Program Integrity Alliance
All Insights

The Sun Rises Again on the PRAC

GovIntegrityJuly 7, 2025
The Sun Rises Again on the PRAC

In the words of Walt Whitman, the One Big Beautiful Bill (OBBB) contains multitudes, and among them is a provision that keeps the Pandemic Response Accountability Committee (PRAC) from sunsetting at the end of fiscal year 2025, as the CARES Act called for. The OBBB allocates $88 million for PRAC over a nine-year period to support oversight of Coronavirus funds “and of funds provided in this Act,” which, while vague, presumably means PRAC’s jurisdiction has also been expanded to include the funds allocated for programs in the OBBB.

This is good news. The PRAC has been a mostly unsung hero in the world of government oversight. Created by the CARES Act in 2020, the PRAC was given some serious advantages—like direct hire authority and a wide mandate—that have allowed it to establish one of the most powerful, centralized fraud-fighting data systems ever created in government. Modeled after the Recovery Operations Center (ROC) that was established during the Recovery Act era, the PRAC has been quietly building a fraud fighting tool that has the power not just to find fraud that has occurred, but to PREVENT it from happening in the first place.

Astute readers may read the word “prevent” in the same sentence as “PRAC” and ask: “Wouldn't that violate the independence of the Inspectors General (IG)?” Indeed some have raised that question.

For context, the PRAC is a committee of the Council of Inspectors General for Integrity and Efficiency (CIGIE), which means it is a part of the IG community. The idea that an IG could be involved in fraud prevention is a bit radical. That’s because conventional wisdom has held that IGs cannot involve themselves with the work of the management side of their agencies, lest they compromise their independence. While preventing fraud is certainly supposed to be an agency’s responsibility, many agencies lack the data, the resources, or the will to use data effectively to root out fraudulent applicants to their programs.

Using data to prevent fraud is vital. Identity theft-based fraud has skyrocketed in the last few years and organized crime groups have billions of pieces of personally identifiable information on every U.S. citizen that they regularly monetize through federal and state benefit, grant, and loan programs. The PRAC has done the hard work of negotiating over 100 data-use agreements with various agencies and because the PRAC is part of the IG community, it has law enforcement data agencies lack—data that can uncover indictors of potentially fraudulent applicants (think foreign crime syndicates using stolen U.S. citizen data to submit applications for disaster assistance in Texas following the devastating floods of July 4th). The PRAC has built advanced analytics models and has the specialized fraud expertise to identify emerging fraud schemes. Using these tools to prevent fraud is in the interest of taxpayers.

The Comptroller General, the head of the Government Accountability Office (GAO) has publicly stated that it would not violate IG independence for the PRAC to share insights from its data with agencies. The distinction between sharing insights and weighing in on the approval of an application is important. It would violate IG independence for the PRAC to tell FEMA not to award disaster funding to an individual or a business. But it wouldn't violate independence for the PRAC to share information about applicants, such as risky IP addresses or other known risk indicators associated with an applicant’s submitted information that raise the risk of fraud with FEMA. FEMA would simply incorporate this information into its application adjudication process, allowing for more holistic, data-driven decision making.

Disaster funding is a clearly advantageous use case for leveraging insights from PRAC data to prevent fraud, but there are many other examples where PRAC’s knowledge could help stop fraud before it happens. With fraud actors using stolen identity data so pervasively against federal and state government agencies, every tool in the government’s tool box must be put to use. In the DOGE era, where using data to prevent fraud, waste, and abuse has been elevated as a priority, allowing the PRAC to share insights from its data with agencies implementing programs that are at heightened risk of fraud is a no-brainer.

Article first posted on GovIntegrity.