US Department of Justice Announces US$2.9 Billion in Fiscal Year 2024 False Claims Act Recoveries
On 15 January 2025, the US Department of Justice (DOJ) published its report (Report) announcing civil recoveries under the False Claims Act (FCA) for Fiscal Year (FY) 2024. The recoveries for FY 2024 exceeded US$2.9 billion, approximately US$1.7 billion of which involved the health care industry. The US government has now collected over US$78 billion in recoveries under the FCA since the statute was amended in 1986 to allow for treble damages and increased incentives for whistleblowers. Notably, the 979 qui tam lawsuits filed in FY 2024 marked the highest number in a single year; and the 558 settlements and judgments trailed only just behind the record number set in FY 2023.
As with FY 2023, qui tam cases comprised the largest portion of recoveries, with over 83% (US$2.4 billion) stemming from whistleblower actions. The government paid over US$400 million to whistleblowers in relation to these FY 2024 recoveries. Of the record-setting 979 qui tam suits that were filed in FY 2024, 370 were health care focused.
DOJ also highlighted its “key enforcement priorities” for FY 2024 and provided representative examples. The enforcement priorities included health care fraud, military procurement fraud, pandemic fraud, and cybersecurity fraud. As with prior years, health care fraud was the principal source of FCA recoveries, which included recoveries relating to Medicare Advantage fraud, billing for unnecessary services and substandard care, opioid epidemic-related fraud, kickback schemes, and Stark Law violations.
Health Care Fraud
With Medicare Advantage, also known as Medicare Part C, having become the largest component of the Medicare program, the government continued its focus on Medicare Advantage fraud. In FY 2024, the government secured a substantial recovery from a provider that allegedly paid kickbacks to third-party insurance agents in exchange for recruiting senior citizens to the provider’s primary care clinics. DOJ also highlighted that it is continuing to litigate a number of cases against Medicare Advantage Organizations.
DOJ obtained substantial recoveries from providers who allegedly improperly billed for medically unnecessary services and substandard care. Additionally, the government has continued to focus on opioid crisis-related fraud, with several substantial recoveries against pharmaceutical companies and individual physicians.
In a carry-over from FY 2023, some of the largest health care recoveries in FY 2024 resulted from alleged unlawful kickback schemes and Stark Law violations. The kickback schemes ranged from payments to purportedly induce referrals of dialysis patients, to medical directorships that were intended to induce patient referrals. As to the Stark Law, DOJ highlighted a US$345 million settlement to resolve allegations that a health care network paid compensation to certain physician groups far above fair market value and awarded bonuses tied to referral volume.
Other Enforcement Priorities
In addition to health care-specific recoveries, the government recovered significant funds stemming from military procurement fraud, pandemic fraud, and cyber fraud. The military procurement fraud recoveries included a US$70 million settlement against a contractor to resolve allegations that they overcharged the US Navy for spare parts and materials needed to repair and maintain aircraft used to train naval aviators. Of note, military procurement fraud recoveries could have been much higher in FY 2024, however, a US$428 million settlement with a defense contractor occurred on 16 October 2024, putting that recovery in FY 2025.
The government also resolved an estimated 250 cases, totaling over US$250 million, in connection with pandemic-related fraud. As with FY 2023, the pandemic fraud largely stemmed from the submission of inaccurate information in PPP loan applications, though the DOJ also highlighted a US$12 million recovery that resolved allegations of false claims for COVID-19 testing that were billed to the Health Resources and Services Administration’s Uninsured Program.
In October 2021, DOJ announced its Civil Cyber-Fraud Initiative with the goal of pursuing companies who receive federal funds while failing to follow required cybersecurity standards. In FY 2024, the government entered into several recoveries under the Civil Cyber-Fraud Initiative. DOJ also highlighted a complaint-in-intervention that was filed against a research institution alleging that the defendants had failed to meet cybersecurity requirements in connection with Department of Defense contracts.
Whistleblower Suits
Given the record-setting number of qui tam cases filed in FY 2024, it will be important to continue to monitor developments regarding the constitutionality of the qui tam provisions. On 30 September 2024, a judge in the US District Court for the Middle District of Florida held that the qui tam provisions of the FCA violate the Appointments Clause of Article II of the US Constitution. This first-of-its-kind decision has sparked a wave of filings by the defense bar. With the Middle District of Florida’s decision on appeal, there are sure to be many developments on this issue in the coming months.
The FY 2024 settlements and judgments provide an insight into the government’s enforcement priorities and potential future enforcement areas. The firm’s forthcoming article The False Claims Act and Health Care: 2024 Recoveries and 2025 Outlook will provide an in-depth analysis of the 2024 recoveries, as well as some key enforcement areas to look out for in 2025.
Bondi and Bessent Affirm Support for Whistleblowers in Confirmation Hearings
During their Senate confirmation hearings, both Pam Bondi, nominee for Attorney General, and Scott Bessent, nominee for Treasury secretary, affirmed their support for whistleblowers in response to questions from Senator Chuck Grassley.
Bondi Promises to Defend Constitutionality of False Claims Act
During Bondi’s confirmation hearing on January 15, Senate Grassley asked if she believed that the False Claims Act is constitutional and if she would commit to continuing the Department of Justice’s defense of its constitutionality. Grassley spoke about how, thanks in large part to “patriotic whistleblowers,” the False Claims Act has resulted in over $78 billion in collections for the government since 1986.
“I would defend the constitutionality of course of the False Claims Act,” Bondi stated. “The False Claims Act is so important, especially by what you said with whistleblowers.”
The constitutionality of the False Claims Act’s qui tam provisions have faced challenges recently. In September, the U.S. District Court for the Middle District of Florida ruled that the qui tam provisions are unconstitutional because they violate the Appointments Clause of Article II. The court ruled that by filing a qui tam lawsuit alleging Medicare fraud, whistleblower Clarissa Zafirov was granted “core executive power” without any “proper appointment under the Constitution.”
The U.S. government is urging the Eleventh Circuit to reverse the district judge’s “outlier ruling,” noting in a brief that “other than the district court here, every court to have addressed the constitutionality of the False Claims Act’s qui tam provisions has upheld them.”
Under the False Claims Act’s qui tam provisions, individuals may file lawsuits alleging government contracting fraud on behalf of the United States. The government then has the ability to intervene and take over the case, intervene and dismiss the case, or not intervene and let the whistleblower proceed with the suit. In successful qui tam cases, regardless of whether the government intervenes, whistleblowers are eligible to receive between 15 and 30% of the settlement or judgment.
Since the False Claims Act’s qui tam provisions were amended in 1986, the government has recovered over $78 billion, with more than $55 billion stemming from qui tam whistleblower suits. Striking down the constitutionality of qui tam would thus cripple the most important law protecting taxpayer funds from fraud.
Bessent States He will Support IRS Whistleblower Program
During Bessent’s confirmation hearing on January 16, Senator Grassley brought up the importance of the Internal Revenue Service (IRS) Whistleblower Program, noting that since it was established in 2006 ““it’s brought $6 billion back into the federal treasury.”
“This program could raise billions more if the IRS would use it to its full potential,” Grassley stated. “So I hope I can count on you, if you’re confirmed, to be supportive of this whistleblower program and work to ensure its full use to its full potential.”
“Senator Grassley, we are in complete alignment on this program,” Bessent said in response.
Through the IRS Whistleblower Program, qualified whistleblowers, individuals who voluntarily provide original information that leads to a successful IRS action, are eligible to receive monetary awards of 15-30% of the money collected thanks to their disclosure.
The program, which revolutionized tax enforcement by incentivizing insiders to come forward and disclose hard-to-detect misconduct, has struggled in recent years as delays have grown and payouts to whistleblowers have dropped. While recent administrative reforms have strengthened the program, advocates believe that it has even more potential.
EnforceMintz — Scienter, Causation, and Constitutional Questions: 2024’s Three Key FCA Litigation Issues
In 2024, federal courts issued a number of important decisions in False Claims Act (FCA) cases that are particularly noteworthy for the health care and life sciences industries. We focus here on decisions that further develop the FCA scienter standard addressed in 2023 by the Supreme Court in its important SuperValu decision. We also look at decisions that have accepted the invitation of three Supreme Court justices to reexamine the constitutionality of the FCA’s qui tam provisions. Finally, a circuit split on the interpretation of “causation” for FCA suits based on alleged violations of the Anti-Kickback Statute (AKS) remains unresolved, pending a decision from the First Circuit.
Post-SuperValu Developments Concerning the FCA’s Scienter Standard
An essential element of any FCA claim is “knowledge” that the submission of claims was “false or fraudulent.” By statute, the FCA defines “knowledge” to mean that a person acted with (i) actual knowledge, (ii) deliberate ignorance, or (iii) reckless disregard with respect to the truth or falsity of the information at issue. This is the FCA’s intent or scienter standard. Last year, in SuperValu, the Supreme Court held that the FCA’s “knowledge” element is based on subjective intent and not, as a number of circuits had previously held, on a defendant’s “objectively reasonable” interpretation of an ambiguous legal or regulatory issue.1 We previously discussed the SuperValu case (here and here) and analyzed the decision’s implications in last year’s issue of EnforceMintz.
The Supreme Court explained that the FCA’s scienter requirement could be met by showing (i) “deliberate ignorance,” meaning that a defendant had knowledge of a “substantial risk” that its statements were false but “intentionally avoid[ed]” a relevant legal or regulatory requirement; or (ii) “reckless disregard,” meaning that a defendant understood that there was a “substantial and unjustifiable risk” that its claims were false but submitted the claims anyway. While the Supreme Court did not define how lower courts might determine which risks are “substantial” or “unjustifiable,” these two new glosses on “deliberate ignorance” and “reckless disregard” offer some guidance to providers and companies seeking to avoid exposure to FCA liability through well-designed compliance programs.
SuperValu may have been initially understood as a clear-cut victory for the United States and private whistleblowers who bring actions under the qui tam provisions of the FCA. Generally speaking, in litigation, a defendant’s subjective knowledge is often a question of fact, which makes it difficult for defendants to win a motion to dismiss on the basis of whether a complaint adequately alleges knowledge. But as decisions from the past year demonstrate, that is not the full story, for two reasons.
First, even after SuperValu, courts have been willing to grant motions to dismiss on scienter grounds. For example, in August 2024, a federal district court granted a pharmaceutical manufacturer’s motion to dismiss an FCA complaint for failure to adequately allege scienter.2 In US ex rel. Sheldon v. Forest Laboratories, LLC, the relator alleged that Forest Laboratories overcharged the government in violation of the FCA because it did not include certain price concessions in calculating “best price,” as that term was defined by statute. The court found the “best price” definition “no more informative than the hypothetical instruction in [SuperValu] to drive at a ‘reasonable’ speed.”3 As such, the court found that the defendant’s alleged familiarity with such vague instructions did not provide a basis to attribute a culpable mental state to the drug manufacturer.
Second, in June 2024, the Supreme Court decided Loper Bright Enterprises v. Raimondo, ending the era of “Chevron deference” in which courts deferred to an agency’s interpretation of an ambiguous statute.4 This decision may lend support to FCA defendants in cases where the conduct at issue allegedly violated an ambiguous statutory or regulatory requirement. Often in FCA cases, the United States or a private relator attempts to establish scienter by showing an FCA defendant’s knowledge of statutory or regulatory requirements or agency guidance. After Loper Bright, a provider or company facing ambiguous or complex statutory or regulatory requirements can now demonstrate that it subjectively believed it was not taking “substantial and unjustifiable risk” that its claims were false based on the controlling statutory text, without undue deference to an agency’s interpretation. For example, analyzing Stark Law compliance often requires a review of layers of exceptions to complex statutory or regulatory prohibitions. Loper Bright may help provide a defense as to both scienter and falsity where theories of liability are premised on noncompliance with a web of statutory requirements, regulations, and complex agency guidance.
As we previously discussed (here), these case law developments highlight three implications for health care and life sciences companies seeking to minimize FCA exposure or to defend against an FCA investigation or litigation:
Providers and companies should seek to minimize potential FCA exposure by documenting interpretations of ambiguous legal requirements or regulations based on all available advice, communications with agencies or payors, and any other information when making business decisions that involve claims to federal programs or federal funds.
In the event of an FCA investigation, strong compliance functions and a clear record showing the entity’s lack of a subjective belief that it was submitting false or fraudulent claims, or taking an unjustified risk of doing so, may help persuade the government to decline to intervene in an FCA lawsuit.
As Sheldon demonstrates, once in litigation, a scienter-based motion to dismiss argument as well as summary judgment opportunities may still be available, despite SuperValu’s subjective intent holding.
While scienter issues often raise disputed factual questions, that is not always the case, as demonstrated by developments in FCA case law since SuperValu.
Successful Constitutional Challenges in FCA Cases Under Article II and the Eighth Amendment
For the first time in two decades, the issue of the constitutionality of the FCA’s qui tam provisions is squarely before the federal courts. In 2024, defendants raised successful constitutional challenges in cases involving large FCA penalties. Given these results, constitutional questions will likely remain a hot-button issue in 2025, particularly in cases where the government declines to intervene.
Zafirov and the Constitutionality of the FCA’s Qui Tam Provisions
In September 2024, a federal district court held in US ex rel. Zafirov v. Fla. Med. Assocs., LLC that the FCA’s qui tam provisions violate the Appointments Clause of Article II of the Constitution.5
Public officials who exercise “significant authority” under federal law and “occupy a continuing position established by law” are “Officers” who must be appointed consistent with the requirements of Article II, Section 2. In considering whether FCA relators are “Officers”, the court observed that “[a]n FCA relator’s authority markedly deviates from the constitutional norm.” The court explained that the qui tam provisions permit anyone “wherever situated, however motivated, and however financed” to perform a “traditional, exclusive [state] function by appointing themselves as the federal government’s avatar in litigation.”6 The court thus concluded that arrangement violates the Appointments Clause because it permits unaccountable, unsworn private actors to exercise core executive power with substantial consequences for the public. Finding the relator in Zafirov was unconstitutionally appointed, the court granted the defendants’ motion for judgment on the pleadings and dismissed the case with prejudice.
In our prior discussion (here), we explained how Zafirov followed from Justice Thomas’s dissent in US ex rel. Polansky v. Executive Health Resources, which noted the “substantial arguments” that the FCA’s qui tam provisions may be “inconsistent with Article II.” Two other justices agreed with Justice Thomas’s suggestion that the Court should consider the constitutional question in an appropriate case.
The United States and the relator appealed the Zafirov decision to the Eleventh Circuit. As of the date of this publication, briefing is in progress. The government made four particularly noteworthy arguments in its opening brief. First, the government argued that qui tam relators pursue “private interests” assigned by the FCA but do not exercise executive power. Second, the government argued that the qui tam provisions are not subject to the Appointments Clause because relators are not a part of the federal government. Third, even if the Appointments Clause applies, the government argued that relators (i) do not exercise “significant authority” because they are not part of the government workforce and the government retains supervisory authority over declined FCA cases; and (ii) do not “occupy a continuing position established by law” because the role of a qui tam relator is time-limited, case-specific, and involves interests that are personal in nature. Finally, the government argued that, even if the district court’s ruling in Zafirov is affirmed, the decision should be limited only to declined cases and should not extend to matters where the government has intervened or is considering whether to intervene. The defendants’ brief will be filed in the first quarter of 2025 and a decision is expected by the end of 2025.
If Zafirov is affirmed, that would create a circuit split on the constitutionality of the qui tam provisions, which would greatly increase the odds of Supreme Court review. In cases decided between 1993 and 2002, the Second, Fifth, Sixth, Ninth, and Tenth Circuits rejected Article II constitutional challenges to the FCA’s qui tam provisions, so Zafirov’s impact may be limited in those jurisdictions. But in circuits where the issue has not been decided, and to preserve the argument in circuits that previously rejected Article II challenges, defendants are raising the constitutional arguments via motions to dismiss, motions for judgment on the pleadings, and in affirmative or general defenses.
For example, in one recent declined FCA lawsuit pending in a federal district court within the Eleventh Circuit, a defendant Medicare Advantage Organization moved to dismiss, leading its brief with the argument that such relator-driven qui tam suits violate Article II of the Constitution.7 Defendants have made similar arguments in other jurisdictions as well.8
The success of these arguments remains to be seen. FCA defendants raising the constitutional argument should be aware of the notice requirements of Federal Rule of Civil Procedure 5.1, which requires that a party filing a pleading or motion drawing into question the constitutionality of a federal statute promptly file a “notice of constitutional question” with the court and serve that notice on Attorney General of the United States.
In response to FCA defendants’ emerging reliance on Zafirov, the United States has not hesitated to step in to defend the constitutionality of the FCA’s qui tam provisions in previously declined cases. For example, in US ex rel. Gill v. CVS Health Corp., DOJ initially declined to intervene in an FCA lawsuit involving over $200 million in alleged damages from overpayments and over-billing federal programs and commercial payors.9 After Zafirov was decided, the CVS defendants filed a Rule 5.1 notice of constitutional challenge, arguing that the FCA qui tam provisions violated separation of powers principles and Article II of the US Constitution. The CVS defendants also asserted those defenses in their answer to the complaint. The CVS defendants’ Rule 5.1 notice prompted the government to reverse course and intervene “for the limited purpose of defending the constitutionality of the qui tam provisions” of the FCA.
These Article II challenges to the qui tam provisions could significantly impact FCA cases, especially qui tam litigation where the United States previously declined to intervene. We will continue to monitor this issue as it develops in 2025.
Eighth Amendment Challenges to Excessive FCA Penalties
In July, the Eighth Circuit vacated a roughly $6.5 million FCA award, holding that the amount violated the Eighth Amendment’s Excessive Fines Clause.10 In Grant ex rel. US v. Zorn, a medical practitioner filed a qui tam action against the co-owner of a sleep disorders center, alleging that the defendant overbilled federal and state programs for patient visits and engaged in a kickback scheme. After trial, the district court determined that the 1,050 false claims the defendant had submitted to the government resulted in roughly $86,000 in actual damages, which was then trebled to about $259,000. Then, the court imposed a per-claim civil penalty, which added almost $7.7 million to the total award.
Citing the Eighth Amendment’s Excessive Fines Clause and the Supreme Court’s prior invalidation of punitive damages awards that far outpace actual damages, the district court reduced the penalties to $6.47 million. The district court thus endorsed a ratio in which the penalty amounts were 25 times greater than actual damages.
On appeal, however, the Eighth Circuit in Grant vacated the punitive damages award, holding that the application of both treble damages and per-claim civil penalties violated the Eighth Amendment’s Excessive Fine Clause. The court reasoned that the punitive sanction was “grossly disproportional” to the conduct at issue and that the Eight Circuit had previously rejected double-digit multipliers where there was a small economic loss and no evidence of danger to health and safety.
The Grant decision bolsters defendants’ arguments for lower penalty awards in FCA cases where the penalties imposed far exceed actual damages. These arguments are more likely to succeed in cases where the only harm alleged is purely economic.
The Unresolved Circuit Split on the Causation Standard for AKS-Based FCA Claims
As we discussed in last year’s edition of EnforceMintz, a significant circuit split is developing on the causation standard applicable to FCA claims based on violations of the AKS. Specifically, section (g) of the AKS states that “a claim that includes items or services resulting from a violation of [the AKS] constitutes a false or fraudulent claim for purposes of [the FCA].”11 The issue in this circuit split is whether the submission of a claim to the government “result[s] from” a kickback only if it would not have been submitted “but for” the kickback.
In July 2024, the First Circuit heard oral argument on the FCA-AKS causation issue in United States v. Regeneron Pharmaceuticals, Inc.12 As of the date of publication of this article, the First Circuit’s decision is pending.
In Regeneron, the government appealed the district court’s holding that a standard of “but for” causation applied to FCA lawsuits premised on AKS violations. The district court’s holding was consistent with recent decisions from the Sixth and Eighth Circuits (which we previously discussed here) applying the plain language of section (g) of the AKS to require a showing of “but for” causation. On appeal, the government argued that a broader proximate cause standard applies, requiring only “some sort of causal connection.” That view, which has been endorsed by the Third Circuit, is based on the legislative history of the 2010 amendment that added the “resulting from” language in section (g) of the AKS.
At oral argument in Regeneron, Judge Kayatta challenged the government’s expansive view of the causation standard based on legislative intent. Judge Kayatta asked whether causation would be met in a situation where a hospital sent a vendor 10,000 claims in one year, then received a kickback, and then sent fewer claims in the following year. In response, the government argued that each and every claim in year two would be tainted by a kickback, even though the volume of claims decreased post-kickback. Perhaps tellingly, Judge Kayatta found that to be an “odd” outcome.
However the First Circuit rules, the circuit split will deepen, thereby increasing the likelihood that the causation standard question will rise to the Supreme Court. In the meantime, health care and life science entities facing FCA scrutiny based on AKS theories should closely monitor this emerging area. The applicable causation standard can have major implications on FCA exposure and potential damages.
ENDNOTES
[1] US ex rel. Schutte v. SuperValu Inc., 143 S. Ct. 1391, 1399 (2023).
[2] US ex rel. Sheldon v. Forest Laboratories, LLC, No. 1:14-cv-02535, 2024 US Dist. LEXIS 129331, at *79-80 (D. Md. July 23, 2024), appeal filed, No. 24-1793 (4th Cir. Aug. 21, 2024).
[3] Id. at 63.
[4] Loper Bright Enters. v. Raimondo, 603 US ___, 144 S. Ct. 2244 (2024).
[5] US ex rel. Zafirov v. Fla. Med. Assocs., LLC, C.A., No. 8:19-cv-01236-KKM, 2024 US Dist. LEXIS 176626 (M.D. Fla. Sept. 30, 2024).
[6] Id. at *58-59 (internal quotations omitted).
[7] See Gonite v. UnitedHealthCare of Ga., Inc., et al., No. 19-246 (M.D. Ga. Oct. 11, 2024), ECF 69.
[8] See, e.g., US ex rel. Kenly Emergency Med. Corp. v. SCP Health, No. 3:20-cv-3274 (N.D. Cal. Dec. 13, 2024), ECF 74; Omni HealthCare Inc., et al v. North Brevard Cty. Hosp. Dist., et al., No. 6:22-cv-00696 (M.D. Fla. Nov. 28, 2024), ECF 87; US ex rel. Sullivan, et al. v. Murphy Med. Ctr., Inc., et al., No. 1:21-cv-219-MR (W.D.N.C. Oct. 25, 2024), ECF 85; US ex rel. Eckert v. Sci Tech. Inc and Sanmina Corp., No. 20-cv-1443 (D.D.C. Oct. 7, 2024), ECF 34-1.
[9] US ex rel. Gill v. CVS Health Corp., et al., No. 1:18-cv-06494 (N.D. Ill. Feb. 25, 2022), ECF 31.
[10] Grant ex rel. US v. Zorn, 107 F.4th 782 (8th Cir. 2024).
[11] 42 USC § 1320a-7b(g) (emphasis added).
[12] United States v. Regeneron Pharms., Inc., No. 23-2086 (1st Cir. filed Dec. 22, 2023).
Record Number of Qui Tam Suits Filed by Whistleblowers in 2024
During the 2024 fiscal year a record 979 qui tam lawsuits were filed by whistleblowers under the False Claims Act and the U.S. government recovered over $2.4 billion in qui tam cases, according to statistics released yesterday by the U.S. Department of Justice (DOJ).
Whistleblowers and the government were party to 558 False Claims Act settlements and judgments in FY 2024, the second highest ever, and total recoveries exceeded $2.9 billion. This means that qui tam whistleblower cases accounted for more than 82% of False Claims Act recoveries during FY 2024.
“Year after year, the DOJ’s False Claims Act statistics reaffirm an undeniable truth: whistleblowing works,” says leading whistleblower attorney Stephen M. Kohn of Kohn, Kohn & Colapinto. “Thanks to their bravery and inside knowledge, whistleblowers recover billions of dollars for taxpayers every year.”
“It is imperative that the DOJ fully supports and empowers whistleblowers,” adds Kohn, who is also Chairman of the Board of National Whistleblower Center (NWC).
Under the False Claims Act, whistleblowers with knowledge of government contracting fraud may file qui tam lawsuits on behalf of the U.S. government. In successful qui tam cases, whistleblowers are eligible to receive between 15 and 30% of the recoveries.
Since the qui tam provisions were modernized in 1986, whistleblowers have allowed the government to recover over $55 billion in taxpayer dollars from fraudsters.
In September, a district court ruled that the False Claims Act’s qui tam provisions are unconstitutional. The U.S. government has urged the U.S. Court of Appeals for the Eleventh Circuit to reverse the district court ruling, noting that “other than the district court here, every court to have addressed the constitutionality of the False Claims Act’s qui tam provisions has upheld them.”
Whistleblower Awarded $1.8 Million for Reporting Hospital Admissions Kickback Scheme
Healthcare professionals play a critical role in ensuring the integrity of the industry. However, unlawful kickbacks and fraudulent claims, if left unreported, undermine the quality of patient care and solvency of government-funded healthcare programs. A recent case involving Oroville Hospital highlights not just the consequences of violating regulations such as the False Claims Act and Anti-Kickback Statute but also the importance of whistleblowers in combatting such schemes.
Oroville Hospital Settlement Details
Oroville Hospital has agreed to pay $10.25 million to resolve allegations of participating in an illegal kickback and self-referral scheme. The settlement is divided, with $9,518,954 going to the federal government and $731,046 to the State of California.
The allegations claim that Oroville Hospital:
Paid Illegal Kickbacks to Physicians – Oroville Hospital allegedly incentivized physicians responsible for inpatient admissions by offering bonuses tied to how many patients they admitted. This practice incentivized unnecessary hospital stays, jeopardizing patient welfare and inflating healthcare costs.
Falsely Billed Medicare and Medi-Cal – The hospital allegedly admitted patients who did not need inpatient care. Furthermore, they also allegedly added false diagnosis codes such as systemic inflammatory response syndrome (SIRS) to claims, inflating reimbursements from Medicare and Medicaid (Medi-Cal in California).
The Vital Role of Whistleblowers in Healthcare Compliance
The Oroville Hospital case underscores the critical importance of whistleblowers in protecting healthcare systems from unlawful practices. The allegations in this case were originally brought forward by a private individual under the qui tam provisions of the False Claims Act.
Under the qui tam provision, whistleblowers can file lawsuits on behalf of the government and potentially receive a portion of any monetary recovery resulting from the case. The whistleblower received approximately $1.8 million or about 17% of the settlement for her role in exposing these unlawful activities.
Why Whistleblowers Are Essential
Whistleblowers are often employees or professionals working within the healthcare system who become aware of illegal or unethical practices. Here is why their role is indispensable:
1. Preventing Patient HarmUnethical behavior, such as unnecessary hospitalizations or improper medical diagnoses, can seriously harm patients. Whistleblowers bring attention to these issues and ensure medical practices prioritize patient health over profit.
2. Protecting Government ResourcesFraudulent claims and improper billing practices drain billions of dollars each year from federal programs such as Medicare, Medicaid, TRICARE, and FEHB. Whistleblowers help uncover these schemes, ensuring that taxpayer funds are used effectively and healthcare remains affordable.
3. Encouraging Transparency and AccountabilityBy exposing unlawful actions, whistleblowers hold organizations accountable and encourage others in the industry to comply with regulations such as the Anti-Kickback Statute and the False Claims Act.
4. Facilitating Internal ImprovementsWhen courts order companies to implement Corporate Integrity Agreements or similar oversight measures as a result of whistleblower actions, healthcare organizations are compelled to implement stronger compliance frameworks, reducing the risk of future violations.
EnforceMintz — Novel Criminal Charges and Emerging Civil Trends from Opioid Enforcement in 2024
In past years we have discussed how opioid-related enforcement efforts have remained a top federal and state priority (here, here, and here). In 2024, opioid-related enforcement efforts continued across the entire opioid supply chain, and two themes dominated the most significant opioid cases and resolutions of 2024. First, two major settlements from the past year highlight examples of allegations that crossed a line, prompting the government to pursue criminal charges. Second, a number of recent cases against pharmacies involve a common theory of liability based on the Controlled Substances Act (CSA), which served as the basis for civil liability under the False Claims Act (FCA).
Opioid-Related Criminal Resolutions
In February 2024, Endo, a pharmaceutical manufacturer that previously filed for bankruptcy, reached a global resolution of various criminal and civil investigations into the company’s sales and marketing of opioid drugs. The company agreed to pay the government $464.9 million over 10 years (though the actual total payment amount will likely be much lower due to bankruptcy).
To resolve the criminal investigation, Endo agreed to plead guilty to a one-count misdemeanor charge for violations of the federal Food, Drug, and Cosmetic Act (FDCA). That charge related to the company’s marketing of the drug’s purported abuse deterrence, tamper-resistant, or crush-resistant properties to prescribers, despite a lack of supporting clinical data. In the plea agreement, the company admitted responsibility for misbranding its opioid drug by marketing the drug with a label that failed to include adequate directions for its claimed abuse deterrence use, in violation of the FDCA.
More recently, in December 2024, McKinsey & Company, a worldwide management consulting firm, agreed to pay $650 million to resolve criminal and civil investigations related to the firm’s consulting work for Purdue Pharma, the maker of OxyContin. As noted in the government’s press release, the McKinsey resolution was the first time a management consulting firm has been held criminally responsible for its advice resulting in a client’s criminal conduct.
The two-count criminal charging document accused McKinsey of conspiring to misbrand a controlled substance and obstruction of justice. The conspiracy charge related to McKinsey’s work to “turbocharge” OxyContin sales by targeting high-volume opioid prescribers. The obstruction charge arose from the alleged deletion by a senior partner of certain documents related to the company’s work for Purdue. To resolve those charges, McKinsey entered into a five-year deferred prosecution agreement (DPA). Under the DPA, McKinsey agreed not to do any consulting work related to the marketing, sale, or distribution of controlled substances and agreed to implement significant changes to its compliance program. Separately, the former McKinsey senior partner who allegedly destroyed records relating to the company’s work for Purdue was charged with obstruction of justice and agreed to plead guilty to that charge.
These two resolutions are relevant to all entities in the opioid supply chain, from manufacturers to consultants and all stakeholders in between. Sales and marketing practices, or abuse deterrence claims or practices targeting prescribers based on volume, can lead to both civil liability and potential criminal exposure.
Pharmacies Face Potential FCA Liability Based on CSA Violations
On the civil side, three opioid enforcement actions were particularly noteworthy. Three years ago, we highlighted some of the first pharmacy-related resolutions, which showed that pharmacies were “next in line” for opioid related enforcement. In 2024, two substantial settlements involved alleged CSA violations giving rise to FCA liability. A third FCA lawsuit filed in December 2024 against the nation’s largest pharmacy shows that this trend will likely continue in 2025 and beyond.
In July 2024, Rite Aid and its affiliates agreed to settle allegations brought by the government related to its opioid dispensing practices. Rite Aid had previously filed for bankruptcy, so the settlement agreement involved a payment of $7.5 million, plus a general unsecured claim of $401.8 million in the bankruptcy case.
The government alleged that Rite Aid pharmacists dispensed unlawful prescriptions and failed to investigate “red flags” before dispensing opioid prescriptions, then improperly submitted claims to the government for reimbursement of those prescriptions. The government alleged that the company dispensed unlawful prescriptions by (1) filling so-called “trinity” prescriptions, which are a combination of opioid, benzodiazepine, and muscle relaxants; (2) filling excessive quantities of opioid prescriptions; and (3) filling prescriptions written by prescribers previously identified as suspicious by pharmacists.
Similarly, in December 2024, Food City, a regional grocery store and pharmacy based in Virginia agreed to pay $8.48 million to resolve allegations that it dispensed opioids and other controlled substances in violation of the CSA and the FCA. Like the Rite Aid case, the government alleged that these prescriptions were medically unnecessary, lacked a legitimate medical purpose, or were not dispensed pursuant to valid prescriptions. The government alleged that Food City ignored “red flags” including, among other things, (1) prescribers who wrote unusually large opioid prescriptions; (2) early refills of opioids; (3) prescriptions for unusual quantities or combinations of opioids; and (4) patients who were filling prescriptions for someone else, driving long distances to fill prescriptions, or paying cash for prescriptions.
Also in December 2024, the Department of Justice announced that it had intervened in a nationwide lawsuit alleging that CVS Pharmacy filled unlawful prescriptions in violation of the CSA and sought reimbursement for those prescriptions in violation of the FCA. The lawsuit is currently pending. The theory of liability asserted against CVS is similar to the Rite Aid and Food City cases: CVS allegedly filled unlawful prescriptions, ignored “red flags” of abuse and diversion, and sought reimbursement from federal health care programs for unlawful prescriptions in violation of the FCA.
Under the CSA and applicable regulations, pharmacists dispensing controlled substances, like opioids, have a “corresponding responsibility” to ensure that the prescription was issued for a legitimate medical purpose. 21 C.F.R. § 1306.04(a). Exercising that corresponding responsibility requires identifying and resolving “red flags” before filling a prescription. There is no defined list of what the government deems to constitute “red flags” and determining the existence of red flags is often context dependent. Because FCA lawsuits based on alleged CSA violations appear to be a growing trend, these three cases provide helpful guidance for companies seeking to mitigate risk by implementing corporate compliance programs designed to identify and resolve “red flags” related to opioid prescriptions.
EnforceMintz — Long Tail of Pandemic Fraud Schemes Will Likely Result in Continued Enforcement for Years to Come
In last year’s edition of EnforceMintz, we predicted that 2024 would bring an increase in False Claims Act (FCA) enforcement activity related to COVID-19 pandemic fraud. Those predictions proved correct. The COVID-19 Fraud Enforcement Task Force (CFETF), in conjunction with five COVID Fraud Enforcement Strike Forces and other government agencies, has resolved many significant criminal and civil pandemic fraud cases over the past year. In April 2024, the CFETF released a COVID-19 Fraud Enforcement Task Force 2024 Report (the CFETF Report) describing the CFETF’s recent efforts and including a plea for more fraud enforcement funding, which suggests that additional enforcement activity is on the horizon. While that funding request has thus far gone unheeded, we expect more civil pandemic fraud enforcement actions (and continuing criminal actions) in 2025.
Civil and Criminal Paycheck Protection Program (PPP) Fraud Enforcement
Since 2020, criminal PPP fraud has dominated COVID-19 fraud enforcement headlines, and 2024 was no different. Criminal fraud schemes have concerned common fact patterns involving fraudsters who (i) obtained funding to which they were not entitled, (ii) submitted false certifications or inaccurate information in a loan application, or (iii) submitted false certifications or inaccurate information in seeking loan forgiveness. However, in the past year, civil PPP fraud enforcement has begun to evolve.
In 2024, criminal PPP fraud enforcement broke up multiple COVID-19 fraud rings involving actors who fraudulently obtained loans for fictitious businesses, packed PPP applications with false documentation (provided in exchange for kickbacks), and falsely certified information regarding the number of employees and payroll expenses that would entitle them to PPP funding. Typical charges in these cases included wire fraud, bank fraud, making false statements to federally insured financial institutions, conspiracy, and money laundering.
On the civil side, PPP fraud enforcement seemed to increase in 2024. Interestingly, some civil PPP fraud cases involved schemes similar to criminal actions. Often the government’s decision to pursue such cases as civil, criminal, or both depends on the evidence of intentional fraud. For example, in January 2024, a clinic and its owners agreed to a $2 million judgment in connection with multiple fraudulent acts, including PPP fraud arising from their certification that they were not engaged in illegal activity and that their business suffered quarterly or year-over-year losses, therefore entitling them to PPP funding. In October 2024, one FCA recovery totaling $399,990 involved a home health agency and its owner who received two PPP loans after certifying that the company would receive only one. More recently, in December 2024, a private asset management company and its owner agreed to pay $680,000 to settle FCA allegations brought by a relator. The company and its owner allegedly falsely certified that PPP loans were economically necessary and included false statements in the information submitted when seeking forgiveness for the loan. Cases of this nature apparently did not rise to the level of criminal wrongdoing, in the government’s view.
A number of civil PPP fraud FCA cases from the past year involved increasingly complex theories and allegations. These more complicated fact patterns require years of investigation and are expensive. As a result, such fraud enforcement actions may have a “long tail” and continue for years to come.
For example, in May 2024, a private lender of PPP loans agreed to resolve allegations that it knowingly awarded inflated and fraudulent loans to maximize its profits, then sold its assets and bankrupted the company. The lawsuit was initiated by whistleblowers (known under the FCA as “relators”), including an accountant and former analyst in the lender’s collection department. As part of the settlement with the lender, the United States received a general unsecured claim in the bankruptcy proceeding of up to $120 million.
More recently, in December 2024, the United States intervened in a complaint against certain former executives of the lender who allegedly violated the FCA by submitting and causing the submission of false claims for loan forgiveness, loan guarantees, and processing fees to the Small Business Administration (SBA) in connection with lender’s participation in the PPP. When we discussed this case previously, we noted that we expected to see similar cases in the future brought against private lenders who failed to safeguard government funds. More broadly, we expect the trend of increasingly complex civil PPP fraud actions will continue in 2025.
Fraud Enforcement Involving Programs Administrated by the Health Resources and Services Administration (HRSA)
Provider Relief Fund (PRF) and Uninsured Program (UIP) fraud enforcement picked up in 2024. As described in the CFETF Report, the CFETF has leveraged an interagency network to make strategic improvements in how it investigates fraud. (Interagency collaboration is another theme from 2024, which we discuss more here.) The CFETF Report also describes a department-wide effort by the Department of Justice (DOJ) to roll out database tools to all US Attorney’s Offices to detect and investigate fraud. According to the CFETF Report, DOJ has analyzed more than 225 million claims paid by HRSA, the entity that dispensed PRF and UIP loans during the height of the pandemic. Closer investigatory scrutiny has led to increased enforcement actions.
PRF Fraud
Criminal PRF fraud enforcement resembled PPP enforcement from prior years, which was often based on theft or misappropriation theories. These enforcement actions often include charges against PRF recipients who either (i) retained funds to which they were not entitled or (ii) used PRF funds for ineligible expenses, like luxury goods. For example, in April 2024, a defendant who operated a primary care clinic pleaded guilty to theft and misappropriation of PRF funds. The defendant had certified that PRF funds would be used by the clinic only to prevent, prepare for, and respond to COVID-19. Despite making this representation, the clinic operator used the PRF funds for personal purposes, including cash withdrawals and the purchase of personal real estate, a luxury vehicle, a boat, and a trailer.
UIP Fraud
There were a number of noteworthy criminal UIP enforcement actions in 2024. In March 2024, a defendant was charged with filing fraudulent COVID-19 testing reimbursement, through the laboratory he managed, for COVID-19 testing that was never provided. The defendant allegedly obtained and used the personal identifying information of incarcerated or deceased individuals in connection with those claims. The indictment alleged that the defendant received $5.6 million in reimbursement and used those UIP funds to purchase property in South Florida.
Enforcement actions involving UIP funds involved significant alleged losses by the government. In February 2024, a defendant pleaded guilty to mail fraud and identity theft charges in what the government called “one of the largest COVID fraud schemes ever prosecuted.” The defendant and her co-conspirators filed more than 5,000 fraudulent COVID-19 unemployment insurance claims using stolen identities to unlawfully obtain more than $30 million in UIP fund benefits. To execute the scheme, the defendant and others created fake employers and employee lists using the personally identifiable information of identity theft victims. The defendant was sentenced to 12 years in prison, and seven co-conspirators have also pleaded guilty in connection with this large fraudulent scheme.
In one major civil FCA resolution, in June 2024, a group of affiliated urgent care providers agreed to pay $12 million to resolve allegations that they submitted or caused the submission of false claims for COVID-19 testing to the HRSA UIP. The government alleged that the providers knew their patients were insured at the time of testing (and in some instances had insurance cards on file for certain patients), yet they submitted claims (and caused laboratories to submit claims) to HRSA’s UIP for reimbursement. The resolution is noteworthy because the providers received a relatively low FCA damages multiplier as credit for cooperating with the government in its investigation under DOJ’s Guidelines for Taking Disclosure, Cooperation, and Remediation into Account in False Claims Act Matters. More information on DOJ’s efforts to encourage voluntary self-disclosure can be found in our related EnforceMintz article here.
Fraud Schemes Involving Respiratory Pathogen Panels
Fraud involving expensive respiratory pathogen panels (RPPs) has been in the spotlight since the beginning of the pandemic. In 2022, the Office of Inspector General for the Department of Health and Human Services (OIG) warned about laboratories with questionably high billing for tests submitted for reimbursement alongside COVID-19 tests, including RPPs. The OIG deemed this scenario as deserving of “further scrutiny.” Medicare reimbursed some outlier laboratories approximately $666 dollars for COVID-19 testing paired with other add-on tests while Medicare reimbursed approximately $89 for this same testing to the majority of laboratories. The trend in RPP fraud enforcement that we discussed last year continued in 2024: enforcement actions involved a mix of criminal and civil RPP fraud cases involving significant damages.
One laboratory owner was criminally charged with submitting $79 million in fraudulent claims to Medicare and Texas Medicaid for medically unnecessary RPP tests. The laboratory owner used the personal information of a physician — without the physician’s knowledge — to submit the claims even though the physician had no prior relationship with the test recipients, was not treating the recipients, and did not use the test results to treat the recipients. The government seized over $15 million in cash from this defendant.
In another case involving both criminal and civil charges, a Georgia-based laboratory and its owner agreed to pay $14.3 million to resolve claims that they paid independent contractor sales representatives volume-based commissions to recommend RPP testing to senior communities interested only in COVID-19 testing. The independent sales contractors used forged physician signatures and sham diagnosis codes to add RPP testing to requisition forms ordering only COVID-19 testing. The whistleblower in this case — the laboratory’s manager — is set to receive $2.86 million of the recovery.
As the government continues to deploy data analytics to identify outlier cases, we suspect enforcement actions involving COVID-19 companion testing will continue.
Future of COVID-19 Enforcement
Over four years from the enactment of the CARES Act, COVID-19 fraud enforcement continues to evolve. Since the beginning, the government has consistently pursued criminal cases involving misused or fraudulently obtained funds, fake COVID cures, and fake COVID testing. In 2022, the government extended the statute of limitations for PPP fraud from five to ten years, recognizing that more time was needed to investigate and prosecute fraud on these programs.
This past year, a broader range of pandemic fraud schemes were prosecuted criminally and civilly. These often data-heavy or analytics-based cases require a significant investment of time and resources. Recognizing the resources required for these more complicated matters, the CFETF called for increased funding and an extension of the statute of limitations for all pandemic-related fraud in the CFETF Report. As of the date of this publication, that request has not yet been answered. It thus appears the funding request will be determined by the new administration.
Despite uncertainty around future funding for COVID-19 fraud enforcement, we anticipate more criminal and high-dollar civil enforcement actions in 2025. The CFETF Report described 1,200 civil pandemic fraud matters pending as of April 1, 2024, for which DOJ had obtained more than 400 judgments or settlements totaling over $100 million. This leaves approximately 800 pending civil matters, and untold billions in fraudulently obtained funds still in the hands of fraudsters. Despite uncertainty around future fraud enforcement funding, as a general matter, fraud enforcement has bipartisan support. Either way, employees, related parties, and patient relators — with the support of sophisticated relator’s counsel — will likely continue to bring pandemic fraud cases in the coming years. Overall, COVID-19 fraud enforcement is unlikely to slow down in 2025.
EnforceMintz — Medicare Advantage and Part D Programs to Remain in the Enforcement Spotlight in 2025
As government scrutiny and enforcement targeting the Medicare Advantage (Medicare Part C) program continued in 2024, the industry’s response to agency actions escalated. Last year also resulted in the first sizable Part D False Claims Act settlement. Year over year, as the number of enrollees in Medicare Advantage plans and Part D plans has steadily increased, the total federal spending on Medicare Advantage and Part D has likewise risen and the spotlight on these programs and those who participate in them has intensified.
As seen in years past, the Department of Justice (DOJ) as well as the two agencies that regulate Medicare Advantage Organizations (MAOs) and Part D plan sponsors (PDP Sponsors), the Centers for Medicare & Medicaid Services (CMS), and the Office of Inspector General for the Department of Health and Human Services (OIG), focused much of their attention on risk adjustment activities. DOJ remained in active litigation against many of the largest MAOs in the country while CMS and the OIG began conducting risk adjustment audits subject to extrapolation. Throughout 2024, the industry challenged CMS’s regulatory actions relating to Star Ratings and rules for communicating with Medicare beneficiaries who are considering Medicare Advantage and Part D plans. Finally, On December 9, 2024, CMS also finalized its updated Overpayment Rule for MAOs and PDP Sponsors in the 2025 Physician Fee Schedule Rule.
With Medicare Advantage expected to remain a top enforcement priority in 2025 and Part D enforcement growing, we anticipate that DOJ and CMS will continue to target the actions not only MAOs and PDP Sponsors, but also vendors and third-party entities that touch the Part C and D programs. In 2025, we will also be closely watching for court decisions in ongoing litigation matters that will undoubtedly influence future theories of liability and test the strength of defenses raised by MAOs, PDP Sponsors, and their vendors.
Recent Settlements Demonstrate that DOJ’s Enforcement Interest Spans the Industry
In 2024, DOJ settled two notable False Claims Act (FCA) matters relating to Medicare Advantage, which demonstrate that DOJ’s enforcement interests are not limited to MAOs, but also include vendors and other third-party entities engaged in risk adjustment practices and more. Plus, DOJ settled a large Part D matter relating to how drug costs are reported to and impact Medicare Part D payments from CMS.
Last year, Principal Deputy Assistant Attorney General Brian M. Boynton underscored DOJ’s “commitment to holding accountable third parties that cause the submission of false claims” and the government’s intention to “expand its focus on the Medicare Part C Program to include an examination of the role that vendors and providers play in the diagnoses that are submitted to the government.” DOJ made good on this promise.
For example, DOJ targeted entities involved in marketing efforts to Medicare Advantage patients. In September, Oak Street Health (Oak Street) agreed to pay $60 million to resolve the government’s allegations that it paid kickbacks to third-party insurance agents in exchange for recruiting Medicare beneficiaries to Oak Street’s primary care clinics in violation of the FCA. More specifically, DOJ alleged that Oak Street violated the Anti-Kickback Statute when, in exchange for referring Medicare beneficiaries to Oak Street, Oak Street paid insurance agents (who were acting as agents for MAOs) $200 per beneficiary referred or recommended to Oak Street’s primary care clinics. DOJ further alleged that the insurance agents delivered targeted messages to eligible seniors designed to generate interest in Oak Street and that the payments received incentivized those agents to base their referrals and recommendations on the financial motivations of Oak Street rather than the best interests of seniors. The complaint was filed by a relator who partnered with insurance agents and was contacted by Oak Street, and DOJ intervened in September for purposes of settlement. Although this settlement was with a provider organization (as explained further in), the conduct focused on Medicare Advantage members and their interactions with agents and brokers. CMS similarly highlighted its concerns regarding misleading communications to Medicare beneficiaries in its updated Medicare Advantage and Part D communication rules discussed below.
DOJ also reached a settlement agreement with a risk adjustment coding vendor this December. DOJ kicked off the holiday season by announcing the long-awaited settlement with MAO Independent Health Association, its wholly owned subsidiary and risk adjustment vendor DxID, and DxID’s former CEO, totaling up to $100 million across the three defendants. The government alleged that DxID improperly coded diagnoses from member medical records to inflate Medicare’s payments to Independent Health, including by coding from improper sources, coding conditions for which patients were not treated, and sending addenda to providers months or years after the service occurred. The parties have seemingly been engaged in settlement discussions for years, jointly requesting continual extensions of time for defendants to answer DOJ’s complaint since 2023.
Under this settlement structured based on Independent Health’s ability to pay, Independent Health will make guaranteed payments of $34.5 million and contingent payments of up to $63.5 million on behalf of itself and DxID, which ceased operations in 2021. DxID’s CEO, Betsy Gaffney, will independently pay $2 million. While Independent Health did not admit fault under the settlement agreement, the MAO also entered into a five-year Corporate Integrity Agreement (CIA) with HHS-OIG requiring that Independent Health hire an Independent Review Organization to annually review a sample of its Medicare Advantage beneficiary medical records and its internal controls to help ensure appropriate risk adjustment payments.
Additionally, following years of CMS voicing concerns over Part D Direct and Indirect Remuneration (DIR) and beneficiary protections, DOJ for the first time settled a significant matter relating to Part D DIR reporting. In July, DOJ entered into a settlement agreement with Elixir Insurance Company (Part D plan sponsor), Rite Aid Corporation (Parent Organization), and Elixir Rx Solutions (PBM) for a total of $121 million to resolve allegations that the defendants failed to appropriately report drug rebates through the Medicare Part D DIR reporting mechanism that is used by CMS to reconcile and calculate payments to Part D plan sponsors. Because Rite Aid Corporation, the parent organization, had declared bankruptcy, a portion of the settlement ($20 million) was granted as an allowed, unsubordinated, general unsecured claim in Rite Aid’s bankruptcy case in the District of New Jersey.
This is the first substantial Part D settlement focusing on Part D DIR, and it aligns with a theory of liability that DOJ has been considering for almost a decade. DOJ alleged that amounts that should have been reported as DIR (and therefore would have reduced the amount of revenue the government would pay a PDP Sponsor) were instead falsely reported as fees that do not qualify as DIR, and therefore the PDP Sponsor received and retained government payments to which it was not entitled.
Ongoing Litigation is Likely to Shape Risk Adjustment Enforcement in 2025 and Beyond
As previewed in last year’s report, DOJ continued to litigate three large FCA risk adjustment-focused cases last year against United Healthcare, Kaiser Foundation Health Plans and their affiliated medical groups, and Anthem. Because DOJ’s regulatory expectations of MAOs are often borne out through enforcement actions, judicial instruction on this topic is likely to shape future government actions and exemplify the standard of due diligence MAOs are expected to uphold when engaging in risk adjustment coding activities.
We summarized the current status and next steps for these three key cases below:
UnitedHealthcare. Litigation continued last year between the country’s largest MAO and DOJ in US ex rel. Poehling v. UnitedHealth Group, Inc. et al. (C.D. Cal.), reaching a key milestone this summer when the parties filed cross motions for summary judgment. In its Complaint in Intervention filed back in 2017, DOJ alleged that United failed to delete inaccurate diagnosis codes that it knew were unsupported by the medical records and thus resulted in overpayments. As one of the few Medicare Advantage lawsuits to reach this stage of litigation, we are watching closely for a summary judgment decision in the new year focused on the elements required to prove liability under the FCA’s reverse false claims provision.
Anthem. The government raised similar allegations against Anthem in United States v. Anthem, Inc. (S.D.N.Y), arguing that Anthem failed to identify and remove inaccurate diagnosis codes as part of its chart review program. DOJ and Anthem spent 2024 litigating discovery disputes and are set to remain in discovery through 2026.
Kaiser. DOJ also remained in active discovery with Kaiser in the lawsuit US ex rel. Osinek v. Kaiser Permanente (N.D. Cal.). The government’s Complaint in Intervention, filed in 2021, focuses on Kaiser’s use of addenda in medical records. DOJ alleges that Kaiser pressured physicians to create addenda often months after the patient encounter to retroactively add unsupported diagnoses, and that Kaiser used “data mining” programs to identify missed diagnoses and create the addenda. Following the denial of Kaiser’s motion to dismiss, the parties spent 2024 litigating discovery disputes before a magistrate judge. The case will remain in the discovery phase at least through 2025, with dispositive motions not scheduled until 2026, and a trial date currently set over two years out in 2027.
CMS and The OIG Take Active Role in Regulating Medicare Advantage and Part D with New Rules and the Impact of Extrapolation
Similar to DOJ’s expanded enforcement approach discussed above, both CMS and the OIG continued to focus on risk adjustment activities while CMS also began more heavily regulating agents and brokers who communicate with Medicare beneficiaries.
Risk Adjustment, RADV Audits, and Overpayment Rule: As it relates to risk adjustment, the OIG issued a second report concerning MAOs’ alleged use of in-home health risk assessments (IH-HRAs) to drive up payments. IH-HRAs are exams conducted by health care providers (typically nurse practitioners) in a member’s home to collect information regarding that patient’s health. In its report, the OIG identified 20 MAOs that it believes are outliers for their use of IH-HRAs as a tool to report diagnoses of their members to CMS. The OIG published a similar report in 2021 concluding that IH-HRAs and chart reviews are vulnerable to misuse by MAOs, which has likely driven DOJ enforcement action targeting these practices since.
CMS and the OIG regularly conduct audits of the diagnosis codes that MAOs submitted for their members. Critically, in 2024, the OIG finalized and CMS initiated risk adjustment audits that reached Payment Year (PY) 2018, which is the first year that extrapolation under the CMS final rule applies. Under this rule (42 C.F.R. 422.310(e)) which was finalized in February 2023, CMS has the authority to extrapolate risk adjustment audit findings covering diagnosis codes MAOs submitted in PY 2018 and forward. For years prior to PY 2018, MAOs have only had to repay overpayments identified in the actual sample that CMS or the OIG reviewed.
Last year CMS selected the MAOs that will be subject to PY 2018 Risk Adjustment Data Validation (RADV) Audits and has initiated that process with the selected MAOs. The OIG has already completed certain audits that include PY 2018 and the monetary impact of extrapolation of the findings is immediately apparent. For example, Humana’s final report for diagnosis-targeted audits imposed an overpayment obligation of just $274,000 for diagnoses audited from PY 2017 (no extrapolation) as compared to over $6.5 million in estimated overpayments for diagnosis codes audited from PY 2018 (with extrapolation). Similarly, Health Assurance of Pennsylvania’s final report auditing diagnosis codes in PYs 2018 and 2019 with extrapolation totaled $4.2 million in overpayments.
Additionally, in early December, CMS finalized the Overpayment Rule that requires MAOs and Part D plan sponsors to report and return overpayments within 60 days of an identification. The Rule was initially adopted in 2014 and held MAOs and Part D plan sponsors to a “reasonable diligence” standard when determining when an overpayment had been “identified.” The “reasonable diligence” standard was struck down in United Healthcare Insurance Company v. Azar when the district court held that the standard was impermissibly being used to establish False Claims Act liability. The updated Overpayment Rule, proposed in December 2022, has now replaced the “reasonable diligence” standard with the knowledge standard from the False Claims Act. An MAO is now considered to have “identified” an overpayment when it knowingly (either with actual knowledge, or through reckless disregard or deliberate ignorance) receives or retains an overpayment.
Medicare Advantage and Part D Communication Rules: CMS adopted changes to the Medicare Advantage and Part D Communication regulations for 2025 that, according to CMS, seek to increase transparency and protect Medicare beneficiaries from receiving misleading information about coverage options. CMS expressed concern that agents and brokers who were contracted with MAOs and Part D plan sponsors were enrolling beneficiaries into plans based on which plans paid the agents and brokers the most money, rather than the plan that was in each beneficiary’s best interests.
To address this concern, the revised regulations: (1) prohibit MAOs and Part D plan sponsors from having contract provisions that could directly or indirectly create an incentive that would reasonably be expected to inhibit an agent or broker’s ability to objectively assess and recommend which plan best fits the health care needs of the beneficiary, (2) recognize that MAOs and Part D plan sponsors may pay agents and brokers and Third-Party Marketing Organizations (TPMOs) for certain administrative and overhead expenses but limit the payment for such services to $100 per member enrolled by the agent, broker, or TPMO, previously there was no express limit other than that the values of such payments must not exceed those within the market), and (3) adopt more stringent consent requirements needed in order for a beneficiary’s information to be shared by a TPMO with a third party, including related third parties. As described further below, many entities that provide agent and broker services, referred to as field marketing organizations, or FMOs, sued CMS over these rule changes.
Following these regulatory changes and DOJ actions against brokers and agents, the OIG also weighed in when in December it issued a Special Fraud Alert warning the industry regarding its perceived risks of marketing arrangements between MAOs and health care providers or between providers and agents and brokers for MAOs. We discuss this alert further in our article here.
Industry Actions are on the Rise following the Demise of Chevron Deference
As has been widely reported, the US Supreme Court issued in June a landmark decision in Loper Bright Enterprises v. Raimondo, which struck down the longstanding doctrine of so-called “Chevron deference” to federal agency interpretation of ambiguous statutes and substantially expanded judicial review of such statutes. As expected, Loper Bright has already led to increased scrutiny of, and challenges to, agency action, including in the Medicare space. While “enforcement” against agencies is not typical government “enforcement,” it affects government enforcement matters because it impacts how agencies can take enforcement actions and what rules are enforceable.
In May 2024, certain FMOs sued CMS in the United States District Court for the Northern District of Texas, seeking to invalidate certain portions of the 2025 Medicare Advantage and Part D Communications regulations. The FMOs argued that the provision of these rules, summarized above in the Medicare Advantage and Part D Communication Rules section, violated the Administrative Procedure Act (APA). They argued that the rule was arbitrary and capricious under the APA, claiming that CMS finalized the rule based on “pure speculation,” ignored objections from the public, and failed to acknowledge reliance interests of brokers. The FMOs further contended that the rule failed to properly adhere to the notice and comment procedural requirements because CMS relied upon evidence not presented during notice and comment rulemaking. Less than a week after the Loper Bright decision, the court granted the FMOs’ request for a preliminary injunction relating to the regulation that restricted contract terms and limited administrative fee payments, finding that the rules were not reasonable.
Also, last fall four of the largest MAOs, UnitedHealthcare, Centene, Elevance, and Humana, all challenged how CMS calculated their specific Star Ratings, and, more recently, at least two Blues plans have also sued CMS. Star Ratings is the system that CMS uses to rate the performance of MAO and PDP plan sponsors. A plan’s Star Rating impacts how and when it can be marketed, and in Medicare Advantage, impacts how the plan is paid and when CMS can terminate a plan’s contract. United and Centene’s cases were relatively similar, focusing on how CMS evaluated and calculated a certain call center measure. Humana and Elevance each had arguments specific to their circumstances, and also included broader complaints regarding how CMS calculates Stars. Humana specifically challenged CMS’s unwillingness to share industry data with MAOs to ensure appropriate calculations. On November 22, 2024, the Eastern District of Texas granted summary judgment for UnitedHealthcare and ordered CMS to recalculate the MAO’s Star Rating by removing the one call center measure in dispute. In early December, Centene reported that CMS recalculated its Star Rating for 2025 following its challenge. The other cases are ongoing.
The challenges to Star Ratings are an important enforcement development because these lawsuits may force CMS to rethink how it operates the Star Ratings program and may impact whether CMS can terminate contracts that CMS believes are low performing.
Conclusion
Following another year of intense scrutiny, the Medicare Advantage industry is set to remain a government enforcement priority in 2025, and PDP plan sponsors will likely attract similar scrutiny. Both MAOs as well as third-party entities involved in the Part C program should continue to monitor DOJ enforcement activity and decisions in ongoing litigation to evaluate their risk adjustment practices. Moreover, with the danger of extrapolation of risk adjustment audits evident, MAOs must be mindful to engage in robust compliance efforts and to review published OIG reports and related guidance to mitigate enforcement risk. PDP Sponsors and their vendors should expect increased scrutiny following the Elixir settlement, the continued rollout of the Inflation Reduction Act and the intense national discussion regarding prescription drug costs. We will continue to monitor the evolving enforcement actions against MAOs and PDP Sponsors and watch closely for updated guidance whether via agency regulations and reports or court decisions in 2025 and beyond.
RealPage Antitrust Consent Decree Proposed
In August 2024, the Department of Justice (DOJ) and eight states filed a civil antitrust lawsuit against RealPage Inc., alleging that its software was used to unlawfully decrease competition among landlords and maximize profits. Last week, the DOJ, now joined by ten states, filed an amended complaint alleging that landlords Greystar Real Estate Partners LLC, Blackstone’s LivCor LLC, Camden Property Trust, Cushman & Wakefield Inc., Pinnacle Property Management Services LLC, Willow Bridge Property Company LLC, and Cortland Management participated in the price-fixing scheme. These companies operate over 1.3 million residential units across 43 states and the District of Columbia.
According to the amended complaint, these landlords shared sensitive information through RealPage’s pricing algorithm to decrease competition and increase corporate profits. Jennifer Bowcock, RealPage’s Senior Vice President of Communications, rebutted the allegations, arguing that issues with housing affordability stem from the limited supply of residential units and that the government should “stop scapegoating RealPage – and now [its] customers – for the housing affordability problems.”
The DOJ also announced a proposed consent decree with Cortland Management, where the claims against Cortland would be resolved in exchange for agreeing to cooperate with the DOJ’s ongoing investigation against the remaining defendants. Under the terms of the proposed agreement, Cortland would be barred from using a competitor’s sensitive data to train a pricing model, pricing units with the assistance of an algorithm without court supervision, and soliciting or disclosing sensitive information with other companies to set rental prices. A spokesman for Cortland indicated that it is pleased with the outcome and is looking forward to “improv[ing the] resident experience” in 2025. Under the Tunney Act, P.L. 93-528, the proposed consent decree will be published in the Federal Register for a 60-day comment period, after which the court can enter final judgment. The case is United States v. RealPage Inc., dkt. no, 1:24-cv-00710 (LCB) (M.D.N.C. filed Aug. 23, 2024).
Promising Results from Groundbreaking FinCrime Data Sharing Project Between Seven UK Banks and the National Crime Agency
In 2024, the National Crime Agency (the “NCA”), which is the UK’s lead agency against organized crime; human, weapon and drug trafficking; cybercrime; and economic crime, announced its “groundbreaking” data sharing partnership with seven UK banks, namely Barclays, Lloyds, Metro Bank, NatWest, Santander, Starling Bank, and TSB.[1]
This new public-private partnership (“PPP”) was the largest of its kind anywhere in the world and the initial results of the project suggest it is revolutionizing the fight against financial crime.
Joint Analysis of Transactional Data that is Indicative of Potential Criminality
The project involved the seven banks voluntarily sharing customer and transactional data with the NCA with the aim of tackling criminality and kleptocracy, and preventing the flow of “dirty money” through the UK’s financial system. AML subject matter experts from the seven banks were then seconded to the NCA to work directly alongside the NCA’s own analysts in the scrutiny of banking data that is suggestive of criminal behavior, with the dual goals of identifying bad actors that are exploiting and misusing the financial system while ensuring that legitimate customers are left alone.
Promising Results
PPPs can be vastly effective in tackling the complexities of financial crime. Principally, this is because they help to bridge gaps in intelligence and enable more holistic or collaborative analytics. In the UK’s case, the NCA has reported that since the project went live in 2024, eight new criminal networks already have been confirmed. In addition, a further three suspicious networks have been identified and referred to the NCA’s intelligence division for further examination, while new leads have been uncovered related to 10 of the agency’s largest ongoing investigations. In sum, data sharing of this sort appears to be materially augmenting the ability of law enforcement to detect and disrupt criminality. The likely result will be the reduction of the financial crime risks that all banks have to manage on a daily basis and a consequential decrease in their “compliance costs.”
Data Protection Considerations
The major concern about data sharing initiatives of this sort relates to privacy, and banks have long been wary of sharing customer data with third parties for fear of contravening applicable data protection laws. On this, Andrew Searle, the Director of the NCA’s National Economic Crime Centre, has said, “the NCA and its banking partners have designed the [project’s] data sharing principles to ensure that only account data with multiple clear indicators of economic crime is included.” [2] Additionally, the banks have included in their terms and conditions the ability to share information without notification where the purpose of doing so is the fulfillment of the legal obligation to detect and prevent financial crime. Finally, the Financial Conduct Authority (the “FCA”), which regulates the UK’s financial services industry, is observing the project and providing an additional layer of oversight that has helped appease concern regarding inadvertent violations of data protection law.
Additional Considerations
A similar initiative has now been launched in Singapore: a digital platform called “COSMIC” (the “Collaborative Sharing of Money Laundering/Terrorism Financing (ML/TF) Information and Cases”) that allows six Singaporean banks, namely Citibank, Development Bank of Singapore (DBS), HSBC, Oversea-Chinese Banking Corporation (OCBC), Standard Chartered, and United Overseas Bank, to share information on customers exhibiting multiple red flags indicators of financial crime concern.[3] The major difference between the UK project and the Singaporean project is that the former is being led by the NCA, or UK law enforcement, while the latter, COSMIC, is a purely private sector initiative.
Given the promising results of the UK project and Singapore’s launch of COSMIC, we expect that other countries will follow suit in terms of facilitating the sharing of intelligence related to suspected money laundering, terrorism financing, and proliferation financing, whether it be via the PPP model or among only private sector participants. Either way, fostering true collaboration between multiple interested parties likely is going to be crucial in the effort to stay ahead of sophisticated criminals and emergent threats.
For that reason, it is incumbent upon public sector actors, from the perspective of preventing financial crime, to actively facilitate information sharing initiatives, for example by updating laws or supervisory instruments as necessary; making use of regulatory sandboxes and pilot programs; highlighting typologies or data types that would benefit from sharing; deploying secure platforms for sharing and oversight; promoting regular dialogue between data protection and AML/CFT authorities; and more.
Finally, banks around the world should remember that, even if currently they are not able to pool data with other stakeholders, for example because of applicable data protection laws or other jurisdiction-specific fundamental rights, they still need to do everything possible to mine the volumes of customer and transactional data that they already possess and/or can obtain from their correspondents, as well as the huge quantity of open source intelligence that is readily available online, for compliance purposes. This means not just performing real-time, list-based screening, but investing in additional headcount, advanced analytical solutions and experienced external counsel to conduct proactive investigations of post-transactional data, looking for suspicious typologies, actors, networks or other activities. Ever-increasing amounts of customer and transactional data need not be overwhelming; on the contrary, if viewed as a resource rather than a burden and if leveraged appropriately, they represent a material opportunity to better detect and prevent criminal activity, and to protect legitimate consumers.
FOOTNOTES
[1]Ground breaking public private partnership launched to identify criminality using banking data
[2] Ibid.
[3] MAS Launches COSMIC Platform to Strengthen the Financial System’s Defence Against Money Laundering and Terrorism Financing
DOJ Reports Substantial Procurement Fraud Recoveries in FY 2024
The Department of Justice (DOJ) recently announced that it obtained more than $2.9 billion in False Claims Act (FCA) settlements and judgments in the fiscal year ending Sept. 30, 2024.
DOJ reports that matters that involved the healthcare industry comprised the largest portion of these FCA recoveries in FY 2024, but that “procurement fraud” recoveries, once again, were significant for DOJ this past year.
Among the more notable procurement fraud recoveries from the past year were:
A large government contractor paid $428 million to resolve allegations that it knowingly provided false cost and pricing data when negotiating with the Department of Defense for numerous government contracts and double billed on a weapons maintenance contract, leading to the company receiving profits in excess of negotiated rates. This is the second largest government procurement fraud recovery under the False Claims Act in history.
A large federal contractor paid $70 million to resolve allegations they overcharged the U.S. Navy for spare parts and materials needed to repair and maintain the primary aircraft used to train naval aviators. The government alleged that these entities, which were owned by the same parent company, entered into an improper subcontract that resulted in the Navy paying inflated costs for parts.
A federal contractor paid $811,259 to resolve allegations that it knowingly supplied valves that did not meet military specifications. The government alleged that, under a U.S. Navy contract, the company invoiced for military-grade valves to be installed on certain combat ships when the company knew the valves had not met the testing requirements to be deemed military grade.
DOJ brought claims against a federal contractor and an individual estate of the founder, majority owner and chief operating officer of the company for allegedly causing the submission of false claims to the Department of Defense under contracts to provide Army combat uniforms. The government alleged that the company and the founder falsified the results of the insect repellant testing to conceal failing test results, including by inappropriately combining results from different rounds of testing, re-labeling test samples to hide the true origin of the samples, and performing re-tests of uniforms in excess of what the contract permitted.
A government contractor paid $55.1 million to satisfy a judgment that it made knowingly false claims to the United States when it misrepresented its commercial sales practices during the negotiation and subsequent performance of a General Services Administration (GSA) contract. The court found that the false disclosures induced GSA to accept and then continue to pay higher prices than it would have had it known of the company’s actual commercial pricing practices. The court also found that the company continuously violated the Price Reduction Clause, “a standard term in these types of contracts that requires the contractor throughout performance of the contract to maintain GSA’s price position in relation to an identified customer or category of customer agreed upon in contract negotiations.”
The City of Los Angeles paid $38.2 million to resolve allegations that it failed to meet federal accessibility requirements when it sought and used Department of Housing and Urban Development (HUD) grant funds for multifamily affordable housing. The government alleged that the city failed to make its affordable multifamily housing program accessible to people with disabilities. The government also alleged that the city failed to maintain a publicly available list of accessible units and their accessibility features, and the city, on an annual basis, falsely certified to HUD that it complied with related grant requirements.
A federal contractor paid $26.8 million to resolve allegations that Hahn Air failed to remit to the United States certain travel fees collected from commercial airline passengers flying into or within the United States.
A government contractor paid $18.4 million to resolve allegations that it billed for time not worked at the National Nuclear Security Administration’s Pantex Site near Amarillo, Texas.
A large federal contractor paid $11.8 million to resolve allegations that it submitted false claims to the Federal Emergency Management Agency for the replacement of certain educational facilities located in Louisiana that were damaged by Hurricane Katrina. The government alleged that the contractor submitted to FEMA fraudulent requests for disaster assistance funds and did not correct applications that included materially false design, damage and replacement eligibility descriptions. Combined with settlements with other entities involved in the alleged conduct, the government recovered over $25 million in connection with the disaster assistance applications prepared by the contractor.
Listen to this post
Regulatory Update and Recent SEC Actions January 2025
Recent SEC Administration Changes
SEC Chair Gensler to Depart Agency on January 20
The Securities and Exchange Commission (the “SEC”) announced, on November 21, 2024, that its Chair, Gary Gensler, will step down. Chair Gensler’s resignation from the SEC will be effective at 12:00 pm EST on January 20, 2025. On December 4, 2024, President-elect Trump stated his intention to nominate Paul Atkins as the Chair of the SEC. Mr. Atkins served as a Commissioner from 2002 to 2008 and on the SEC staff in the 1990s.
SEC Announced Departure of Trading and Markets Division Director
The SEC, on December 9, 2024, announced that Haoxiang Zhu, Director of the Division of Trading and Markets, would depart the agency effective December 10, 2024. David Saltiel, a Deputy Director who also heads the Division of Trading and Markets Office of Analytics and Research, will serve as Acting Director. Mr. Saltiel served as the Division of Trading and Markets Acting Director for several months in 2021.
SEC Announces Departure of Corporation Finance Division Director
The SEC, on December 13, 2024, announced that Erik Gerding, Director of the Division of Corporate Finance, would depart the agency effective December 31, 2024. Cicely LaMothe is now the Acting Director. Ms. LaMothe previously served as the Deputy Director, Disclosure Operations for the Division of Corporation Finance. Before joining the SEC, Ms. LaMothe worked in the private sector for six years, including as the financial reporting manager for a public company and as a senior associate with a national accounting firm.
SEC Rulemaking
SEC Adopts Rule Amendments and New Rule Addressing Wind-Down Planning of Covered Clearing Agencies
The SEC, on October 25, 2024, announced the adoption of rule amendments and a new rule to improve the resilience and recovery and wind-down planning of covered clearing agencies. The rule amendments establish new requirements regarding a covered clearing agency’s collection of intraday margin, as well as its reliance on substantive inputs to its risk-based margin model. The new rule requires a covered clearing agency to specify nine elements for its recovery and wind-down plan that address: (1) the identification and use of scenarios, triggers, tools, staffing, and service providers; (2) timing and implementation of the plans; and (3) testing and board approval of the plans.
SEC Modernizes Submission of Certain Forms, Filings, and Materials Under the Securities Exchange Act of 1934
The SEC, on December 16, 2024, adopted amendments to require the electronic filing, submission, or posting of certain forms, filings, and other submissions that national securities exchanges, national securities associations, clearing agencies, broker-dealers, security-based swap dealers, and major security-based swap participants make with the SEC. Prior to the adoption of these amendments, registrants filed with, or otherwise submitted to, the SEC many of the forms, filings, or other materials in paper form. Under the amendments, registrants will make these filings and submissions electronically using the SEC’s EDGAR system, in structured data format where appropriate, or by posting them online.
SEC Adopts Rule Amendment to Broker-Dealer Customer Protection Rule
The SEC, on December 20, 2024, adopted amendments to Rule 15c3-3 (the “Customer Protection Rule”) to require certain broker-dealers to increase the frequency with which they perform computations of the net cash they owe customers and other broker-dealers from weekly to daily. The amendments will become effective 60 days after the date of publication of the adopting release in the Federal Register. Broker-dealers that exceed the $500 million threshold using each of the 12 filed month-end FOCUS Reports from July 31, 2024, through June 30, 2025, must comply with the daily computations no later than December 31, 2025.
SEC Enforcement Actions and Other Cases
SEC Charges Market Makers and Nine Individuals in Crackdown on Manipulation of Crypto Assets Offered and Sold as Securities
The SEC, on October 9, 2024, announced fraud charges against three companies purporting to be market makers and nine individuals for engaging in schemes to manipulate the markets for various crypto assets. The SEC alleges that the companies provided “market-manipulation-as-a-service” which included generating artificial trading volume through trading practices that served no economic purpose and that they used algorithms (or bots) that, at times, generated “quadrillions” of transactions and billions of dollars of artificial trading volume each day.
SEC Charges Investment Adviser and Owner for Making False and Misleading Statements About Use of Artificial Intelligence
The SEC, on October 10, 2024, announced charges against an investment adviser (the “Adviser”) and two individuals, an owner and a director of the Adviser, with making false and misleading claims about the Adviser’s purported use of artificial intelligence (“AI”) to perform automated trading for client accounts and numerous other material misrepresentations. The SEC’s order states that the two individuals raised nearly $4 million from 45 investors for the growth of the Adviser that was falsely described as having an AI-driven platform. The Adviser and individuals were charged with fraudulent conduct in the offer or sale of securities under the Securities Act of 1933 and the Securities Exchange Act of 1934, and the Adviser was charged with fraudulent conduct by an investment adviser under the Investment Advisers Act of 1940, as amended.
SEC Charges Advisory Firm with Failing to Adhere to Own Investment Criteria for ESG-Marketed Funds
The SEC, on October 21, 2024, charged a New York-based investment adviser (the “Adviser”) with making misstatements and for compliance failures relating to the execution of the investment strategy of three exchange-traded funds (“ETFs”) that were marketed as incorporating environmental, social, and governance (“ESG”) factors. According to the SEC’s order, the Adviser represented in the prospectuses for the ETFs and to the board of trustees overseeing the ETFs, that the ETFs would not invest in companies involving certain products or activities, such as fossil fuels and tobacco. Further, the SEC order states that the Adviser used data from third-party vendors that did not screen out all companies involved in fossil fuel and tobacco-related activities. The SEC’s order further finds that the Adviser did not have any policies and procedures over the screening process to exclude such companies. The Adviser consented to the entry of the SEC’s order finding that the firm violated the antifraud provisions of the Investment Advisers Act of 1940 and the Investment Company Act of 1940 and the Compliance Rule of the Investment Advisers Act.
“At a fundamental level, the federal securities laws enforce a straightforward proposition: investment advisers must do what they say and say what they do,” said Sanjay Wadhwa, Acting Director of the SEC’s Division of Enforcement. “When investment advisers represent that they will follow particular investment criteria, whether that is investing in, or refraining from investing in, companies involved in certain activities, they have to adhere to that criteria and appropriately disclose any limitations or exceptions to such criteria. By contrast, the funds at issue in today’s enforcement action made precisely the types of investments that investors would not have expected them to based on the Adviser’s disclosures.”
Directors of Money Market Fund Sued Over Share Class Conversion
Two shareholders (the “Shareholders”) filed a lawsuit alleging that the directors of a money market fund (the “Directors”) breached their fiduciary duty by failing to automatically move fund investors’ assets from higher cost share classes of the fund to lower-cost share classes. The Shareholders allege that the board of the money market fund allowed certain fund investors to continue paying higher fees as retail class shareholders rather than auto-converting their holdings to the cheaper, but otherwise identical premium class, even though their holdings were eligible for the “auto-conversion”. The complaint states that “[the Directors’] inaction demonstrates gross neglect or reckless disregard for the best interest of the class shareholders… Either the [Directors] have been recklessly uninformed of these massive overcharges that cause significant losses to the shareholders, or have known about the issue and inexcusably failed to take action to remedy it.” The Shareholders seek damages, restitution, disgorgement, and an injunction preventing the Directors from continuing to engage in the alleged conduct.
Two Entities Affiliated with Major Institutional Organization to Pay $151 Million to Resolve SEC Enforcement Actions
The SEC, on October 31, 2024, charged two affiliated and commonly-owned investment advisers (each an “Adviser” and together, the “Advisers”) in five separate enforcement actions for compliance failures including misleading disclosures to investors, breach of fiduciary duty, prohibited joint transactions and principal trades, and failures to make recommendations in the best interest of customers. The enforcement actions related to:
Conduit Private Funds – An Adviser made misleading statements regarding its ability to exercise discretion over when to sell and the number of shares to be sold, despite disclosures representing that it had no discretion.
Portfolio Management Program – An Adviser failed to fully and fairly disclose the financial incentive that the firm and some of its financial advisors had when they recommended the Adviser’s own Portfolio Management Program over third-party managed advisor programs offered by the Adviser.
Clone Mutual Funds – An Adviser recommended certain mutual fund products, Clone Mutual Funds, to its retail brokerage customers when materially less expensive ETF products that offered the same investment portfolios were available.
Joint Transactions – An Adviser engaged in $3.4 billion worth of prohibited joint transactions, which advantaged an affiliated foreign money market fund for which it served as the delegated portfolio manager over three U.S. money market mutual funds it advised.
Principal Trades – An Adviser engaged in or caused 65 prohibited principal trades with a combined notional value of approximately $8.2 billion. In order to conduct these transactions, according to the SEC’s order, a portfolio manager directed an unaffiliated broker-dealer to buy commercial paper or short-term fixed income securities from the Adviser which the other Adviser then purchased on behalf of one of its clients.
SEC Charges Adviser for Making Misleading Statements About ESG Integration
The SEC, on November 8, 2024, charged an investment adviser (the “Adviser”) with making misleading statements about the percentage of company-wide assets under management that integrated ESG factors. The Adviser stated in marketing materials that between 70 percent and 94 percent of its parent company’s assets under management were “ESG integrated.” However, in reality, these percentages included a substantial amount of assets that were held in passive ETFs that did not consider ESG factors. Furthermore, the SEC’s order found that the Adviser lacked any written policy defining ESG integration.
SEC Charges Three Broker-Dealers with Filing Deficient Suspicious Activity Reports
The SEC, on November 22, 2024, announced that three broker-dealers (the “Broker-Dealers”) agreed to settle charges relating to deficient suspicious activity reports (“SARs”) filed by the Broker Dealers. The SEC alleged that multiple SARs filed by the Broker-Dealers failed to include important, required information. SARs must contain “a clear, complete, and concise description of the activity, including what was unusual or irregular” that caused suspicion of the use of funds derived from illegal activity or activity that has no apparent lawful purposes. The SEC’s orders alleged that each Broker-Dealer filed multiple deficient SARs over a four-year period.
SEC Charges Former Chief Investment Officer with Fraud
The SEC, on November 25, 2024, charged the former co-chief investment officer (the “CIO”) of a registered investment adviser with engaging a multi-year scheme to allocate favorable trades to certain portfolios, while allocating unfavorable trades to other portfolios (also known as “cherry-picking”). The SEC’s complaint alleges that the CIO would place trades with brokers but wait until later in the day to allocate the trades among clients in the portfolios he managed. According to the complaint, the CIO’s delay in allocating the trades allowed him to allocate trades at first-day gains to favored portfolios and trades at first-day losses to disfavored portfolios.
SEC Charges Wealth Management Company for Policy Deficiencies Resulting in Failure to Prevent and Detect Financial Advisors’ Theft of Investor Funds
The SEC, on December 9, 2024, charged a wealth management company (the “Company”) with (1) failing to reasonably supervise four investment advisers and registered representatives (the “Financial Advisers”) who stole millions of dollars of advisory clients’ and brokerage customers’ funds and (2) failing to adopt policies and procedures reasonably designed to prevent and detect the theft. Specifically, the SEC found that the Company failed to adopt and implement policies designed to prevent the Financial Advisers from using two forms of unauthorized third-party disbursements, Automated Clearing House payments and certain patterns of cash wire transfers, to misappropriate funds from client accounts.
SEC Charges Two Broker-Dealers with Recordkeeping and Reporting Violations for Submitting Deficient Trading Data to SEC
The SEC, on December 20, 2024, announced settled charges against two broker-dealers (each a “Broker-Dealer” and together, the “Broker-Dealers”). According to the SEC’s order, the Broker Dealers made numerous blue sheet submissions to the SEC that contained various deficiencies, including inaccurate or missing information about securities transactions and the firms or customers involved in the transactions. The SEC found that, one of the Broker-Dealers made 15 types of errors, that caused nearly 11,200 blue sheet submissions to have missing or inaccurate data for at least 10.6 million total transactions, while the other Broker-Dealer made 10 types of errors that caused 3,700 blue sheet submissions to have misreported or missing data for nearly 400,000 transactions.
International Bank Subsidiary to Pay $4 Million for Untimely Filing of Suspicious Activity Reports
The SEC, on December 20, 2024, charged a registered broker-dealer (the “Broker-Dealer”) for failing to file certain SARs in a timely manner. According to the SEC’s order, the Broker-Dealer received requests in connection with law enforcement or regulatory investigations, or litigation that prompted it to conduct SARs investigations. The SEC’s order found that in certain instances, the Broker-Dealer failed to conduct or complete the investigations within a reasonable period of time.
SEC Files Settled Charges Against Multiple Entities for Failing to Timely File Form D in Connection with Securities Offering
The SEC, on December 20, 2024, announced charges against three companies (for this section only, the “Companies”) for failing to timely file Forms D for several unregistered securities offerings in violations of Rule 503 of Regulation D of the Securities Act of 1933. The SEC found that one of the Companies, a registered investment adviser that controls two private funds, failed to ensure that such private funds timely filed Forms D in connection with offerings involving the sale of membership interest in such private funds. The SEC found that two other Companies, both privately held companies, failed to timely file Forms D in connection with unregistered securities offerings for which the Companies engaged in certain communications that constituted general solicitations.
“Form D filings are crucial sources of information on private capital formation, and compliance with the requirement to make such filings in a timely manner is vital to the Commission’s efforts to promote investor protection while also facilitating capital formation, especially with respect to small businesses,” said Sanjay Wadhwa, Acting Director of the SEC’s Division of Enforcement. “Today’s orders find that the charged entities deprived the Commission and the marketplace of timely information concerning nearly $300 million of unregistered securities offerings.”
Shareholders File Derivative Complaint Against Independent Directors and Fund Management Alleging Breach of Fiduciary Duties
In December 2024, a derivative complaint was filed against the independent directors and fund management, alleging that their breach of fiduciary duties was responsible for the “astonishing collapse” of several funds. In December 2021, the board of directors (the “Board”) approved a plan of liquidation involving transferring nearly all the $300 million in assets of four closed-end feeder funds and a master fund, along with several private funds, for unlisted preferred units from the buying company (the “Buyer”). Ultimately, the units converted into common shares worth eight dollars each when the Buyer went public through a merger with a special purpose acquisition company. Since going public, the value of the shares has fallen to 81 cents, or less than a penny after accounting for a one-for-80 reverse stock split. According to the lawsuit, fund management and the Board did not inform the shareholders of the liquidation plan until weeks after it happened, and the liquidation plan was never submitted to shareholders for approval.
Other Industry Highlights
SEC Division of Examinations Announces its Examination Priorities for Fiscal Year 2025
The SEC Division of Examinations (the “Division”), on October 21, 2024, published its Fiscal Year 2025 Examination Priorities which highlights the practices, products, and services that the Division of Examinations believes present heightened risk to investors or the overall integrity of U.S. capital markets. The report indicated that the Division would focus on:
Investment Advisers – (1) adherence to fiduciary standards of conduct, (2) effectiveness of advisers’ compliance programs, and (3) examinations of advisers to private funds.
Investment Companies – (1) fund fees and expenses, and any waiver or reimbursements, (2) oversight of service providers (both affiliated and third-party), (3) portfolio management practices and disclosures, for consistency with claims about investment strategies or approaches and with fund filings and marketing materials, and (4) issues associated with market volatility.
The report also indicated that the Division is going to continue examining advisers and funds that have never been examined or those that have not been examined recently, with a particular focus on newly registered funds. The full report can be found here.
SEC Announced Enforcement Results for Fiscal Year 2024
The SEC announced that it filed a total of 583 enforcement actions in fiscal year 2024 while obtaining orders for $8.2 billion in financial remedies. The 583 enforcement actions represent a 26 percent decline in total enforcement actions compared to fiscal year 2023. Key areas of focus by the SEC included:
Off-channel communications. In fiscal year 2024, the SEC brought recordkeeping cases against more than 70 firms resulting in more than $600 million in civil penalties.
Marketing Rule (Rule 206(4)-1 under the Investment Advisers Act of 1940, as amended (the “Advisers Act”)) compliance. More than a dozen investment advisers were charged with non-compliance of the Advisers Act Marketing Rule including charges for advertising hypothetical performance to the general public without implementing policies and procedures reasonably designed to ensure hypothetical performance was relevant.
Misleading claims regarding AI. AI and other emerging technologies presented heightened investor risk from market participants using social media to exploit elevated investor interest in emerging investment products and strategies. These actions included multiple actions against advisers alleging the use AI in their investment processes.
SEC Risk Alert Highlights Examination Deficiencies Found in Core Focus Areas for Registered Investment Companies
The SEC’s Division of Examinations (the “Staff” or the “Division”) issued a risk alert (the “Alert”) regarding its review of certain core focus areas and associated document requests for registered investment companies (each a “Fund”, and collectively, the “Funds”). The Alert highlighted that examinations typically focus on whether Funds: (1) have adopted and implemented effective written policies and procedures to prevent violation of the federal securities laws and regulations, (2) provided clear and accurate disclosures that are consistent with their practices, and (3) promptly addressed compliance issues, when identified.
The Staff reviewed deficiency letters sent to Funds during the most recent four-year period and analyzed deficiencies and weakness related to the core areas of fund compliance programs, disclosures and filings, and governance practices. Below are some of the common deficiencies:
Fund Compliance Programs
Funds did not perform required oversight or reviews as stated in their policies and procedures or perform required assessments of the effectiveness of their compliance programs.
Funds did not adopt, implement, update, and/or enforce policies and procedures.
Policies and procedures were not tailored to the Funds’ business models or were incomplete, inaccurate, or inconsistent with actual practices.
Funds’ Codes of Ethics were not adopted, implemented, followed, enforced, or did not otherwise appear adequate.
Chief Compliance Officers did not provide requisite written annual compliance reports to Fund boards.
Fund Disclosures and Filings
Fund registration statements, fact sheets, annual reports, and semi-annual reports contained incomplete or outdated information or contained potentially misleading statements.
Sales literature, including websites, appeared to contain untrue statements or omissions of material fact.
Fund filings were not made or were not made on a timely basis.
Fund Governance Practices
Fund board approvals of advisory agreements appeared to be inconsistent with the requirements of the Investment Company Act of 1940, as amended, and/or the Funds’ written compliance procedures.
Fund boards did not receive certain information to effectively oversee Fund practices.
Fund boards did not perform required responsibilities.
Fund board minutes did not fully document board actions.
The full alert can be accessed here.
SEC’s Division of Investment Management’s Disclosure Review and Accounting Office Identifies Common Issues Found in Review of Tailored Shareholder Reports
As of July 24, 2024, open-end funds have been required to file more concise annual and semi-annual reports (“Tailored Shareholder Reports” or “TSRs”) that highlight information that the SEC deems “particularly important” to retail shareholders in assessing and monitoring their fund investments. After three months of TSR filings, on November 8, 2024, the Division of Investment Management’s Disclosure Review and Accounting Office (“DRAO”), which is responsible for reviewing TSR filings, published Accounting and Disclosure Information 2024-14 (the “ADI”) which flags common issues it has identified in its review of TSR filings and provides a reminder to funds of certain requirements.
Issues Regarding Expense Information
Annualizing expenses in dollars paid on a $10,000 investment in a semi-annual shareholder report, instead of reflecting the dollar costs over the period on a non-annualized basis.
Calculating expenses in dollars paid on a $10,000 investment by incorrectly multiplying the “Costs paid as a percentage of your investment” by $10,000, instead of multiplying the figure in the “Cost paid as a percentage of your investment” column by the average account value over the period based on an investment of $10,000 at the beginning of the period.
Presenting expenses in dollars paid on $10,000 investments to the nearest cent, when the figure must be rounded to the nearest dollar.
Funds might consider noting in their semi-annual reports that costs paid as a percentage of a $10,000 investment is an annualized figure.
Issues Regarding Management’s Discussion of Fund Performance
Disclosure by many ETFs of average annual total returns for the past one-, five-, and 10-year periods based on market value, instead of the ETF’s net asset value; additional disclosure of market value performance is not permitted to be included in the shareholder reports.
Failure by some funds to compare their performance to an appropriate broad-based securities market index both in their shareholder reports and in its prospectus.
Failure by some funds to include a statement to the effect that past performance is not a good predictor of the fund’s future performance, or to utilize text features to make the statement noticeable and prominent.
Other Issues
Including portfolio-level statistics, such as average maturity or average credit rating, under the heading “Graphical Representations of Holdings,” instead of under the heading “Fund Statistics.”
Disclosing holdings as a percentage without specifying the basis for the presentation of the information (i.e., net asset value, total investments, or total or net exposure).
Disclosing material fund changes while omitting the required cover page disclosure or including the cover page disclosure but failing to include any disclosure about the material fund changes.
Including broken links (to their websites) in their shareholder reports.
Including extraneous and sometimes lengthy disclosures such as disclaimers or risks that are not required or permitted.
For Inline XBRL structured data purposes, tagging all of their indexes as broad-based indexes instead of tagging their additional indexes with the separate tag intended for additional indexes.
For further information, the complete ADI may be accessed, here.