Skip to Main Content

July 2021  Volume 15Issue 2
Journal of Health and Life Sciences Law

Lemons into Lemonade: Enforcement Risks Associated with the Receipt of COVID–19 Government Assistance Funds, and Mitigation Strategies and Defenses for the Long Haul

  • July 31, 2021
  • Jody Rudman , Husch Blackwell LLP
  • Sean Bosack , Godfrey & Kahn, S.C.


The Coronavirus Aid, Relief, and Economic Security Act (CARES Act) made available numerous funding mechanisms to individuals, businesses, and health care providers to help them deal with the health and economic impacts of COVID-19. This article will address some early enforcement actions and the announced vigilance toward policing CARES Act and COVID-related fraud. We will describe enforcement tools within the CARES Act and current law, followed by a discussion of defensive strategies aimed at mitigating risk for good faith actors who go through a post-relief investigation or enforcement action.


On March 27, 2020, the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) was signed into law, making available $2.2 trillion in relief funds.2 Through the CARES Act and other programs, numerous funding mechanisms have been made available to provide economic assistance and protections for Americans, businesses, and health care systems and providers, among others, from the health and economic impacts of the pandemic.3 CARES Act relief involves a number of programs, including the Paycheck Protection Program (PPP), relief to individuals, loan forgiveness programs, and the Provider Relief Fund;4 however, caveat recipient. Many of these programs and funds have strings attached. With the stimulus packages came oft-complex rules and regulations addressing recipients’ entitlement to and use of the funds, and with rules and regulations come audits, investigations, and enforcement activities.

This article will address some early enforcement actions and the announced vigilance toward policing CARES Act and COVID-related fraud. We will describe enforcement tools within the CARES Act and current law, followed by a discussion of defensive strategies aimed at mitigating risk for good faith actors who go through a post-relief investigation or enforcement action.

Early Enforcement Activity

Less than a year after the pandemic began, the U.S. Department of Justice (DOJ) had already announced scores of criminal fraud cases, at least eleven civil fraud actions to enjoin fraudulent coronavirus-related schemes, and over fifty Paycheck Protection Program cases involving over $225 million in intended loss.5 The National Center for Disaster Fraud and the Federal Bureau of Investigation have received tens of thousands of tips concerning COVID-related wrongdoing. United States Attorneys in each district were instructed to appoint Coronavirus Fraud Coordinators,6 and many also established task forces to coordinate prosecutors and agents. All of this has yielded, and will continue to yield, steady criminal and civil enforcement efforts for years.

Many of the early cases specific to CARES Act relief funds are the proverbial low-hanging fruit: fraud on the PPP in the form of fake companies, luxury purchases, and false documentation. For example, a reality TV star in Georgia was indicted following receipt of a PPP loan for a trucking company. The money is alleged to have been spent on jewelry, child support, and leasing a Rolls Royce, among other things.7 A New Jersey attorney was charged with fabricating records indicating the existence of businesses with hundreds of employees for PPP loan applications. The PPP loan money he received was alleged to have been spent on a luxury home and stock market investments.8 An NFL wide receiver and others allegedly received $24 million in PPP funds and allegedly spent it on luxury designer items.9

Certainly, there will be far more complicated fraud schemes and lengthier investigations over the next many years. Many might stem from the CARES Act’s Provider Relief Fund (PRF), where the strings attached are more complicated and the issues more nuanced. In particular, recipients of PRF payments navigated through a complex maze of terms and conditions, attested to their rights to receive funds and their commitment to spend them within the bounds of the program, and faced shifting guidance. The PRF program entails mandatory reporting, self-auditing, audits by the U.S. Department of Health and Human Services (HHS), and claw-backs of overpayments—altogether a recipe ripe for enforcement activity.

The Commitment to Investigate and Enforce

The likelihood of rigorously investigating fraudulent or improper claims emerges whenever Congress authorizes relief funding. In a funding package of the magnitude of the CARES Act and relief measures that followed, these risks and attendant scrutiny are magnified.

The DOJ has already issued numerous public statements proclaiming its intention to investigate misconduct associated with the CARES Act and COVID-19. Early in the pandemic, the DOJ announced it would use “every enforcement tool available to prevent wrongdoers from exploiting the COVID-19 crisis.”10 The DOJ directed each U.S. Attorney to appoint a Coronavirus Fraud Coordinator to serve as legal counsel for its district’s COVID-19 matters, direct the prosecution of COVID-19-related crimes, and conduct outreach and awareness initiatives regarding common fraudulent schemes.11 A national whistleblower hotline was set up for members of the public to report suspected fraudulent schemes. Enforcement risks come from a number of sources, including oversight established within the CARES Act itself, the False Claims Act, and the criminal laws.

Mechanisms to Investigate and Enforce

The CARES Act created an internal enforcement regime that established three new entities: an Office of Special Inspector General for Pandemic Recovery; a Pandemic Response Accountability Committee; and a Congressional Oversight Commission. Each is charged with oversight of the administration of COVID-19 relief funds and imbued with the authority to investigate and bring enforcement actions in the event of relief program fraud or other violations.

The Special Inspector General for Pandemic Recovery

The Special Inspector General for Pandemic Recovery (SIGPR) exists within the U.S. Department of the Treasury. The SIGPR oversees programs administered by the Small Business Administration, such as the PPP and other programs established by the CARES Act.12 The SIGPR has a $25 million initial budget and a five-year mandate, and it is responsible for conducting, supervising, and coordinating audits and investigations. The SIGPR has the power to subpoena documents and take testimony. Its creation has recent historical roots in the appointment of a Special Inspector General for the Troubled Asset Relief Program of 2008 (SIGTARP). The success of SIGTARP’s investigations and prosecutions of abuses in the TARP program bodes strongly for what can be expected from SIGPR.

The Pandemic Response Accountability Committee

The Pandemic Response Accountability Committee (PRAC) consists of 20 Inspectors General from the Departments of Defense, Education, Health and Human Services, Homeland Security, Justice, Labor, Treasury, the Small Business Administration, and the Internal Revenue Service (IRS).13 PRAC is tasked with conducting, coordinating, and supporting inspectors general in their oversight of funds in order to: detect and prevent fraud, waste, abuse, and mismanagement; and mitigate major risks that cut across funding programs and agency boundaries. PRAC’s authority overlaps with SIGPR’s but is more extensive. PRAC may conduct investigations, including holding public hearings. PRAC may issue and enforce subpoenas, and it may refer matters to the DOJ for criminal prosecution or civil suit.

The Congressional Oversight Commission

The Commission is authorized to oversee the Department of the Treasury and the Board of Governors of the Federal Reserve System as these agencies administer COVID-19 relief programs. The Commission may hold hearings, take testimony, and receive evidence from federal departments or agencies.14

Applicable Laws

These mechanisms are additive to other investigating agencies and tools available to whistleblowers and prosecutors nationwide, in particular, the False Claims Act and the existing criminal enforcement regime. We anticipate that many of the complicated fraud cases under the PRF, PPP, and other CARES Act relief may be pursued under the False Claims Act.

The False Claims Act – 31 U.S.C. §§ 3729, et seq.

The False Claims Act (FCA) remains the government’s primary enforcement tool for pursuing alleged fraud by recipients of government funds. It presents a perfect avenue for claims of CARES Act program ineligibility or misuse of funds. Indeed, speaking to the U.S. Chamber of Commerce’s Institute for Legal Reform, Ethan P. Davis—then-Principal Deputy Assistant Attorney General for DOJ’s Civil Division—confirmed that the Civil Division will “energetically use every enforcement tool available to prevent wrongdoers from exploiting the COVID-19 crisis.” He cited the FCA as one of the most effective weapons in the Civil Division’s arsenal. He confirmed the FCA will be deployed against those who commit fraud related to coronavirus relief programs.15 FCA litigation is often initiated by whistleblowers as relators, who are often disgruntled or former employees who see an opportunity to reap a financial windfall. Given the mass furloughs and layoffs caused by the economic crisis associated with the pandemic, CARES Act programs present a target-rich environment for qui tam lawyers and whistleblowers alike.

Criminal Laws16

Criminal statutes also will likely be deployed in certain circumstances to accuse wrongdoers of fraud in the CARES Act programs. Some of the statutes likely to be used include:

  • 18 U.S.C. § 1001: False Statements
  • 18 U.S.C. § 1341: Mail Fraud
  • 18 U.S.C. § 1343: Wire Fraud
  • 18 U.S.C. § 1344: Bank Fraud
  • 18 U.S.C. § 371: Conspiracy
  • 18 U.S.C. § 1345: Injunctions against Fraud

Finally, other sources of investigation and prosecution include State Attorneys General, the Securities and Exchange Commission, and the IRS.

History as a Guide

History demonstrates that when the government dispenses substantial relief funding, it will seek to recoup wrongfully obtained funds through oversight and retrospective investigation and enforcement. As noted, SIGPR finds recent historical precedent in SIGTARP, which was created to monitor relief funding under the $475 billion Troubled Asset Relief Program. SIGTARP reports that its investigations have yielded over 380 criminal convictions, including 76 bankers and 92 borrowers, and enforcement actions against 24 corporations.17 With a budget of approximately $350 million, SIGTARP has recovered $11 billion to date, $900 million in 2019 alone.18 Notably, SIGTARP enforcement includes both criminal prosecutions and civil actions under the FCA. The following are illustrative:19

TierOne Bank’s Chief Executive Officer (CEO) was sentenced to 11 years in prison; its President and Chief Operating Officer was sentenced to almost three years; and its Senior Vice President and Chief Credit Officer was sentenced to almost two years. SIGTARP’s investigation uncovered a massive fraud scheme to hide a so-called “death spiral” occasioned by the bank’s aggressive and risky growth plan. It was discovered when the bank applied for $86 million in TARP funds.

Bank of America’s Chairman and CEO agreed to pay $10 million to settle a False Claims Act case. The Bank’s Chief Financial Officer agreed to pay $7.5 million. SIGTARP’s investigation with the New York Attorney General’s office revealed that Bank of America had duped shareholders by not disclosing massive losses at Merrill Lynch, and fraudulently received $20 billion through the TARP bailout by falsely claiming that the bank would back out of its Merrill Lynch merger if the government refused to issue the funds.20

Importantly, SIGTARP remains active over a decade after that financial crisis. In fiscal year 2020, SIGTARP claims recoveries of $81.6 million and nine new criminal charges.21 Furthermore, though SIGTARP’s jurisdiction is ostensibly limited to financial institution crime and TARP-related fraud, waste, and abuse, SIGTARP’s investigations have been far wider.

What does this teach us? It teaches us that the Special Inspector General program to oversee massive bailout programs is a success; that SIGPR will likely approach its work with similar vigilance and range; that SIGPR will be here for at least the entirety of its designated period, but possibly much longer; that large sums of money will be recovered in the event of an identified problem, with corresponding public fanfare and embarrassment; and that a SIGPR investigation should be undertaken with excruciating integrity.

Other disaster relief programs have also resulted in post-hoc investigations. Notably, in 2008, the Hurricane Katrina Fraud Task Force announced it had brought federal charges against 907 individuals in 43 federal judicial districts. Many of these matters stemmed from false claims for disaster assistance. Among the civil cases, as recently as June 3, 2020, the United States announced its intervention in an FCA case against architecture and engineering firm AECOM and certain disaster relief applicants. The lawsuit alleges false claims to the Federal Emergency Management Agency and false certifications of the accuracy of applications for funding. One funding recipient already agreed to pay the United States $12 million to resolve its alleged role.22

Given the precedent of these post-disaster relief enforcement efforts, coupled with then-Attorney General William Barr’s exhortation to the public to help police and enforce pandemic fraud schemes, the many avenues for reporting fraud—and the financial incentives in the event of a successful qui tam lawsuit—post-pandemic enforcement is likely to be vigorous.

Strategies and Defenses to Mitigate Risk and Survive Scrutiny

Recipients of COVID relief funds should remain vigilant and meticulous in all matters concerning these funds, but that may not be enough to stop a lawsuit or investigation. Being on the receiving end is bound to be stressful, costly, and unpleasant. It is critical to take steps now to mitigate risk and hopefully survive such inquiry with as little repercussion as possible.

Risk Mitigation

  1. Guidance: In the early days of the relief fund rollout, it seemed that guidance was changing almost daily. It continues to be refined. Recipients of CARES Act and subsequent distributions should stay well abreast of guidance as it is issued. If advice is received on the telephone, document it. Print the FAQs, the terms and conditions, the attestations, and applications.
  2. Documentation: There is no substitute for contemporaneous documentation of who made what decisions, and why. There is no better way to demonstrate a lack of knowledge or intent, or the existence of good faith, than to view the actual thoughts and words memorialized contemporaneously with the actions taken. This includes decisions regarding whether an organization qualifies for relief funding, and how funds were used. Document all of this.
    Likewise, document steps taken to comply with government requirements. Document professional advice, internal audits, and the asking of questions to clarify vague guidance. Memories will fade, and the failure to contemporaneously document will make it more challenging to credibly argue good faith under retrospective review. Moreover, if a company informs the government in writing of its understanding of vague guidance, it is more difficult for the government to prove post-hoc that it was knowingly or intentionally defrauded.
  3. Centralization: To the extent possible, keep documents and correspondence related to relief funds in one place. Turn off auto-archive and auto-delete features in the IT system. Issue a preservation memo to officers and employees who might be involved.
  4. Audits: Take appropriate accounting steps to establish that federal funds were used for approved purposes. Address questions timely. Designate the individuals or team responsible for the review and a reasonable timeline for the review to be performed. After completion, confirm and describe the review and compliance efforts.
  5. Listening: Listen and respond to employee complaints and concerns. Today’s aggrieved employee is tomorrow’s qui tam relator. Create a paper trail of good faith consideration of issues raised, and reasons for actions or non-actions taken. Communicate, and of course, never retaliate.
  6. Advice: Seek and implement advice from counsel with relevant experience.
  7. Preparation: Have a plan in the event of an investigation. Know whom to call. Select the point person who will interface with counsel and any investigators.

Defensive Issues

An organization’s ability to mount a robust defense will ultimately be steeped in individual facts and circumstances. However, there are some defenses of broad applicability to the FCA and certain criminal statutes that might be considered. They include good faith, lack of materiality, limitations on the use of certain guidance documents as the basis of charges, and, in certain circumstances, reliance on advice of counsel. In most instances, the ability to establish diligent adherence to risk mitigation steps will afford entities subjected to scrutiny the best chance to reach a favorable resolution.

  1. Good Faith: The DOJ has indicated it will not pursue cases based on inadvertent or technical mistakes; an honest misunderstanding of rules and terms; alleged deviation from non-binding guidance; and cases against entities that reasonably attempted to comply and in good faith tried to take advantage of regulatory flexibility during the pandemic.23
    Similarly, HHS has stated, “[W]e are committed to protecting patients by ensuring that health care providers have the regulatory flexibility necessary to adequately respond to Coronavirus concerns.”24
    Organizations should cloak themselves in these words and be prepared to demonstrate how they exercised good faith. Remember, both the FCA and the criminal laws require proof of a mental state. Build a record now rather than wait for an audit demand, subpoena, agents with badges, or a Civil Investigative Demand to arrive.
  2. Materiality: Under the FCA, “material” is defined as “having a natural tendency to influence, or be capable of influencing, the payment or receipt of money or property.”25 In 2016, in United States ex rel. Escobar v. Universal Health Services, Inc.,26 the Supreme Court set forth factors governing the determination of materiality under the FCA, including (1) whether compliance with a statute is a condition of payment; (2) whether the alleged violation goes to the “essence of the bargain,” or is minor or insubstantial; (3) whether the government consistently pays or refuses to pay claims when it has knowledge of similar violations; and (4) whether the government would likely have refused payment had it known of certain regulatory violations.
    Since Escobar, federal courts have wrestled with the Court’s pronouncements regarding materiality. Notably, in United States ex rel. Janssen v. Lawrence Memorial Hospital, the Tenth Circuit affirmed a district court’s grant of summary judgment to the defendant under Escobar’s materiality analysis.27 At issue was the hospital’s alleged falsification of patient arrival times as a means of increasing Medicare reimbursement rates. The panel unanimously held that the alleged falsification was not material to Medicare’s payment decisions. Significantly, Medicare had received information regarding the alleged falsification through a whistleblower hotline, did not independently verify the whistleblower claims, and continued to make payments even after the litigation commenced. The panel concluded that the government’s failure to act in the aftermath of detailed whistleblower allegations suggested that the alleged deficiencies were immaterial. Moreover, the court considered whether the alleged falsifications went to the “essence of the bargain.”28 The court determined that the alleged falsification was not sufficiently widespread to support materiality under Escobar. Lastly, the court considered whether Medicare had “expressly required accurate reporting as a condition of payment,” but found no sufficiently specific requirements amidst a complex regulatory regime.
  3. Limitations on Use of Regulatory Guidance: The U.S. Supreme Court recently ruled in Azar v. Alina Health Services that departures from sub-regulatory guidance that establish or change a substantive legal standard cannot be the sole basis for enforcement, unless the guidance was the product of notice and comment rulemaking.29 This ruling is consistent with prior guidance issued by the DOJ in January 2018, which is embodied in the U.S. Attorney’s Manual.30 At their core, criminal and civil enforcement actions must be based on violations of applicable legal requirements, as opposed to mere noncompliance with guidance documents used by federal gencies—guidance documents cannot themselves create binding requirements beyond existing statutes and regulations.31
    In the context of COVID relief, there are requirements for eligibility set forth in the statutes, but there is also an ever-evolving body of guidance issued by a variety of government agencies that is often vague and inconsistent with prior guidance and/or the legislation itself. Moreover, due to the pace at which the legislation was passed and guidance has been issued, there has been insufficient time for agencies to undertake and complete traditional rulemaking processes. Accordingly, organizations may be able to avail themselves of this defense.
    On the flip side, the government can and will use awareness and knowledge of guidance documents to prove that a party had the requisite scienter or knowledge of the law.32 This could be significant in cases where the government alleges the submission of false claims, but the defendant prepared its submission to create the impression that it complied with an otherwise non-binding guidance document.
    Organizations subjected to scrutiny should understand: (i) what exactly is alleged to have been violated, and (ii) does it carry the force of law, i.e., is it merely non-binding guidance?
  4. Reliance on Advice of Counsel: Under some circumstances, it may be factually and strategically appropriate to assert reliance on advice of counsel. This defense may allow a defendant to establish that he or she lacked wrongful intent, thereby disproving the requisite mental state.

    Reliance on advice of counsel is not a defense to be undertaken lightly. Among other things, the defendant’s attorney essentially becomes a witness, which could disqualify any member of the law firm from further representing the defendant. In addition, the defendant is required to waive attorney-client privilege. The client is essentially opening the door to discovery of all communications with counsel, and even counsel’s work product on which the defendant may have relied.

    There are also risks for attorneys. Among other things, clients under financial duress may engage in selective listening when being advised of options—hearing the good news while ignoring the bad. This runs the risk of pitting attorney against client, and worse—in extreme circumstances, the attorney could become a defendant. Accordingly, it is equally important for counsel to maintain complete and clear documentation.


The federal government’s passage of the monumental CARES Act in response to an unprecedented global crisis was critical, but there can be no question that with the receipt of large sums of relief money and participation in CARES Act and other relief programs, decisions, and actions will receive hindsight scrutiny. Preparation and prevention can be priceless in the event of retrospective review. It is the authors’ hope that when the dust has settled and the pandemic is over, they prove to have been unnecessary after all.

Author Profiles

Jody L. Rudman is a Partner at Husch Blackwell, LLP in the Austin TX office. Jody is a seasoned litigator, with over two decades’ experience in federal and state courtrooms, and at the trial court and appellate court levels. Jody focuses primarily on Government investigations, both civil and criminal, in the health care space. A former Assistant United States Attorney for the Northern District of Texas, she has handled all aspects of Government investigations on both sides of the criminal docket, from grand jury investigations through trials, sentencings and appeals. She has also served as relators’ counsel and defense counsel in civil False Claims Act matters and handled those matters from investigation through conclusion. Contact her via email at [email protected].

Sean O’D. Bosack is a Shareholder in the Litigation Practice Group in the Milwaukee office of Godfrey & Kahn, S.C., leader of the Government Investigations, White Collar & Compliance Practice Group, and co-leader of the firm’s health care practice. Sean frequently represents health care organizations and other entities that contract with the federal government in litigation and investigations arising under the False Claims Act, and represents clients in matters involving corporate governance, securities fraud, shareholder disputes, RICO, complex contract disputes, commercial torts, trade secrets, unfair competition. Sean graduated from Marquette University Law School, magna cum laude, in 1997, and earned his bachelor’s degree in history from Brown University in 1990. Contact him via email at [email protected].

1 The opinions expressed herein are the opinions of the authors/presenters based on data available at the time of submission for publication and are not to be taken as legal advice to any person or entity, nor understood to be the positions of any law firm, government entity, administration, or institution.

2 As of February 2021, an estimated $4 trillion in relief funds have been made available, and the Biden Administration is currently proposing almost $2 trillion more.

3 See generally The Consolidated Appropriations Act, 2021, provided yet further economic support.

4 Id; see also Office of Postsecondary Educ., CARES Act: Higher Education Emergency Relief Fund, U.S. Dep’t of Educ., (last modified May 11, 2021); CARES Act Provider Relief Fund,, (last reviewed Jan. 21, 2021).

5 Press Release, U.S. Dep’t of Justice, Department of Justice is Combatting COVID-19 Fraud But Reminds the Public to Remain Vigilant (Oct. 15, 2020),

6 Press Release, U.S. Dep’t of Justice, Attorney General William P. Barr Urges American Public to Report COVID-19 Fraud (Mar. 20, 2020),

7 Press Release, U.S. Dep’t of Justice, Reality TV Star Indicted on Federal Charges (June 24, 2020),

8 Press Release, U.S. Dep’t of Justice, New Jersey Attorney Charged with Fraudulently Obtaining $9 Million in Loans Meant to Help Small Businesses During COVID-19 Pandemic (Sept. 3, 2020),

9 Press Release, U.S. Dep’t of Justice, NFL Player Charged for Role in $24 Million COVID-Relief Fraud Scheme (Sept. 10, 2020),

10 Principal Deputy Assistant Att’y Gen. Ethan P. Davis, Speech to the Institute for Legal Reform, U.S. Chamber of Commerce (June 26, 2020),

11 Press Release, U.S. Dep’t of Justice, Attorney General William P. Barr Urges American Public to Report COVID-19 Fraud.

12 Special Inspector Gen. for Pandemic Recovery, (last visited July 12, 2021).

13 Pandemic Oversight, (last visited July 12, 2021).

14 CARES Act Cong. Oversight Comm’n, (last visited July 12, 2021).

15 Ethan P. Davis, Speech.

16 The below are descriptors only. Please see the actual wording of these statutes and case law and pattern jury charges in the relevant jurisdiction.

17 Press Release, SIGTARP, SIGTARP Launches Financial Institution Crimes and Fines Database (Dec. 18, 2019),

18 See Office of the Special Inspector Gen. for the Troubled Asset Relief Program, Financial Institution Crimes and Fines Database, SIGTARP, (last visited July 12, 2021).

19 Press Release, SIGTARP, More than 100 Bankers Investigated by SIGTARP Have Been Charged with Committing Crime or Civil Fraud (Aug. 9, 2016),

20 Press Release, SIGTARP, Former CFO of Massive TARP Recipient Bank of America Barred for 18 Months from Serving As Officer or Director of Any Public Company (May 2, 2014),

21 See SIGTARP, (last visited July 12, 2021).

22 Press Release, U.S. Dep’t of Justice, United States Joins Lawsuit against AECOM Alleging False Claims in Connection with Hurricane Disaster Relief (June 3, 2020),; United States ex rel. Robert Romero v. AECOM, Inc., et al., No. 16-cv-15092 (E.D. La.).

23 Principal Deputy Assistant Att’y Gen. Ethan P. Davis, Speech to the Institute for Legal Reform, U.S. Chamber of Commerce (June 26, 2020),

24 FAQs – Application of OIG’s Administrative Enforcement Authorities to Arrangements Directly Connected to the Coronavirus Disease 2019 (COVID-19) Public Health Emergency, U.S. Dep’t of Health & Human Servs. Office of Inspector Gen., (last updated May 24, 2021).

25 31 U.S.C. § 3729(b)(4) (2021).

26 Universal Health Servs. v. United States ex rel. Escobar, 136 S. Ct. 1989 (2016).

27 United States ex rel. Janssen v. Lawrence Mem’l Hosp., 949 F.3d 533 (10th Cir. Feb. 7, 2020).

28 Id. at 543.

29 Azar v. Allina Health Servs., 139 S. Ct. 1804 (2019).

30 Memorandum from the Assoc. Att’y Gen. to the Heads of Civil Litigating Components – United States Attorneys, Limiting Use of Agency Guidance Documents In Affirmative Civil Enforcement Cases (Jan. 25, 2018),

32 Id. § 1-20.201.