Guest: Gil Rosenthal
Today I’m talking with Gil Rosenthal about PPP fraud, and this is one of those conversations that still matters because the scale of what happened was enormous, but the operational lessons are even bigger. Gil had a front row seat to one of the most difficult fraud environments a lender could face, helping manage risk and operations during the rollout of the Paycheck Protection Program while real businesses urgently needed funds and criminals saw a massive opening at the exact same time.
That is a hard place to operate. And honestly, it is exactly why I wanted to have this conversation.
Gil brings a perspective that goes beyond the headlines about covid relief fraud. He has worked in financial fraud for years, from PayPal to BlueVine and then advising high-growth fintech companies, so he understands both the pressure to move fast and the damage that happens when identity fraud in lending, weak controls, and urgent distribution collide. This episode is not just about what went wrong in PPP. It is about what fraud teams, lenders, banks, and fintechs should learn from it.
And that matters.
Because when we talk about PPP fraud, we are really talking about online lending fraud at scale, risk tradeoffs under pressure, and what fraud prevention in fintech looks like when the volume is high, the need is real, and the bad actors know exactly where the pressure points are.
Here is what that perspective means in practice:
- PPP fraud exposed how quickly fraud can scale when speed, urgency, and limited controls meet
- Fraud operations in PPP required constant tradeoffs between fast funding and strong verification
- Fintech risk management matters most when demand spikes and criminals move just as fast
- Good fraud prevention should protect the business while still enabling customer experience for legitimate applicants
What you’ll hear in this episode:
- What Gil saw firsthand while managing risk and operations during the PPP rollout
- Why paycheck protection program fraud became such a large and difficult problem to contain
- How PPP application fraud and small business loan fraud exploited the pressure to fund quickly
- What fraud challenges in lending looked like from inside a fast-moving fintech environment
- Why Gil’s risk management methodology still matters for fraud advisory for fintech teams today
You should listen to this episode if you:
- Work in fraud, risk, lending, or fintech and want a grounded look at PPP fraud from someone who lived it
- Care about online lending fraud, business loan fraud, or identity fraud in lending
- Want better fraud prevention in fintech without losing sight of customer experience
- Need practical lessons from one of the largest fraud events tied to covid relief fraud
- Are thinking about how fraud teams should prepare for the next high-volume funding or onboarding surge
If you liked this episode, be sure to subscribe and review the podcast on iTunes, Spotify, YouTube, or wherever you listen to podcasts. It really helps with getting the word out.
Episode notes & key takeaways
In this episode, I talk with Gil about what PPP fraud looked like from inside the operation, not just from the outside looking in. That distinction matters. It is easy to talk about giant loss numbers after the fact. It is harder, and much more useful, to understand what fraud teams were actually dealing with in the moment.
Why PPP fraud became such a massive fraud problem so quickly
Let’s break this down.
PPP fraud was not just big because the dollars were big. It was big because the conditions were perfect for abuse. You had urgent demand, enormous pressure to move funds quickly, digital applications at scale, and a national environment where speed was prioritized for understandable reasons. Criminals noticed that immediately.
At first glance, some people treat PPP fraud like a one-off crisis event. I do not. I see it as a very clear example of what happens when online lending fraud grows faster than verification and review capacity. The channel may have been unique, but the mechanics were very familiar. Identity abuse. Synthetic or stolen information. Application fraud. Pressure on teams to approve quickly. And a system trying to distinguish real need from fraudulent intent at scale.
That usually gets messy fast.
- PPP fraud grew because speed and urgency created ideal conditions for large-scale abuse
- Paycheck protection program fraud relied heavily on digital application channels and limited review time
- PPP application fraud showed how quickly criminals adapt to new funding programs
- Covid relief fraud became a blueprint for how fraud can scale during moments of public pressure
What fraud operations in PPP looked like from inside the process
Here’s what’s actually happening.
One of the most valuable parts of this conversation is Gil’s perspective on fraud operations in PPP. He was not just watching the numbers come in. He was helping manage the operational reality of distributing funds to legitimate small businesses while trying to stop fraudulent applications from getting through.
That is a very different problem than most people realize.
Because this was not just a fraud model issue. It was an operations issue. A workflow issue. A verification issue. A staffing issue. A prioritization issue. And when fraud teams are dealing with that many moving parts at once, the quality of the process matters just as much as the quality of the signals.
Right.
That is also why this episode is useful for more than just lenders. Any company dealing with sudden scale, remote onboarding, or digital financial services can learn from this.
- Fraud operations in PPP involved balancing fast approvals with real verification pressure
- Fintech risk management depends on processes, people, and decisioning, not just tools
- Small business loan fraud often exploits operational bottlenecks as much as technical gaps
- Stronger fraud controls only work when the surrounding process can support them
Why identity fraud in lending is one of the biggest lessons here
This is where the real risk comes in.
When money is moving through online applications, identity becomes the front line. And in PPP, identity fraud in lending was a huge part of the problem. Some applications were tied to real businesses. Some were fabricated. Some used stolen or manipulated information. And once that starts happening at volume, the challenge is not just detecting bad data. It is understanding intent before the money leaves.
That is not simple.
And it is one of the clearest lessons from this episode. If your controls assume that application data is mostly trustworthy, or that urgency should override verification discipline, criminals will notice. They always do. Because this is exactly the kind of vulnerability they look for.
- Identity fraud in lending can scale quickly when application channels are digital and high volume
- Business loan fraud often depends on weak verification, incomplete review, or urgency-driven approval
- Online lending fraud is not just a credit issue when false identities or manipulated data are involved
- PPP fraud prevention had to focus on both identity confidence and operational decisioning
What good fraud prevention in fintech should take from this
One of the strongest themes in this conversation is that fraud prevention in fintech should not just be about saying no more often. It should be about building a process that can separate legitimate customers from bad actors without creating unnecessary pain for the people you are trying to serve.
Honestly, that is the part I appreciated most.
Gil talks about the rewards of helping real businesses get needed funding, and that matters because it keeps the conversation grounded. Fraud prevention is not only about loss reduction. When it is done right, it also enables customer experience. It protects access for good customers by making the system more trustworthy and more resilient.
We have seen this playbook before. Companies focus only on blocking fraud, and they forget the second half of the job. The better approach is disciplined, layered, and practical.
- Fraud prevention in fintech should protect legitimate access while reducing abuse
- Enabling customer experience is not separate from fraud strategy, it is part of it
- Risk management methodology works best when it connects identity, operations, and decisioning
- Fraud advisory for fintech teams should focus on resilience, not just short-term reaction
Why this episode still matters beyond PPP
It would be easy to treat this as a historical story. I do not think that would be the right read.
The reason this episode still matters is that PPP fraud revealed weaknesses that show up in other places too. Fast onboarding. Digital lending. Pressure to approve. New products. New channels. Economic disruption. You may not be running a relief program, but the same patterns can show up anywhere money moves quickly and controls are still maturing.
That is the bigger takeaway.
Gil’s perspective is useful because he is not just talking about one program. He is talking about judgment, fraud challenges in lending, and what smart teams learn when they are operating under real pressure. And that holds up well beyond PPP.
The big takeaway from this episode is pretty straightforward. PPP fraud was enormous, but the real value in this conversation is understanding how and why it happened from someone who worked through it directly. If you work in fintech, lending, or fraud, there is a lot here that still applies.
