Publicly Released: September 22, 2022
Objective
The objective of this audit was to determine whether DoD officials adequately supported decisions when verifying and certifying businesses as critical to maintaining national security for loans under section 4003 of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act).
Background
Section 4003 of the CARES Act authorized the Treasury Department to make loans, loan guarantees, and other investments that provided liquidity to eligible businesses related to losses incurred because of the coronavirus disease–2019 pandemic. The CARES Act permitted the Secretary of the Treasury to issue as much as $17 billion in loans and loan guarantees to businesses critical to maintaining national security.
The Treasury Department recognized businesses critical to maintaining national security as businesses that either had a DX‑priority rated contract, a type of contract that provides support to certain national defense and energy programs, or had a top secret facility security clearance. DoD officials were responsible for verifying that businesses had DX‑priority contracts or top secret facility clearances. Businesses that did not apply under DX‑priority contracts or top secret facility clearances sought acceptance to the loan program through DoD certification. The Secretary of the Treasury accepted that a business was critical to maintaining national security based on a certification from the Secretary of Defense or the Director of National Intelligence. The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD[A&S]) conducted the analysis for the verification and certification processes for the DoD, and Treasury Department officials, using information provided by the DoD, decided whether to approve the loans and loan guarantees.
Finding
OUSD(A&S) officials did not adequately support their verifications that businesses held DX‑priority contracts or top secret facility clearances, or their recommendations to the Secretary of Defense and Deputy Secretary of Defense to certify businesses as critical to maintaining national security for loans under section 4003 of the CARES Act. Of the 74 businesses Treasury Department officials provided to the DoD for review, OUSD(A&S) officials verified the DX‑priority or top secret facility clearances for 16 businesses, and based on recommendations from the OUSD(A&S), the Secretary of Defense or Deputy Secretary of Defense certified to Treasury officials that 19 other businesses were critical to maintaining national security. Furthermore, the Secretary of Defense’s memorandum to the Secretary of the Treasury certified a 20th business not included in the OUSD(A&S) recommendations. The DoD did not verify or certify the remaining 38 businesses to receive consideration for loans under section 4003 of the CARES Act. OUSD(A&S) officials were unable to adequately support their verifications and certifications because officials did not:
- define in writing how to determine whether a business was “critical to maintaining national security,” when certifying businesses; or
- have sufficient documentation that supported the implementation of consistent screening criteria to verify businesses’ DX‑priority or top secret facility clearances, or to recommend to the Secretary of Defense or Deputy Secretary of Defense that businesses were critical to maintaining national security.
As a result, the OUSD(A&S) implemented a process that was inconsistent and ineffective for verifying or certifying businesses as critical to maintaining national security, thus possibly enabling unqualified businesses to receive section 4003 CARES Act loans. OUSD(A&S) officials were unable to fully support the rationale used during the analysis or decision‑making process. Ultimately, Treasury Department officials made the final decision to approve section 4003 loans; however, Treasury officials relied on the analysis performed by OUSD(A&S) officials to initiate the loan underwriting process. Furthermore, the DoD’s lack of a documented definition and documentation trail put the Treasury Department at risk of potentially providing loans to companies that were not critical to maintaining national security.
Recommendations
We recommend that the Deputy Assistant Secretary of Defense for Industrial Policy:
- perform an after‑action review to document decisions, actions, best practices, and lessons learned when operating in a pandemic environment or other national emergency in which the DoD is tasked to provide critical information and analysis to support decisions in a short timeframe; and
- develop and implement a standard operating procedure to retain documentation to support business decisions when certifying data points to another Federal agency.
Management Comments and Our Response
The Principal Deputy Assistant Secretary of Defense for Industrial Base Policy, responding for the Deputy Assistant Secretary of Defense for Industrial Policy, agreed with the recommendations. The Principal Deputy Assistant Secretary provided an after-action review that was completed on August 5, 2022, and a standard operating procedure dated August 12, 2022, which will be implemented when the DoD is required to provide certifying data points to another Federal agency. The Principal Deputy Assistant Secretary’s comments and actions taken addressed the specifics of the recommendations; therefore, we consider the recommendations closed.
This report is the result of Project No. D2021-D000AV-0121.000.