Tag: Corporate Enforcement and Voluntary Self Disclosure Policy

DOJ Implements New Whistleblower Reward Program

Companies who submit healthcare claims to private payors, provide financial services to customers, interact with domestic or foreign public officials, or otherwise operate in highly regulated industries should take note that the Department of Justice (DOJ) has taken another significant step in its ongoing effort to encourage new whistleblowers with information about potential corporate criminal malfeasance to report that information to the government. On August 1, 2024, the DOJ announced its long awaited Corporate Whistleblower Awards Program. The program seeks to fill “gaps” in existing whistleblower programs by providing awards of up to 30% of forfeited proceeds for reporting criminal conduct that is not otherwise covered by an existing system for awarding whistleblowers. The silver lining for companies is that the program incentivizes the whistleblowers to cooperate with the company’s internal compliance function. DOJ also provides for a presumptive declination of criminal charges for companies that self-report to DOJ within 120 days of the time the issue is first raised internally by the whistleblower, providing strong incentives for companies to investigate issues quickly.

The program represents the DOJ’s latest effort to increase the number of voluntary self-disclosures of corporate criminal activity. In January 2023, the DOJ announced its revised Corporate Enforcement and Voluntary Self Disclosure Policy, which sought to expand the incentives for companies to voluntarily self-disclose misconduct, cooperate with DOJ investigations, and take prompt and full remedial measures. The policy’s primary incentive was the prospect of a presumed declination for companies who followed its mandates.

As we discussed in a previous post, efforts to increase voluntary self-disclosures continued in April 2024 when the DOJ launched a Pilot Program on Voluntary Self Disclosures for Individuals. That initiative expanded the scope of potential whistleblowers by including those complicit in wrongdoing, granting them eligibility for immunity from prosecution in return for reporting the activity. In substance, that structure incentivized both individual wrongdoers and the corporations for whom they worked to be the first to report criminal activity. By pitting the would-be whistleblowers and the companies against each other, the DOJ effectively constructed a prisoners’ dilemma where the government stood to benefit regardless of which party acted first.

The program is a different verse from the same hymnal. It offers a different (but more traditional) incentive for whistleblowers – the opportunity for financial reward – while maintaining the goal of increasing the number of voluntary self-disclosures. The program seeks to achieve that objective by motivating those who are aware of misconduct, but perhaps are otherwise unable to qualify for a bounty under the current framework or otherwise uninterested in reporting the activity without a personal benefit.

The Basic Framework

Under the program, eligible individuals who voluntarily provide original information to the government in certain areas of focus and cooperate with the resulting investigation stand to receive 30% of any criminal or civil forfeitures over $1 million in accordance with a defined payment priority. The program lays out a basic structure for determining whether an individual is entitled to an award, but also affords the DOJ substantial discretion in deciding whether to make such awards, and in what amount. The key elements are:

  • Areas of focus – The program identifies four subject matter areas: 1) violations by financial institutions, their insiders and agents involving money laundering, fraud, and fraud against or non-compliance with regulators; 2) foreign corruption and bribery and violations of money laundering statutes; 3) domestic corruption violations including bribes and kickbacks paid to domestic public officials; and 4) healthcare offenses involving private or non-public healthcare benefit programs and fraud against patients, investors or other non-governmental entities in the healthcare industry, or other violations of federal law not covered by the federal False Claims Act (FCA).
  • Eligible individuals – The program excludes several categories of individuals, including those eligible to report under other whistleblower programs and those who “meaningfully participated” in the criminal activity reported (although those who played a “minimal role” can still participate).
  • “Original information” – Essentially, independent non-public knowledge or analysis in the individual’s possession is considered “original” information. Notably, information can be deemed “original” if it “materially adds to the information that the Department already possesses.” Information that the individual has already reported through the company’s internal whistleblower, legal or compliance procedures can still be deemed “original,” provided the individual also reports that information to the government within 120 days of reporting internally. Privileged information is not considered “original” unless the crime, fraud or other exception to state attorney conduct rules apply.
  • “Voluntary” submission – The information must be reported before the DOJ or any federal law enforcement or civil enforcement agency initiates any inquiry relating to the subject matter.
  • “Cooperation” – Individuals who report must also cooperate fully with the DOJ’s investigation, including by participating in interviews, testifying before a grand jury or at trial, producing documents and, if requested, working in a “proactive manner” with federal law enforcement. This could include clandestine activities to gather evidence, such as recording phone calls or wearing a wire.
  • Criteria for determining amount of award – The program lists several factors that could militate in favor of increasing or decreasing the whistleblower’s financial award. Increases may be justified by the significance of the information provided, by the nature and extent of assistance provided, and, notably, by participation in internal compliance programs. Decreases may be appropriate where the reporting individual was a minimal participant in the underlying activity, or where the individual unreasonably delayed reporting, interfered with the company’s internal compliance and reporting systems, or had management or oversight responsibilities over the offices or personnel involved in the conduct.
  • Payment priority – When the victim is an individual, he or she must first be compensated “to the fullest extent possible” before a whistleblower can recover. When the victim is a corporate entity or government agency, the whistleblower jumps the line and is compensated first.
  • Relationship to the Corporate Enforcement and Voluntary Self Disclosure Policy – While the program incentivizes whistleblower reports to the DOJ, a simultaneous amendment to the self-disclosure policy provides that “if a whistleblower makes both an internal report to a company and a whistleblower submission” to the DOJ, companies who self-report that conduct within 120 days of the internal report “will still qualify for a presumption of a declination[.]” This amendment underscores the DOJ’s focus on increasing self-disclosures, inasmuch as it effectively removes the need for them to be truly “voluntary.” A company that receives a complaint through its whistleblower program may still be eligible under the self-disclosure policy even if the individual has already reported the conduct to the DOJ, but it has a limited time to investigate and decide whether to self-report the conduct.

Key Takeaways

Reading the tea leaves, we see several potentially significant takeaways for companies evaluating the program’s likely impact.

  1. As a starting point, companies should evaluate whether and to what extent their operations create new reporting opportunities under the program, and thus necessitate action. That process should involve answering the following questions:
    • Does the company operate in one of the areas of focus? If so, the program creates new opportunities and incentives for whistleblowers, and the company must assess whether it is prepared to address an increase in reports and to recognize that a reporter may have already disclosed information to the DOJ.
    • Is the company publicly traded? If so, the company is already subject to the Sarbanes-Oxley Act (SOX), which should mean that systems are already in place to receive, investigate and determine whether to take action, including potentially making a voluntary self-disclosure. The program provides an opportunity to reassess the efficacy of those systems but should not necessarily require the creation of new ones. Note that even those companies with existing whistleblower programs should consider the need to expand those systems to cover new areas of focus. For example, a company with a SOX whistleblower policy should consider the need to expand its scope to cover domestic corruption violations, which may not otherwise be covered.
    • Does the company submit claims to government payors? If so, it is already subject to the FCA and should already have a system in place to analyze internal compliance concerns. If that system focuses on or prioritizes issues regarding government payors, the company should expand its focus to include claims and conduct regarding private payors, which may now be subject to whistleblower bounties under the program.
  2. For privately held companies operating in the areas of focus that are not subject to the FCA, the program necessitates a thorough and candid assessment of the risk the program creates. Depending on the extent of that danger, companies should consider the following measures:
    • Create, or enhance as necessary, internal reporting mechanisms to receive and evaluate whistleblower reports.
    • Publicize the company’s expectation that employees should promptly report concerns internally about potential violations of law or company policy, making clear that no retaliation will result from reports made in good faith.
    • Design a process for investigating whistleblower reports based on their nature and seriousness. Establish criteria for identifying those that can be investigated by HR, those that require the involvement of in-house counsel, and those that must be handled by outside counsel. If there is any possibility of criminal exposure, ensure an appropriate investigation is conducted and concluded in time to allow the company to determine whether to self-report in the 120-window for a presumptive declination.
  3. All companies should have in place a system for quickly and accurately evaluating whether to voluntarily self-disclose violations. This process is a multi-factor calculus that considers a range of factors, including primarily the merits of the underlying information and the amount of financial loss or gain that resulted. While decision-making in this context varies by situation, one essential element remains constant: the need for accurate information regarding the nature, scope and effect of the underlying conduct.

Only time will tell exactly how the program will impact the number and nature of whistleblower reports. But companies can take practical steps now to gauge whether and to what extent they are likely to be affected and begin installing the measures necessary to minimize the risk that might otherwise result.

Listen to this post 

© 2024 Bradley Arant Boult Cummings LLP
For more on Whistleblowers, visit the NLR Criminal Law Business Crimes section

2023 Key Developments In The False Claims Act

2023 was another active year for the False Claims Act (FCA), marked by notable appellate decisions, emerging enforcement trends, and statutory amendments to state FCAs. We summarize the year’s most important developments for practitioners and government-facing businesses.

Developments in Caselaw

Supreme Court Holds That FCA Scienter Incorporates A Subjective Standard

The Supreme Court issued two consequential decisions on the False Claims Act this term. In the first, United States ex rel. Schutte v. SuperValu Co., 1 the Court held that objectively reasonable interpretations of ambiguous laws and regulations only provide a defense to the FCA’s scienter requirement if the defendant in fact interpreted the law or regulation that way during the relevant period. The Court held that the proper scienter inquiry is whether the defendant was “conscious of a substantial and unjustifiable risk” that their conduct was unlawful. 2 Previously, some courts (including the courts below in Schutte) had dismissed FCA claims based on an ambiguity in relevant statutory or regulatory provisions identified by a party’s attorneys, even if the party never actually believed that interpretation. Schutte precludes such a defense. That said, Schutte does require relators or the Government to allege facts to support an inference of actual knowledge of falsity, and some courts have granted motions to dismiss on that basis post-Schutte. 3

High Court Reaffirms Government’s Authority To Intervene And Dismiss Declined Actions, While Some Justices Raise Constitutional Questions

The Court also decided United States ex rel. Polansky v. Executive Health Resources, Inc., 4 which held that the Government may intervene in a declined action—i.e., where the Government declines to litigate the case at the outset under 31 U.S.C. § 3730(b)(4)(B)—for the purpose of dismissing it over the relator’s objection. The case essentially preserves the status quo, as courts widely recognized the authority of the Government to dismiss declined qui tams before PolanskyPolansky places two minor restrictions on the Government’s ability to dismiss declined actions. First, the Government has to intervene. 5 Second, the Government needs to articulate some rationale for dismissal to meet the standard of Rule 41(a), which the Court remarked that it will be able to do in “all but the most exceptional cases.” 6 More notably, however, three of the nine Justices (Justice Thomas in dissent and Justices Kavanaugh and Barrett in concurrence) signaled that they would entertain a challenge to the constitutionality of the qui tam mechanism under Article II. 7 Though the one court that has considered such arguments on the merits post-Polansky rejected them, 8 it remains likely that additional, similar challenges will be made.

Split In Authority Deepens On Causation In Kickback Cases

In FCA cases where the relator alleges a violation of the Anti-Kickback Statute (AKS), the payment of a kickback needs—at least in part—to have caused a submission of a false claim. That requirement flows from the statutory text of the AKS, which provides that claims “resulting from” AKS violations are “false or fraudulent claim[s]” for the purpose of the FCA. 9 But courts have not coalesced around a single standard for what it means for a false claim to “result from” a kickback. Before this year, the Third Circuit in United States ex rel. Greenfield v. Medco Health held that there needs to be “some link” between kickback and referral beyond temporal proximity. 10 On the other hand, the Eighth Circuit in United States ex rel. Cairns v. D.S. Medical, LLC, held that the kickback needs to be a but-for cause of the referral. 11 Earlier this year, the Sixth Circuit endorsed the Eighth Circuit’s interpretation of causation. The court reasoned that but-for causation is the “ordinary meaning” of “resulting from” and no other statutory language in the AKS or FCA justifies departure from a but-for standard. 12 But not every court has adopted the Sixth Circuit’s straightforward analysis.

In the District of Massachusetts, for example, two decisions issued this summer came out on opposite sides of the split. In both cases, United States v. Teva Pharmaceuticals USA, Inc., 13 and United States v. Regeneron Pharmaceuticals, Inc., 14 the Government alleged that the pharmaceutical companies were improperly paying copayment subsidies to patients for their drugs. Yet Teva adopted Greenfield’s “some link” standard, while Regeneron adopted the “but-for” standard of the Sixth and Eighth Circuits. The Teva court also certified an interlocutory appeal to the First Circuit to resolve the issue prior to trial, which remains pending. 15 FCA defendants in cases arising out of the AKS thus continue to face substantial uncertainty as to the applicable standard outside the Third, Sixth, and Eighth Circuits. That said, there is mounting skepticism of the Greenfield analysis, 16 and those defendants retain good arguments that the standard adopted by the Sixth and Eighth Circuits should apply.

Enforcement Trends

The also Government remained active in investigating and, in many cases, settling False Claims Act allegations. That enforcement activity included several large settlements, including a $377 million settlement with Booz Allen Hamilton arising out of its failure to comply with Federal Acquisition Regulation cost accounting standards. 17 Our review of this year’s activity revealed significant trends in both civil and criminal enforcement, which we briefly describe below.

Focus On Unsupported Coding In Medicare Advantage (Part C) Claims

Medicare recipients are increasingly turning to private insurers to manage the administration of their Medicare benefits: over half of Medicare enrollees now opt for managed care plans. 18 The Government announced several important enforcement actions focused on submissions to and the administration of Medicare Advantage plans.

On September 30, DOJ announced a $172 million settlement with Cigna due to an alleged scheme to submit unsupported Medicare coding to increase reimbursement rates. According to the press release, Cigna operated a “chart review” team that reviewed providers’ submitted materials and identified additional applicable diagnosis coding to include on requests for payment. The Government alleges that some of the coding Cigna added was not substantiated by the chart review. 19

Similarly, in October, the Government declined to prosecute insurer HealthSun for submitting diagnosis coding to CMS that increased applicable reimbursement rate of treatment without an actual underlying diagnosis by the treating physician. The declination was based on HealthSun’s voluntary self-disclosure of the conduct through the Criminal Division’s recently updated Corporate Enforcement and Voluntary Self-Disclosure Policy. 20 DOJ did, however, indict the company’s former Director of Medicare Risk Adjustment Analytics for conspiracy to commit healthcare fraud and several counts of wire fraud and major fraud against the Government in the Southern District of Florida. 21

In May, the United States Attorney’s Office for the Eastern District of Pennsylvania announced a settlement against a Philadelphia primary care practice based on the submission of allegedly unsupported Medicare diagnosis coding in Part C submissions. The press release asserts that the practice coded numerous claims with morbid obesity diagnoses when the patients lacked the required body-mass index for the diagnosis and diagnosed chronic obstructive pulmonary disease without appropriate substantiation. 22

Both managed care organizations and providers that submit claims to Medicare Advantage should review their claim coding practices to ensure that their claims accurately reflect the medical diagnoses of the treating physician, as well as the treatment provided.

DOJ Follows Through On Civil Cyber-Fraud Initiative

In 2021, DOJ announced the launch of its Civil Cyber-Fraud Initiative, 23 which was aimed at policing government contractors’ failures to adequately protect government information by meeting prescribed cybersecurity requirements. This year, the enforcement of that policy led the Government to alleged FCA violations based on implied or explicit certifications of compliance with cybersecurity regulations:

In September, the Government declined to intervene in a qui tam action against Pennsylvania State University alleging that Penn State falsely certified compliance with Defense Federal Acquisition Regulation Supplement 252.204-7012, which specifies controls required to safeguard defense-related information, during the length of its contract with the Defense Department. 24 However, the parties subsequently sought a 180 day stay of proceedings due to an ongoing government investigation, which was granted. 25 The application for the stay hinted that the Government may yet intervene in the action and file a superseding complaint. 26

DOJ also announced in September a $4 million settlement with Verizon Business Network Services LLC arising out of Verizon’s provision of internet services to federal agencies that was required to meet specific security standards. The Government’s press release, which specifically noted Verizon’s cooperation with the investigation, alleged that Verizon failed to implement “three required cybersecurity controls” in its provision of internet service, which were not individually specified. 27

Entities doing business with the Government should ensure that they are aware of all applicable cybersecurity laws and regulations governing that relationship and that they are meeting all such requirements.

Continued Crackdown On Telemedicine Fraud Schemes

Following OIG-HHS’s July 2022 Special Fraud Alert 28 regarding the recruitment of practitioners to prescribe treatment based on little to no patient interaction over telemedicine, DOJ announced several significant settlements involving that exact conduct. In many circumstances, the Government pursued criminal charges rather than civil FCA penalties alone.

In September, the United States Attorney’s Office for the District of Massachusetts announced a guilty plea to a conspiracy to commit health care fraud charge. The Government alleged that the defendant partnered with telemarketing companies to pay Medicare beneficiaries “on a per-order basis to generate orders for [durable medical equipment] and genetic testing,” and then found doctors willing to sign “prepopulated orders” based on telemedicine appointments that the doctors did not actually attend. 29

In June, as part of a “strategically coordinated” national enforcement action, DOJ announced action against several officers of a south Florida telemedicine company for an alleged $2 billion fraud involving the prescription of orthotic braces and other items to targeted Medicare recipients through cursory telemarketing appointments that were presented as in-person examinations. 30

Although enforcement in the telemedicine space to date has largely focused on obviously fraudulent conduct, practitioners should be aware that the Government may view overly short telemedicine appointments as insufficient to support diagnoses leading to claims for payment from the Government.

State False Claims Acts

Both Connecticut and New York made notable alterations to the scope of conduct covered by their state FCAs. Companies doing business with state governments should be aware that 32 states have their own FCAs, not all of which mirror the federal FCA.

Connecticut Expands FCA To Mirror Scope Of Federal Statute

Prior to this year, Connecticut’s False Claims Act covered only payments sought or received from a “stateadministered health or human services program” In June, however, Connecticut enacted a substantial revision to its state FCA, which seeks to mirror the scope and extent of the Federal FCA. 31 Those doing business with the state of Connecticut should conduct an FCA-focused compliance review of that business to avoid potential liability arising out of state law, and should also understand federal FCA jurisprudence, which is likely to have a significant influence on the new law’s interpretation.

New York Expands FCA To Cover Allow Tax-Related FCA Claims Against Non-Filers

New York is among the few states whose state FCAs cover tax-related claims. Prior to this year, though, the state and its municipalities could only assert tax-related claims against those who actually filed and whose filings contained false statements of fact. In May, New York amended its FCA to allow a cause of action against those who knowingly fail to file a New York tax return and pay New York taxes. 32 Companies doing business in New York should be aware that not filing required taxes in New York may potentially subject them to, among other things, the treble damages for which the FCA provides.

1 143 S. Ct. 1391 (2023).
Schutte, 143 S. Ct. at 1400-01.
See, e.g., United States ex rel. McSherry v. SLSCO, L.P., No. 18-CV-5981, 2023 WL 6050202,
at *4 (E.D.N.Y. Sept. 15, 2023).
4 143 S. Ct. 1720 (2023).
5 Id. at 1730.
6 Id. at 1734.
7 Id. at 1737 (Kavanaugh, J., concurring); id. at 1741-42 (Thomas, J., dissenting).
8 See United States ex rel. Wallace v. Exactech, Inc., No. 7:18-cv-01010, 2023 WL 8027309, at
*4-6 (N.D. Ala. Nov. 20, 2023).
9 See 42 U.S.C. § 1320a-7b(g).
10 United States ex rel. Greenfield v. Medco Health Sol’ns, 880 F.3d 89, 98-100 (3d Cir. 2018).
11 United States ex rel. Cairns v. D.S. Med., LLC, 42 F. 4th 828, 834-36 (8th Cir. 2022).
12 United States ex rel. Martin v. Hathaway, 63 F. 4th 1043, 1052-53 (6th Cir. 2023).
13 Civ. A. No. 20-11548, 2023 WL 4565105 (D. Mass. July 14, 2023).
14 Civ. A. No. 20-11217, 2023 WL 7016900 (D. Mass. Oct. 25, 2023)
15 See United States v. Teva Pharma USA, Inc., No. 23-1958 (1st Cir. 2023).
16 See, e.g., Regeneron, 2023 WL 7016900, at *11 (remarking that the Greenfield analysis is
“fraught with problems” and “disconnected from long-standing common-law principles of
causation”).
17 https://www.justice.gov/opa/pr/booz-allen-agrees-pay-37745-million-settle-false-claims-act-
allegations.
18 https://www.kff.org/policy-watch/half-of-all-eligible-medicare-beneficiaries-are-now-enrolled-
in-private-medicare-advantage-plans/.
19 https://www.justice.gov/opa/pr/cigna-group-pay-172-million-resolve-false-claims-act-
allegations.
20 See https://www.justice.gov/opa/speech/assistant-attorney-general-kenneth-polite-jr-delivers-
remarks-georgetown-university-law.
21 https://www.justice.gov/opa/pr/former-executive-medicare-advantage-organization-charged-
multimillion-dollar-medicare-fraud.
22 https://www.justice.gov/usao-edpa/pr/primary-care-physicians-pay-15-million-resolve-false-
claims-act-liability-submitting.
23 See https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-new-
civil-cyber-fraud-initiative.
24 See United States ex rel. Decker v. Penn. State Univ., Civ. A. No. 22-3895 (E.D. Pa. 2023).
25 Id. at ECF Nos. 24, 37.
26 Id. at ECF No. 24.

27 See https://www.justice.gov/opa/pr/cooperating-federal-contractor-resolves-liability-alleged-
false-claims-caused-failure-fully.
28 https://oig.hhs.gov/documents/root/1045/sfa-telefraud.pdf.
29 https://www.justice.gov/usao-ma/pr/owner-telemedicine-companies-pleads-guilty-44-million-
medicare-fraud-scheme.
30 https://www.justice.gov/opa/pr/national-enforcement-action-results-78-individuals-charged-
25b-health-care-fraud.
31 See Conn. Gen. Stat. §§ 4-274–4-289.
32 See N.Y. State Fin. Law § 189(4)(a).

© 2023 Binder & Schwartz LLP. All Rights Reserved
For more news on the False Claims Act, visit the NLR Financial Institutions & Banking section.