country is shut down. This is particularly 
in March and April of 2020. We just need to get the money out. 
You IGs, you law enforcement folks, go figure it out later 
where the fraudsters are, we are just going to get the money 
out.
    That resulted in tens, hundreds of billions of dollars in 
fraud. Two overlaying concepts I will say is, I think Congress 
as it legislates, needs to think about with a program like the 
Coronavirus Relief Fund (CRF), the first $150 billion, which 
was in the CARES Act for State and local entities, and then the 
State and local fiscal recovery fund, which was the $350 
billion in the ARP bill, both of those had very little 
parameters as to what they could be used for. They were 
lawfully used for certain things that people would ask the 
questions, ``Those do not seem tied into the pandemic?''
    Congress can legislate better, and agencies certainly can 
do a much better job. We have written all of us here, hundreds 
of recommendations, probably thousands at this point, of 
recommendations, on how the Executive Branch and agencies can 
do a better job in implementing these programs. I have talked 
about this over and over again, the problem with sending this 
money out, is the hundreds of billions of dollars that did not 
go to the small businesses, that did not go to the unemployed 
from the unemployment insurance (UI) programs, that did not go 
to various folks that State and locals perhaps we think should 
have funded. They did not get the money.
    This was not an unlimited sum of money. It was a large sum 
of money, but it was not unlimited. Every dollar that went 
somewhere else did not go to the people who really needed it or 
the businesses that really needed it.
    Senator Scott. Did you guys even have the power to, to look 
at the State and local bailout money?
    Mr. Horowitz. Yes, we did.
    Senator Scott. You did?
    Mr. Horowitz. We have. We have worked with the Treasury 
Inspector General. They have created, for example, with our 
analytics platform, a risk scoring model taking 27 variables 
and helping them have that information, so they could assess 
the risk in both the CRF and the State and Local Fiscal 
Recovery Funds (SLFRF) program, the two State and local 
programs.
    They have identified in the latest numbers, 2.24 billion in 
question costs from their work and relying in part on our data.
    Senator Scott. Ms. Shea, go ahead.
    Ms. Shea. Thank you. We know that requirements for 
strategic fraud risk management have been in place since 2016 
for the agencies. We also know that the lag in implementing 
those requirements in normal operations led to some of the 
large gaps in what we saw in the pandemic. We wanted to get 
behind that, right? What is going on? Why are the these lags 
continuing?
    In a recent survey that we did of the 24 Chief Financial 
Officers Act (CFO) ACT Agencies, we asked them about the 
challenges and what might incentivize them to take these 
actions that we want. Behavioral economics we think is the way 
to go. Try to figure out what is going on. What is preventing 
them, what are the barriers, and what can nudge them in the 
direction that we want.
    Now, the challenges are not going to be super surprising. 
It has access to data, and resources, and analytic 
capabilities, and tools and techniques. Which we think that a 
centralized government entity like Treasury's Office of Payment 
Integrity can address some of those issues.
    On the incentive side, there are a number of things that 
the CFO ACT Agencies mentioned. Like, congressionally directed 
funding for payment integrity, ability to demonstrate return on 
investment from fraud risk management activities, a couple of 
other things. One of the things that we are going to be doing 
in the new year in GAO is delving into some of these incentives 
and these barriers to taking a strategic approach to fraud risk 
management.
    Senator Hassan. Thank you. Senator Ernst, I will yield to 
you.

               OPENING STATEMENT OF SENATOR ERNST

    Senator Ernst. Thank you very much, Madam Chair. Thanks to 
all of our witnesses for being here today as well. I do not 
typically sit on this Subcommittee, so I do want to thank Chair 
Hassan and Ranking Member Romney for allowing me to join you 
today.
    To our witnesses, thank you all very much for your efforts 
to hold these Federal agencies accountable, including the Small 
Business Administration, and to protect our American taxpayers. 
All the work you do really does deserve recognition. Thank you.
    As a Ranking Member of the Senate Committee on Small 
Business and Entrepreneurship, it is one of my top priorities 
to ensure that the Federal Government is addressing the more 
than $200 billion in SBA COVID-19 relief that was fraudulently 
paid to scammers. However, the Biden SBA has discounted the 
full extent of fraud, and instead tried to cast doubt on the 
legitimacy of fraud estimates made by expert investigators.
    This new status quo at SBA is unacceptable. This flagrant 
fraud within government programs, especially when it goes 
unpunished, hurts taxpayers and harms small businesses the 
most. Today I ask for unanimous consent (UC) to include in the 
record my Small Business and Entrepreneurship Committee report 
titled Small Business COVID-19 Fraud: Three Years Later, State 
of Play.\1\
---------------------------------------------------------------------------
    \1\ The report refernced by Senator Ernst appears in the Appendix 
on page 94.
---------------------------------------------------------------------------
    Senator Hassan. Without objection.
    Senator Ernst. Thank you, Madam Chair. The report details 
SBAs refusal at every turn to fully go after fraud and recover 
taxpayer dollars. I recommend Congress acts immediately to 
increase investigators' capacity to recover taxpayer funds 
quickly, ensure loans are paid back, and strengthen Federal 
Government controls when dispersing funding in the future.
    I would like to move into my questions, and I am going to 
start with Mr. Ware. Thank you so much. I appreciate your work. 
Your tireless efforts to hold the SBA accountable are 
commendable. Biden's SBA is in violation of Federal law by 
prematurely ending active collection activities on more than 
$63 billion delinquent, EIDL and PPP loans with balances of up 
to $100,000.
    Federal law prohibits agencies from ending collections on 
fraudulent false or misrepresented claims. When your office 
recommended for the SBA to not end active collections on 
fraudulent, false, or misrepresentative claims, the SBA did not 
fully agree. How many instances of fraudulent, false, or 
misrepresented loans are you aware of that the SBA has ended 
collections on?
    Mr. Ware. Thank you for the question. It is a significant 
amount. The exact amount I could get back to you with in terms 
of in details. We definitely have it, and we share your concern 
and they know that we share the concern relative to ending 
collections on those amounts.
    Senator Ernst. Thank you. Further, your office reported 
that SBA did not conduct sufficient analysis to support its 
decision to end the collections. My Strengthening Taxpayer 
Recoveries Act would follow your recommendations and require 
the SBA to simply refer loans over to the Treasury Department, 
so it can decide the kind of collections that are necessary for 
the loan. Can you tell us why it is so important that the SBA 
refer those delinquent loans over to Treasury?
    Mr. Ware. Yes. First off, they have a requirement to. That 
is the most important.
    Senator Ernst. Is it the law?
    Mr. Ware. It is the law, yes. But second, I think that it 
sets a poor precedent that--I promise I will not get too much 
on my soapbox on this--but it sets a bad precedent in that it 
tells folks that you do not always have to pay the government 
back. I think that that is central to some of the issues we saw 
with Senator Scott's concerns that he brought up.
    The type of controls that you would have in place for a 
regular loan, does not have to be in place for the government 
because it is the government. It is the same thing here. Less 
than a 100,000 you know, I might be willing to pay it back, but 
if I do not, what is the penalty?
    Senator Ernst. That is the truth of the matter, and that is 
why we are going after this. Again, I appreciate your work. I 
am going to move to Inspector General Miller. Thank you very 
much, sir. I am sure during this hearing, there has been an 
extensive discussion around the unfair DOJ opinion, which 
hampered your ability to fully investigate all CARES Act 
programs.
    As a Ranking Member of the Senate Small Business Committee, 
I would like to see SIGPR fully in the fight on small business 
fraud. We need to take your already existing skilled 
investigators with the SBA IG to tackle the more than $200 
billion worth of small business fraud. My bill would extend the 
SIGPR, and make clear we need as many folks across our 
government to help claw back funds.
    How would restoring the SIGPRs authorities contribute to 
recovery efforts for the unprecedented scale of fraud within 
the SBAs pandemic programs?
    Mr. Miller. I think we could contribute a lot. We stand 
ready, able, and willing to assist General Ware in the fight 
against fraud in those programs. We have a number of very 
experienced prosecutors. Senator Scott mentioned CRF. That was 
originally one of my initiatives when I became SIGPR, and I 
recruited very experienced prosecutors. For example, the chief 
of the fraud section at the U.S. Attorney's Office in the 
Eastern District of Virginia had been chief of the fraud 
section for a decade. He has 35 years' experience prosecuting 
fraud cases. He is now part of our office.
    I have a number of experienced Federal prosecutors on 
staff, because I think I am old fashioned enough. I am a former 
Federal prosecutor too. I am old fashioned enough to think the 
answer is criminal prosecution. That will deter others from 
taking advantage of these programs. We have had a lot of 
success with criminal prosecution and getting indictments.
    Even in the CRF, we had a number of open cases, some 
accepted at U.S. Attorneys' offices. We had one involving 
Stonecrest, Georgia. We had to pull out after the Department of 
Justice says, ``You don't have jurisdiction in that area.'' The 
Federal Bureau of Investigation (FBI) took over the case. The 
mayor of Stonecrest, Georgia pleaded guilty.
    I think we could contribute a lot in a lot of areas. But 
specifically, we are happy doing the Main Street Lending 
Program and the direct loans from Treasury, and I think we are 
doing a great job. I would be happy to--under the leadership of 
General Ware, I am subordinate to him--assisting with PPP 
cases. We do PPP cases through the PRAC task force, and General 
Horowitz has highlighted one of the cases we did recently down 
in Texas. I think it is the largest PPP case that the task 
force is doing. That is in his written testimony. We led that 
investigation as well.
    We are happy, we are able, and willing, and eager to jump 
in and do these cases. That is what excites the people in my 
office and me.
    Senator Ernst. I appreciate it. I appreciate the time as 
well to our Chair and our Ranking Member. Thank you very much 
for allowing me to join in and thanks to all of our witnesses 
for the great work that you do for our agencies. Thank you.
    Senator Hassan. Thank you, Senator Ernst. I will just note 
that one of the issues that this all raises is, how do we make 
sure SBA has the resources to both pursue collections and do 
the essential work to serve small businesses all around the 
country? I think that that is something that our appropriators 
are looking at so that the cost benefit analysis that SBA needs 
to do when it decides not to collect some cases, is not as 
pressing for them. I appreciate your line of questioning. 
Senator Romney.
    Senator Romney. Thank you. General Ware with his comment 
about repaying government loans and being honest with funds 
that one receives of the government reminded me of a movie. I 
do not think I would have ever imagined the circumstance I 
would be bringing up a movie named Nacho Libre. But in that 
humorous comedy there was an occasion when someone was stealing 
the chips that were going to be going to the orphanage. The 
main character, Jack Black said, ``These are the Lord's chips, 
so you cannot steal the Lord's chips.'' He said it with a most 
interesting accent, which I will not try and imitate.
    Senator Ernst. Did you actually watch that movie?
    Senator Romney. Of course, I watched that movie more than 
once. [Laughter.]
    Somehow, I understand the sense that taking money from a 
church is stealing from God, and the Book of Malachi talks 
about the punishments for that. But I also think stealing from 
the government falls not far behind, in that we are stealing 
the resources of people who have worked and have put aside what 
they have earned to help our government. For people to steal 
from that, either by not paying back a loan or by being 
dishonest in their use of the funds, is something I find quite 
extraordinary.
    We have a responsibility to try and minimize that. I am 
going to ask about who it is that is doing it? From your 
experience, is it small time individuals that like, ``Oh, look, 
I can make $25,000. I can make $50,000.'' Is it organized 
criminals that have a system for doing this? Is it foreign 
entities organized or disorganized? Who? I presume it is going 
to be different for different programs, different for SBA than 
it might have been for unemployment insurance and so forth.
    But based on your experience, who are the folks doing this 
today in these programs? It may be different than other 
government programs, but for those associated with the COVID 
relief programs, who is doing it? Mr. Horowitz.
    Mr. Horowitz. Yes, thank you, Senator. It is sort of all of 
the above. Yes, and the problem is, it was so easy for some of 
these programs that it was almost an invitation to come in. We 
have foreign entities. Nobody checked foreign Internet Protocol 
(IP) addresses to see if they were foreign IP addresses. We 
have state actors.
    Senator Romney. They did not even have to put a U.S. 
address and so forth now. They could even put in anything and 
we just said, ``Oh, OK. Here's the money.''
    Mr. Horowitz. Nobody checked. In fact, to the point of 
controls we are trying to look at SBA data to see the IP 
addresses. They did not keep the IP addresses because it was 
not required for them to maintain it. We do not even have a way 
of going back to try and figure that out. So that, just for 
example, a basic issue.
    Senator Romney. Mind numbing.
    What proportion would you think is foreign entities or is 
it just impossible to know at this stage?
    Mr. Ware. We issued a report on loans that went to foreign 
IP addresses. I cannot recall what the number was, but it was 
significant enough that I led a U.S. delegation earlier this 
year that went to Nigeria to discuss partnerships in getting 
some of our money back that went to bad actors over there.
    Senator Romney. I wondered why I had stopped receiving 
investment opportunities from Nigeria. [Laughter.]
    I think I know now.
    Mr. Horowitz. To give you a sense also of the opportunistic 
nature of this. For the UI program, we have identified a bunch 
of social security numbers that were used across various 
States. We have one number that was used in more than 40 States 
because the States did not speak to one another. That program 
is so decentralized.
    We see this in a large and a small scale. One of the 
concerns I think we all have, is we have trained people at some 
level to say, go try and defraud a Federal program because it 
is easy to do it, and that is a bad message.
    Senator Romney. Mr. Miller.
    Mr. Miller. Yes. We participate in the Department of 
Justice COVID-19 task force. In that capacity we look at a 
number of cases, and our staff member, a prosecutor of course, 
has told me in my notes, he says, we have seen volumes of 
overseas IP addresses identified and associated with unworthy 
individuals obtaining CARES Act funds.
    It is hard to quantify, but we are seeing money going to IP 
addresses overseas. In some of our other programs, Main Street 
Lending, for example, we have seen money going to South 
America, to the Middle East, and to China.
    Mr. Ware. I found the figure was 5 billion. 5 billion was 
what we reported that went to foreign IP addresses.
    Senator Romney. 5 billion?
    Mr. Ware. $5 billion.
    Senator Romney. That is extraordinary. Why is it, do you 
believe that people are so willing to defraud the government, 
to steal from the government? Are our penalties too small? 
Should we have far more punitive measures to go after people 
who, who steal from our government?
    Mr. Ware. Perhaps. I have two examples of this. One is, in 
one of the cases our agents was working, as they started to 
pull the text messages and the emails, they were saying, ``They 
are not checking anything,'' is what was routinely being said 
across the board. There was a second one that when questioned 
as to why would you do this? He said, ``I would do it again.'' 
He said, ``It was worth it. It was highly unlikely that I would 
be caught doing this.''
    Which brings me back to the beginning in talking about the 
importance of having a proper control and risk framework in 
place to mitigate this. There were folks that committed fraud 
probably, who would not normally commit fraud, and they were 
being told things. We see this in the record, like the 
government is just giving away money.
    Senator Romney. I want to underscore the outrage and 
frustration that you all feel, that I feel, and that the people 
in our country feel as this goes on. I just note that if 
something like this were attempted with a credit card, your 
visa, or if you are trying to do a charge account at a store of 
some kind, this could not happen or they wouldd be out of 
business. Yet it happens with our government all the time. I 
wonder why we are singularly ineffective in being able to 
control this to the extent that basically every corporation is 
able to control, or they would be out of business, or their 
Chief Executive Officer (CEO) would be out of a job.
    I want to conclude by saying, I concur that we need to 
continue the PACE program and to continue to get data and I 
also believe we need to get the Social Security data and other 
data. I recognize privacy concerns, but when we are losing 
through fraud, hundreds of billions of dollars--that is the 
number that I have heard from you today, hundreds of billions 
of dollars--we have to recognize that is money that could go to 
Americans in need, it could go to help Israel and their defense 
of their land, it could help the Ukrainians.
    The idea that we are using this money for fraud, is just 
simply outrageous. I also agree that we should extend the life 
of SIGPR, well beyond 3/25 because the timing is not 
propitious. Thank you, Madam Chair.
    Senator Hassan. Thank you, Ranking Member Romney. Before I 
move to Senator Ossoff, I was noticing that Mr. Horowitz seemed 
to want to say something in response, so I just wanted to give 
you the opportunity if----
    Mr. Horowitz. No, that's fine. I was going to echo what IG 
Ware said, which is, I am not sure the penalties are the 
problem, because we, for example, recently got a 25-year 
sentence on a fraudster and tried to get the news out about 
that. The problem are the opportunities that were presented, 
and having basic controls, like you said.
    When an individual tries to commit small dollar fraud and 
get stopped, they usually do not try again because they 
understand there is something there. That does not help, 
perhaps with organized crime that are more sophisticated. But 
we could have stopped a lot, I think, of the lower dollar 
frauds, the non-organized crime, which is probably most of what 
occurred, because they would not have had the attitude that IG 
Ware mentioned, of this is easy. The government is saying, come 
in, just take the money. We are not going to ask any questions.
    If you tell people that, sadly, as you said, even in the 
worst pandemic, even when their citizens need the money, they 
are willing to come in and take the money.
    Senator Romney. Yes. Americans are not stupid. If we are 
handing out free money, they will be willing to take some.
    Senator Hassan. Yes. We also have to invest in the capacity 
for those controls. Senator Ossoff.

              OPENING STATEMENT OF SENATOR OSSOFF

    Senator Ossoff. Thank you, Madam Chair, and I want to thank 
you and Senator Romney for working together so vigorously to 
protect taxpayer dollars, and for holding this hearing on these 
extraordinary abuses, a level of fraud, but I think is shocking 
to the whole Subcommittee.
    With the benefit of your attendance, Inspector General 
Horowitz, and given the extended conversations that you and I 
have had on a range of issues over the last few years, I am 
going to range a bit out of the direct focus of this hearing 
and into some of your other jurisdiction.
    I want to begin with a discussion of the Bureau of Prisons 
(BOP). As you all recall Mr. Horowitz, when I chaired the 
Permanent Subcommittee on Investigations (PSI) last Congress, 
led multiple bipartisan investigations of the Bureau of Prisons 
and issues related to incarceration. We found, for example, 
that at U.S. Penitentiary (USP) Atlanta that serious long-term 
security breaches that put the community and the whole 
southeast region at risk were left unaddressed.
    We found pretty extreme cases of abuse and neglect of 
incarcerated people, including pretrial detainees held at the 
jail there. We found detainees and inmates lacking access to 
clean drinking water, hygiene products, medical care. A whole 
range of serious problems that had gone on for a long time. I 
noticed that your office's recent work has found serious 
deficiencies at other facilities like Federal Correctional 
Institution (FCI) Tallahassee, an unannounced inspection that 
you led, which found moldy, rotten, pest infested food, serious 
maintenance issues, putting health and safety at risk.
    Senators Braun, Durbin, and I introduced the Bipartisan 
Federal Prison Oversight Act earlier this year, which provides 
for unannounced investigations by the Office of a DOJ Inspector 
General. Can you explain please, why those unannounced prison 
investigations are so important?
    Mr. Horowitz. Absolutely. Thank you, Senator for the 
question. By the way, I am going this Friday to visit USP 
Atlanta with the new BOP Director to get a tour of the reopened 
facility.
    Senator Ossoff. I appreciate that. In the future, you 
should also consider an unannounced inspection.
    Mr. Horowitz. That, now getting to the unannounced 
inspections. One of the things Congress did last year in 
funding us, and a critical part of the Appropriations Bill, was 
to give us additional money to do these unannounced 
inspections. It is the first time we have ever done them. What 
happens is we are showing up at a prison on a Monday morning at 
8 a.m., we are calling the warden and saying, ``We are coming 
at noon with our team, and we are going to spend the week there 
to inspect your prison.''
    We did the first one at the Federal prison in Waseca, 
Minnesota earlier this year. We selected Waseca because it was 
an all-women's institution. We have had, as you know from your 
leadership on the Subcommittee, serious issues with sexual 
assaults against women in prison. You and Senator Johnson 
issued a very important bipartisan report in that regard. We 
went to Waseca to see what was going on there, because it had 
scored as a low risk. It was our first one. We wanted to see 
what happened.
    We got there. We found holes in the roofs of the buildings, 
pipes running across beds that were leaking, and camera 
issues--which again, you have helped lead, I know on that 
effort to get the Camera Bill passed--and all sorts of problems 
in an institution that was relatively low risk about whom we 
had gotten fewer complaints. We let the BOP know about the 
crumbling facilities. For example, cascading problems, by the 
way, was staffing First Step Act.
    One of the things Congress passed was the First Step Act to 
give inmates a chance to rehabilitate, huge wait lists because 
the educators were being pulled off educating to do 
correctional officer duty, because they were short staffed. 
They were short-staffed in healthcare. They were short staffed 
in facilities management. All of the things we would not have 
appreciated until we got on the ground. That was our first 
report, and that's public on our website.
    Our second one was at a higher risk prison, FCI 
Tallahassee, we went to at the end of May, we issued a report 
last week. What we found there was--stunning is a nice word. We 
got there and on day two, we went to the kitchen to observe 
food service. As you mentioned, bread with mold on it, rotting 
vegetables, all being served to inmates.
    We went to the warehouse to look at the food. What appeared 
to be rodent droppings. We did not actually see the rodents. We 
saw bugs crawling in the boxes of cereal. We saw the damaged 
containers in the rotting containers. It was stunning to see 
that. It was not a humane place to be. We went to the living 
facilities. Again, leaking windows, again, a primarily a female 
institution. Feminine hygiene products were being used to stop 
the leaks into the facility. We published pictures. By the way, 
anybody who wants to see this, there are pictures of this, 
extraordinary pictures on our website.
    Senator Ossoff. I want to return to prisons in a moment, 
but I first want to raise another DOJ related issue with you. 
The Subcommittee I chair now received testimony from the 
National Center for Missing and Exploited Children (NCMEC), 
which found that from 2018 to 2022 in my home State of Georgia, 
there were nearly 1,800 reports to NCMEC of children missing 
from foster care. According to NCMEC's analysis, they believe 
that over 400 of those children were likely victims of sex 
trafficking.
    It is crucial that DOJ have the resources and 
infrastructure to work with NCMEC to track and locate missing 
foster children and to hold accountable those who traffick 
them. Can you and I sit down to discuss a plan of attack on 
that?
    Mr. Horowitz. Absolutely. NCMEC has done great work. As 
CIGI chair, they have done a lot of work with us and the 
community on helping with missing children.
    Senator Ossoff. I would note for the purposes of that work 
that we will do together, that DOJ's Office of Juvenile Justice 
and Delinquency Prevention (OJJDP), which administers Federal 
grants to States under the Juvenile Justice and Delinquency 
Prevention Act, there are conditions on those grants to receive 
full funding. State grantees have to comply with certain core 
requirements. Here is one of them.
    That children who commit what are known as status offenses, 
or offenses that would not be criminal if committed by adults, 
like running away from a foster care placement, cannot be 
placed in juvenile detention or correctional facilities. Is 
your office currently undertaking any work to oversee the 
implementation of that legislation or other issues related to 
foster kids?
    Mr. Horowitz. We are not doing anything currently, and I 
would be happy to sit down with you talk about that. We have 
done work in the past about the issue you mentioned about 
detention facilities and how OJJDP, which is the acronym for 
the entity in the Justice Department that manages those grants. 
We are handling that with States, and we have found some 
serious issues with that before. This is an important issue, 
and I would be happy to talk with you further about it.
    Senator Ossoff. I appreciate that. Thank you, Madam Chair 
for indulging some questions that strayed from the focus of 
your hearing. I appreciate it.
    Senator Hassan. Thank you, Senator Ossoff, and thank you 
for your focus on really important issues here and to Inspector 
General Horowitz, thank you for the continued work you and your 
team do in that area.
    I have one more round of questions, and then you know, if 
something else occurs to Senator Romney, he will have another 
go at it and then we will wrap up. But to Inspector General 
Horowitz, the Pandemic Response Accountability Committee was 
established in part to improve coordination within the 
oversight community.
    One of the key tools that the PRAC developed to aid this 
kind of coordination is something that you have been talking 
about the Pandemic Analytics Center of Excellence, which, as 
you noted, allows data from many different agencies to be 
analyzed side by side to help investigators spot patterns or 
anomalies indicative of fraud, that they might not see if they 
only had a narrow view of just one agency's program.
    Many in the oversight law enforcement community have called 
for the Congress to make this type of tool permanent. You have 
echoed that call today. How could the PACE or other data 
sharing improvements contribute to the future work of the 
oversight community and the ability to prosecute fraud?
    Mr. Horowitz. Thank you for the question. I think it is 
very important that we all talk about prevention. That is what 
I want to focus on as I think about analytics going forward. 
Because of the failures that occurred at the outset of the 
pandemic, we are all about chasing the money. This was this pay 
and chase model. The analytics were being used to try and catch 
the bad guys.
    Anybody who is in this area will tell you that once the 
money goes out to fraudsters, good luck finding it. Right? It 
is going overseas, it is going into crypto, it is going into 
other places. We are chasing it, and you have heard from IG 
Miller, IG Ware, the great work that's being done to collect, 
but we are talking hundreds of billions of dollars of fraud, 
and we are talking about billions, which is a big number, but 
still a very small percentage.
    It is very important because what has to happen is, we have 
to work with Executive Branch agencies, the Office of 
Management and Budget (OMB) Leadership, and Congress, to make 
sure agencies use an analytics platform to prevent fraud before 
it happens. This notion that we had two choices, which I have 
heard over and over again at the outset of the pandemic, either 
get the money out today, or wait weeks and weeks and weeks and 
weeks to verify.
    That was nonsense. There is always an alternative choice, 
as we have heard, it is a balance of risks. The work I 
mentioned, we sent 2.7 million Social Security numbers to 
Social Security Administration. In about 2 weeks, we got the 
information back from them. Is it a real number? Does the name, 
date of birth that they put on their application match what you 
have in the official records? Is the person living or dead?
    You do not need much more than that to right away figure 
out is this a problem? Right? If we had this upfront, which is 
the problem with it expiring in 2015, we had to build it anew. 
By the way, Congress spent millions--I was on the recovery 
board--to support that analytics platform. It went away. The 
taxpayers got essentially nothing for their money. Six years 
later, $40 million had to be invested to run this program for 4 
years or so.
    It would be, I think, an awful outcome if the taxpayers, 
again, in 2 years ended up with nothing to show for that, when 
it could save literally billions of dollars, and importantly, 
Congress should make it applicable across the board to all 
Federal spending. There is no reason it should only be limited 
to pandemic funding.
    Senator Hassan. Thank you for that. I want to follow up 
with Inspector General Ware a little bit on this issue of 
prevention. We have discussed today, technology can be a 
critical tool for identifying and preventing fraud. However, 
many agencies, including the SBA, struggled to roll out 
pandemic relief programs due to their aging technology 
infrastructure. How did existing challenges, such as legacy 
information technology (IT) impact the overall success of the 
pandemic relief programs or exacerbate fraud at critical 
agencies? Can you speak to how SBA overcame some of its legacy 
IT challenges?
    Mr. Ware. Sure. We have been reporting the IT challenge as 
one of the top management challenges facing SBA for a number of 
years. With that being said, they were running the seven A 
program, right, using the technology that they had existing and 
the relationships they had in place with the banks. I believe 
that is why they were selected to run PPP and EIDL because 
those things existed. They existed in a way that they were 
working. They had some work to be done, but they were working.
    The issue was, when you had 14 years' worth of lending 
running through the door in 14 days, then I think maybe anybody 
would have had issues with that. But relative to the IT 
platform, what they did to mitigate those issues was they 
contracted it out to a private contractor who had a lot of 
experience in moving large volumes of loans. That is what they 
did. Now still, we would have appreciated seeing the type of 
controlled infrastructure that I recommended before the first 
loan went out, but that was not done as speed was the only 
thing considered.
    Senator Hassan. Thank you. Ms. Shea, State and local 
governments were important partners in disbursing Federal aid 
during the pandemic. They were also overwhelmed by numerous 
attempts to defraud pandemic programs. However, States that 
successfully implemented tools such as identity verification 
technology as part of their application processes, were much 
more successful in identifying attempted fraud.
    For example, early implementation of identity verification 
technology in Arizona, is credited with preventing more than 
$75 billion in unemployment insurance fraud. What prevented 
more States from implementing similar measures? How can 
Congress encourage States to adopt identity verification 
technology or other anti-fraud tools?
    Ms. Shea. Yes. States had some of the same issues with 
legacy IT that IG Ware just mentioned for SBA and some of the 
other agencies. Early on, some of them had the legacy IT 
systems, so it did not enable them to address cybersecurity 
issues, identify fraudulent and stolen identities, to be able 
to connect with the Integrity Data Hub, which is the multi-
state Department of Labor funded program that enabled States to 
see and crosscheck against all of the other State data, whether 
or not people are applying for multiple States, and then also 
had an identity verification control in that.
    Early in the pandemic, only about three States were 
enrolled in that. But as we progressed, we identified some of 
these issues. By 2022, about 34 to 43 States were signed up 
with in the Data Integrity hub. One of the key things that I 
think is important there is, us continuing to focus on 
Department of Labor's progress, trying to get States signed up 
for that so they can leverage that capability of the multi-
state data.
    We have been reporting on that and checking their progress, 
and at this point, all of the States have agreement with 
Integrity Data Hub to use those services.
    Senator Hassan. Great. One of the things we can do as we 
think about this is try to provide incentives for States to 
participate in this kind of data sharing and verification, 
identify identity technology.
    Two more questions, one to Inspector General Horowitz, and 
then I will ask a wrap up question to the whole panel. Mr. 
Horowitz efforts to prevent fraud and recover stolen taxpayer 
dollars are made more difficult when these crimes are 
perpetrated by foreign criminal organizations, as we have 
talked a little bit about. For example, Federal investigations 
revealed that Chinese hackers stole millions of dollars in 
pandemic relief funds. What actions can the United States take 
to go after fraud perpetrated by foreign criminal 
organizations?
    Mr. Horowitz. I think there are a few things. The most 
obvious being look for foreign IP addresses when you are doing 
things online or as these were, look for masking of addresses 
using Virtual Private Networks (VPNs). Look for multi dipping. 
This is one of the challenges we have seen, and this is one of 
the reasons why the PACE has been so successful, because we 
have gotten the data from across agencies. We are able to look 
for that multi dipping in a way that frankly, agencies have not 
been able to, in part because of data sharing limitations.
    As mentioned, we have 90 plus agreements in place where we 
can do this. Those are a couple of the examples. But we are 
also part of the International Organized Crime International 
Operations Center at the PRAC. We have an analyst sitting 
there, and so we are working with those folks who understand 
what's happening globally. I think that is a critical part, and 
frankly, that is why agencies struggle sometimes in this space. 
That is why it is so critical that we are the ones as IGs who 
have these tools to be able to undertake these efforts.
    Senator Hassan. Excellent. Thank you. My wrap up question 
to all of you is to ask each of you to provide a lesson learned 
from the response to COVID-19 and how it can inform the Federal 
Government's response to future crises. If you feel like you 
have already said it, feel free to say that too. But why don't 
we start with Ms. Shea, and we will go right down the line 
there.
    Ms. Shea. Yes. I think this is a lesson relearned not 
necessarily learned, and that is when you try to attempt to 
recover funds lost through fraud and improper payments, you get 
pennies on the dollar. Prevention is absolutely critical. We 
need to ensure that agencies are taking the steps to assess 
their fraud risk, that they have figured out what their risk 
tolerance is going to be for normal operations and emergencies.
    Then if they are going to lower the tolerance, that they 
have a robust post-payment recovery plan in place, and that 
they have identified the data sources that they need, and they 
have those MOUs in place to be able to do those checks. All of 
those preventive activities need to be in place so that we are 
not chasing the funds after they go out the door.
    Senator Hassan. Thank you very much. Mr. Miller.
    Mr. Miller. We all agree that more controls and checks and 
anti-fraud provisions need to be in place to prevent fraud. But 
I also have some mundane recommendations. Our first 
recommendation was to Treasury, and that was to add audit 
rights to contracts. When you give out the money, when you make 
the loans, you put a clause in the contract that says the IG 
has the right to inspect your records. If you are going to take 
our money, we have the right to look at what you are doing with 
it. That is a simple non-glamorous recommendation.
    The other recommendation that I would make very quickly is 
that when Congress--and I am not a policymaker, so please 
forgive me.
    Senator Hassan. No, it is fine.
    Mr. Miller. But when Congress decides to give money out in 
the form of loans, I think that it needs to think about how to 
prepare the Federal agency to be a lender. The Department of 
the Treasury became a lender under the CARES Act. That is 
unusual. It is not a commercial lender, but it was making 
loans.
    It needed to build an infrastructure to help them know how 
to be a lender, how to be an effective lender. We deal with 
banks and lenders all the time. We deal with treasury. Banks 
and lenders approach things differently, they have due 
diligence. They will do due diligence on assets. You all know, 
you are business and professional people. But even in the 
meantime, when there is not a crisis, if you are thinking of 
using a Federal agency as a lender, it may make some sense to 
buildup an infrastructure and training in that agency so that 
when it does lend, it can actually make good decisions about 
lending, it has a program of review, it knows how to analyze 
assets and financial documents.
    I understand that they can hire contractors to do some of 
that, but I think the agency itself needs to do that. Even when 
you have contractors and even in the Main Street Lending 
Program, it is a complicated program. You have Treasury funding 
it, you have Federal Reserve partially managing it, and you 
have Federal Reserve banks involved in it, but you have 
commercial lenders actually lending the money.
    In the Main Street Lending Program, they will make a loan 
and they are on the hook. If the loan goes bad, they are on the 
hook for 5 percent. Right? Treasury pays 95 if it goes bad. Of 
course, you have to remember that commercial lenders, they also 
charge interest, they charge transaction fees, they have all 
sorts of fees to try and make up that 5 percent. I do not think 
going to outside organizations is always the answer. When you 
do, I think they have to have more skin in the game.
    Because you know, if they are making money off these loans, 
even when they default, they are not going to be that careful 
with it. That is one of my concerns. But we will come out with 
a lessons learned, and I do not want monopolize the time.
    Senator Hassan. I appreciate those lessons very much, and I 
look forward to the further expansion of that. Mr. Ware
    Mr. Ware. I will be real quick here, because I always 
wanted to say that I am going to punt to Mike Horowitz. 
[Laughter.]
    I have been waiting on saying that, so I am going to say it 
today. But timely data sharing agreements between agencies and 
the onset of programs like this, I feel should be baked in to 
getting them started up. Because like IG Horowitz mentioned, 
prevention is where we need to be on this from the outset.
    One other thing on that, I am on record on this. I am 
generally opposed to self-certification as a rule. I do not 
believe that that has served us well at all. Now I will punt. 
Mr. Horowitz.
    Senator Hassan. Mr. Horowitz.
    Mr. Horowitz. I will say ditto to what IG Ware just said. 
It is about prevention. We have to think about how to prevent 
the fraud on the front end. One of the things we have not had a 
chance to mention to my testimony is one of the things we 
started, which was brand new in 2021, was what have come to be 
called gold standard meetings at some level, which is, we got 
in the room before money went out the door, the PRAC, the IG, 
the agency, the OMB leadership, and the ARP implementation team 
leadership.
    The agency was required to present to all of us what its 
controls were, so that we could kick the tires and give our 
views, and this was on the understanding, we were not pre-clear 
anything as IGs. We were not giving up our independence. It was 
our ability to say, we have seen this play before and here are 
the problems, here are the challenges, here are the things you 
need to think about. It has been very valuable. I think we have 
done 30 or so of those over the last couple years. It went so 
well, OMB put out a memorandum 22-04, which puts that in 
writing as a best practice.
    For the infrastructure bill said agencies should follow 
that model as well. That's, again, a way to do the prevention 
upfront, not a perfect way, because the controls still have to 
get implemented, they have to move forward. But that has been a 
very valuable, I think, tool. It also has helped bring together 
in ways that sometimes did not exist, the IGs and the agencies 
and put them in the same room, which was, or at least in the 
same video screen, which was critical.
    Then the other thing I just want to mention is the 
importance of coordination with our State and local partners. 
We have, I think, done an extraordinary effort. It is something 
we thought about from day one, that with all that money going 
out the door and all that money going to local communities, 
some directly through the various funds that Senator Scott 
mentioned, some through other mechanisms, we had to partner 
with State auditors, with local auditors, with State IGs, with 
local IGs.
    We have done that. We have had dozens of listening post 
sessions with them. We have done fraud alerts for them, so they 
knew what to look for. We have partnered in a way that I think 
is critical, and we have to keep doing that. The Federal 
Government does not have the best reputation, as you all know, 
as former Governors of States in partnering with our State 
counterparts. I think that is very critical in this space.
    Senator Hassan. I appreciate that very much, and I 
appreciate not only the expertise that you all bring to today's 
hearing, but the expertise and leadership you all bring to your 
entire teams. Senator Romney said at the outset, he felt bad 
asking you guys to spend this much time when you have so much 
critical work to do. But I think we are both hopeful that with 
your input, this time will be valuable as we go forward and try 
to make sure that we are strengthening oversight and 
accountability and protecting taxpayer dollars.
    Thank you for being here, for the important work you do. I 
look forward to continuing to work with all of you and my 
colleagues to help prevent waste, fraud, and abuse of taxpayer 
dollars in relief programs.
    This hearing record will remain open for 15 days until 5 
p.m. on December 1st, for submissions of statements and 
questions for the record. The hearing is now adjourned. Thank 
you. [Whereupon, at 4:17 p.m., the hearing was adjourned.]

                            A P P E N D I X

                              ----------                              

[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

                                 [all]