Questions? Call Us: 857-328-0382

Schedule a free 15 min. consult cparrella@parrellahealthlaw.com

Medicare and Medicaid at Risk: OIG Report Uncovers Widespread Electronic Funds Transfer Fraud

Posted on April 3, 2025 by Parrella Health Law
law gavel stethoscope Health care business rules concept

By: Christopher Parrella, Esq., CPC, CHC, CPCO
Parrella Health Law, Boston, MA.
A Health Care Provider Defense and Compliance Firm

Electronic funds transfer (EFT) fraud is emerging as a major threat to Medicare and Medicaid payments, potentially diverting millions of taxpayer dollars from providers to fraudsters. According to a newly released report by the Department of Health and Human Services Office of Inspector General (OIG), two-thirds of surveyed Medicare and Medicaid payors reported being targeted by fraudulent EFT schemes, many of which were frequent and recurring.

The scope of this fraud is alarming. Between 2020 and 2022, criminals posing as hospital providers successfully diverted an estimated $26.5 million in payments intended for legitimate providers. Some Medicare Administrative Contractors (MACs) and State Medicaid agencies have already lost up to $1 million per incident, with fraudsters using phishing, impersonation, and insider attacks to manipulate EFT authorizations.

How EFT Fraud Works

EFT fraud schemes typically involve:

  • Phishing Attacks: Fraudsters trick employees into revealing sensitive information.
  • Impersonation Attacks: Criminals submit fraudulent bank account change requests, pretending to be legitimate providers.
  • Insider Threats: Individuals within organizations abuse their access to facilitate unauthorized transfers.

Weaknesses in Current Safeguards

While some payors have adopted best practices like verified communication channels and knowledge-based authentication methods, significant gaps remain. The OIG report found:

  • Less than 25% of surveyed MACs and Medicaid agencies use multifactor authentication.
  • Many still allow paper-based EFT change requests, increasing vulnerability to fraud.
  • Several agencies struggle to maintain up-to-date provider contact information, making validation efforts ineffective.

Government Response and OIG Recommendations

The Centers for Medicare & Medicaid Services (CMS) has taken steps to mitigate these risks, including:

  • Implementing multifactor authentication for provider enrollment systems.
  • Strengthening guidance for EFT verification.
  • Encouraging MACs to coordinate fraud detection efforts.

Protecting Provider Payments

With billions of taxpayer dollars at stake, addressing EFT fraud must be a priority for both government agencies and healthcare providers. Strengthening security measures, enhancing fraud detection, and fostering collaboration across the industry are essential steps to ensure that Medicare and Medicaid payments reach the providers who need them—not criminals exploiting system weaknesses.

If you have concerns about EFT fraud prevention in your organization, Parrella Health Law can help. Contact us at 857.328.0382 or reach out to me directly at cparrella@parrellahealthlaw.com.

Christopher A. Parrella, Esq., CPC, CHC, CPCO, is a leading healthcare defense and compliance attorney at Parrella Health Law in Boston. With extensive experience in healthcare law, he provides robust legal support in areas including regulatory compliance, audits, healthcare fraud defense, and reimbursement disputes. Christopher emphasizes client-centered advocacy, offering one-on-one consultations for personalized guidance. His proactive approach helps clients navigate complex healthcare regulations, ensuring compliant operations and defending against government investigations, audits, and overpayment demands.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *