On April 29, the House Oversight and Government Reform Committee approved nine anti-fraud bills with broad bipartisan support. Two measures edge toward structural reform of federal emergency programs, but neither fully closes a loophole that has existed since 1983.
Traci Harig, a former GS-13 loan specialist at the Small Business Administration who worked on the Paycheck Protection Program, argues that Congress must require agencies to have the Government Accountability Office's internal control framework—known as the Green Book—operational before any emergency disbursement authority is exercised. “By the time problematic loans came into focus, the money was already out the door,” she wrote, recounting years of cleanup on PPP loans that lacked upfront verification.
The Green Book, first issued in 1983, outlines five components: risk assessment, control activities, monitoring, and the systems and accountability that bind them. The GAO updated it in 2025, effective fiscal year 2026, explicitly addressing emergency assistance. Yet Congress has never mandated its readiness before a crisis hits.
Past disasters underscore the cost of inaction. After Hurricane Katrina, the GAO estimated improper or potentially fraudulent individual assistance payments ranged from $600 million to $1.4 billion. The PPP, launched under the CARES Act, moved hundreds of billions in weeks, relying on borrower self-certification without independent verification—a design that accelerated relief but generated years of fraud recovery work.
The two bills that came closest to addressing this gap are the TRUE Accountability Act, which would require the Office of Management and Budget to issue guidance for agency internal control plans during emergencies, and the ZOMBIE Act, mandating fraud risk-management practices aligned with the GAO Fraud Risk Framework. Both, however, stop short of requiring pre-certification. As Harig notes, “OMB guidance issued during a crisis is not the same as a readiness certification before one.”
The speed-versus-integrity tension is real. In spring 2020, millions of small businesses shut down within weeks, and political pressure to move money was intense. But building controls mid-crisis is too late. Agencies can develop these frameworks during normal operations, identifying high-risk features, documentation standards, and accountability lines in advance. “We do not deploy disaster relief without logistics plans already in place,” Harig writes. “Yet for emergency financial assistance, we keep building the plane while we are flying it.”
The Trump administration has pushed anti-fraud measures, with Vice President Vance detailing a broader crackdown that targets Democratic states. Meanwhile, the White House has threatened to cut Medicaid funds over state fraud compliance, signaling that the issue cuts across party lines. Some critics worry that such efforts could be weaponized, as seen in the SPLC fraud case sparking fears of a broader crackdown on Trump-critical nonprofits.
The Green Book is the blueprint, Harig concludes. The requirement to certify readiness must come before the next crisis. “If Congress wants speed and integrity when the next one hits, the answer is preparation.”
