Combating Fraud in Healthcare
In the performance of my job as an auditor, I am required at the beginning of each engagement to ask key people in management, finance and operations whether they are aware of any fraud or allegations of fraudulent behavior in their entity, and about their assessment of whether an undiscovered fraud is be perpetrated in the entity. Almost to a man/woman, they know of no fraud, have heard of no allegations of fraud, and don’t believe that any fraud is being perpetrated.
Most of them are wrong.
The Association of Certified Fraud Examiners (ACFE) has been conducting surveys and publishing an annual Report to the Nation on Occupational Fraud and Abuse for twenty years, and there is very strong evidence that the typical organization loses 5% of its revenues in a given year as a result of fraud. Admittedly, there are number of challenges in estimating the cost and extent of fraud, as it is impossible to know how much fraud goes undetected or unreported. That said, this estimate is based on the collective knowledge of thousands of Certified Fraud Examiners, and is supported by estimates calculated by other similar organizations.
So what does this mean to you as the owner or manager of a healthcare organization? It means you are vulnerable to fraud whether you want to believe it or not. And because of where most of your revenue comes from, you have some special vulnerabilities.
The majority of your revenue comes from “OPM” – Other People’s Money, specifically the government and insurance companies. Fraudsters find it easier to rationalize committing fraud involving such faceless organizations. The most common occupational fraud in health care organizations is billing fraud, followed by corruption schemes. Corruption schemes typically involve bribery, conflict of interest and kickbacks. It is no accident that the guidelines established by the Office of Inspector General to comply with the Affordable Care Act focus on those very areas.
Corruption schemes are half again more likely in larger organizations at 42% of occupational fraud cases reported to the ACFE versus 30% of reported cases in smaller organizations. However, smaller organizations are much more vulnerable to frauds such as check tampering, skimming from receipts, fraudulent expense reimbursement requests, and payroll related fraud.
The good news is that developing a program to comply with federal guidelines is a good start to developing a fraud prevention program that will help you prevent those and other types of fraud.
What can you do to prevent and detect fraud?
Resolve to implement an anti-fraud program. According to the ACFE, implementing any of several common anti-fraud controls historically results in quicker detection of fraud and much smaller losses than at organizations that lack such controls.
Start by establishing good “Tone at the Top.” The message you send to your employees and the example you set for them is crucial in setting and communicating your expectation that the practice will be run in an ethical manner, and that ethical behavior is expected from everyone, starting with the owners/providers and ending with the most junior staff person.
Evaluate your processes and procedures around handling financial transactions. Identify areas of risk and put some common sense internal controls in place. You will probably need some help here. After all, you have a medical degree, not an accounting or business one. Getting professional help in this area is a good investment. Areas that can be indicators that you are vulnerable to fraud include:
- Long-time employees very familiar with operations and areas of weaknesses in control
- Rapid turn-over
- Inadequate training of new employees
- Lack of mandatory vacations/rotation/transfer of duties
- Management by crisis, or reactively rather than proactively
- Lack of attention to details
- Unrealistic performance goals
- Lack of internal security
- Poor compensation practices.
Foster good communications. Do your best to provide a way for employees to report concerns to you in a way that will not rebound on them and cause their job to be jeopardized or make the work environment unbearable for them. Anonymous is best, whether it is outsourcing a hotline, subscribing to a web based reporting mechanism, or a locked suggestion box. Keep in mind that all tips must be carefully followed up to ensure that disgruntled employees don’t successfully make false accusations.
Establish good hiring practices. This is another area where professional help can be beneficial. Consider consulting a labor attorney or similar specialist before implementing human resource policies and procedures.
Some good anti-fraud human resource policies include:
- Conducting background investigations for key positions
- Checking educational and employment history
- Checking credit history for individuals with financial responsibility
- Making sure you have sufficient dishonesty bond coverage. This won’t prevent fraud per se, but will lessen its impact. It will also provide you with access to tools that insurance companies often provide to help minimize claims.
In addition, use the OIG website http://exclusions.oig.hhs.gov/ to help monitor for entities and individuals barred from federally funded health care programs. If the federal government does not want to do business with them, you probably don’t either, and may be subject to civil monetary penalties if you do.
Have employees trained in fraud prevention. Make sure management and staff have a basic understanding of what constitutes fraud. Fraud includes any intentional or deliberate act to deprive another of property or money by guile, deception, or other unfair means. Ensure that staff members know basic fraud prevention techniques, and where their role fits into your internal control structure. Your employees are your “boots on the ground.” They work together closely on a daily basis, and are more likely than owners or managers to observe red flags of fraud. Some red flags include:
- Behavioral changes and signs of stress
- Family crises, such as divorce, spouse’s job loss, or health related problems
- Living beyond their means
- Refusal to share duties or let others access their information or work area
- Working unusual hours or days
- Frequency of transactions (too many or too few)
- Related parties
- Inappropriate work (managers performing clerical work)
- Non-functioning internal control(s)
- Management override of controls
- Overbearing managers.
Yes, you are vulnerable to fraud, but acknowledging that a problem exits is the first step to fixing it. Many resources exist to help you address your risk of fraud. Your accountant is probably the first, best resource. He or she can help you evaluate your systems, choose the right software products, and design internal controls. He can perform procedures to evaluate how well your controls are functioning, and recommend improvements.
Charlotte E. Allen has been licensed as a Certified Public Accountant since April of 1990. A Certified Fraud Examiner and Certified Information Technology Professional, Charlotte has over 25 years of experience in auditing governmental entities and 10 in industry, where her emphasis was in accounting and accounting systems design and implementation for not-for-profit entities funded by various governmental agencies such as HHS, HUD and DSS. She is located in the Summerville office and can be reached at firstname.lastname@example.org or (843) 873-4000.