Program Integrity Alliance
All Insights

Invest in More Fraud Rooms

GovIntegrityMay 18, 2026
Invest in More Fraud Rooms

In a hearing before the House Ways and Means Committee last month, a California hospice industry leader asked what should have been an unanswerable question: “How do you put a hospice in a burrito stand in California?”

It was more than just rhetorical. Fraudulent hospice providers in Los Angeles County had been registered to a burrito restaurant, an auto body shop, and a demolished building. They had passed licensure reviews, obtained accreditation, and billed Medicare — for years. CMS had been warned about the problem as far back as 2019. The Biden administration received a detailed briefing in September 2024 and took no meaningful action.

The Trump administration eventually suspended payments to 450 hospice providers in LA County alone, and CMS’s new Fraud Detection Operation Center, aka the “fraud room,” has reportedly saved $2 billion in less than a year.

The question worth asking is not whether the fraud room represents an improvement over what came before — it almost certainly seems to be. The question is why it took until 2025 to build something like it, what that delay cost taxpayers, and whether an agency that spent billions on a broken architecture has actually learned from its mistakes or simply rebranded them.

The uncomfortable truth is that CMS spent billions on fraud prevention infrastructure without ever fully diagnosing what it was trying to fix.

By the time hospice fraud reached epidemic scale in California, CMS already had the Fraud Prevention System, launched in 2011. It had Recovery Audit Contractors, Unified Program Integrity Contractors, Zone Program Integrity Contractors, Supplemental Medical Review Contractors, and a growing ecosystem of private integrity vendors. Together, they formed an expensive, fragmented apparatus that generated alerts, referred cases, and kept paying claims while schemes scaled into the billions.

The fundamental problem was never a lack of oversight contractors. It was that no single operational layer had continuous visibility across identity, ownership, enrollment, billing, and payment activity at the same time.

Enrollment contractors processed applications. Integrity contractors investigated billing anomalies. Law enforcement pursued criminal cases. State agencies handled licensure. Each entity saw its piece of the picture and none of them saw the whole thing.

CMS kept adding capacity to a broken architecture instead of fixing the architecture itself. The result was a system that spent heavily on fraud prevention while remaining structurally incapable of stopping fraud in real time. Taxpayers funded both the schemes and the apparatus that failed to catch them.

That’s not a resource problem. It’s a diagnosis problem. And it wasn’t unique to healthcare.

What makes the FDOC different is the operational integration, at least in theory. For the first time, data scientists, investigators, clinicians, payment officials, and law enforcement personnel are reportedly working in the same room, reviewing the same signals, and making intervention decisions together before payments leave the Treasury. A private insurer at the hearing noted that collaboration with CMS has never been better, and that CMS is now sharing suspended provider lists with commercial plans in real time. If that’s accurate and sustainable, it represents a genuine shift from how CMS has historically operated.

The early numbers are notable. CMS reported $2 billion in savings in less than a year. That figure deserves neither uncritical celebration nor immediate dismissal. It comes from an agency with a long history of announcing fraud prevention milestones that didn’t hold up to scrutiny over time, and the methodology behind it hasn’t been independently verified. What it does suggest is that the integrated operational model — shared data, shared authority, real-time intervention — produces better results than the fragmented contractor ecosystem it is meant to replace.

That much seems right. Whether the FDOC represents a genuine institutional transformation or a well-funded pilot that stalls when the political attention moves on is a question only time and independent oversight will answer. But in the meantime, we should look to replicate the core concept, because we know it works.

A Government-wide Problem

The federal government has no cross-program fraud infrastructure with real authority, real data access, and real funding behind it. What it has instead is a collection of program-specific oversight mechanisms that organized fraud networks have learned to exploit with remarkable efficiency.

The patterns are consistent across programs. Fraud rings that hit Medicare also hit Medicaid. The same shell company infrastructure that enabled COVID relief fraud showed up in unemployment insurance schemes and small business lending programs. The same stolen identity networks that enrolled fake hospice patients have been used to fraudulently claim benefits across multiple federal programs simultaneously. The connective tissue between these schemes is visible — but only if someone is authorized to look across programs at the same time.

Most federal agencies are not. Outdated privacy statutes, fragmented data systems, and siloed program administration mean that investigators typically see one arm of the operation without being permitted to see the body. Fraud networks have industrialized. The government’s response remains largely artisanal.

Countries including the United Kingdom, Australia, and New Zealand have built centralized fraud authorities responsible for coordinating detection, analytics, and prevention across public programs. The United States still manages fraud program-by-program, with no single entity responsible for cross-government fraud strategy, no shared real-time data infrastructure, and no mechanism for identifying coordinated schemes before they scale.

That gap is the predictable result of treating fraud prevention as a compliance obligation rather than an operational mission — and funding it accordingly.

War-fighting without Weapons

Congress and the White House have never had trouble declaring war on fraud. The actual investment required to fight it is another matter.

The pattern is familiar. A scandal breaks. Hearings are held. Legislation passes directing agencies to strengthen program integrity, modernize oversight, and eliminate waste. Executive orders establish task forces and working groups with ambitious mandates. And then the funding to build the tools, hire the analysts, integrate the data systems, and staff the operational infrastructure either never materializes or arrives at a fraction of what the mandate requires.

OMB’s recently revised Circular A-123 is a recent example. It explicitly directs agencies to treat fraud as a management risk, integrate fraud scenarios into enterprise risk assessments, and prioritize preventive controls. Those are the right instincts. But the circular carries no dedicated funding, no requirement to deploy real-time transaction screening, and no mechanism to break down the data sharing barriers that let coordinated fraud networks operate across program boundaries undetected. Aspiration without investment is not a fraud strategy.

The same dynamic plays out in congressional fraud-fighting legislation. Bills pass with strong findings sections and weak appropriations. Agencies are directed to do more with existing resources, which in practice means fraud prevention competes with program delivery for the same constrained budget — a competition fraud prevention routinely loses. Program managers are still evaluated primarily on how efficiently they move money out the door, not on how effectively they protect it from criminal exploitation.

Rarely have we seen so many initiatives aimed at stopping government fraud achieve so little of the infrastructure investment needed to actually do so.

Scale the Fraud Room

The fraud room is not a finished product, it’s a proof of concept — and an expensive one, given what it cost in lost taxpayer dollars to finally arrive at a model the private sector and several peer governments have used for years.

But it demonstrates that you give investigators, analysts, and payment officials shared data, shared tools, and shared authority to act in real time, fraud prevention starts functioning like an operational mission. Seen another way, the $2 billion in savings CMS reported in less than a year is evidence of how much was being lost while the old architecture stayed in place.

Scaling that model across the federal government is not a technology problem. The tools exist. The fraud patterns are visible to anyone authorized to look across programs simultaneously. What’s missing is the political will to fund the infrastructure, modernize the legal framework for data sharing, and hold agencies accountable for fraud outcomes rather than just process compliance.

The burrito stand hospice passed licensure, obtained accreditation, and billed Medicare. It did so because the system was designed to move money efficiently, not to verify that the money was going somewhere real. That design flaw runs across federal programs, and fixing it requires sustained investment — not another task force, not another circular, and not another hearing where everyone agrees the problem is serious and nothing structurally changes afterward.

Early results indicate that the fraud room model works. Now scale and fund it.

Article first posted on GovIntegrity.