1.3 Fraud & abuse (False Claims Act, compliance programs)

Key Takeaways

  • Fraud requires intent (knowingly), while abuse is inconsistent with sound practice but lacks proven intent to deceive.
  • Upcoding, unbundling, and phantom billing are classic examples of billing fraud.
  • The False Claims Act penalizes knowingly submitting false claims with per-claim penalties plus treble damages and includes qui tam whistleblower provisions.
  • OIG compliance programs are built on seven core elements; the ABN warns Medicare patients they may owe for a service Medicare is likely to deny.
  • Penalties escalate from recoupment and civil fines to criminal charges and exclusion from Medicare and Medicaid.
Last updated: July 2026

Fraud, Abuse, and the Compliance Rules Behind Clean Billing

Because billers and coders control what payers are told, they sit at the center of health care's fraud-and-abuse rules. The CBCS exam expects you to tell fraud and abuse apart, recognize the major laws, and know the tools that keep a practice compliant. The unifying theme is that honest documentation and honest code selection are not just good manners; they are legal obligations backed by steep penalties.

Fraud vs. Abuse

Fraud is an intentional deception or misrepresentation made to obtain a payment or benefit the person is not entitled to. The key word is knowingly. Abuse describes practices that are inconsistent with sound medical, business, or fiscal norms and result in unnecessary cost, but without the proven intent to deceive. Abuse can rise to the level of fraud when a pattern shows the provider knew better and continued anyway. The dividing line is intent.

AspectFraudAbuse
IntentIntentional, knowing deceptionNo proven intent to deceive
DefinitionMisrepresentation to gain unearned paymentPractices inconsistent with sound norms that raise cost
ExamplesUpcoding, unbundling, phantom billingMedically unnecessary services, wrong codes without intent, routine copay waivers
Typical penaltyCriminal and civil penalties; exclusionRecoupment and civil monetary penalties

Classic fraudulent schemes every CBCS should recognize include:

  • Upcoding — reporting a higher-level or more expensive code than the documentation supports (for example, billing a comprehensive visit when only a brief one occurred).
  • Unbundling (fragmentation) — billing several separate codes for services that a single comprehensive code already covers, in order to collect more.
  • Phantom billing — billing for services, supplies, or visits that never happened.
  • Misrepresenting dates, providers, or diagnoses — for example, altering a diagnosis solely to obtain coverage.

Common abuse examples include billing for services that were not medically necessary, using incorrect codes without intent to defraud, and routinely waiving copayments.

The False Claims Act

The federal False Claims Act (FCA) is the government's primary weapon against health care fraud. It imposes liability on anyone who knowingly submits, or causes to be submitted, a false or fraudulent claim to a federal program such as Medicare or Medicaid. "Knowingly" includes actual knowledge, deliberate ignorance, and reckless disregard, so "I didn't check" is not a defense. Penalties are severe: substantial civil monetary penalties per claim plus treble (triple) damages on the amount overpaid. The FCA also contains a qui tam ("whistleblower") provision that lets employees report violations and share in any recovery, which is one more reason honest coding protects both patients and staff.

Two related laws often appear alongside the FCA. The Anti-Kickback Statute bars paying or receiving anything of value to induce referrals of federally funded services, and the Stark Law (the physician self-referral law) restricts a physician from referring patients to entities in which the physician has a financial interest.

Compliance Programs and the OIG

The Office of Inspector General (OIG) within HHS investigates fraud and publishes guidance for compliance programs, the internal systems practices use to prevent, detect, and correct violations. The OIG's model rests on seven core elements: (1) written policies and standards of conduct; (2) a designated compliance officer or committee; (3) effective training and education; (4) open lines of communication such as an anonymous hotline; (5) internal monitoring and auditing; (6) enforcement through well-publicized disciplinary guidelines; and (7) prompt response and corrective action for detected problems. The OIG also maintains the List of Excluded Individuals/Entities (LEIE); a person on that list may not be paid by federal programs.

The Advance Beneficiary Notice (ABN)

The Advance Beneficiary Notice of Noncoverage (ABN) is a Medicare form given to a patient before a service that Medicare is likely to deny, often for lack of medical necessity. By signing, the patient acknowledges they may be financially responsible if Medicare does not pay, which allows the provider to bill the patient for that service. The ABN must be delivered in advance, in writing, and must describe the service and the estimated cost. It cannot be issued routinely for every visit or handed over after the service is already performed. Used correctly, it protects both the patient (no surprise bills) and the practice (a valid basis to collect).

The Biller's Role in Prevention

Much fraud and abuse is prevented at the coding desk. A CBCS supports medical necessity by confirming that the diagnosis reported justifies the service billed, and by respecting payer coverage rules such as national and local coverage determinations. When a code edit or bundling rule (for example, the National Correct Coding Initiative) flags two services that should not be reported together, the biller must not simply override it to get paid. If documentation does not support a code, the correct action is to query the provider, not to guess a higher-paying code. Watching for these situations, and escalating anything that looks like a deliberate pattern, is exactly the "internal monitoring" the OIG expects.

Penalties

Consequences escalate with intent and harm. Civil monetary penalties and recoupment apply to abuse and lesser violations; criminal charges, fines, and imprisonment apply to knowing fraud; and exclusion from Medicare and Medicaid effectively ends a career in billing. Compliance is therefore not paperwork for its own sake. Accurate documentation, honest code selection, and promptly reporting concerns are the everyday behaviors that keep a biller and the practice on the right side of the law.

Test Your Knowledge

Knowingly billing Medicare for a more expensive service than the one actually performed, in order to increase payment, is best described as:

A
B
C
D
Test Your Knowledge

What is the purpose of an Advance Beneficiary Notice of Noncoverage (ABN)?

A
B
C
D
Test Your Knowledge

Reporting multiple separate CPT codes to collect more money when a single comprehensive code already covers the services is called:

A
B
C
D