Health Care Investors: Are You in Compliance with the False Claims Act?

Train tracks leading toward mountains

Since the early 2000s, health care has consistently been the largest area of enforcement and recovery under the United States False Claims Act (FCA). In 2023 alone, nearly $1.9 billion of the Department of Justice’s (DOJ) nearly $2.7 billion in False Claims Act recoveries were related to health care fraud schemes

Private equity firms have paid fines exceeding $500 million in over 34 lawsuits filed under the FCA since 2014. And, the scrutiny over private equity investment is increasing pressure to monitor compliance with the FCA.

Health care private equity investors face unique clinical compliance challenges, particularly in navigating the stringent regulations under the FCA. Private equity companies who contract with or are reimbursed by the government are particularly vulnerable to FCA liability.

Given the high stakes involved, private equity investors need to consider effective due diligence pre-investment. For those who are currently invested in health care, it’s paramount their portfolio companies are in regulatory compliance—to not only ensure firms meet federal and state regulatory guidelines, but to also safeguard investment value.

There are solutions to help maintain compliance and steps your organization can take to navigate regulations.

Implications of Noncompliance

Noncompliance can have costly consequences for organizations.

For example, a private equity company and former executives of a mental health center agreed to pay $25 million for allegedly causing fraudulent claims to be submitted to federal and Massachusetts health programs and for failure to stop pre-investment misconduct after investing.

It was alleged by the state’s Medicaid program, known as MassHealth, that mental health care services were provided to patients by unlicensed, unqualified, and improperly supervised staff members at clinics across the state.

This was a costly—and reputational—penalty to pay, which could have been avoided via enhanced pre-deal due diligence to confirm compliance with clinical, operational, and compliance best practices.

Strategies to Maintain Compliance

Explore guidance on how private equity firms can navigate due diligence to spot hidden compliance issues.

Perform Pre-Investment Due Diligence

Ahead of any investment decision, private equity firms must conduct comprehensive research to grasp the intricacies of the health care industry, understand the government reimbursement and revenue cycle challenges, assess the effectiveness of existing audit mechanisms for detecting and reporting errors, and determine the actual error rates for the portfolio company's reimbursement claims.

Additionally, they should identify the company's government contracts, examine its business practices in relation to these contracts, and acknowledge any potential risks associated with government contracting from the standpoint of the FCA.

Understand the Regulatory Environment

Begin with a deep dive into the health care subsector of the target acquisition to fully grasp the specific regulatory demands—for example, patient care facilities. Additionally, review the FCA requirements.

Navigate Day-to Day Operations & Incentives

The DOJ's accusations in a resolved case hint at the increased susceptibility of a private equity firm to be drawn into a FCA lawsuit concerning the underlying portfolio company when it actively participates in and exercises control over the company's day-to-day operations.

In providing financial incentives to the portfolio company's executives to augment profits and bolster the company's overall value, private equity firms must conscientiously evaluate whether such incentives could be construed by the government as indirectly fostering the submission of false claims for reimbursement.

Review Billing Practices

Conduct health care audits of the company’s billing operations focusing on the accuracy of claims—which should include a report card on billing practices by each provider. Look for potential past legal issues or settlements related to billing.

Assess Internal Compliance Programs

Check the effectiveness of the target’s internal compliance protocols, investigate how historical compliance issues were managed and resolved; and evaluate the compliance program, and pinpoint any shortfalls, under the US Health & Human Services (HHS) Office of Inspector General (OIG) Seven Elements of an Effective Compliance Program.

Provide Proper Documentation

Copies of all licensing documentation and surveys should be secured. Additionally, ask some of the following questions:

  • Are providers appropriately licensed and credentialed and not under investigation or probationary status, including with a medical staff where the providers have privileges?
  • Is the facility in compliance with licensing requirements, including any required Certificate of Need?

Assess Privacy Practices

Evaluate the target’s data management, especially those with patient health information (PHI).

Next Steps

For private equity firms, the value of a health care acquisition is not only in its financial returns, but also in its compliance integrity. Rigorous due diligence focused on regulatory compliance and the proactive mitigation of risks associated with the FCA is essential. Assess the red flags and potential penalties or costs, versus the deal’s upside.

After the acquisition, investing in and maintaining a robust culture of compliance can mitigate future risk. Health care consulting firms play an essential role in due diligence.

Offering specialized services that help private equity firms navigate the complex regulatory environment and enhance the value of their newly acquired assets not only enhances the compliance efficiency, but also plays a pivotal role in transforming potential risks into opportunities for growth and innovation.

We’re Here to Help

For more information on health care private equity investing and mitigating risk under the FCA, contact your Moss Adams professional.

Additional Resources

Contact Us with Questions

Enter security code:
 Security code