CARES Act – Recipients Must Identify, Understand, and Comply with Grant and Contract Requirements

In addition, like all federal monies, CARES Act money comes with "strings attached." Under the current crisis conditions, with remote workers and reduced staffing, it is also likely that recipients may not be as vigilant in their compliance efforts as they would be under "normal" circumstances. Under these conditions, mistakes and oversights are more likely.

This alert (1) highlights specific sections of the CARES Act which suggest that compliance remains of the utmost importance and (2) explains some of the difficulties associated with determining relevant compliance requirements.

Section 15010 of the CARES Act creates the Pandemic Response Accountability Committee to perform oversight of CARES Act funds in order to "(i) detect and prevent fraud, waste, abuse, and mismanagement; and (ii) identify major risks that cut across programs and agency boundaries." Membership of the Committee includes:

• the Inspectors General of the Departments of Defense, Education, Health and Human Services, Homeland Security, Justice, Labor, and the Treasury;
• the Inspector General of the Small Business Administration;
• the Treasury Inspector General for Tax Administration; and
• any other Inspector General, designated by the Chairperson from any agency that expends or obligates covered funds or is involved in the coronavirus response.

The Committee's specific duties include:

• auditing or reviewing covered funds . . . to determine whether wasteful spending, poor contract or grant management, or other abuses are occurring;
• making referrals for investigation to the Inspector General for the agency that disbursed the covered funds, including random audits to identify fraud; and
• reviewing whether competition requirements applicable to contracts and grants using covered funds have been satisfied.

In addition, the CARES Act establishes a "Special Inspector General" for pandemic recovery, the Office of the Special Inspector General for Pandemic Recovery, which will be housed in the Treasury Department. The Special Inspector General duties include the conduct, supervision, and coordination of audits and investigations regarding the "making, purchase, management, and sale of loans, loan guarantees, and other investments made by the Secretary of the Treasury under any program established" under the CARES Act.

Fortunately, the creation of a Special Inspector General to oversee governmental funds being liberally doled out in the aftermath of a disaster is not unique. In the aftermath of the financial crisis in 2008, through the Emergency Economic Stabilization Act of 2008, Congress created the Troubled Asset Relief Program (TARP) to implement programs to stabilize the financial system, and authorized up to $700 billion to be doled out to individuals and/or entitles to effectuate that intent. Out of the creation of the Troubled Asset Relief Program, Congress also created SIGTARP, the Special Inspector General over TARP. Its purpose was to conduct audits of TARP programs to prevent fraud and abuse, identify wasteful spending, and drive improvements. SIGTARP worked with a number of other federal agencies – including most principally the Department of Justice – to assist in investigations concerning criminal and/or civil violations of law associated with the TARP program. SIGTARP proved to be extremely aggressive and successful in its enforcement efforts. Senior executives, in-house attorneys, and C-level officers faced criminal and/or civil charges as a result of failing to follow the procedures authorized by Congress when it approved the TARP program. As of 2019, nearly $900 million was recovered by SIGTARP as a result of its enforcement efforts.

The sections of the CARES Act creating additional oversight and audit entities focused on CARES Act funding express Congress' intent and expectation that there will be compliance with applicable requirements, such as contract and grant management regulations to ensure proper use and accountability of funds. In addition, each agency's Inspector General has existing independent statutory obligations to uncover fraud, waste, and abuse. Recipients must also understand that the False Claims Act allows individuals to bring cases directly against those whom they allege to have misused government funds or obtained such funds using false statements. All money received under the CARES Act is subject to detailed scrutiny by a number of parties.

The CARES Act is also very much like previous comprehensive crisis response legislation, such as the Recovery Act, in that it covers a wide variety of needs and concerns but does not provide a uniform delivery method for funding. The Act allows the relevant Secretaries to make funds available through several mechanisms including loans, contracts, grants, and cooperative agreements. This alert focuses on grant and contract management compliance issues. The method used and the awarding agency will determine what rules apply. For example, the requirements associated with funds that are awarded via a grant from the Department of Health and Human Services (HHS) will be different from those for CARES Act funding provided pursuant to a grant with the Department of Justice.

Most agencies have their own agency-specific regulations and supplements to general government-wide grant and contract management standards, such as the Federal Acquisition Regulation (FAR) (applicable to acquisitions made by the Federal Government with appropriated funds) and the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal awards (Uniform Guidance) located (2 CFR part 200) (applicable to Federal awards made to non-Federal entities, such as grants, loans, and cooperative agreements). The following figure illustrates the thought process required for determining what compliance requirements apply using the example of a CARES Act grant received from the Department of Education under the Project SERV Program:

Using a similar process, recipients need to immediately determine what compliance requirements apply.

No matter the specific requirements, when recipients accept CARES Act funding, they need to comply with applicable requirements and expect that at some point in the future their compliance will be audited. It is likely that most of the CARES Act audits or investigations will take place long after the fog of COVID-19 has lifted. Auditors or reviewers will be looking at the recipients' actions solely through the lens of the requirements. Recipients should not rely on the exigencies of the current situation to justify non-compliance with the regulatory requirements. In most cases, emergency circumstances have little bearing on the ultimate assessment of compliance with requirements, such as:

• contract management;
• cost accounting and allowable costs;
• affirmative obligations to disclose potential fraud and criminal activity (e.g., 2 CFR 200.113 and FAR 52.203-13);
• financial reporting;
• records retention; and,
• procurement standards (even emergency procurements must comply with certain requirements, which can be onerous under the circumstances).

The risks associated with noncompliance are high. Using SIGTARP as the example, there will be significant enforcement actions with highly negative consequences for those involved. In fact, the Department of Justice, the Securities and Exchange Commission, and the State Department have already commenced COVID-19 related enforcement actions.

The risks are exacerbated by the exigent and difficult circumstances we are facing. Recipients of CARES Act money will undoubtedly be looking for ways to increase efficiency and decrease costs. Compliance with applicable requirements is not something to put off, avoid altogether, or perform halfheartedly. 

Baker Donelson has experienced attorneys who can assist in obtaining CARES Act funds and complying with the associated requirements. In addition, our Government Enforcement and Investigation Team can assist in the event of an Inspector General audit or False Claims Act matter. If you have questions, please contact the authors, your Baker Donelson attorney, or a member of the Disaster Recovery Group, Government Contracts Team, or the Government Enforcement and Investigations Team. Also, please visit our Coronavirus (COVID-19): What You Need to Know information page on our website.