Scaling program integrity: The next phase of CMS’s efforts to combat FWA

The Centers for Medicare and Medicaid Services (CMS) manages more than $1.7 trillion in annual disbursements across Medicare, Medicaid and Marketplace programs. This makes program integrity one of the most consequential challenges in the federal government. Under Administrator Mehmet Oz and Deputy Administrator Kimberly Brandt, CMS has made meaningful strides in fraud detection, most notably through the rapid establishment of the Fraud Defense Operations Center (FDOC), which has already prevented billions in improper payments and accelerated investigations. 

But the threat landscape is evolving faster than reactive models can keep pace. The 2025 DOJ National Health Care Fraud Takedown — the largest in U.S. history at $14.6 billion in alleged fraud — underscores a new reality: modern fraud schemes are coordinated, technology-enabled and increasingly powered by AI and synthetic identities. 

The next phase of CMS’s program integrity strategy is extending that same analytic capability upstream and integrating preemptive detection and enforcement into provider enrollment to stop fraud before billing ever occurs.  

Provider enrollment: The next phase of program integrity 

Provider enrollment represents the next logical phase in CMS’s program integrity evolution. It would not be considered a replacement for claims analytics, but rather a complementary, reinforcing capability. 

Rather than waiting for patterns to emerge in claims, CMS can apply those same insights at the front door. By integrating behavioral indicators, known fraud signatures and more data sources into risk-based provider screening, CMS can begin identifying risk before billing occurs. 

This creates a more proactive posture — one that uses existing intelligence to prevent future exposure. 

Together, claims analytics and enrollment risk scoring form a unified lifecycle:  

• Claims analytics detect and respond to fraud in real time
• Enhanced enrollment screening applies those insights upfront and prevents high-risk actors from entering or expanding within the system

This integrated approach allows CMS to align oversight, enforcement and prevention into a continuous, intelligence-driven model. 

Risk-Based Enrollment: From Static Screening to Dynamic Intelligence 

Current environment

Provider enrollment today is largely static and rules-based. It relies on disclosed ownership information, structured validation checks, and limited data sources. While effective for baseline compliance, it does not fully assess intent, detect evolving fraud patterns, or adapt to emerging threats.

Next phase

CMS can evolve to a dynamic, intelligence-driven model that integrates claims-based insights, behavioral indicators, and more robust data sources into a comprehensive risk score at the time of provider enrollment. These risk scores can be trained on known fraud schemes, be adaptable to new patterns, and compile more diverse intelligence about a provider based on trusted third-party data and OSNIT sources.  

Outcomes

This approach enables CMS to move from uniform screening to risk-based oversight. Low-risk providers can be fast-tracked, while moderate-risk providers can be subject to provisional enrollment and targeted monitoring. High-risk providers can be flagged for enhanced scrutiny, denial, or revocation. The result is a system that reduces fraud exposure, improves efficiency and provider experience, and incentivizes good-faith behavior. 

Network Analysis: From Individual Screening to Network-Level Detection 

Current environment

Fraud detection at enrollment remains largely focused on individual providers and self-reported affiliations. Visibility into indirect or undisclosed relationships is limited, making it difficult to detect coordinated fraud networks.

Next phase

By incorporating comprehensive network analysis, CMS can map relationships across providers, owners, billing entities, and third parties. This includes identifying shared addresses, overlapping personnel, financial linkages, and connections to known bad actors—both reported and unreported.

Outcomes 

Network-level detection enables CMS to identify coordinated fraud schemes earlier, disrupt them more effectively, and target oversight where it is most needed. It shifts program integrity from isolated detection to a broader, more strategic approach focused on systemic risk, expanding CMS enforcement operations through intelligence.  

Digital Forensics: Addressing AI-Enabled Fraud 

Current environment 

Traditional screening relies on document review and structured validation, which are increasingly challenged by AI-generated fraud, including synthetic identities and fabricated documentation. 

Next phase 

CMS can integrate digital forensics capabilities that analyze documents, images, audio, and metadata for signs of manipulation. Machine learning and forensic techniques can detect anomalies not visible through manual review. 

Outcomes

These capabilities allow CMS to identify fraud that appears legitimate, reduce reliance on manual processes, and strengthen confidence in identity verification. They also position CMS to keep pace with rapidly evolving, AI-driven fraud tactics. 

FDOC Expansion: From Reactive Enforcement to Real-Time Prevention 

Current environment 

FDOC has proven highly effective in claims-based detection and coordinated enforcement. However, integration with enrollment processes remains limited. Limiting CMS’s ability to cast a wider net on enforcement and identify bad actors more preemptively.  

Next phase

By connecting real-time enrollment risk signals directly into FDOC workflows, CMS can enable the immediate escalation of high-risk providers, along with full risk profiles and supporting evidence. Enabling CMS to take more targeted action immediately.

Outcomes

This integration allows CMS to act before claims are submitted, expanding and accelerating enforcement, reducing financial exposure, and enabling cross-agency integration through a registry of known risky entities.  

Conclusion: Provider domain, AI expertise as key ingredients 

CMS has already demonstrated that it can scale rapidly, innovate effectively and deliver meaningful results in combating fraud, waste and abuse. The success of FDOC is clear proof.  

The next phase is to extend that success upstream into provider enrollment. The result is a coordinated effort that protects the program while enabling trusted providers and accelerating access to care. 

CGI Federal has collaborated with CMS for more than 25 years and is an industry-recognized partner in delivering mission-critical program integrity solutions. That depth of experience, which spans claims analytics, enrollment systems and fraud prevention, uniquely positions CGI Federal to help CMS take this next step with confidence. 

At CMS’s scale, this evolution is not just the next step — it is essential.