The headline on Medicare last  week was astounding — $60 billion (not million) was lost each year to Medicare fraud, large numbers of fraudulent providers were providing fake or badd addresses – meaning locations including hamburger stands, vacant lots, mailbox shops. According to a recent GAO report (here), Medicare pays money to fraudsters at approximately 23,400 fake or bad addresses (22 percent of all provider addresses).

Medicare suffers a persistent weakness — Medicare enrolls entities intent on defrauding the Medicare program.

Forgive me for a little bit of sarcasm here, but don’t you think Medicare could benefit from some of the compliance program requirements that the government normally imposes on companies? Has Medicare ever heard of a due diligence screening process for initial enrollees?

A basic due diligence program will verify a third party, vendor, supplier address. Maybe some companies should offer to help CMS when enrolling new medical providers.

In 2013, an IG report found that verifying addresses was essential for identifying fraud risks. Yet, CMS continues to be dogged by so-called doctors seeking reimbursement for medical procedures provided from fake or bad addresses.

Medicare paid $600,000 to an ineligible mailbox shop location in Chicago, next to a pron shop – there was no doctor’s office there.

The solution is more simple than you think – CMS has failed to use a US Postal Service program that could tell CMS the type of building associated with the address. That would be a good first step.

The Affordable Care Act provided CMS with some tools to screen providers and identify those at risk of fraud – CMS is authorized to require fingerprints, conduct unannounced site visits and revalidate a Medicare enrollee.  CMS efforts resulted in a savings of $2.4 billion, but the recent report highlighted that there is still much work to do.

In addition to the address verification problem, the GAO report determined that CMS failed to verify that a medical provider was licensed. Hundreds of physicians have had their licenses revoked for crimes or other misconduct. These physicians have been able to circumvent the Medicare exclusion by moving to another state and then resuming billing of Medicare for services. States do not share such information and Medicare does not have the ability to cross-check state licensing records to verify a doctor’s license, even when the doctor has been previously convicted of healthcare fraud.

Taking all this into account, you have to wonder what type of due diligence screening process CMS maintains.

Why is the government not able to establish its own due diligence screening program to verify basic information? Even a simple search of Google Earth could be used to view a potential doctor’s location and verify whether or not it is a hamburger stand or a doctor’s office.

It is more than ironic in this case – if a private company maintained such a poor due diligence system, you can bet the government would site that deficiency when resolving a series of violations.

The recent GAO report underscores the basic flaw in the government’s healthcare fraud strategy – it is called “pay and chase. The government pays the Medicare claims, eventually finds that fraud is being committed, and then chases the fraudster to recover as much money as possible. Typically, the government’s recovery of fraud dollars is $1 for every $5 stolen.

A proactive compliance strategy is a much better investment. Allocating resources to conducting real and meaningful pre-payment screening of potential providers would result in earlier identification of fraudsters and avoidance of fraud losses. Common sense dictates that money on the front-end is a much better investment.