There is no doubt that state Medicaid Fraud Control Units (MFCUs) have their hands full and are charged with a difficult task. They are responsible for investigating Medicaid fraud. This is part of the responsibility assigned to them by the Centers for Medicare & Medicaid Services (CMS) as a mandate for receiving federal healthcare dollars to reimburse those services and other items covered by Medicaid.
According to the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) website, “Medicaid Fraud Control Units (MFCUs) investigate and prosecute Medicaid provider fraud as well as patient abuse or neglect in healthcare facilities and board and care facilities. MFCUs operate in 49 states and the District of Columbia. The MFCUs, usually a part of the state attorney general’s office, employ teams of investigators, attorneys, and auditors; are constituted as single, identifiable entities; and must be separate and distinct from the state Medicaid agency. OIG, in exercising oversight for the MFCUs, annually re-certifies each MFCU, assesses each MFCU’s performance and compliance with federal requirements, and administers a federal grant award to fund a portion of each MFCU’s operational costs.”
On June 1, 2012, the Federal Register published an important mandate to measure the success of state Medicaid Fraud Control Units. Performance Standard 8(f) calls for all state MFCUs to transmit to the OIG for HHS, “for purposes of program exclusions under section 1128 of the Social Security Act, all pertinent information on MFCU convictions within 30 days of sentencing, including charging documents, plea agreements, and sentencing orders.”
The OIG reviews many components of state MCFU compliance, using 12 performance standards, and monitors MCFU compliance with federal grant requirements. This can include the review of policies and procedures, documentation of the unit’s operations, staffing, and caseload (as well as financial documentation), structured interviews with key stakeholders, and review of the sample of cases worked by the unit.
This article will focus on the performance of reporting, sentencing, and actions taken against providers by the OIG. The OIG relies upon the MFCUs to timely notify it of actions taken that might require the provider to be excluded by the OIG.
State MCFUs have listed various reasons why they did not know which cases to report or why they were late in informing the OIG about certain matters. No matter the reason, the OIG has proposed to clear up what is required via the revised rules for MFCUs, which were published on Sept. 9, 2016.
The proposed rules expand the MCFUs’ functions and responsibilities and propose to require that MCFUs:
By referring convicted individuals or entities to OIG for exclusion, MFCUs help ensure that such individuals and entities do not have the opportunity to defraud Medicaid and other federal health programs, or to commit patient abuse or neglect. Historically, referrals by MFCUs have constituted a significant part of the exclusions imposed each year by OIG.
MCFU Not Reporting
Let’s look at the Virginia MFCU, as an example. In 2016 it recovered $34 for each dollar spent on fighting healthcare fraud. However, with those stellar results, the MFCU did not report about half of all convictions to OIG within required time frames. The Unit did not report 42 of its 79 convictions to OIG within 30 days of sentencing.
Late reporting of convictions to OIG delays the initiation of the program exclusion process, which may result in improper payments being made to providers by Medicare or other federal healthcare programs – or possible harm to beneficiaries.
The ProviderTrust Compliance Healthcare Index Report (CHIRP) compares each state exclusion to determine whether it was the result of a felony for patient abuse, substance abuse, and/or fraud abuse, as enumerated by Section 1128. For illustrative purposes, we focused on New York state exclusions (felonies).
The New York MCFU excluded 6,291 individuals and entities: 5,508 individuals, 783 entities.
The OIG list of excluded individuals and entities (LEIE) has 3,113 of those 5,508 individuals and 21 of the 783 entities.
However, the ProviderTrust CHIRP analysis identified 21 excluded individuals (for a felony) that were not found on the OIG LEIE list. The exclusions were mandatory, being as they were for a felony, and thus according to Performance Standard 8, they should have been provided to the OIG for inclusion on the LEIE.
Here are two examples of such lag in reporting to the OIG:
Buena Vista Pharmacy Inc.
New York, N.Y.
Excluded on Nov. 20, 2000 by New York (18 NUCRR 515.8) for all federal healthcare programs
Aaron S. Goldfein
Excluded in New York as a physician on Aug. 27, 2015 and excluded in Michigan May 6, 2014.
In fact, an audit of the OIG LEIE found that approximately two-thirds of state exclusions were not found on it. This is consistent with ProviderTrust’s CHIRP findings, as evidenced by New York’s missing data outlined above. Thus, a company needs to conduct monthly monitoring of not only the OIG LEIE, but also the 40 state Medicaid exclusion lists in order to be assured of searching against all available exclusions (state and federal).
Summary
Whatever results from these clarifying MFCU reporting rules, the OIG LEIE can only receive those cases that resulted in a conviction, sentence, or plea agreement. Without timely reporting, the OIG LEIE list will not be all-encompassing, creating a big gap for exclusion compliance for your organization.
Accordingly, make sure to cover the OIG LEIE, SAM.gov and all available state Medicaid exclusion lists in your monthly exclusion monitoring program in 2017. Until the MFCUs get better at following the tenets of Performance Standard 8(f), employers will have to include federal OIG and all available state Medicaid exclusion lists (40) in order to ensure that they are not hiring or contracting with an excluded individual and/or entity.
Combat is often described as hours of boredom intermixed with moments of sheer terror. I fear that that metaphor is increasingly applicable to Medicare enrollment. Few
Let’s start with a recent (U.S. Department of Health and Human Services Office of Inspector General) OIG audit of a Medicare Advantage plan. Now these
Please log in to your account to comment on this article.
Uncover essential coding insights with nationally recognized coding authority Kay Piper, RHIA, CDIP, CCS. Through ICD10monitor’s interactive, on‑demand webcast series, Kay walks you through the AHA’s 2026 ICD‑10‑CM/PCS Quarterly Coding Clinics, translating each update into practical, easy‑to‑apply guidance designed to sharpen precision, ensure compliance, and strengthen day‑to‑day decision‑making. Available shortly after each official release.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s fourth quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s third quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s second quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
BLOOM INTO SAVINGS! Get 25% OFF during our spring sale through March 27. Use code SPRING26 at checkout to claim this offer.
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
