Key Takeaways From FinCEN's COVID Health Fraud Alert

By John Cunningham and Karima Tawfik
Law360 is providing free access to its coronavirus coverage to make sure all members of the legal community have accurate information in this time of uncertainty and change. Use the form below to sign up for any of our weekly newsletters. Signing up for any of our section newsletters will opt you in to the weekly Coronavirus briefing.

Sign up for our Asset Management newsletter

You must correct or enter the following before you can sign up:

Select more newsletters to receive for free [+] Show less [-]

Thank You!



Law360 (March 15, 2021, 5:35 PM EDT) --
John Cunningham
John Cunningham
Karima Tawfik
Karima Tawfik
The Financial Crimes Enforcement Network, or FinCEN, of the U.S. Department of Treasury sounded the alarms recently with its advisory urging financial institutions to remain vigilant and, as necessary, allocate enhanced compliance resources to deter and detect COVID-19-related schemes connected to health care entities, health insurance, health benefit programs and pandemic relief funds.

Since the public health emergency declaration of Jan. 31, 2020, by the U.S. Department of Health and Human Services, U.S. law enforcement and regulatory agencies have identified numerous instances of fraud involving the exploitation by individuals and companies of Medicare, Medicaid, Tricare and other health care programs to illegally line their pocket; and as the pandemic continues, so does the fraud risk.

Indeed, the pandemic and resulting changes to the health care landscape have introduced new means for scammers to seek out money trails, both through federal funding and private insurance, to redirect for their own benefit — and many schemes are utilizing cyber technology to spin up significant financial frauds.

To assist in countering these scams, which have increased in recent months, and activate heightened awareness, FinCEN's advisory provides key guidance on:

  • What constitutes COVID-19-related fraud;

  • The types of red flag indicators that financial institutions should look for in detecting, deterring and preventing suspicious transactions associated with the COVID-19 pandemic; and

  • The importance of effectively reporting suspicious activity via FinCEN's automated suspicious activity report, or SAR, process.

Key Takeaways

In the advisory, FinCEN warns financial institutions of a continued upsurge in fraudulent activity tied to health care or health insurance services amid the COVID-19 pandemic. These frauds primarily target Medicare, Medicaid and the Children's Health Insurance Program, Tricare, the health care programs of the U.S. Department of Labor and U.S. Department of Veterans Affairs, and private health insurance companies.

In light of the breadth of the various frauds being perpetrated, financial institutions are cautioned to keep a keen eye out for an increase in prohibited activity relating to unnecessary services, billing schemes, kickbacks, technology oddities, telefraud and telehealth schemes, fraud in obtaining relief funds, and identity theft.

Moreover, according to FinCEN, billing schemes taking advantage of the COVID-19 pandemic have been particularly brazen.

For example, federal authorities recently indicted[1] New York-area pharmacy owners Peter Khaim and Arkadiy Khaimov for an alleged $30 million fraud and money laundering scheme that involved pharmacists hired to pretend to supervise pharmacies in order to obtain licenses and insurance plan credentials.

The alleged culprits used COVID-19 emergency billing codes to submit fraudulent claims to Medicare, for which they were paid for medications never purchased by the pharmacies, prescribed by physicians or actually dispensed.

FinCEN also cautions that companies have sought to capitalize on the national emergency for financial gain by defrauding investors and health care benefit programs.

This appears to be the case[2] in a matter involving Mark Schena, the president of a California medical technology company called Arrayit Corp., who allegedly paid kickbacks to marketers and doctors to run expensive allergy screening tests on all patients, regardless of medical necessity, in combination with COVID-19 testing — amassing over $69 million in fraudulent claims.


The Details

Primary Categories of Illicit Activity


As FinCEN cautions, COVID-19 expert fraudsters and common criminals alike are seeking out new currents of money created by virtue of the pandemic and associated health care benefit programs, health insurance services and health care relief funds to intercept and redirect for their own gain. These schemes have, according to FinCEN, manifested in several representative types of illicit activity.

Financial institutions should be aware, for instance, that entities may order or submit claims for expensive screening or services that do not test for COVID-19 — such as medically unnecessary respiratory and allergy testing, genetic testing and narcotics screening — by deceptively pairing them with COVID-19 testing.

Fraudsters may also obtain funds from health care programs by upcoding — an illegal practice whereby a provider bills the insurance company for higher and more expensive levels of medical service than were actually performed — or unbundling, wherein a provider tries to skirt Medicare or Medicaid rules, which call for billing procedures commonly performed together as a group, by billing them separately.

Individuals, pharmacies, medical technology companies and others seeking to exploit the pandemic, FinCEN advises, are also turning to technology and data phishing to commit financial crimes.

They may, for example, illegally collect personally identifiable information, including Medicare information, and engage in other forms of identity theft through telefraud and telehealth schemes by linking their requests for information to COVID-19 treatment and prevention, such as testing or protective equipment.

Moreover, FinCEN emphasizes that financial institutions should of course continue to attentively monitor for conventional fraud schemes like kickbacks or bribes, which could be paid, for example, to purported marketing groups or service providers in exchange for ordering testing and services.

Finally, financial institutions should keep an eye out for transactions pointing to swindlers making false representations about COVID-19 testing, treatments or cures to defraud insurance carriers or manipulate financial markets. And other offenders are obtaining health care relief funds by simply filing false claims.

Significant Red Flags That May Signal COVID-19 Fraud

Financial institutions play a stopgap role in safeguarding the financial system from nefarious schemes, particularly during times of significant market challenges. As we approach the one-year mark of the COVID-19 stay-at-home orders and lockdowns, now is an ideal time to reevaluate risk, compliance resources and transaction monitoring to maximize the ability to capture COVID-19 red flags.

For example, as FinCEN states, banks should be actively monitoring for billing schemes through which a provider's account receives payments far above its estimated business transactions — or even payments at the same volume despite diminished activity during COVID-19, such as a nonemergency medical transport company receiving extensive or abnormal payments during extended stay-at-home periods.

FinCEN also calls on financial institutions to spotlight companies receiving steep increases in health care benefit programs or health insurance payments, particularly when the account(s) did not previously receive health care-related insurance payments before the Jan. 31, 2020, public health declaration.

Similarly, a purported lab or health care service provider that has a minimal web presence or that exploded financially at the time of the COVID-19 public health declaration would raise suspicion.

Furthermore, FinCEN underscores that financial institutions can protect COVID-19 relief funds from falling into the hands of fraudsters by identifying overly complex transactions involving multiple counterparties and/or health service payments unsupported by documentation showing that the provider(s) actually rendered legitimate services.

Likewise, accounts with no prior association to health care services that suddenly receive COVID-19-related relief payments, followed shortly thereafter by a withdrawal of those funds, should be earmarked as potentially deviant by bank compliance officials or monitoring technology.

FinCEN also implores financial institutions to hone in on more traditional indicators of fraud, which have been particularly prevalent during the pandemic.

These would include, for instance: (1) health care businesses in one location with most patients located in other places; (2) a health care business account with unusual activity, including, for instance, payments to car dealers, travel agents, or luxury retailers; and (3) unusually large payments recorded as consulting fees, advertising, or marketing payments.

Perhaps most importantly, as the pandemic continues, it is critical that, whenever a financial institution detects one or more red flags relating to health care industry customers, COVID-19 or pandemic relief funds, it should promptly file a SAR with FinCEN, to include all relevant information, as a collaborative effort with law enforcement and regulators to stymie health care and insurance fraud.

Further, financial institutions are counseled to reference the name of the new FinCEN advisory, FIN-2021-A001, in the SAR and highlight the connection between the reported activity and the issues underscored in the advisory.

Conclusion: Specific Risks, Targeted Compliance

FinCEN strategically released this milestone alert for financial institutions at the one-year mark of the pandemic.

In addition to providing a specific regulatory and law enforcement road map at an absolutely crucial time during COVID-19, and serving as an impetus for banks and other financial institutions to deter pandemic-related health care fraud, it is concurrently calling on financial institutions to reassess risk and enhance compliance programs to account for novel areas of fraud borne of the pandemic.

Indeed, FinCEN acknowledges throughout the alert that financial institutions have a pivotal role in safeguarding the financial system from abuse, particularly during times of national and global crises. Accordingly, financial institutions would be wise to interpret this alert as a call to action on compliance and take the opportunity, as resources permit, to recalibrate transaction monitoring for COVID-19 fraud.

Such vigilance will serve the twin goals of helping to protect financial institutions from unwanted scrutiny by regulators and/or law enforcement and mitigating pandemic-era health care schemes.

In light of the above, and as we enter the next phase of the COVID-19 pandemic, consider the following best practice recommendations for fine-tuning your compliance program, with a focus on monitoring and oversight:

1. Review and update your institution's latest risk assessment with a focus on fraud detection policies and procedures to enhance your compliance program to address the unique health care fraud risks during the pandemic, as spotlighted in FinCEN's advisory.

2. Ensure that remote and teleworking platforms are designed with robust oversight measures to minimize data and monitoring risks that may arise, for example, due to typically restricted systems that are now open for remote access during the pandemic.

3. Examine and reconcile customer accounts on a daily basis to probe for discrepancies in amounts or in frequency of transactions to help expose suspicious activity in real time.

4. Take enhanced steps to verify customer identity and the authenticity of disbursement protocols; and recommend that customers have a trusted contact person, especially for seniors and others who are more vulnerable targets for pandemic-related schemes.

5. Augment protocols to reflect current COVID-19-related challenges, including increased supervision of employees in market sectors experiencing increased volatility or fraud risk.

6. Design and implement updated, customized personnel training to address new and devious COVID-19 scams, suspicious activities and emerging cybersecurity risks.

7. Communicate and collaborate actively with supervisory personnel on planning strategies designed to keep regulators updated on material developments affecting operations.



John P. Cunningham is a shareholder and Karima Tawfik is an associate at Buchanan Ingersoll & Rooney PC.

The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.


[1] https://www.justice.gov/usao-edny/pr/two-owners-new-york-pharmacies-charged-30-million-covid-19-health-care-fraud-and-money.

[2] https://www.justice.gov/opa/pr/medical-technology-company-president-charged-scheme-defraud-investors-and-health-care-benefit.

For a reprint of this article, please contact reprints@law360.com.

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!