4 Frequently Asked Questions About MSO Investigations and 3 Defense Strategies

In the last decade, Management Services Organizations, or MSOs, became popular service providers and investment tools for the medical and health care field. Unfortunately, the way some MSOs are structured, they can violate several important laws against healthcare fraud, like the Stark Law or the Anti-Kickback Statute.

Because this is such a novel issue in the medical field, lots of healthcare providers have questions about it. Some want to know how they can defend themselves if they get accused of wrongdoing for their activity with an MSO.

Dr. Nick Oberheiden is an MSO investigation lawyer at Oberheiden P.C. Here are some questions that he frequently gets asked and a few defense strategies that can help.

FAQs About MSO Investigations

1. What are MSOs?

An MSO is a company that provides administrative services to medical professionals. They can help healthcare providers with their:

  • Human resources
  • Operations
  • Coding and billing services
  • Office space management
  • Compliance
  • Contract management

Healthcare companies can either contract with an MSO to provide these services or can outright sell the administrative wing of their practice to an MSO so they can focus on the medical side of their business.

2. Why are MSOs Problematic?

MSO arrangements can become legally problematic when they act as an investment tool for medical professionals. Physicians could buy an ownership stake in an MSO that provided services to, say, a pharmacy. Those physicians could then begin referring patients to that same pharmacy.

In theory, that referral is going to a company – the pharmacy – that neither the physician nor his or her immediate family members have a financial interest in. In reality, though, the distinction gets blurred if the MSO – and therefore the physician – makes money off the referral. This can arguably amount to a kickback, which is unlawful.

3. Is Law Enforcement Actually Looking Into MSOs?

Yes, the justice department or the U.S. Department of Justice (DOJ) has recently begun investigating MSOs that appears to be a medium for illegal kickbacks from one healthcare provider to a referring physician.

Together with the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG), the DOJ has taken the position that MSOs that are only indirectly recouping physicians for referrals is enough to violate anti-kickback laws. In one case, the agencies are pursuing False Claims Act (31 U.S.C. § 3729) violations in addition to violations of the Stark Law (42 U.S.C. § 1395nn) and the Anti-Kickback Statute (42 U.S.C. § 1320a-7b).

However, not all MSOs have come under the scrutiny of federal law enforcement. The DOJ has not declared a blanket rule that all MSOs are unlawful. Instead, it is only targeting those that show the signs of potential healthcare fraud.

4. What are the Potential Penalties for Investing in the Wrong MSO?

At this stage, it is hard to tell. MSOs are still a new development, and we are only seeing the very first charges getting filed against physicians who invest in the “wrong” MSOs. Courts have not yet ruled whether MSOs can facilitate a kickback or amount to a false claim.

If courts do go along with the DOJ’s interpretation of the law, then physicians can face steep penalties for sending business to another healthcare facility that contracts with an MSO that they own or invest in.

The Anti-Kickback Statute is a criminal law that carries up to five years in prison for a conviction, as well as fines of up to $25,000 and program exclusion. The Stark Law is a civil law that, while it does not carry criminal sanctions or jail time, does impose:

  • Denial of payments provided
  • Disgorgement of ill-gotten gains
  • Civil penalties of up to $15,000 for each violation
  • Treble damages
  • Program exclusion

Defense Strategies for Investigations into Your MSO

If you do have an ownership stake in an MSO and are concerned about a potential investigation, or if you are interested in investing in one of these new companies and want to do it right, there are several things that you can do. While every case is unique, here are three defense strategies and compliance procedures that MSO investigation attorney Dr. Nick Oberheiden often recommends considering.

1. Look for Signs That an MSO is Problematic

Not all MSOs are attracting the attention of federal law enforcement. Instead, it is the ones that do not comply with the requirements of anti-kickback statutes and illegal referrals.

Some signs that an MSO is lacking in that department include:

  • A lack of a compliance officer in the company
  • No training regarding important laws like HIPAA, the Stark Law, or the Anti-Kickback Statute
  • The MSO is paid on a percentage basis, rather than through a flat fee (payments should be at fair market value rates)
  • The MSO charges unreasonably high service fees
  • There are incentives for investing physicians to refer clients to the company

All of these are strong signs that the MSO is at risk of civil or even criminal action for healthcare fraud and illegal referrals. Unfortunately, many of these signs also give an investing physician the power to increase his or her return on the investment – a feature that makes the investment seem especially lucrative.

2. Tighten Up the Compliance

If you are invested in an MSO and suddenly see proof that it was too good to be true, you are not powerless. You are a partial owner, after all. You can push the company to tighten up its compliance with anti-kickback laws. In the best cases, this can successfully protect you and avoid scrutiny from law enforcement. Even if it does not, though, it can reduce the restitution that you can be made to pay, and the efforts to fix the MSO can be used to show your good intentions.

3. Stress the Distance Between an MSO’s Ownership and Its Clients

At this point, we still have not seen whether law enforcement’s interpretation of the law will get adopted by a court. Until we know for sure that an indirect payment is enough for anti-kickback liability, a strong defense should be that the MSO’s ownership was too far removed from the MSO’s clients to amount to a violation of the law.

As Dr. Nick Oberheiden, an MSO investigation attorney at Oberheiden P.C., says, “The law is still very much in flux at this point. Kickbacks are generally seen to be direct payments for referrals, and the whole point of the MSO investment opportunity was to avoid that exact setup.”

Oberheiden P.C. © 2022

5 Keys to SEC Compliance Success

The best way to avoid the scrutiny from the Securities and Exchange Commission (SEC) that can lead to significant legal liability is to strictly comply with all of the agency’s rules and regulations. Unfortunately, given the complexity of these regulations and the constantly changing legal landscape of securities laws, such as the Securities Act of 1933 and Securities Exchange Act of 1934, this is much easier said than done.

Here are five keys to SEC compliance.

1. Identify Your Particular Needs

It should be an obvious first step, but many compliance attorneys treat all clients the same and offer a one-size-fits-all approach to complying with the regulations promulgated by the Securities and Exchange Commission (SEC). While this might not be a terrible approach – so long as it is all-encompassing, it will keep your company in line with the SEC across the board – it can saddle your firm with concerns and extraneous internal rules that have no bearing on how you conduct business.

A great example is a cryptocurrency. The SEC is, belatedly, beginning to issue rules and regulations for financial firms that focus on and trade in Bitcoin and other cryptocurrencies. If your brokerage firm is not buying or selling securities in crypto-assets and has no plans to do so soon, then implementing compliance measures for cryptocurrency regulations has no benefit to your company. Those measures will, however, make the regulated securities professionals who work for your firm jump through pointless hoops in the ordinary course of their business.

Adopting a compliance strategy that more precisely meets your company’s needs will let your workers perform to their full capacity while still insulating your firm from legal liability or SEC scrutiny. It will just have to be updated if you choose to expand into new forms of securities trading.

2. Craft an All-Encompassing Compliance Strategy

Based on your firm’s precise regulatory needs, the next key to success is to come up with a compliance strategy that takes into account all of the SEC’s rules that could impact your company. Given the breadth of the SEC’s jurisdiction and the sheer number of regulations that it has put forth, this can take a while.

Once your firm’s legal requirements have been ascertained, the next step is to come up with ways that you can satisfy them during the day-to-day business activities at your firm. This is another reason why every compliance strategy should be tailored to your business – a compliance technique that works well and is easy for one firm may be onerous and inconvenient for another one.

As Dr. Nick Oberheiden, founding partner of the SEC compliance law firm Oberheiden P.C., often tells clients, “All SEC compliance measures should protect the securities firm from SEC liability. However, those measures should also be judged by how burdensome they are on the firm that is employing them. The least inconvenient method to adequately insulate your firm from liability is the best. Learning about a brokerage firm and understanding its strengths and weaknesses and its capabilities help compliance lawyers craft the best solutions for their clients. Unfortunately, one of the most common complaints that securities professionals have about attorneys is that they do not listen to their particular concerns. We strive to do better.”

3. Train, Train, and Retrain Your Workers

No compliance strategy is effective if it is not implemented. Training your employees and workers in the intricacies of the compliance strategy, explaining why it is important for them to follow it strictly, and describing the penalties for noncompliance is the next key to success.

Even here, though, it is not a matter of simply giving your employees a handbook of rules, policies, and procedures to memorize. Just like how the compliance strategy should be tailored to your firm, so too should the instruction materials be tailored to each type of worker at your company. While it can help to train non-regulated administrative staff how to detect the signs of financial misconduct or fraud, there is no reason to bog them down in the details of SEC regulations that only pertain to traders – doing so can overload them with irrelevant information and make them lose sight of what they need to know.

It is also important to remember that training is not a one-time ordeal. New hires must be onboarded and taught the rules of internal compliance. Existing workers should be retrained to keep them apprised of any updates and to ensure that they remember their roles in the compliance protocol.

4. Keep Your Compliance Strategy Updated

Keeping your compliance strategy updated is also essential when it comes to compliance inspections. An out-of-date compliance protocol may still cover many of the bases for SEC compliance. However, there will be gaps in the compliance requirements that you will be unaware of, giving you a false sense of security.

The compliance strategy should not just be updated to account for new SEC regulations, though: It should also get updated whenever your brokerage firm branches out into new types of trading or adds a new kind of financial service to its portfolio. With that new line of business will likely come new SEC regulations to abide by.

5. Audit Yourself Regularly

Even if you have a good compliance program or plan, have trained workers to follow it, and keep the protocols updated, you are still moving forward blindly if you do not regularly conduct internal audits of your company to make sure that those compliance rules are working. Many compliance programs and strategies check off all of the boxes, only to lead to an SEC investigation that finds problems because a single worker did not actually understand how to correctly perform a job task.

These situations of compliance issues are incredibly frustrating. They can also be detected, identified, and corrected through a compliance strategy that includes internal auditing by outside counsel or an SEC compliance attorney with prior experience investigating securities fraud.

Oberheiden P.C. © 2022

Medicare CERT Audits and How to Prepare for Them

CERT audits are an unfortunate part of doing business for healthcare providers who accept Medicare. Failing the audit can mean the provider has to pay back overcharges and be subjected to increased scrutiny in the future. 

The best way to be prepared for a CERT audit is to have a compliance strategy in place and to follow it to the letter. Retaining a healthcare lawyer to craft that strategy is essential if you want to make sure that it is all-encompassing and effective. It can also help to hire independent counsel to conduct an internal review to ensure the compliance plan is doing its job.

When providers are notified of a CERT audit, hiring a Medicare lawyer is usually a good idea. Providers can fail the audit automatically if they do not comply with the document demands.

What is a CERT Audit?

The Comprehensive Error Rate Testing (CERT) program is an audit process developed by the Centers for Medicare and Medicaid Services (CMS). It is administered by private companies, called CERT Contractors, which work with the CMS. Current information about those companies is on the CMS website.

The CERT audit compares a sampling of bills for Medicare fee-for-service (FFS) payments, which were sent by the healthcare provider to its Medicare Administrative Contractor (MAC), against medical records for the patient. The audit looks at whether there is sufficient documentation to back up the claim against Medicare, whether the procedure was medically necessary, whether it was correctly coded, and whether the care was eligible for reimbursement through the Medicare program.

Every year, the CERT program audits enough of these FFS payments – generally around 50,000 per year – to create a statistically significant snapshot of inaccuracies in the Medicare program.

The results from those audits are reported to CMS. After appropriately weighing the results, CMS publishes the estimated improper payments or payment errors from the entire Medicare program in its annual report. In 2021, the CMS estimated that, based on data from the CERT audits, 6.26 percent of Medicare funding was incorrectly paid out, totaling $25.03 billion.

The vast majority of those incorrect payments, 64.1 percent, were marked as incorrect because they had insufficient documentation to support the Medicare claim. Another 13.6 percent were flagged as medically unnecessary. 10.6 percent was labeled as incorrectly paid out due to improper coding. 4.8 percent had no supporting documentation, at all. 6.9 percent was flagged as incorrectly paid for some other reason.

The CERT Audit Process

Healthcare providers who accept Medicare will receive a notice from a CERT Contractor. The notice informs the provider that it is being CERT audited and requests medical records from a random sampling of Medicare claims made by the provider to its MAC.

It is important to note that, at this point, there is no suspicion of wrongdoing. CERT audits examine Medicare claims at random.

Healthcare providers have 75 days to provide these medical records. Failing to provide the requested records is treated as an audit failure. In 2021, nearly 5 percent of failed CERT audits happened because no documentation was provided to support a Medicare claim.

Once the CERT Contractor has the documents, its team of reviewers – which consists of doctors, nurses, and certified medical coders – compares the Medicare claim against the patient’s medical records and looks for errors. According to the CMS, there are five major error categories:

  • No documentation

  • Insufficient documentation

  • Medical necessity

  • Incorrect coding

  • Other

Errors found during the CERT audit are reported to the healthcare provider’s MAC. The MAC can then make adjustments to the payments it sent to the provider.

Potential Repercussions from Errors Found in a CERT Audit

CERT audits that uncover errors in a healthcare provider’s Medicare billings lead to recoupments of overpayments, future scrutiny, and potentially even an investigation for Medicare fraud.

When the CERT audit results are brought to the MAC’s attention, the MAC will adjust the payments that it made to the provider. If the claims led to an overpayment, the MAC will demand that money back.

But Medicare Administrative Contractors (MACs) can go further than just demanding restitution for overpayments. They can also require prepayment reviews of all of the provider’s future Medicare claims, and can even suspend the provider from the program, entirely.

Worse still, CERT audits that uncover indications of Medicare fraud may be reported to a law enforcement agency for further review. This can lead to a criminal investigation and potentially even criminal charges.

Appealing a CERT Audit’s Results

With penalties so significant, healthcare providers should seriously consider hiring a lawyer to appeal the results of a CERT audit.

Appeals are first made to the MAC, requesting a redetermination of the audit results. The request for redetermination has to be made within 120 days of receiving notice of the audit results. However, if the provider wants to stop the MAC from recouping an overpayment in the meantime, it has to lodge the request within 30 days.

Providers can appeal the results of the redetermination, as well. They can request a reconsideration by a Qualified Independent Contractor within 180 of the redetermination, or within 60 days to stop the MAC’s recoupment process.

Providers who are still dissatisfied can appeal the case to an administrative law judge, then to the Medicare Appeals Council, and finally to a federal district court for review.

How to Handle a CERT Audit

The best way to handle and to prepare for a CERT audit is to hire Medicare audit attorneys to guide you through the process. It would also help to start internal audits within the company.

For providers who have been notified that they are under an audit, getting a lawyer on board immediately is essential. An experienced healthcare attorney can conduct a thorough internal investigation of the claims being audited. This can uncover potential problems before the audit points them out, giving the healthcare provider the time it needs to prepare its next steps.

Providers who are not currently being audited can still benefit from an attorney’s guidance. Whether by drafting a compliance plan that will prepare the provider for an inevitable CERT audit or by conducting an internal investigation to see how well a current compliance plan is performing, a lawyer can make sure that the provider is ready for an audit at a moment’s notice.

Taking these preventative steps soon is important. CMS put the CERT audit program on halt for the coronavirus pandemic, but that temporary hold was rescinded on August 11, 2020. While the CMS has reduced the sample sizes that will be used for its 2021 and 2022 reports, it will likely go back to the original numbers after that. Healthcare providers should prepare for this increased regulatory oversight appropriately.

Oberheiden P.C. © 2022

NLRB To Begin Partnering With DOJ To Combat Collusion

The National Labor Relations Board and The Department of Justice joined forces to sign a memorandum of understanding (“MOU”) between the two entities. The MOU follows President Biden’s Executive Order in 2021 aimed at increasing competition in the economy. The NLRB and DOJ plan to coordinate in order to ensure workers are able to freely exercise their rights and to protect competitive labor markets.

According to the DOJ, this new partnership will allow the two agencies to “share information on potential violations of the antitrust and labor laws, collaborate on new policies and ensure that workers are protected from collusion and unlawful employer behavior.” The two agencies plan on greater coordination in information sharing, enforcement activity and training. Furthermore, the two agencies will now refer potential violations that they discover in their own investigations to each other.

For employers, this continues the trend of the federal government stepping up their investigatory and enforcement actions.

© Polsinelli PC, Polsinelli LLP in California

Greenwashing and the SEC: the 2022 ESG Target

A recent wave of greenwashing lawsuits against the cosmetics industry drew the attention of many in the corporate, financial and insurance sectors. Attacks on corporate marketing and language used to allegedly deceive consumers will take on a much bigger life in 2022, not only due to our prediction that such lawsuits will increase, but also from Securities & Exchange Commission (SEC) investigations and penalties related to greenwashing. 2022 is sure to see an intense uptick in activity focused on greenwashing and the SEC is going to be the agency to lead that charge. Companies of all types that are advertising, marketing, drafting ESG statements, or disclosing information as required to the SEC must pay extremely close attention to the language used in all of these types of documents, or else run the risk of SEC scrutiny.

SEC and ESG

In March 2021, the SEC formed the Climate and Environmental, Social and Governance Task Force (ESG Task Force) within its Division of Enforcement. Hand in hand with the legal world’s attention on greenwashing in 2021, the SEC’s ESG Task Force was created for the sole purpose of investigating ESG-related violations. The SEC’s actions were well-timed, as 2021 saw an enormous increase in investor demand for ESG-related and ESG-driven portfolios. There is considerable market demand for ESG portfolios, and whether this demand is driven by institute influencers or simple environmental and social consciousness among consumers is of little importance to the SEC – it simply wants to ensure that ESG activity is being done properly, transparently and accurately.

Greenwashing and the SEC

The SEC has stated that in 2022, it will be taking direct aim at greenwashing issues on many different levels in the investment world. As corporations and investment funds alike increasingly put forth ESG-friendly statements pertaining to their actions or portfolio content, the law has thus far failed to keep pace with the increasing ESG statement activity. It is into this gap that the SEC sees itself fitting and attempting to ensure that the public is not subject to greenwashing. In order to tackle this objective, expect the SEC to focus on the wording used to describe investments or portfolios, what issuers say in filings, and the statements made by investment houses and advisors related to ESG.

From this stem several topics that the SEC’s ESG Task Force will scrutinize, such as: whether “ESG investments” are truly comprised of companies that have accurate and forthright ESG plans; the level of due diligence conducted by investment houses in determining whether an investment or portfolio is “ESG friendly”; how investment world internal statements differ from external public-facing statements related to the level of ESG considerations taken into account in an investment or portfolio; selling “ESG friendly” investments with no set method for ensuring that the investment continues to uphold those principles; and many others.

2022, the SEC, and ESG

Given the SEC’s specific targeting of ESG-related issues beginning in 2021, we predict that 2022 will see a great degree of SEC enforcement action seeking to curb over zealous marketing language or statements that it sees as greenwashing. Whether these efforts will intertwine with the potential for increased Department of Justice criminal investigation and prosecution of egregious violators over greenwashing remains to be seen, but it is nevertheless something that issuers and investment firms alike must closely consider.

While there are numerous avenues to examine to ensure that ESG principles are being upheld and accurately conveyed to the public, the underlying compliance program for minimizing greenwashing allegation risks is absolutely critical for all players putting forth ESG-related statements. These compliance checks should not merely be one-time pre-issuance programs; rather, they should be ongoing and constant to ensure that with  ever-evolving corporate practices, a focused interest by the SEC on ESG, and increasing attention by the legal world on greenwashing claims, all statement put forth are truly “ESG friendly” and not misleading in any way.

Article By John Gardella of CMBG3 Law

For more environmental legal news, click here to visit the National Law Review.

©2022 CMBG3 Law, LLC. All rights reserved.