Healthcare Fraud During a Pandemic: Fast Facts for Financial Institutions
Healthcare fraud pre-dates COVID-19, however, the global pandemic has highlighted the importance of identifying and reporting healthcare fraud in the Suspicious Activity Report (SAR) regime. The life-and-death consequences of healthcare fraud can manifest in a lack of funds to buy respirators, unnecessary medical procedures being performed, or ineffective drugs being prescribed.
The 2018 National Money Laundering Risk Assessment (NMLRA) found that healthcare fraud was the largest source of illicit funds in the US, with over $110 billion in proceeds generated each year. Healthcare fraud accounts for one-third of all illicit proceeds laundered in the United States. And those numbers came before extra hundreds of billions of dollars were allocated to fight COVID-19.
The NMLRA ranks healthcare fraud as a top priority, yet SAR filings do not reflect that reality. In fact, healthcare fraud SARs placed 73rd out of 96 suspicious activity categories in 2019 with only 1,056 SARs filed. By comparison, there were nearly 3 times as many Human Trafficking SARs, 13 times as many Mass-Marketing SARs, and Elder Financial Exploitation reported over 62,000 SARs.
2019 SAR Filing Counts For Select Categories
|1||Transaction(s) Below BSA Recordkeeping Threshold||479,496|
|23||Elder Financial Exploitation||62,298|
|73||Healthcare/Public or Private Health Insurance||1,056|
|95||Reverse Mortgage Fraud||1|
Financial Institutions have developed sophisticated and successful typologies for crimes ranging from Ponzi Schemes to Human Smuggling. Surely with more attention, healthcare fraud typologies can be improved.
How does healthcare fraud work?
Corporate fraud by healthcare providers (as opposed to individual beneficiaries) accounts for the lion’s share of the fraud. The GAO found that providers were complicit in 62% of cases, and beneficiaries were complicit in 14% of cases. Many fraud schemes mimic legitimate transactions with complicit doctors and other medical professionals. Additionally, the sheer volume of healthcare claims makes fraud detection a challenge. For example, Medicare processes more than 4.5 million claims a day.
While the challenges of detecting healthcare fraud are numerous, understanding common healthcare fraud schemes is the first step.
Common types of fraud by dishonest providers
- Fraudulent billing schemes (for example, billing for services that were never rendered or not medically necessary)
- Paying kickbacks for participants of a scheme (for example, patient referrals or marketing prescription drugs for non-FDA-approved uses)
- Medical identity theft (for example, using a deceased beneficiary’s or retired physician’s information)
How can financial institutions identify healthcare fraud?
Financial institutions have unique insights and obligations regarding opening and maintaining customer accounts for healthcare providers. Just as all bank customers do not pose an equal risk, the same goes for segments of healthcare providers.
High-risk healthcare providers
The Centers for Medicare & Medicaid (‘CMS’) offers guidance to States as to which provider types must be considered high-risk when onboarding new Medicaid providers. For example, newly enrolled home health agencies and suppliers of durable medical equipment are regarded as high risk because CMS found that these types of providers are susceptible to engaging in fraud. The GAO found that home health care providers accounted for the largest percentage of criminal convictions for Medicaid fraud, hospitals and medical facilities were the most frequent subjects investigated in civil fraud cases, and pharmaceutical manufacturers were ordered to pay the most in civil fines. Financial institutions should consider incorporating healthcare fraud data into risk ranking healthcare provider customers.
Red flags for healthcare providers
Fraudulent providers may engage in behavior or transactions that could serve as red flags for financial institutions to investigate more thoroughly.
- Principals without the necessary degrees or credentials operating a healthcare business. In one case, a personal trainer and convicted felon posed as a doctor and billed millions of dollars to private health insurers.
- Principals/entities that were previously excluded from participating in federal healthcare programs. 60% of excluded individuals and entities were in the nursing profession, while pharmacies and pharmacists accounted for 7%. The Office of the Inspector General for the US Department of Health & Human Services provides both a searchable online database and a downloadable version of the exclusion list.
- Shell companies used to obscure ownership.
- Discrepancies between the provider’s self-reported ownership information reported to the government insurer and the financial institution at account opening.
Transactional Red Flags
- Using insurance payments for personal rather than professional purposes
- Layering insurance payments through accounts
- Unusual cash deposits and withdrawals (for example, pill mills have been found to write prescriptions for cash payment)
- The principal personally receiving payment from un-related medical providers (a potential indication of kickback)
- Provider business transaction types, volumes, or velocity not comparable to other similar businesses
- Providers supposedly treating local patients yet receiving payment from out-of-state insurers, or local providers allegedly treating out-of-state patients
- False documentation to support transactions (for example, sequential invoices, dates of service on holidays)
With the pandemic in full swing, now is the time to review whether your financial institution is doing its part to identify and report this costly, widespread, and deadly fraud.
To learn more about healthcare fraud and how the opioid and fentanyl epidemics are impacting financial institutions, ACFE members can listen to our recent webinar: The Opioid Crisis: How Financial Institutions Can Mitigate Risk.