Fraud detection and its impact on Medicare: Lessons from Operation Gold Rush

By Stephen W. Nuckolls 

Fraud is not an abstract budget problem. It creates real harm: confusion for beneficiaries, delayed or denied medically necessary services, and higher costs that ultimately flow back to taxpayers and families through premiums and cost sharing. It also harms accountable care organizations, especially the many Accountable Care Organizations (ACOs) in two-sided risk arrangements that must repay Medicare when program spending exceeds the benchmark.

ACOs are on the front lines of identifying fraud, waste and abuse (FWA) because we regularly analyze Part A and B claims to find gaps in care, opportunities for clinical intervention, and trends in utilization and spending. Those same tools can reveal anomalous billing patterns that may indicate fraud or abusive practices. 

Today, the vast majority of ACOs participate in two-sided risk arrangements. In these models, ACOs do not just share in savings - we are also responsible for repayment when spending exceeds the benchmark. 

In many tracks, the repayment share is substantial, commonly 75% or more of the amount over budget (subject to program limits). That structure creates a strong, practical incentive for ACOs to find fraud and other avoidable spending quickly, because we have a high portion of dollars at risk. 

This stewardship also benefits other payers that cover Medicare beneficiaries. When ACOs help identify and stop improper billing, it can reduce costs borne by Medicaid for dually eligible beneficiaries and by Medicare supplemental insurers, helping protect beneficiaries from higher premiums and cost sharing.

Operation Gold Rush illustrates both the progress CMS has made in detecting large-scale fraud and the unintended consequences that can occur when investigative and payment policies are not aligned with beneficiary protection and cross-payer coordination. 

According to the indictment, a transnational criminal organization used stolen identities and purchased DME companies to submit approximately $10.6 billion in false Medicare claims. CMS paid roughly $41 million before stopping payments, meaning the Medicare program prevented payment of about 99.6% of the billed amount. 

That point deserves emphasis: the CMS fraud detection systems that many providers feared were not working performed exceptionally well in this case by identifying and stopping the overwhelming majority of the billed amount. 

CMS’s pre-payment and analytic safeguards worked in Operation Gold Rush; the failure was not detection, but coordination and beneficiary protection after detection. Yet the indictment and related case information show that Medicare supplemental insurers and other secondary payers paid approximately $900 million associated with the same scheme.

The question is not whether Medicare was protected; it is whether beneficiaries, ACOs and other payers were protected quickly enough once the pattern was detected. Based on our understanding of the indictment, a key driver of downstream losses was a DOJ investigative approach that required CMS to pay claims known or suspected to be fraudulent into escrow while the investigation proceeded, without timely notification to ACOs, Medicare supplemental insurers, or other secondary payers. 

The indictment shows that CMS detection worked relatively well.  Unfortunately, about 95% of the actual fraud loss occurred from the lack of timely notification while suspect billing continued. 

Assuming this escrow policy remains active — and based on recent claims activity, we believe it is — this approach can shift losses to beneficiaries, supplemental carriers, and other secondary payers and can block access to medically necessary care. In our case, we reported suspected fraudulent claims for many months through routine channels, including HHS Office of Inspector General, CMS or the relevant Medicare Administrative Contractors (MACs), without any resolution or confirmation that the information was received and investigated. For ACOs, this has meant bringing fraud to national attention through outreach to the CMS Administrator, members of Congress and the press. Ideally, we would have more streamlined approaches for resolution. This escrow without notification approach can translate into direct patient harm. 

When fraudulent DME claims appear in a beneficiary’s record, legitimate medically necessary items may be delayed or denied because coverage eligibility appears to have been exhausted. The patient example later in this testimony, involving diabetic shoes denied due to a fraudulent DME claim from across the country, is consistent with this type of harm. 

The lesson from Operation Gold Rush is that detection is necessary but not sufficient. We also need rapid notification, record correction, and cross-payer coordination so that fraud is stopped before it blocks legitimate care, shifts losses to beneficiaries, supplemental insurers, and the ACOs that are responsible for the majority of the cost and are trying to prevent it. 

Read the full testimony here.

Stephen Nuckolls is the chief executive officer of Coastal Carolina Health Care, PA, and Coastal Carolina Quality Care, Inc.

_{*The opinions expressed in this column are those of the author and do not necessarily reflect the views of HealthPlatform.News.}