No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Fraud

DOJ Is Getting More Imaginative with False Claims Act Enforcement and Hitting a Growing Range of Organizations

FCA Pitfalls for Non-Traditional Government Contractors

by Preston Pugh and Danielle Rowan
June 8, 2021
in Fraud
Robert Kennedy Justice Department building in washington DC

The DOJ began casting a wider net for False Claims Act enforcement years before the pandemic broke out. Now with large-scale suspected EIDL and PPP fraud, companies need to double- and triple-check the accuracy of their applications or face the inevitable consequences.

In the last year, Congress passed two of the largest relief bills in modern history and made an unprecedented amount of federal funds available to businesses to help them survive the COVID-19 pandemic. The Trump and Biden administrations released a combined total of $3.1 trillion. These immense benefits, of course, come with strings attached; among them, heightened responsibilities under the False Claims Act (FCA).

The False Claims Act Was Passed During the Civil War. It’s Scope of Enforcement Has Steadily Expanded.

Congress enacted the FCA in 1863 to combat fraud by defense contractors during the Civil War. The bill made it illegal for any individual or entity to knowingly submit, or cause another to submit, false claims to the federal government for payment. Those familiar with the history of the FCA know the Civil War accounts of contractors who sold the Union Army decrepit mules, uniforms that would dissolve in rain (hence the popular use of the term, “shoddy”) and even ships that were sold as new, but when put into battle were exposed as having rotten, painted-over hulls. Similar accounts can be found throughout other crises in United States history. Today, any individual or entity that submits a false claim is liable for three times the government’s damages plus a civil penalty, currently between $11,665 and $23,331 per claim.

Recent public remarks and early enforcement activity show the government has a hearty appetite to pursue FCA cases and to look beyond traditional defendants. Republican Senator Chuck Grassley of Iowa is arguably the staunchest advocate of the FCA. In a July 2020 speech celebrating Whistleblower Appreciation Day, he said:

“Since I led the effort to amend [the FCA] back in 1986, False Claims Act cases have recovered more than $62 billion for taxpayers.  … And the False Claims Act has never been more important than it is right now…”

Remarking recently on the Department of Justice’s newly announced COVID-19 Fraud Task Force, Attorney General Merrick Garland stated, “the Department of Justice will use every available federal tool — including criminal, civil and administrative actions — to combat and prevent COVID-19-related fraud.” He made it clear that the Task Force would feature several departments alongside the DOJ — including Labor, Treasury, Homeland Security, the SBA, the VA and FDIC — as well as the Special Inspector General for Pandemic Relief (SIGPR) and the Pandemic Response Accountability Committee (PRAC). To date, the results are notable: the DOJ has charged nearly 600 defendants over the past year for alleged attempts to fraudulently obtain over $600 million in COVID-19 relief funds.

Uncharted Waters

Over the past few years, both the government and FCA relators (whistleblowers) have targeted more types of defendants than they have ever previously. While defense contractors, health care providers (hospitals and physicians), health care suppliers (pharma, device and equipment) and other more traditional defendants are still a central focus of most FCA cases, new companies that should consider potential exposure under the FCA include software vendors, private equity financiers, sureties, insurance companies and educational institutions.

For example, last year, an electronic health records (EHR) software company, Practice Fusion, paid approximately $145 million to resolve criminal and civil investigations relating to its EHR software and whether it ran afoul of the Anti-Kickback Statue (AKS).[1] Practice Fusion operated a largely free EHR service for medical providers but earned revenue by selling “clinical decision support” alerts to pharmaceutical companies. These alerts prompted doctors to take certain clinical actions, such as performing tests, based on a patient’s profile. In the case at issue, Practice Fusion designed an alert specifically to encourage doctors to prescribe extended release opioids regardless of medical efficacy. Although Practice Fusion did not directly submit any claims to the government, it still faced significant liability for having caused providers to submit false claims through its alert.

Likewise, in September of 2019, the U.S. settled a civil FCA case for $21.6 million against, among others, Riordan, Lewis, & Haden, Inc. (RLH), a private equity firm. Like Practice Fusion, RLH had no direct contractual relationship with the government, but one of the portfolio companies that it managed did.[2] The portfolio company allegedly paid outside “marketers” to target military members and their families for expensive prescriptions to ensure the highest possible insurance reimbursement. Although it was not the primary actor, RLH, in managing the portfolio company, “knew of and agreed to” the plan to pay third parties to generate referrals “regardless of patient need,” and, thus, faced liability.

Similarly, in an ongoing action, a former employee of a construction company brought a qui tam action against 18 defendants, including not only his former employer, but also sureties and a bond producer (“bonding defendants”).[3] The relator alleged, among other claims, that the bonding defendants enabled the construction company to create fraudulent shell companies in order to obtain preferential status to ultimately win set-aside government contracts. The court permitted the case to proceed against the bonding defendants on the theory that through the underwriting process, they knew or should have known that the construction company made false claims and nevertheless issued surety bonds.

In higher education, Duke University in March 2019 agreed to pay a $112.5 million settlement to resolve a qui tam action.[4] The action alleged that Duke researchers “authored numerous scientific publications based on fraudulent research funded by public grants.” After receiving indications that one of the researchers at issue embezzled from the university, Duke fired the researcher and conducted a review of her and her team’s research. However, even after finding fraudulent activity related to the research, Duke continued to submit grant applications and progress reports based on the fraudulent data and failed to report its findings to government grant providers. Ultimately, Duke faced liability in part on a “reverse FCA” theory — Duke, like many COVID-relief recipients, received government funds for research by the team that should have been returned to the government, and it did not do so.

Recently, in January 2021, the DOJ announced the first civil settlement resolving allegations of fraud involving loans pursuant to COVID-relief. SlideBelts, Inc., an internet retail company, falsely certified to federally insured banks that the company was not in bankruptcy proceedings in order to obtain a $350,000 loan through the Paycheck Protection Program (PPP). A DOJ/SBA investigation ensued, resulting in the company agreeing to pay $100,000 in penalties and damages, plus the amount of the loan, to settle claims. This relatively small loan amount fell below the Small Business Administration’s $2 million “safe harbor” threshold; however, the safe harbor did not deter DOJ enforcement.[5] The GAO has since added emergency loans for small businesses to its “High Risk List,” specifically citing the potential for fraud in permitting self-certification.

Key Takeaways

1. Early COVID-19 relief cases have focused on loan applications and supporting documents.

Not surprisingly, the first wave of COVID-19 relief enforcement actions has focused on straightforward violations in loan applications and supporting documents. Most of these have been criminal fraud-based actions against individuals. However, the SlideBelts settlement shows that the DOJ will bring enforcement actions against corporate loan recipients, even of smaller loans.

2. Enforcement is not always limited to the direct fund recipients.

Actions against sureties, technology vendors and private equity backers show that FCA liability is not limited to those parties directly contracting with the government. In 2020, Ethan Davis, then-Principal Deputy Assistant Attorney General warned in a speech that when a private equity firm “invests in a company in a highly-regulated space … the firm should be aware of laws and regulations designed to prevent fraud” and, where “a private equity firm takes an active role in illegal conduct by the acquired company, it can expose itself to False Claims Act liability.” With such a significant amount of aid going to small businesses, investors will face increased scrutiny — regardless of whether those entities have sophisticated government contract compliance capabilities.

3. Examine any heightened responsibilities that come with doing business with the government.

Contracting with the government — whether as a funds recipient or by providing goods or services — differs significantly from doing business with a private party. What might otherwise be common practice in commercial contracting can result in serious liability with the government. Thus, companies should carefully review all obligations that come with government contracts, particularly those involving complex certifications, like cybersecurity, in which the DOJ has shown a strong interest (and given recent events, will surely continue to do so).

4. Always investigate allegations of wrongdoing quickly and thoroughly.

Early and swift action is key to minimizing any damage that might come with a government contract breach. The government has voluntary disclosure options for contractors acting in good faith, and there are times when disclosure is mandatory. Delaying remedial action in these cases can come with significant consequences. Information that is discovered may trigger FCA obligations, even if, as shown above, it came through underwriting or due diligence.

5. Don’t hesitate to call a duck a duck. Understand the factors that create FCA risk, and seek advice accordingly.

There are broad implications of bad behavior for government contractors and fund recipients. For example, if an employee falsifies records — like in the Duke case — that misconduct can have significant consequences where those records have been relied on in seeking funds from, or reporting results to, the government. Treating incidents like these as strictly employment problems can leave a company vulnerable.


[1] The DOJ has aggressively enforced cases against health care vendors and related corporate entities. For example, in January, the DOJ settled with a health care technology vendor, athenahealth, for $18.25 million for alleged FCA violations and, similarly, in April settled with an EHR software provider, CareCloud, for $3.8 million.

[2] The DOJ announced another settlement with a private equity fund and its portfolio company in November 2020. Medical Device Business Services (MDBS) paid $10 million to settle FCA allegations and its private equity backer, The Gores Group, paid an additional $1.5 million to resolve allegations MDBS continued improper practices after The Gores Group acquired it.

[3] Outside auditors face similar risks. For example, in 2018, Deloitte paid $149.5 million to resolve FCA allegations arising from its role as an independent outside auditor for a mortgage originator, Taylor Bean & Whitaker.

[4] In late 2015, the University of Florida faced a similar action, in which it agreed to pay $19.9 million to resolve allegations that it diverted grant funds away from the projects for which those grants were provided. Similarly, on May 10, 2021, the University of Miami agreed to pay $22 million to resolve FCA allegations related to its hospital and laboratories.

[5] Likewise, in April, the DOJ settled an FCA action against Professional Medical Corporation and its owner for allegedly making false certifications to obtain two PPP loans for $70,000 and $430,000. Here, as in Slidebelts, the relatively small amounts of the loans at issue did not deter enforcement.


Tags: False Claims Act (FCA)
Previous Post

ForgeRock’s 2021 Consumer Identity Breach Report Reveals Unprecedented 450% Surge in Breaches Containing Usernames and Passwords

Next Post

QuantaVerse Introduces Fast Start Program to Speed and Improve the High-Risk Entity Review Process

Preston Pugh and Danielle Rowan

Preston Pugh and Danielle Rowan

Preston Pugh is a partner at Crowell & Moring, where his practice includes internal investigations on behalf of corporations and boards of directors; defense of government contractors in enforcement actions; and crisis management and response. He has been appointed as a compliance monitor several times, including a five-year monitorship in one of the largest EEOC cases involving allegations of race discrimination and harassment.
Danielle Rowan is a counsel in Crowell & Moring’s White Collar & Regulatory Enforcement group.  In her practice, Danielle represents both individual and corporate clients in investigations, criminal and civil litigations, and in response to regulatory inquiries.

Related Posts

a man sails into an infographic on a paper airplane

What Healthcare Providers and Life Sciences Companies Can Expect for Enforcement in 2022

by Jaime Jones, Brenna Jenny, Paul Kalb, Raj Pai and Matt Bergs
March 3, 2022

Though the Biden administration's first year kept enforcements light, broad shifts and specific measures taken by regulators are set to...

DOJ hq in Washington

DOJ’s Civil Cyber Fraud Initiative Could Find Health Care Companies Exposed on Multiple Fronts

by Kathleen McDermott and Mark Krotoski
February 22, 2022

The Biden Administration and DOJ intend to pursue cyber fraud through the False Claims Act (FCA), with an emphasis on...

Illustration of business man jumping for a suspended carrot

CCOs Say the Opaque Nature of DOJ Incentives Makes Self-Reporting a Hard Sell

by Evren Esen
February 8, 2022

Results of a recent Ethics and Compliance Initiative (ECI) survey indicate that a majority of CCOs can’t be sure whether...

Apotex, Sandoz, Taro to Pay $447M Over FCA Violations Involving Price-Fixing of Generic Drugs

Apotex, Sandoz, Taro to Pay $447M Over FCA Violations Involving Price-Fixing of Generic Drugs

by Michael Volkov
October 21, 2021

The Justice Department's probe into the generic pharmaceutical industry has resulted in three new settlements. Each arose from deferred prosecution...

Next Post
high speed abstract MRT track of motion light for background

QuantaVerse Introduces Fast Start Program to Speed and Improve the High-Risk Entity Review Process

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT