Somewhere inside a Palantir conference room, a product manager is explaining to a Small Business Administration deputy that yes, we can absolutely cross-reference every COVID relief borrower's banking history, tax filings, social media posts, and cell phone geolocation data in a single dashboard. The deputy is nodding vigorously. The deputy does not want to be the person who approved the next fake dry cleaning business that buys a speedboat with EIDL money. Neither do you, if you work at the SBA in 2026. Everyone is terrified. Everyone is lawyering up. And so the agency that five years ago waved through a trillion dollars in forgivable loans with less scrutiny than a coffee shop applies to a new hire is now building an internal surveillance stack that would make a DEA field office jealous.
This is how agencies pivot after a scandal. The SBA spent all of 2020 and 2021 functioning essentially as an ATM for anyone with a business name and a laptop. Then the Inspector General reports started rolling in. Then the indictments. Then the congressional hearings with visible veins in several committee chairs' necks. And now, after a federal probe into a suspected Somali-American fraud network in Minnesota turned into a 6,900-borrower suspension, the agency has done what every federal agency eventually does when it gets embarrassed. It contracted Palantir. And the deputy who signed the contract is absolutely, positively going to sleep tonight.
From ATM to All-Seeing Eye in 36 Months
Let's recap the character arc here, because it is genuinely impressive. In April 2020, the Small Business Administration approved 50,000 loans per day during the peak of Paycheck Protection Program processing. The internal vetting was mostly a checkbox. Applicants self-reported employee counts. Banks self-reported due diligence. The SBA self-reported that everything was fine. The IG later estimated the program may have lost 200 billion dollars to fraud. Two hundred billion. With a B. An amount of money so large that if you stacked it in hundred-dollar bills it would reach the moon, get bored, and come back for snacks.
Now, in 2026, the same agency is quietly onboarding Palantir Gotham, the software platform originally built for counterterrorism operations, to hunt down the fraudsters it personally handed the money to six years ago. The irony is so thick you could spread it on toast. The agency did not detect the fraud because the agency was not looking. Now the agency is looking very hard, because the alternative is another year of Senate oversight hearings where an SBA administrator has to explain, with a straight face, why a food truck in Duluth that did not exist received 280,000 dollars for payroll it also did not have.
What Palantir Actually Does Once It's Inside a Federal Agency
Palantir does not write checks. Palantir connects databases. It takes the SBA's internal borrower records, merges them with Treasury wire data, Social Security Administration files, IRS tax records, state unemployment systems, and a long list of commercial data brokers, then renders the combined dataset in a dashboard where a federal investigator can spot a fraudulent borrower in about four minutes. The core product is link analysis. You click on a borrower, you see every bank account they touched, every address they ever used, every phone number tied to their tax filings, every other COVID relief application submitted from the same device or IP or coffee shop Wi-Fi. If there is a pattern, the software surfaces it.
That is the sell. The reality is messier. Palantir deployments famously require an army of in-house engineers (they call them Forward Deployed Engineers, which is extremely ICE raid energy) to keep the pipelines running. Those engineers get extraordinary access to an agency's internal data. They also, once embedded, tend to stay embedded. The SBA that signs a Palantir contract in 2026 is very likely still running Palantir infrastructure in 2036, long after the current administrator has cashed out to a board seat somewhere and left Gotham quietly humming in the basement.
The Minnesota Trigger Was Always Going to Be Bigger Than Minnesota
The specific spark here is a federal probe in Minnesota, where investigators flagged roughly 250 million dollars in suspected COVID relief fraud tied to what Fox News has alarmingly labeled a Somali-American fraud network. The SBA suspended around 6,900 Minnesota borrowers. Fox ran with it. CBS picked it up. The Hill wrote it straight. The political temperature spiked, because it always does when the words fraud, federal money, and a named ethnic community land in a headline together. And the SBA administrator, correctly reading the room, opted to announce a major modernization initiative rather than let the entire agency's credibility keep bleeding out through the bathroom floor.
But the story was never actually about Minnesota. The story was about the fact that Minnesota was just the one they caught. If you zoom out on the SBA fraud map, every state has a Minnesota. Florida has a Minnesota the size of a small country. Georgia has three Minnesotas. California, per recent reporting, has a Minnesota worth 8.6 billion dollars. The agency is not suddenly discovering fraud. The agency is finally acknowledging that its entire COVID-era loan portfolio is riddled with it. The Palantir contract is the tool the agency will use to wade through the mess without having to admit out loud how big the mess actually is.
What This Means for Legitimate Small Business Owners
If you are a legitimate small business owner reading this and feeling a sudden cold breeze on the back of your neck, trust the breeze. The Palantir deployment does not just scan fraudulent borrowers. It scans all borrowers. Every COVID relief application, regardless of whether it was fraudulent or fine, now sits inside a linked dataset that federal investigators can query at will. If you legally took a PPP loan, paid it back, got it forgiven, and moved on with your life, your records are in that dataset. Not because you did anything wrong. Because the software does not know in advance who did anything wrong, and so it ingests everything and sorts it out later.
Surveillance infrastructure is like a storage unit. It only makes sense to build it if you plan to put a lot in, and once you start, you never really stop.
The practical consequence is that the SBA of 2026 is no longer just a lender. It is a data agency with lending on the side. Every future SBA program, 7(a) loans, 504 loans, disaster relief, microloan initiatives, will run through the same data pipeline that was built to catch PPP fraudsters. The agency's institutional reflex, for the next generation of small business borrowers, is going to be surveillance first, capital second. That is a permanent change in how a nominally pro-small-business agency operates, and it happened without anyone voting on it.
The Part Where Nobody Learns Anything
The tragicomedy of the SBA story is that every phase of it produces exactly the wrong lesson. In 2020, the lesson was "we need to get money out the door fast," so the vetting got gutted. In 2022, the lesson was "we have a massive fraud problem," so the enforcement machine cranked up. In 2026, the lesson is "we need better data tools," so Palantir walks in the door. At no point does anyone stop to ask whether the agency's core institutional problem is that it oscillates between the extreme of no controls and the extreme of total data capture, with no sustainable middle.
The middle is the part that requires actually staffing the SBA with competent loan officers, training them properly, giving them enough time and authority to evaluate real borrowers, and funding the Inspector General office to do continuous sampling audits rather than postmortem disaster reports. That middle is boring. That middle does not produce a press release. That middle does not get you a Palantir booth at the next federal technology conference. So the agency skips the middle. The agency is always either asleep or armed.
What to Watch Over the Next Twelve Months
Expect more suspensions. The Minnesota 6,900 is the floor, not the ceiling. When Palantir's pattern detection fully stands up, expect tens of thousands of additional borrowers across multiple states to receive suspension notices, often for loans that were approved years ago and are already in the forgiveness pipeline. Some of those suspensions will be appropriate. Some will be false positives caught by fuzzy pattern matches. The appeal process is going to matter more than any previous phase of SBA enforcement, because the software will produce confident answers that are often only eighty percent correct, and the twenty percent is going to be a lot of legitimate owners wondering why their lender just pulled a line of credit.
Expect political fights. Some senators will call for more aggressive enforcement. Others will warn about surveillance overreach and demand privacy review. Both will be partially right and neither will get the hearing they deserve, because the Palantir contract was signed under procurement authority that does not require much public debate. By the time Congress catches up, the infrastructure will be fully deployed and the conversation will have moved on.
And expect the SBA to release a single, beautifully designed press release in Q3 2026 claiming it has recovered a specific impressive-sounding dollar figure in fraudulent funds. That number will be real. It will also be a rounding error against the total fraud volume. And the agency will use that number as evidence that the Palantir deployment was worth it, the same way it used the original PPP processing volume as evidence that the program itself was a success. The metrics that let the agency look good are always the metrics the agency is willing to publish. The metrics that tell the full story are the ones locked inside Gotham, right next to Chad's boat receipts.
The small business apocalypse is not over. It just went digital.