In what will create a glimmer of hope for beleaguered Medicare Advantage Organizations (MAOs) who are facing looming waves of Risk Adjustment Data Validation (RADV) audits, on September 25, 2025, a Northern District (ND) of Texas District Court invalidated the Centers for Medicare & Medicaid Services’ (CMS) 2023 RADV Final Rule, finding that the agency violated the notice-and-comment requirements of the Administrative Procedure Act (APA).
This ruling comes amidst a recently announced aggressive agenda by the current Trump administration to catch up on five payment years of RADV audits. This agenda has triggered visceral concern from MAOs, who are struggling to understand the potential breadth and impact of future extrapolated recoupments. Given the adverse residual impact to MAOs through CMS’s V28 risk adjustment (RA) model cuts, RADV audits landed at a less than opportune time for the industry. The Court’s ruling, while still subject to appeal and possible CMS rule redlining, is at least temporary good news for MAOs. But, for those popping corks for their victory lap, it ain’t over yet.
On May 21, 2025, the Centers for Medicare & Medicaid Services (CMS) announced[1] an aggressive plan (Plan) to expand its efforts to address fraud, waste, and abuse in Medicare Advantage (MA). By engaging with enhanced technology and significantly expanding its workforce, CMS states that it intends to audit every eligible MA contract for Payment Years (PY) 2018 through 2024 and recover on all prior audits conducted by CMS and the Office of Inspector General (OIG). Historically, CMS has only selected a small subset of contracts (approximately sixty) for each PY audited. CMS is currently completing PY2018 Risk Adjustment Data Validation (RADV) audit but has yet to issue findings or payment recovery demands for any audit completed. CMS has similarly not taken material action regarding the so called “OIG audits”.
Background
CMS Audit Methodology. CMS officially launched its RADV audit program in 2008. The audit methodology employed by CMS has evolved over the years through various rule making efforts and sub-regulatory issuances. CMS’s proposed rule in 2010 set forth an audit methodology to review a risk stratified 201-member sample, where all risk adjusted Hierarchical Condition Categories (HCCs) for each member would be reviewed and checked for errors.[2] Finalizing this methodology in 2012[3], CMS then conducted audits on PY2012 and 2013 utilizing this approach. The presumption was that CMS would extrapolate and recoup such amounts. However, CMS did not issue final agency actions requiring substantial repayments or extrapolation.
On August 19, 2022, the Department of Health and Human Services Office of Inspector General (“OIG”) posted Advisory Opinion 22-16 (“AO 22-16”) to its website, a favorable opinion concluding that the OIG would not impose sanctions in connection with a program that offered $25 gift cards to Medicare Advantage (“MA”) plan enrollees who completed an online educational program about the potential risk, benefits, and expectations related to surgery. AO 22-16 is the latest in a string of recent OIG advisory opinions addressing arrangements involving remuneration to Federal health care program beneficiaries - the ninth such advisory opinion in 2022 alone.
The company that requested this advisory opinion contracts with Medicare Advantage Organizations (“MAOs”) to offer the educational program to MA plan enrollees and charges the MAOs a per-member, per-month fee for the program. MA plan enrollees who take the educational program and complete a survey receive a $25 gift card, which may be for a big box store or online retailer that offers a wide variety of items. The company that offers the educational program sends mailings and email correspondence to MA plan enrollees about the educational program but does not advertise or market the program to individuals who are not enrollees of a MA plan that has contracted with the company. The MAOs are prohibited by their contract with the company from including information about the gift cards offered under the program in marketing materials to prospective enrollees.
On August 30, 2021, the DOJ announced a $90 million dollar settlement with Sutter Health and affiliates[1] (“Sutter Health”) to settle False Claims Act (“FCA”) allegations brought by qui tam relator, Kathy Ormsby, related to the Center for Medicare & Medicaid Services’ (“CMS”) MA Program.[2] Sutter Health elected to settle with DOJ and the relator without an admission of liability. As part of the Settlement Agreement, the Office of Inspector General (“OIG”) required Sutter Health to enter into a Corporate Integrity Agreement.
Blog Editors
Recent Updates
- DOJ’s Final Rule on Bulk Data Transfers: The First 180 Days
- California Governor Signs SB 351, Strengthening the State’s Corporate Practice of Medicine Doctrine
- No Remuneration Plus No "But-For" Causation (Between an Alleged Kickback and Claims Submitted to the Government) Means No FCA Violation, District Court Says
- Novel Lawsuits Allege AI Chatbots Encouraged Minors’ Suicides, Mental Health Trauma: Considerations for Stakeholders
- DOJ Creates Civil Division Enforcement & Affirmative Litigation Branch: Implications for Health Care and Beyond