Skip Navigation
United States Flag

An official website of the United States government. Here's how you know >

A New Look for HHS-OIG. Learn More >>

U.S. Flag An official website of the United States government.
Change Font Size

Report (OEI-04-11-00680)

Medicare Recovery Audit Contractors and CMS's Actions To Address Improper Payments, Referrals of Potential Fraud, and Performance

Complete Report

Download the complete report

Adobe® Acrobat® is required to read PDF files.



Recovery Audit Contractors (RAC) are designed to protect Medicare by identifying improper payments and referring potential fraud to CMS. Prior Government Accountability Office work has identified problems with CMS's actions to address improper payment vulnerabilities, and prior OIG work has identified problems with CMS's actions to address referrals of potential fraud. Further, OIG has identified vulnerabilities in CMS's oversight of its contractors. Given the critical role of identifying improper payments, effective oversight of RAC performance is important.


We collected RAC Data Warehouse (i.e., electronic database) files from CMS and data from RACs to determine their activities to identify improper payments and refer potential fraud in fiscal years (FYs) 2010 and 2011. We also collected data from CMS regarding activities to address vulnerabilities (i.e., improper payments exceeding $500,000 that result from a specific issue) and referrals of potential fraud. Finally, we collected RAC performance evaluations and performance evaluation metrics from CMS and determined the extent that RAC performance evaluations addressed these metrics. We also compared performance evaluation metrics to contract requirements to determine the extent that these metrics addressed contract requirements.


In FYs 2010 and 2011, RACs identified half of all claims they reviewed as having resulted in improper payments totaling $1.3 billion. CMS took corrective actions to address the majority of vulnerabilities it identified in FYs 2010 and 2011; however, it did not evaluate the effectiveness of these actions. As a result, high amounts of improper payments may continue. Additionally, CMS did not take action to address the six referrals of potential fraud that it received from RACs. Finally, CMS's performance evaluations did not include metrics to evaluate RACs' performance on all contract requirements.


We recommend that CMS (1) take action, as appropriate, on vulnerabilities that are pending corrective action and evaluate the effectiveness of implemented corrective actions; (2) ensure that RACs refer all appropriate cases of potential fraud; (3) review and take appropriate, timely action on RAC referrals of potential fraud; and (4) develop additional performance evaluation metrics to improve RAC performance and ensure that RACs are evaluated on all contract requirements. CMS concurred with our first, second, and fourth recommendations. CMS did not indicate whether it concurred with our third recommendation but noted that it has reviewed the six RAC referrals of potential fraud in our review.

Copies can also be obtained by contacting the Office of Public Affairs at

Office of Inspector General, U.S. Department of Health and Human Services | 330 Independence Avenue, SW, Washington, DC 20201