Healthcare Fraud: Strong Enforcement Drives Compliance Investment

Healthcare Companies Face Heightened FCA Scrutiny; Strong Compliance Mitigates Risk

  • February 06, 2026

Faced with mixed signals on the current administration’s regulatory priorities, healthcare fraud remained a top focus in 2025. The False Claims Act (“FCA”) continues to be an extraordinarily effective tool for federal prosecutors when enforcing healthcare laws. FCA settlements and judgments reached an all-time high of $6.8 billion in FY 2025, more than double the previous year’s total of $2.9 billion, with matters involving the healthcare industry accounting for $5.7 billion in recoveries.1,2 Whistleblowers are responsible for the vast majority of FCA cases and recoveries. Settlements and judgments from qui tam lawsuits totaled more than $5.3 billion reported by the U.S. Department of Justice (“DOJ”) in the past year.3 A strong healthcare compliance program remains vital to successfully navigate the ever-evolving regulatory and enforcement landscape.

Healthcare Fraud Enforcement Continues To Dominate

All indicators point to 2026 being another significant year for fraud enforcement in the healthcare sector. A recent nationwide investigation known as Operation Gold Rush resulted in the largest loss amount ever charged in a healthcare fraud case, according to the DOJ.4 Using a network of foreign straw buyers, a multinational criminal organization submitted $10.6 billion in fraudulent healthcare claims to Medicare for urinary catheters and other durable medical equipment by exploiting the stolen identities of more than one million Americans. The fraud was uncovered by the DOJ’s data analytics team, which detected suspicious billing activity and prevented roughly $4.4 billion in additional claims from being paid by Medicare.5

Operation Gold Rush was part of a larger initiative, the 2025 National Health Care Fraud Takedown, that resulted in criminal charges against 324 defendants for their alleged participation in various healthcare fraud schemes involving more than $14.6 billion in losses. The Takedown was led by the DOJ, in partnership with the Department of Health and Human Services’ Office of the Inspector General (“HHS-OIG”), the FBI, the Drug Enforcement Administration (“DEA”), and other federal and state law enforcement agencies.6

The revitalization of the False Claims Act Working Group between the DOJ and HHS in mid-2025,7 combined with the administration‘s move in 2026 to create a new DOJ division for national fraud enforcement, signals a strong and enduring focus on investigating fraud schemes affecting federal programs and federally funded benefits, among other areas.8

Companies facing FCA suits and parallel criminal investigations can be subject to a broad range of highly punitive measures, including 3x damages, criminal liability, increased compliance obligations and oversight, and potential debarment from federal healthcare programs.9 Having an effective compliance and ethics program can substantially mitigate the risk of these outcomes. Despite this, many companies tend to be reactive, rather than proactive. As a result, by the time the DOJ comes knocking, it’s often too late for healthcare organizations to act.

Investment in Corporate Compliance Is Essential

While media outlets reported that the DOJ experienced attrition of approximately 4,000 employees during the first half of 2025,10 enforcement of the federal healthcare laws has not slowed down, and companies operating in the healthcare space remain at risk. To mitigate the risk, healthcare companies are wise to invest in their compliance programs. An effective compliance program can serve as both a sword and a shield. In addition to mitigating the risk of healthcare law violations and related consequences, an effective compliance program may help a company avoid some of the more punitive outcomes of a DOJ investigation, including criminal liability,11 the imposition of a monitor12 and enhanced penalties.13

While it is strongly recommended that healthcare companies proactively build out a compliance program, the DOJ considers the effectiveness of a company’s compliance program both “at the time of the offense, as well as at the time of the charging decision” to determine the appropriate resolution and related penalties.14 For companies that decide to address compliance deficiencies only after a DOJ investigation has commenced, they may find that it is more costly, time-consuming and distracting to operations.

In building an effective compliance program, both the DOJ and HHS-OIG have issued numerous guidance documents that outline general compliance principles. It is well established that an effective compliance program includes the following seven elements:

  • Written policies and procedures
  • Compliance leadership and oversight
  • Training and education
  • Effective lines of communication with the compliance officer and disclosure program
  • Enforcing standards: consequences and incentives
  • Risk assessment, auditing and monitoring
  • Responding to detected offenses and developing corrective action initiatives15

The corporate compliance guidelines from the DOJ and HHS-OIG are neither comprehensive, nor do they establish a rigid formula or “model compliance program” for companies.16 Instead, each company’s compliance program should be tailored to its individual risk profile. Each company must, however, ensure that its compliance program is “well-integrated into the company’s operations and workforce” and “adequately designed for maximum effectiveness in preventing and detecting wrongdoing by employees….”17 Importantly, the DOJ does not expect perfection, recognizing instead that “no compliance program can prevent all criminal activity by a corporation’s employees.”18

An effective compliance program supports operations, fosters a culture of integrity and helps detect and prevent healthcare law violations. Building an effective compliance program requires buy-in at all levels of the organization, appropriate resourcing and investment. These investments can pale in comparison to the costs incurred by a company navigating a DOJ investigation, which can include attorneys’ fees, reputational harm and operational disruptions, among many others. Companies with exposure to these types of risks should therefore assess the effectiveness of their compliance programs and proactively address gaps before regulatory scrutiny arises.

Footnotes:

1: “False Claims Act Settlements and Judgments Exceed $2.9B in Fiscal Year 2024”, U.S. Department of Justice (January 15, 2025).

2: “False Claims Act Settlements and Judgments Exceed $6.8B in Fiscal Year 2025,” U.S. Department of Justice (January 16, 2026).

3: Ibid.

4: “11 Defendants Indicted in Multi-Billion Health Care Fraud Scheme, the Largest Case by Loss Amount Ever Charged by the Department Of Justice,” United States Attorney’s Office (Eastern District of New York) (June 30, 2025).

5,6: “National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud,” U.S. Department of Justice (June 30, 2025).

7: “DOJ-HHS False Claims Act Working Group,” U.S. Department of Justice (July 2, 2025).

8: Knight, Jack, et al, “White House Unveils Landmark Initiative: New DOJ Fraud Division to Be Directly Overseen by Administration,” Winston & Strawn website, (Jan. 15, 2026).

9: “Fraud and Abuse Laws,” U.S. Department of Health and Human Services Office of Inspector General.

10: “4,000 employees took "fork in the road" at Justice Dept., with more cuts to come,” CBS News (June 17, 2025).

11: “Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy,” U.S. Department of Justice (May 12, 2025); “9-28.000 Principles of Federal Prosecution Of Business Organizations,” U.S. Department of Justice (2023).

12: “Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime,” U.S. Department of Justice (May 12, 2025), at 7.

13: U.S. Sentencing Guidelines, § 8C2.8.

14: “Evaluation of Corporate Compliance Programs,” U.S. Department of Justice (September 2024), at 1.

15: “General Compliance Program Guidance,” U.S. Department of Health and Human Services Office of Inspector General (November 2023), at 32.

16: Ibid. at 8.

17: “Evaluation of Corporate Compliance Programs,” U.S. Department of Justice (September 2024), at 2.

18: “Corporate Compliance Programs,” U.S. Department of Justice, Justice Manual § 9-28.800, (updated March 2023).

Related Information

Published

February 06, 2026

temp Key Contacts

Brett Barlag

Senior Managing Director

Terrence Brody

Senior Managing Director

Most Popular Insights

  1. Beyond Cost Metrics: Recognizing the True Value of Nuclear Energy
  2. Finally, Pundits Are Talking About Rising Consumer Loan Delinquencies
  3. A New Era of Medicaid Reform
  4. Turning Vision and Strategy Into Action: The Role of Operating Model Design
  5. The Hidden Risk for Data Centers That No One is Talking About

Sign up to get access to FTI Consulting Insights

Subscribe