Medicare Fraud, Waste, and Abuse: Recent Trends Compliance Teams Should Watch

Medicare fraud, waste, and abuse (FWA) isn’t “just” a government problem—it’s a business risk, a patient-safety risk, and a reputational risk. The past 18 months have made that painfully clear, with enforcement actions and program integrity data pointing to the same conclusion: the pressure is rising, the schemes are evolving, and the government is getting faster at detecting patterns.

A few headline signals: DOJ’s 2025 National Health Care Fraud Takedown charged 324 defendants tied to over $14.6 billion in alleged fraud, and CMS reported it prevented over $4 billion from being paid out in response to false/fraudulent claims, plus suspended or revoked billing privileges for 205 providers in the lead-up. That’s not “business as usual.” That’s the direction of travel.

Below are the most important recent FWA trends, what they look like in the real world, and practical controls to reduce risk.

Trend 1: Medicare Advantage risk adjustment scrutiny keeps intensifying

Risk adjustment has been a long-standing enforcement theme, but recent developments indicate an increasing focus on how diagnoses are created, documented, and submitted—and whether they are linked to actual care.

In January 2026, DOJ announced a $556 million False Claims Act resolution involving Kaiser Permanente affiliates over allegations of submitting invalid diagnosis codes to increase Medicare Advantage (Part C) payments, including allegations of pressuring physicians to add diagnoses via addenda after visits and using methods to “mine” patient history for risk-adjustment diagnoses.

Separately, the HHS Office of Inspector General (OIG) found that diagnoses reported only on health risk assessments (HRAs) and HRA-linked chart reviews (without corroborating service records) accounted for an estimated $7.5 billion in MA risk-adjusted payments in 2023, raising concerns about the validity of diagnoses or the lack of follow-up care.

What this means for compliance: MA risk adjustment governance (coding policies, documentation standards, chart review oversight, vendor controls, and audit defensibility) is no longer optional “program integrity hygiene.” It’s a core enterprise risk.

Trend 2: Telehealth + marketing-fueled ordering remains a fraud engine

Telehealth can expand access. It can also become a high-speed ordering channel when paired with aggressive marketing, lead generation, or telemarketing.

DOJ’s 2025 takedown highlighted telemedicine and genetic testing fraud schemes as a major component, including 49 defendants charged in connection with $1.17 billion in allegedly fraudulent Medicare claims tied to telemedicine/genetic testing schemes, and DOJ explicitly noted continuing focus on fraud dependent on telemedicine (including genetic testing, DME, and COVID-19 test-related schemes).

This isn’t new, either. DOJ’s June 2024 national enforcement action included telemedicine and laboratory fraud measured in the billions (alongside other recurring schemes).

What this means for compliance: The risk isn’t “telehealth” in the abstract—it’s telehealth + weak controls: questionable ordering pathways, thin documentation, identity/consent gaps, and vendor relationships that look like inducements.

Trend 3: Remote Patient Monitoring (RPM) is booming—and getting monitored

RPM has grown fast, and oversight is catching up.

OIG reported that RPM use continued to grow in 2024, with Medicare payments exceeding $500 million, and recommended using billing measures to flag outliers (e.g., billing many enrollees with no prior practice history, or billing for multiple devices in a month).

What this means for compliance: RPM vendors, ordering providers, and billing entities should treat RPM like a “program integrity product,” not just a clinical program—especially around medical necessity, patient engagement, device logistics, and documentation.

Trend 4: DME remains a high-risk category (and the data shows it)

Even when activity isn’t criminal fraud, DME is a consistent driver of improper payments.

CMS’s CERT data shows the FY 2025 Medicare FFS improper payment rate was 6.55% (about $28.83 billion), and DMEPOS stood out with a 24.12% improper payment rate (about $2.27 billion).

What this means for compliance: DME suppliers and ordering providers should assume DME claims will be audited and build the file as if it will be reviewed—because it probably will.

Trend 5: “Insufficient documentation” is still the #1 waste driver

Not every improper payment is fraud. But improper payments are where waste hides—and where investigations often start.

CMS’s FY 2024 Improper Payments Fact Sheet emphasizes that improper payments frequently occur when reviewers cannot determine if the payment was proper due to insufficient documentation, and that Medicare FFS improper payments largely fall into insufficient documentation and medical necessity not supported.

What this means for compliance: A scary amount of “waste” is preventable through boring fundamentals: clean documentation, clear medical-necessity narratives, consistent coding support, and fast/complete record-response workflows.

Trend 6: Hospice and related billing intersections continue to generate audit risk

Hospice is a recurring oversight area, and one common risk pattern is billing responsibility and service/payment coordination for hospice enrollees.

For example, OIG found Medicare improperly paid acute-care hospitals an estimated $190 million over a five-year period for outpatient services provided to hospice enrollees (audit period 2017–2021), reflecting how easily payment rules can break down across settings. CMS’s own hospice compliance guidance reinforces strict documentation and certification expectations before claims submission.

What this means for compliance: Hospice, hospitals, and outpatient departments should stress-test their rules of the road (certifications, documentation, service responsibility, and claims workflows) to avoid “accidental” improper billing.

Trend 7: The government is investing in analytics (and moving faster)

It’s not just more cases—it’s better detection.

DOJ’s 2025 takedown announcement described work to create a Health Care Fraud Data Fusion Center leveraging cloud computing, AI, and advanced analytics to identify emerging schemes and break down data silos.

And at the macro level, GAO reported that across the federal government, agencies estimated $162 billion in improper payments in FY 2024, with ~84% tied to overpayments.

What this means for compliance: If you’re waiting for an audit letter to start looking at your own billing outliers, you’re already behind.

Practical FWA controls you can implement now

A “do this Monday” checklist

• Tighten ordering pathways: Require documented patient relationship, consent, and clinical rationale—especially for DME, labs, genetic testing, and RPM.
• Codify MA risk adjustment rules: Clear standards for face-to-face documentation, addenda timing/controls, and vendor oversight for HRAs/chart reviews.
• Run outlier analytics: Sudden volume spikes, unusual mix of codes, high DME improper-payment exposure categories, and “new patient” surges in RPM.
• Build documentation defensibility: Templates that capture medical necessity and reduce missing/insufficient documentation errors.
• Vendor/marketing due diligence: Lead-gen, telemarketing, and third-party “patient acquisition” partners are enforcement magnets—contract controls and monitoring are essential.

Red flags worth training on!

• Diagnoses added after the fact without clear clinical justification or connection to the visit.
• HRAs/chart reviews generating diagnoses with no follow-up services in encounter data.
• Telehealth “one-touch” encounters leading to high volumes of DME/labs/genetic tests.
• RPM billing spikes, multiple devices/month patterns, or lots of “new-to-practice” beneficiaries.
• Missing records, weak medical necessity support, or inconsistent coding-to-documentation alignment.