By Jeffrey H. Brochin, J.D.
A Government Accountability Office (GAO) study found that although the approach that CMS has taken for managing fraud risks is incorporated into its broader program integrity approach, those efforts only partially align with the GAO’s 2015 A Framework for Managing Fraud Risks in Federal Programs (Fraud Risk Framework). Although CMS has shown commitment to combating fraud in part by establishing a dedicated entity to lead antifraud efforts, it does not require fraud-awareness training on a regular basis for employees, a practice that the Framework identified as important in creating a culture of integrity and compliance across CMS. The agency has also failed to combat improper payments, which totaled about $95 billion in 2016. The report recommended that CMS provide and require fraud-awareness training to its employees, conduct fraud risk assessments, and create an antifraud strategy for Medicare and Medicaid (GAO Report, GAO-18-88, December 5, 2017).
Why GAO conducted the study. CMS’ two largest programs, Medicare and Medicaid, are designated by the GAO as high risk programs partly due to their vulnerability to fraud, waste, and abuse. The GAO’s Fraud Risk Framework and subsequent enactment of the Fraud Reduction and Data Analytics Act of 2015 (P.L. 114-186) called attention to the importance of federal agencies’ antifraud efforts. Therefore, the GAO conducted a study to examine: (1) CMS’ approach for managing fraud risks across its four principal programs; and (2) how CMS’ efforts managing fraud risks in Medicare and Medicaid align with the Fraud Risk Framework.
Findings. The GAO found that the approach CMS has taken for managing fraud risks across its four principal programs is incorporated into its broader program-integrity approach, which CMS officials say can help the agency develop control activities to address multiple sources of improper payments, including fraud. However, as CMS has determined, fraud is only one as part of a spectrum of actions that may result in improper payments.
Significantly, CMS’ efforts only partially align with the GAO’s 2015 Fraud Risk Framework, which called for adopting leading practices in four components:
- design and implement; and
- evaluate and adapt.
CMS has shown commitment to combating fraud in part by establishing a dedicated entity—the Center for Program Integrity—to lead antifraud efforts. Furthermore, CMS is offering and requiring antifraud training for stakeholder groups such as providers, beneficiaries, and health-insurance plans. However, CMS does not require fraud-awareness training on a regular basis for employees. Regarding the assess and design and implement components, CMS has taken steps to identify fraud risks, such as by designating specific provider types as high risk and developing associated control activities.
What GAO recommends. In order to more fully adhere to the Fraud Risk Framework, the GAO recommended that CMS: (1) provide and require fraud-awareness training to its employees; (2) conduct fraud risk assessments; and (3) create an antifraud strategy for Medicare and Medicaid, including an approach for evaluation. CMS concurred with the recommendations.
ReportsLetters: GAOReports NewsFeed AccessNews FraudNews ProgramIntegrityNews
Interested in submitting an article?
Submit your information to us today!Learn More