Ernst Exposes SBA’s Lack of IT Security…

SBA has publicly touted its “artificial intelligence tools” but continues to report that it has not used AI.

WASHINGTON – U.S. Senator Joni Ernst (R-Iowa), ranking member of the Senate Small Business Committee, exposes Biden’s Small Business Administration (SBA) for pursuing costly artificial intelligence (AI) technology, while many SBA offices and – programs lack even basic Internet technology (IT) security, putting Americans’ personal information at risk.

The SBA has largely used its $22 million IT Working Capital Fund (IT WCF) to prioritize favored projects that support questionable policy changes and AI, while the agency as a whole continues to fall short of federal IT standards and pose significant security risks in its systems. Additionally, the SBA has failed to comply with an executive order directing federal agencies to list where and how they use AI.

To get answers and accountability, Ernst is calling on SBA Administrator Guzman to provide a full accounting of how SBA is investing with the IT Working Capital Fund budget.

She wrote, “It is critical that the SBA use its IT WCF only for authorized purposes and make appropriate investments to modernize IT infrastructure across the agency. The SBA has failed to do this and has reportedly spent significant amounts on IT projects within some divisions, such as the Office of Capital Access, even though other offices do not appear to have the capacity to perform basic IT functions, such as import data from Excel spreadsheets.

“Specifically, SBA was cited as having ineffective management when it comes to risks, supply chain risks, IT configurations, and identity and access policies. It also had ineffective data protection and privacy, security training for staff, continuous information security monitoring capabilities and contingency planning.

“The SBA must do better, especially considering that thousands of Social Security numbers have been used to commit fraud and identity theft in the Paycheck Protection Program (PPP) and the COVID-19 Economic Injury Disaster Loan (COVID-19 EIDL) programs.

“In addition, the SBA has failed to comply with Executive Order (EO) 13960, Promoting the Use of Trustworthy Artificial Intelligence in the Federal Government, which directs federal agencies to list where and how they use AI. The SBA has updated its “artificial intelligence tools for fraud investigation on all loans in the 7(a) and 504 loan programs,” “advanced automated assessments,” “advanced data analytics,” “machine learning capabilities,” and “artificial intelligence and machine learning solutions to learn.’ The SBA also launched an updated Lender Match tool that verifies borrowers and screens for fraud. In a recent interview, you stated that the SBA has embraced AI. Nevertheless, the SBA has not been transparent and reports that it has not used AI.”

Read the letter here.

Back To Top