CMS Civil Monetary Penalties And Intermediate Sanctions Issued In 2025 – Themes Your Medicare Plan Should Look Out For

This year there have been several Civil Monetary Penalties¹(CMP) and an Intermediate Sanction² issued by the Centers for Medicare and Medicaid Services (CMS) for Medicare Advantage-Prescription Drug Plans (MA-PDs), Prescription Drug Plans (PDPs), and Programs of All-Inclusive Care for the Elderly (PACE) programs because of non-compliance findings from Program Audits,³ Financial Audits,⁴ or PACE audits.⁵ CMPs and/or Intermediate Sanctions can be issued by CMS to plans who (in summary):⁶

• Fail to provide medically necessary items and services required, which adversely affects the individual.
• Apply inappropriate premium charges.
• Perform improper enrollment practices.
• Falsify information to CMS, State, or individuals.
• Practice improper communication methods.
• Employs or contracts with individuals or entities excluded by Medicare or who engage in any inappropriate conduct.

Additionally, for Medicare Advantage plans:

• Allow practices that interfere with the practitioner's advice to enrollees.
• Applies limits on billing for private fee-for-service plans.
• Makes payments to individuals or entities that are excluded or on the preclusion list.

CMPs are based on the results of audits and findings that demonstrate the plan has violated one or more of these responsibilities and is deemed severe enough to constitute monetary penalties. For 2025, CMPs have ranged from $5,800 - $2,000,000. The amount assessed is a function of the severity of the violation(s) and the number of individuals impacted.⁷

One MA-PD plan experienced an Intermediate Sanction, resulting in a suspension of enrollment.

Financial Audit Themes Resulting in CMPs

CMPs were issued to MA-PDs and PDPs for Financial Audits that were performed in 2023 based on these plans' 2021 financial information. There were three themes that were found across these audits:

• Part C Cost Sharing Requirements
• Part C Maximum Out-of-Pocket Limit Requirements
• Part D Coordination of Benefits and Low-Income Subsidy (LIS) Requirements

Part C Cost Sharing Requirements

CMS found that plans were charging enrollees incorrect coinsurance amounts, which led to overcharging enrollees for their benefits. These issues were commonly attributed to system configuration errors, such as incorrect physician and/or clinical lab fee schedules or telehealth claims leading to higher enrollee cost-sharing responsibility. Furthermore, these overpayments were not identified by the plans, and reimbursements did not occur until after the financial audit (2-3 years after the service).

Part C Maximum Out-of-Pocket (MOOP) Limit Requirements

Plans that failed to track MOOP accurately impacted enrollees by charging amounts that exceeded their annual spending threshold. A common area where errors were made was in manually processed claims, and MOOP was not calculated while processing the claim. There were also several medical claims processing system issues found where plans' systems were unable to identify and calculate in and out of network claims appropriately, unable to identify duplicate claims and subsequently adjudicate both, and programming of the incorrect plan year benefit MOOP amount. Additionally, it was found that plans did not coordinate with the adjudication of Part B claims with their Pharmacy Benefit Managers (PBMs), allowing for claims to be paid through both processors and charged enrollees in excess of their benefit maximum.

Part D Coordination of Benefits and Low-Income Subsidy (LIS) Requirements

Retroactive adjustments for LIS enrollees were found to be untimely. This delay led to Prescription Drug Event (PDE) reprocessing delays. Plans did not fulfill their responsibilities of processing retroactive adjustments to cost sharing for LIS individuals, leading to delays in issuing refunds within 45 days of the receipt of updated eligibility information. Untimely claims adjustments deemed the plans non-compliant with LIS requirements, as enrollees were overcharged for their drugs.

Program Audit Themes Resulting in CMPs

CMPs were issued to MA-PDs and one PDP for Program Audits that were performed in 2024. The following themes were all related to Medicare Part D:

• Part D Formulary and Benefit Administration Relevant Requirements
• Part D Coverage Determinations, Appeals, and Grievances Relevant Requirements

Part D Formulary and Benefit Administration Relevant Requirements

It was found that beneficiaries were incorrectly denied medication or experienced delays in receiving their medications, attributed to eligibility file issues. There was an assortment of unique issues that occurred from plan to plan; however, the findings emphasize the importance of coordination between the plan and the PBM. Examples of findings included:

• Mishandling of state eligibility files to ensure that appropriate eligibility dates are used for dual eligible special needs plan enrollees.
• Eligibility files that were sent from the plan to the PBM were inaccurate, causing the PBM to load incorrect eligibility information into the adjudication system.
• The PBM mishandled the eligibility file from the plan and altered the information in the adjudication system, causing enrollees' coverage to be impacted.
• Loading of incorrect start date in the PBM adjudication system for the enrollee, prohibiting Transition Fills from processing accurately.

Part D Coverage Determinations, Appeals, and Grievances Relevant Requirements

CMS also assessed CMPs for plans that inappropriately administered the Coverage Determinations, Appeals, and Grievances process. Plans mishandled or misidentified coverage determinations and/or appeals when received through a grievance. Enrollees were also impacted when plans failed to identify coverage requests when enrollees called the plan or misrouted requests to incorrect departments. These scenarios likely impacted enrollees as they did not receive their medication, did not receive coverage for their drug, experienced delays, or did not receive their appeal rights in a timely manner.

It was also found that a plan was denying medications for enrollees who had approved prior authorizations. This likely stemmed from the plan's change of PBMs, and the transfer of this information to the new PBM was inaccurate or incomplete.

PACE Audits

Three PACE programs received CMPs for PACE audits that occurred in 2024. Violations included:⁸

• Failure to provide care that meets the needs of each participant across all care settings, 24 hours a day, every day of the year.
• Failure to ensure accessible and adequate services to meet the needs of participants.
• Failure to document, track, and monitor the provision of services across all care settings.
• Failure to document the reason(s) for not approving or providing services recommended by employees or contractors, including specialists.

One PACE program was found to have an additional deficiency:

• Failure of the interdisciplinary team (IDT) to remain alert to pertinent information from other team members, participants, and caregivers.

The PACE program concept emphasizes the coordination of the enrollee's care through the IDT. It was found that these programs did not "effectively document, track, and monitor the provision of services across all care settings." Examples included:

• Not providing specialist consults.
• Not adhering to recommendations made by employees or contractors of the PACE program.
• Lacking documentation that consultations occurred.
• Lab work, diagnostic testing, or imaging was ordered but not completed.
• Lack of documentation demonstrating that approved services ordered were received.
• Medications were not provided.

Intermediate Sanction

One MA-PD has received an intermediate sanction, which has led to a suspension of enrollment. This sanction was issued because the state determined that the plan failed to meet state financial solvency requirements.

Hindsight 20/20...Would have...Should have...Could have

Plans that discover findings from audits often recognize opportunities that would have prevented these findings from occurring or breakdowns in existing oversight responsibilities. The plan should have increased the frequency of internal audits, performed more training and education, and emphasized greater oversight of their First Tier, Downstream, or Related Entities. Or could have performed targeted audits of processes, increased the controls of monitoring programs, updated policies and procedures, and created a formal Governance program to ensure compliance with CMS requirements occurs across the enterprise. Unfortunately, retrospective reflection can be expensive not only from a Civil Monetary Penalty standpoint but also in causing plan reputational harm and marketing ability.

Mitigating risk is achieved by administering proactive compliance programs that measure and oversee the performance of internal employees and external vendors. It is imperative that plans prioritize compliance efforts to ensure that regulatory audits are successful.

Footnotes

1. 42 CFR § 422.752, 42 CFR § 423.752, 42 CFR § 460.56

2.> 42 CFR Part 422 Subpart O, 42 CFR Part 423 Subpart O

3. https://www.cms.gov/medicare/audits-compliance/part-c-d/program-audits, https://www.cms.gov/medicare/audits-compliance/part-c-d/pace-audits

4. 42 CFR § 422.503 (d)(1), 42 CFR § 423.504(d)(1)

5. https://www.cms.gov/medicare/audits-compliance/part-c-d/pace-audits

6. 42 CFR § 422.752, 42 CFR § 423.752, 42 CFR § 460.40

7. 42 CFR § 422.760, 42 CFR § 423.760, 42 CFR § 460.46

8. https://www.cms.gov/medicare/audits-compliance/part-c-d/part-c-and-part-d-enforcement-actions

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.