Health Care Fraud Advisory, FinCEN, Etc Join Forces to Combat Fra

The Headline. Through a March 30, 2026, Healthcare Fraud Advisory (“Advisory,” FIN-2026-A001), the US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) joined other federal law enforcement agencies in placing a “whole-of-government” focus on combating fraud against the federal and state governments. The Advisory urges financial institutions to be vigilant in detecting, preventing, and reporting fraudulent activity targeting governmental healthcare benefits programs, such as Medicare and Medicaid. To facilitate this vigilance, the Advisory identifies 24 new, healthcare-focused “red flags” for financial institutions to watch for and reiterates FinCEN’s whistleblower incentive program.

The Advisory. The Advisory begins by discussing three main healthcare-related fraud concerns: (1) use of shell companies to falsely register as legitimate healthcare companies; (2) filing claims for reimbursement arising from unnecessary, substandard, or nonexistent care; and (3) laundering ill-gotten reimbursements through US and international financial systems. The Advisory then delineates 24 “red flags” that financial institutions should watch for in preventing healthcare fraud (the 24 red flags are reproduced in full below). According to the Advisory, legitimate healthcare reimbursement activity generally follows a standardized and predictable pattern. Consequently, the Advisory cautions financial institutions that sudden changes in a healthcare customer’s account activity—such as sudden increases in the amount of governmental reimbursements or sudden changes of beneficial ownership—paired with other red flags could be indicative of fraudulent activity.

The Advisory concludes with a reference to FinCEN’s whistleblower program, which incentivizes individuals to report violations of the Bank Secrecy Act (BSA) by offering them a share in the penalties that result from their whistleblowing activity. Under the Trump Administration, FinCEN has worked to develop and roll out a whistleblower program that has otherwise been nonexistent compared to other whistleblower programs, like the qui tam provisions of the False Claims Act.

The Big Picture. Preventing fraud against the government continues to increase in priority from an already prioritized position. While the federal government’s heightened focus on benefits fraud may initially inspire the notion that fraudsters will be caught and punished more frequently, it is at least as likely—if not more likely—that fraud-prevention obligations will land increasingly more on financial institutions. Clients can expect that FinCEN and other banking regulators will use the BSA to punish financial institutions that facilitate or are complicit in their customers’ healthcare fraud. Financial institutions are likely to see heightened scrutiny of their transaction monitoring system, their SAR filing decisions (especially the decision to not file a SAR on healthcare customers who trigger an alert), and their customer due diligence processes, both in the account-opening phase and in ongoing customer due diligence.

With that in mind, financial institutions should take special care to review and verify the activity of their healthcare-related customers, measuring the activity against both the red flags identified in the Advisory and the institutions’ existing risk-based BSA/AML policies and procedures. In that vein, financial institutions should assess whether their existing AML risk assessments adequately account for potential exposure to healthcare fraud (e.g., does the financial institution have a concentration of clients in the healthcare sector?) and should make corresponding improvements if necessary. When considering whether to file a SAR on healthcare-related activity, financial institutions should keep detailed records about the decision-making process. Financial institutions should also confirm that their third-party transaction monitoring vendors are aware of this Advisory and have updated their monitoring services accordingly. Finally, financial institutions should ensure their internal reporting channels are effective given FinCEN’s continued encouragement of whistleblowing activity.

Red Flags

1. 🚩 A customer with neither legal permanent residence in the United States nor significant experience in the health care industry (e.g., based on the customer’s stated occupation) tries to open a bank account as the owner or employee of a recently established or purchased health care provider or supplier registered with a Health Care Benefit Program.
2. 🚩 A customer is a health care provider or supplier registered with a Health Care Benefit Program that has beneficial owners with prior health care or government benefits fraud convictions.
3. 🚩 A customer is the nominal or beneficial owner of a health care provider or supplier registered with a Health Care Benefit Program and has familial or business affiliations with individuals with health care or government benefits fraud convictions.
4. 🚩 A customer is a health care provider or supplier registered with a Health Care Benefit Program, and the account is accessed through an Internet Protocol (IP) address or Device ID that is linked to multiple accounts at the financial institution or other financial institutions or connected to foreign jurisdictions.
5. 🚩 A customer is a health care provider or supplier registered with a Health Care Benefit Program and has nominal and beneficial owners listed on the account who also appear on bank accounts for other separate and distinct health care providers or suppliers.
6. 🚩 A customer is a recently established or purchased health care provider or supplier registered with a Health Care Benefit Program, and there are changes in the individuals listed as beneficiaries of the corporate account without a change to the name or Tax Identification Number on the account.
7. 🚩 A customer that is a recently established or purchased health care provider or supplier receives a significant amount of reimbursements from a Health Care Benefit Program or commercial insurers and then immediately transfers those funds to other recently established companies with the same nominal or beneficial owners, little to no online presence, and other indicators of illicit shell company activity.
8. 🚩 A customer is a recently established health care provider or supplier that receives a significant number of reimbursements from a Health Care Benefit Program or commercial insurers soon after starting operations.
9. 🚩 A customer is a health care provider or supplier registered with a Health Care Benefit Program that is receiving a significant increase in reimbursements soon after a change in beneficial ownership.
10. 🚩 A customer is a health care provider or supplier that suddenly has a significant increase in reimbursements from Health Care Benefit Programs or commercial insurers.
11. 🚩 A customer is a recently established or purchased health care provider or supplier registered with Health Care Benefit Programs or commercial insurers that receives a significant amount of reimbursements inconsistent with the customer’s profile (e.g., receiving a significant amount of payments from Medicare Part A and Part B MACs for reimbursements beyond the expected activity of other similar health care providers or suppliers).
12. 🚩 A customer is a health care provider or supplier that receives significant volumes of reimbursements from a Health Care Benefit Program or commercial insurers but has little to no legitimate business expenses associated with the provision of health care goods and services (e.g., receiving reimbursements from DME MACs but little to no purchases of DME).
13. 🚩 A customer is a health care provider or supplier that receives a significant volume of reimbursements from a single Health Care Benefit Program as opposed to other customers that receive reimbursements from multiple Health Care Benefit Programs (e.g., a customer is receiving a significant amount of reimbursements from one MAC for only one type of health care good or service such as DME).
14. 🚩 A customer is a health care provider or supplier with a significant amount of transactional activity consisting of “consulting fees,” “marketing fees,” and other nondescriptive, repetitive invoices.
15. 🚩 A customer is a health care provider or supplier that receives a significant volume of reimbursements from a Health Care Benefit Program and transfers the funds to another company registered to a residential address.
16. 🚩 A customer is a health care provider or supplier that has outgoing transactions to, or expenditures related to, companies that have no apparent related nexus to the health care industry. This could include residential real estate and luxury goods such as art or jewelry.
17. 🚩 A customer is a health care provider or supplier with consistently low to moderate billing for a year or more and then suddenly begins to file a large number of claims (i.e., spike billing).
18. 🚩 A customer is a health care provider or supplier with a pattern of making significant cash withdrawals for no readily apparent business reason.
19. 🚩 A customer is a health care provider or supplier with a significant increase in cash withdrawals correlating to a significant increase in billings (i.e., customer is potentially paying kickbacks).
20. 🚩 A customer is a health care provider or supplier that is transferring a significant volume of funds to individuals via high-value checks.
21. 🚩 Without credible explanation, a customer routinely cashes high-value checks drawn from accounts associated with a health care provider or supplier.
22. 🚩 A customer that is a health care provider or supplier, or the customer’s employee, engages in behavior suggesting efforts to evade the Currency Transaction Report (CTR) reporting requirement (e.g., alters or cancels a transaction when advised a CTR would be filed or engages in structuring with multiple cash transactions for under $10,000), as well as avoid recordkeeping requirements.
23. 🚩 A customer is a recently established or purchased health care provider or supplier registered with a Health Care Benefit Program that sends a significant amount of wire transfers to individuals and companies located in foreign jurisdictions.
24. 🚩 A customer is a health care provider or supplier registered with a Health Care Benefit Program that sends money transfers to VASPs, brokerage accounts, and online betting platforms for no seemingly legitimate business reason.