This week’s Golden Horseshoe is awarded to the Small Business Administration for disbursing millions of taxpayer dollars in COVID-19 loans intended to keep American businesses afloat to foreign IP addresses in China, Russia and countries designated state sponsors of terror by the State Department, according to a newly released inspector general report.
Inspector General Hannibal “Mike” Ware found the SBA received millions of applications from foreign IP addresses for COVID-19 Economic Injury Disaster Loans (EIDL) and while it stopped most of them, tens of thousands of loans were disbursed.
The EIDLs were intended to provide relief to U.S. small businesses that suffered economic hardship as a result of the pandemic.
“Although the agency implemented several layers of controls to prevent or reduce fraud from foreign countries, individuals at foreign IP addresses were able to access the COVID-19 EIDL application system,” the OIG reported in a summary.
“The agency processed more than 233,000 of these applications from March 20, 2020 to November 12, 2021, our review period,” according to the report. “Of this amount, SBA approved and disbursed 41,638 COVID-19 EIDLs, advances, and grants for $1.3 billion.”
Foreign IP addresses in Iran, Syria and Cuba — which are designated state sponsors of terrorism by the State Department — received tens of thousands from the SBA. Iran received nearly $166K, Syria received $23,500, and Cuba got $276K.
Other foreign countries with IP addresses receiving COVID-19 relief loans included:
Pakistan: $47.2 million
Mexico: $157.8 million
China: $1.58 million
Afghanistan: $1.58 million
Russia: $4 million
United Arab Emirates: $10.6 million
India: $143.7 million
Canada: $183.3 million
Saudi Arabia: $2 million
“The numerous applications submitted from foreign IP addresses are an indication of potential fraud that may involve international criminal organizations,” the report explains. “OIG has ongoing investigations into international organized crime operations that applied for and stole pandemic relief funds. SBA officials were aware of and concerned about the potential fraud from overseas.
The SBA disbursed the billions in funds despite four layers of controls the agency and its contractor established. The applications from the foreign IP addresses were missed by the first two layers of controls, and “the third and fourth layers of controls were designed to flag any applications missed by the first two layers and ensure SBA loan officers reviewed them.”
“The $1.3 billion identified by the OIG that originated from applications submitted from a foreign IP address represents less than .04 percent of the more than $342 billion approved by SBA for COVID EIDL advances and loans,” Patrick Kelley, SBA associate administrator of the Office of Capital Access, wrote to Ware.
“It is important to remember that the COVID-19 Pandemic posed a national health and economic crisis of historic proportions equivalent to very few events in our country’s history,” wrote the administrator. “As a result, the initial focus of SBA’s COVID relief programs had to be on providing financial assistance as quickly as possible to respond to the crisis.”
Ware made two recommendations to the SBA. Partially concurring with one and agreeing with the other one, the agency indicated it would be examining its controls related to foreign IP addresses and “ensure these controls are more effective in future disaster processing systems.”