Credit Balances and Government Overpayments


On February 12, 2016, the Centers for Medicare & Medicaid Services (CMS) released the Medicare Program; Reporting and Returning of Overpayments Final Rule (Final Rule) governing the investigation, identification, refunding, and reporting of Medicare Parts A and B overpayments. The Final Rule provided much-needed detail and clarity to Parts A and B associated obligations created by its statutory counterpart, Section 6402(a) of the Affordable Care Act (ACA). However, some uncertainty, which will be addressed below, persists.

In 2010, Section 6402(a) of the ACA created Section 1128J(d) of the Social Security Act, which requires Medicare and Medicaid providers and suppliers, as well as Parts C and D health plans, to report and return government overpayments within 60 days of either the date on which the overpayment was identified or the date any corresponding cost report is due, if applicable. However, many key terms, concepts and logistical issues went unaddressed by the new section. For example, the statute neither defined “identified” nor articulated a proactive duty to investigate potential overpayments, despite appearing to create liability for acts of “deliberate ignorance” or “reckless disregard.” Although the Final Rule addressed many of the questions arising from the legislation, it has been received by providers and suppliers with ambivalence, articulating new requirements for them while reducing their uncertainty.

Challenges Explained

Identification Defined

The Final Rule provided long overdue clarity for the identification concept:

A person [provider or supplier] has identified an overpayment when the person has, or should have through the exercise of reasonable diligence, determined that the person has received an overpayment and quantified the amount of the overpayment. A person should have determined that the person received an overpayment and quantified the amount of the overpayment if the person fails to exercise reasonable diligence and the person in fact received an overpayment. (42 CFR § 401.305(a)(2), 2016)

Providers and suppliers were happy to see the inclusion of quantification in the Final Rule. The 60-day clock does not start merely when they have determined that they were overpaid, but only when they have determined how much they were overpaid. Often, significant levels of effort are required to determine the amount of an overpayment, even after one learns that an overpayment was received.

Identification is defined, but a new concept is introduced: “reasonable diligence.” “Reasonable diligence” is not defined within the text of 42 C.F.R. § 401.305. However, CMS did include the following in the commentary published within the Final Rule:

“Reasonable diligence” includes both proactive compliance activities conducted in good faith by qualified individuals to monitor for the receipt of overpayments and investigations conducted in good faith and in a timely manner by qualified individuals in response to obtaining credible information of a potential overpayment. ...
We believe that compliance with the statutory obligation to report and return received over-payments requires both proactive and reactive activities. (81 FR 7653, p. 7659)

Here, the expectation is articulated by CMS for participating providers and suppliers to take the initiative in finding and returning the overpayments the providers and suppliers have received. However, there is no prescriptive guidance as to what or how many compliance activities are sufficient to reach a “reasonable” level of proactivity.

Worthy of separate consideration is the investigatory or reactive component of “reasonable diligence.” The commentary above introduces the “credible information of a potential overpayment” standard. The guidance continues later:

We believe credible information includes information that supports a reasonable belief that an overpayment may have been received. ... Determining whether information is sufficiently credible to merit an investigation is a fact-specific determination. (81 FR 7653, pp. 7662-3)

Once again, CMS establishes a standard which leaves room for interpretation. However, the guidance does go on to note that the following scenarios might be examples of credible information:

  • Unusually high profits in relation to hours worked or the relative value units associated with the work
  • Hotline calls
  • Audit findings (even those over a limited time period would trigger the obligation to investigate a broader time period if the audit found overpayments and the cause of the overpayments was or might have been a factor over the broader time period)
  • Medicare contractor overpayment determinations

Also introduced in the reactive component of “reasonable diligence” is the “timely manner” concept for “good faith” investigations. The guidance goes on to say that providers and suppliers have, at most, six months from the receipt of “credible information” to determine the existence of and quantify any over-payments, except in “extraordinary circumstances.” According to the commentary, “extraordinary circumstances” might include disasters and investigations of extreme complexity, such as violations reported through the Self-Referral Disclosure Protocol.

Other Key Provisions and Omissions

Six-Year Lookback

The first victory for providers and suppliers was the reduction of the lookback period from 10 years (as was originally proposed) to six. The six-year period aligns with key statute of limitations provisions in both the False Claims Act and the Social Security Act as well as with many federal and state record retention requirements. Despite shortening the lookback period considerably from the Proposed Rule, the lookback period will certainly cause pain for many providers and suppliers for reasons such as patient accounting and/or medical record system conversions and changes.

Reporting and Returning Logistics

“This final rule states that providers and suppliers must use an applicable claims adjustment, credit balance, self-reported refund, or another appropriate process to satisfy the obligation to report and return overpayments.” The Proposed Rule required the use of the “voluntary refund process” as described in the Medicare Programme Integrity Manual. Sole reliance on this method would have proved inefficient for reporting and returning overpayments for singular claims and would have likely required the sending of a check in all cases.

No Relief on Small-Dollar Overpayments

CMS went out of its way to expressly dismiss any notion of an overpayment too small to be investigated: “We believe adopting a regulatory de minimis standard would be susceptible to abuse, especially in the context of claims-based overpayments.” The resolution of small-dollar overpayments, especially those residing in credit balance populations, will prove burdensome and aggravating to many providers and suppliers. Fortunately, the Final Rule expressly allows for the use of statistical sampling and extrapolation for quantifying an overpayment amount for populations of accounts.

Our Point of View

Credit Balances as Credible Information

Although it is not mentioned as a specific example in the Final Rule, we believe the existence of credit balances on Medicare-related accounts (i.e., accounts on which Medicare Part A or B has made a payment) would constitute “credible information of a potential overpayment,” triggering the requirement of a good faith and timely investigation. Across the industry, approximately one-third of credit balances are believed to be the result of overpayments. Therefore, unless a provider or supplier has an evidence-based reason to believe its credit balance population is extremely divergent from the national average and that a far smaller percentage of credit balances are caused by overpayments, the existence of a credit balance on a Medicare-related account would seem to easily meet the standard of being a “potential overpayment.” Additionally, because of the ease with which credit balance reports can be pulled, attempts to assert non-negligent ignorance would seem dubious.

Not only do providers and suppliers have to worry about False Claims Act lawsuits for hanging on to overpayments, but they can also be fined by the Office of Inspector General (OIG) with a civil monetary penalty (CMP) for knowingly retaining an overpayment.

We believe the existence of credit balances on Medicare-related accounts (i.e., accounts on which Medicare Part A or B has made a payment) would constitute “credible information of a potential overpayment,” triggering the requirement of a good faith and timely investigation.

As healthcare organisations continue to experience increased scrutiny and fines for failing to identify and refund governmental payor-related overpayments, well-defined and efficient practices and processes become increasingly important. There are multiple steps that should be taken to ensure you are being proactive in handling credit balances and potential overpayments. We recommend robust credit balance resolution and overpayment refunding processes for Medicare providers and suppliers that kick the tires on your organisation’s processes:

  1. Assess and understand your processes
  2. Identify and analyse your current credit balance population (past six years)
  3. Determine the presence of governmental overpayments
  4. Determine the methodology used to assess “reasonable diligence” for identifying and quantifying overpayments (e.g., population analysis, sample-based audits, statistical sampling and extrapolation)
  5. Perform a sample-based audit of your population or audit your entire population
  6. Understand audit results and resolve gaps
  7. Plan and execute a cleanup (if necessary)
  8. Implement ongoing monitoring efforts

Prior to beginning this exercise, ensure that you have the appropriate resources and personnel who are qualified and well-trained in credit balance resolution. In addition, verify you have in place quality assurance and root cause analysis processes, sufficient and effective controls around escheatment and other state requirements, and accurate and valid reports used for management and compliance oversight.