When a borrower certified eligibility for a Paycheck Protection Program loan, the lender processed the application. For qualifying PPP loans, the Small Business Administration guaranteed 100% of the loan amount. Federal exposure could attach before a program-specific government eligibility check tested that certification against independent records. PPP later gained additional safeguards, but the initial design lesson remains.
In early June, the House of Representatives moved forward a slate of anti-fraud measures. Several bills passed, including the TRUE Accountability Act by a vote of 384-0 and the Federal Fraud Prevention Workforce Training Act by a vote of 393-0. The Fraud Prevention and Accountability Act, which would establish a permanent Inspector General for Fraud, Accountability and Recovery and new Treasury Department-based program-integrity functions, passed 240-181. The House also agreed to H. Res. 1335, a non-binding resolution expressing the sense of the House that federal program eligibility should be verified before payment. These are real improvements. But they also show how much of the debate still begins at the payment layer, after a program has already been designed, funded, and opened for applications. The payment layer is where agencies screen payments before federal funds are released. The design layer is where Congress defines eligibility, documentation, and verification before the first application is submitted.
One safeguard is still missing as a general statutory rule: program-specific verified proof before public money moves or federal exposure attaches.
Recovery is the part of fraud that is easy to count. The harder number is the dollar that never moved because a control stopped the application. When prevention works, there is nothing to point to. No payment to recover, no arrests, no case, no dollar amount. Recovery produces all of those, which is why it gets noticed and funded. But it starts from a loss that prevention could have kept smaller.
At the payment layer, Treasury’s Do Not Pay system and related screening tools help agencies identify improper payments and fraud risks before federal funds are released. Treasury says Do Not Pay helped prevent, identify and recover $11.7 billion in improper payments across the federal government in fiscal year 2025.
The issue is not whether analytics can work. It is whether Congress gives agencies legal authority, data access, timing and proof standard to use those analytics before exposure is created.
Payment screening can support eligibility verification, but it is not a substitute for a program-specific proof standard written into the authorizing law. Governmentwide screening tools can help validate identity, eligibility indicators and payment information. But they cannot always answer the program-specific question Congress should settle up front: What records prove the applicant, borrower, grantee, vendor or beneficiary qualifies in the first place?
Federal payment integrity laws require agencies to assess improper payment risk once a program exists. The Office of Management and Budget’s Circular A-129 also directs agencies and private lenders in guaranteed loan programs to determine whether applicants meet eligibility requirements. But guidance operates within the limits of authorizing law, and Congress can still design an emergency program that makes borrower certification the operative proof standard.
PPP showed what that means in practice. Private lenders originated and disbursed the loans. Borrowers certified their own eligibility and supplied supporting documentation. Under the CARES Act, SBA guaranteed 100% of qualifying PPP loans, shifting ordinary default risk from lenders to the government.
That structure supported speed. It also meant taxpayer exposure could be created before the government independently tested eligibility against reliable records. The Government Accountability Office later found that SBA’s initial limited PPP safeguards resulted in improper payments and fraud risks. The Pandemic Response Accountability Committee later estimated that pre-award vetting using advanced data analytics could have prevented more than $79 billion in potentially fraudulent pandemic relief payments. The SBA Inspector General later found that PPP’s initial design lacked a fraud risk framework adequate to the program’s scale.
I spent years on those cases at SBA, in forgiveness reviews, eligibility appeals and program-integrity work. The lesson from that work is not that agencies or lenders failed by carrying out the law Congress gave them. The lesson is that certification and documentation are not the same as an independent proof standard. An independent proof standard does not replace the applicant’s certification. It runs alongside it, so the government is not relying on that certification alone before exposure attaches.
The House bills would strengthen the payment layer in real ways. The TRUE Accountability Act would require OMB guidance and agency internal-control plans for emergency or crisis spending. The ZOMBIE Act would require pre-disbursement risk assessments for newly authorized programs and strengthen improper-payment risk reporting for existing programs. Other measures would let agencies delay, condition or segment payments when fraud risk is elevated and expand governmentwide fraud-prevention capacity.
But because H. Res. 1335 is a sense-of-the-House resolution, it does not create a binding statutory requirement.
The House bills represent real progress, but none of the substantive bills establishes a general statutory floor: program-specific eligibility proof required before taxpayer exposure attaches. Congress can still pass another emergency program with broad self-certification, limited documentation, and no independent eligibility check before federal exposure attaches. If Congress writes the next program the way it wrote PPP, federal exposure may attach before those tools can reach the central eligibility question.
The question Congress should ask is plain: What proof must exist before public money moves or federal exposure attaches?
A statutory floor would require each high-risk emergency program to define the proof required, the verifying entity, the data sources available for verification, and the point at which federal exposure may attach.
Congress can close that gap without slowing every program. The standard should scale with risk, dollar volume, program vulnerability and the consequences of delay. But when a program puts large amounts of public money at risk, the law should require two things before approval, disbursement, reimbursement, award or guarantee: a documentation standard and an independent check of that documentation against reliable records.
Depending on the program, that proof could mean checking wage and tax records against a payroll claim, validating identity and business ownership, confirming licensing or loss documentation, or flagging duplicate applications across programs. Access to some of those records, including tax return information, is governed by existing statutory restrictions. Congress would need to build data-access authority into the same design legislation. The same design rule should require an audit trail that tells later reviewers what was checked, who cleared it and why.
The usual objections are privacy and speed. Both belong in the design. Congress can set data-use limits and require human review before any adverse action, with a process to correct errors. Where reliable records exist, verification can run as a query at intake rather than a manual review later. The speed objection also hides a cost. Every fraudulent approval that consumed program funds meant a legitimate small business did not get relief. Verification protects eligible recipients, not just the Treasury.
This is not about opening new surveillance doors. It is about checking claims tied to taxpayer dollars against records the government or trusted partners already hold.
If taxpayer money is at stake, proof should not depend on who disburses the funds or what channel it moves through. The House has started to answer part of the question. The Senate now has the remaining window: verified proof of eligibility before taxpayer dollars move or federal exposure attaches.
Traci Harig is a former GS-13 loan specialist at the U.S. Small Business Administration, where her work on 7(a)/PPP covered eligibility and forgiveness reviews, affiliation analysis under 13 CFR §121, appeals, and case reviews and analysis on matters referred by OGC, DOJ and OIG, including False Claims Act matters.
Copyright
© 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
