Healthcare fraud enforcement just broke records. The U.S. Department of Justice reported $6.8 billion in False Claims Act settlements and judgments for fiscal year 2025 — the largest annual total in the statute's history — with more than $5.7 billion tied to healthcare.¹ Whistleblowers filed 1,297 qui tam lawsuits, also a record. Six months earlier, the 2025 National Health Care Fraud Takedown charged 324 defendants, including 96 doctors, nurse practitioners, pharmacists, and other licensed medical professionals, in schemes involving more than $14.6 billion in intended loss — more than double the previous record set in 2020.²

Enforcement resources, data analytics, and whistleblower activity are all moving in the same direction, and every medical practice administrator needs a credible fraud-prevention program in 2026.

Improper payments versus fraud: know the difference

The first thing to understand is how federal payers talk about payment problems. For fiscal year 2024, the Medicare Fee-for-Service improper payment rate was 7.66%, or about $31.7 billion.³ CMS is explicit that improper payments are not a fraud rate: most involve a missed administrative step, insufficient documentation, or medical necessity not adequately supported in the record.⁴ The distinction matters because an improper payment is typically a paperwork problem, while fraud requires intent. The same underlying risks — thin documentation, unsupported medical necessity, coding errors — can land a practice in either bucket depending on the pattern and the intent behind it.

Fraud prevention in a medical group always starts with getting the fundamentals right: complete documentation, accurate coding, and clear medical necessity support for every claim.

What DOJ and OIG are prosecuting right now

Recent enforcement tells practice leaders where federal attention is concentrated. DOJ's 2025 takedown centered on fraudulent wound care (particularly amniotic skin substitutes), telemedicine and genetic-testing schemes, prescription opioid trafficking, and medically unnecessary services tied to kickbacks.² CMS also announced that it prevented more than $4 billion in fraudulent payments in the months leading up to the takedown, and suspended or revoked the billing privileges of 205 providers.² On the civil side, DOJ's FY2025 FCA activity emphasized Medicare Advantage risk adjustment, medically unnecessary services, and substandard care.¹ A $45-million settlement with a wound care company for overbilled and unnecessary services is a cautionary marker for any practice whose service mix depends on a high-volume, high-reimbursement procedure.¹ The record qui tam volume is equally important for administrators: many of these cases started with someone inside the organization.

The Anti-Kickback Statute: still the trap

The Anti-Kickback Statute (AKS) remains the most common fraud exposure for ambulatory medical practices, and recent enforcement has sharpened that focus. The AKS is a criminal statute prohibiting knowing and willful remuneration — cash, gifts, below-market rent, excessive compensation, paid consultancies, or anything else of value — offered or received to induce or reward referrals of federal healthcare program business.⁵ Remuneration includes free rent, expensive meals and travel, and excessive compensation for medical directorships or consultancies.⁵ An AKS violation can also render downstream claims false under the False Claims Act, which means each tainted claim can trigger treble damages and per-claim civil penalties.⁵

Recent settlements point to the patterns administrators should recognize. In December 2025, a clinical laboratory agreed to pay $758,000 to resolve allegations that it paid physicians fees labeled as "consulting" and "medical director" payments that were disguised kickbacks, and paid contract marketers commissions based on referral volume.⁶ In early 2026, DOJ announced additional enforcement actions aimed specifically at medical directorships that prosecutors alleged were tied to referrals or exceeded fair market value.⁷ Lab relationships, DME arrangements, imaging partnerships, speaker programs, space and equipment rentals, and paid medical-director roles are all governed by AKS safe harbors and Stark exceptions — but only if the arrangements actually meet every requirement of a safe harbor or exception.⁵

What small and midsize practices should do

If you run a physician-owned group without a hospital's compliance apparatus, the question is how to run a real program at your size. OIG's General Compliance Program Guidance says small entities can designate a single compliance contact and scale the seven compliance elements accordingly.⁸ Build your fraud-prevention program around four concrete habits.

1. Inventory every financial relationship. Medical director roles, consulting agreements, space and equipment rentals, call-coverage stipends, marketing arrangements, and speaker engagements all need written agreements set in advance, fair market value documentation, and terms not tied to referral volume. If you cannot produce the FMV basis on request, the arrangement is exposed.⁵
2. Audit where improper payment drivers actually live. Documentation and medical necessity are the most common CERT findings.³ Sample high-volume codes, high-reimbursement procedures, E/M distributions, modifier use by clinician, and any service line where one clinician's patterns diverge from peers. An annual review earns its keep when it is documented and tied to corrective action.
3. Run exclusion screening monthly. Check employees, clinicians, and vendors against the OIG List of Excluded Individuals/Entities at hire and every month thereafter. Billing for services involving an excluded party creates FCA exposure regardless of intent.⁵
4. Make it easy and safe to report concerns. OIG expects multiple reporting mechanisms, prohibits retaliation, and warns against structures that require staff to escalate only through a supervisor.⁸ Record qui tam filings mean employees who feel ignored will sometimes go directly to a whistleblower attorney.

For novel arrangements — joint ventures, value-based contracts, technology partnerships, or vendor-driven billing relationships — consider requesting an OIG advisory opinion before signing.⁵

What to watch in 2026 and beyond

Three shifts matter for the year ahead. DOJ's new Health Care Fraud Data Fusion Center, launched in June 2025, uses cloud-based analytics and AI to detect anomalous billing patterns earlier; one 2025 investigation prevented more than $4.4 billion in Medicare payments scheduled to go to a network of fraudulent medical supply companies.² Second, OIG has flagged remote patient monitoring for program-integrity review, particularly where vendor-driven billing outpaces the referring practice relationship.⁹ Third, CMS' January 2026 change to skin-substitute reimbursement — expected to cut Medicare spending on these products by nearly 90% — is both a response to past fraud and a signal that reimbursement shifts will continue to reframe what payers treat as medically necessary.⁷

Fraud prevention protects what a credible independent practice relies on: billing privileges, payer relationships, and reputation. Detection is faster, recoveries are bigger, and whistleblower activity is at a record high. Running a real program at your own scale is how you keep those risks in view before enforcement finds them for you.

Notes

1. U.S. Department of Justice, "False Claims Act Settlements and Judgments Exceed $6.8B in Fiscal Year 2025," Press release, January 16, 2026. https://www.justice.gov/opa/pr/false-claims-act-settlements-and-judgments-exceed-68b-fiscal-year-2025
2. U.S. Department of Justice, "National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud," press release, June 30, 2025. https://www.justice.gov/opa/pr/national-health-care-fraud-takedown-results-324-defendants-charged-connection-over-146
3. CMS, "Comprehensive Error Rate Testing (CERT)," FY 2024 Medicare Fee-for-Service improper payment data. https://www.cms.gov/data-research/monitoring-programs/improper-payment-measurement-programs/comprehensive-error-rate-testing-cert
4. CMS, "Fiscal Year 2024 Improper Payments Fact Sheet," November 15, 2024. https://www.cms.gov/newsroom/fact-sheets/fiscal-year-2024-improper-payments-fact-sheet
5. HHS Office of Inspector General, "A Roadmap for New Physicians: Fraud & Abuse Laws." https://oig.hhs.gov/compliance/physician-education/fraud-abuse-laws/
6. U.S. Department of Justice, "Virginia Laboratory to Pay $758,000 to Settle Allegations of Kickbacks to Doctors and Marketers," press release, December 3, 2025. https://www.justice.gov/opa/pr/virginia-laboratory-pay-758000-settle-allegations-kickbacks-doctors-and-marketers
7. Paul Hastings LLP, "Healthcare Enforcement Roundup: What Providers Need to Know," February 2026. https://www.paulhastings.com/insights/client-alerts/healthcare-enforcement-roundup-what-providers-need-to-know
8. HHS Office of Inspector General, General Compliance Program Guidance, November 2023. https://oig.hhs.gov/documents/compliance-guidance/1135/HHS-OIG-GCPG-2023.pdf
9. HHS Office of Inspector General, remote patient monitoring data-snapshot reporting, 2024–2025.