Building an Effective Fraud Control and Special Investigations Unit for Health Plans

Quick Summary:

Healthcare fraud control is no longer a secondary compliance function. For health plans, Medicaid managed care organizations, Medicare Advantage plans, TPAs, and other claims-paying organizations, it is a financial, regulatory, and operational necessity.



The U.S. Government Accountability Office reported that federal agencies identified approximately $186 billion in improper payments during fiscal year 2025. Improper payments are not automatically fraud, but they demonstrate the scale of payment accuracy and oversight challenges facing government-funded programs.

Source: GAO – Payment Integrity: Estimated Improper Payments Increased to $186 Billion

Healthcare fraud also continues to produce significant enforcement activity. In June 2026, the U.S. Department of Justice announced charges against 455 defendants in alleged healthcare fraud and opioid abuse schemes involving more than $6.5 billion in false claims.

Source: DOJ – 2026 National Health Care Fraud Takedown

These figures reinforce an important distinction: not every incorrect payment is fraud, but every payer needs the operational ability to identify suspicious billing, investigate credible allegations, correct improper payments, and refer potential fraud when required.

That responsibility usually rests with the organization’s compliance department, payment integrity team, or Special Investigations Unit.

What Is a Special Investigations Unit?

A Special Investigations Unit, commonly referred to as an SIU, is responsible for identifying, investigating, documenting, and helping resolve suspected fraud, waste, abuse, and other improper billing activity.

Depending on the payer’s structure, the SIU may operate as:

• A standalone investigative department
• A function within the compliance department
• A combined payment integrity and investigative team
• A centralized resource supporting claims, utilization management, provider relations, and legal teams
• An internal team supported by external auditors, attorneys, or investigative vendors
• 
  

The structure can vary, but the fundamental purpose remains the same: protect healthcare dollars while maintaining fair, accurate, and defensible relationships with providers and members.

For Medicaid managed care organizations, this responsibility is especially important. HHS-OIG states that Medicaid managed care plans are required to identify and refer potential fraud, waste, and abuse—including potential provider fraud—to the appropriate state agency and, when applicable, the Medicaid Fraud Control Unit.

Source: HHS-OIG – Some Medicaid Managed Care Plans Made Few or No Referrals of Potential Provider Fraud

The Financial and Compliance Case for an SIU

The financial justification for an SIU extends beyond recovering money after fraud has occurred.

A well-developed fraud control program can help an organization:

• Prevent inappropriate payments before they occur
• Identify recoverable overpayments
• Detect suspicious provider billing patterns
• Improve claims and encounter-data accuracy
• Strengthen regulatory compliance
• Reduce exposure during government audits
• Support provider education and corrective action
• Develop defensible referrals for law enforcement or regulatory agencies
• Improve coordination between claims, compliance, legal, and medical management teams

The strongest SIUs do not measure success only by the number of cases opened or dollars recovered. They also measure avoided losses, payment policy improvements, provider behavior changes, repeat billing patterns, referral quality, investigation cycle times, and corrective actions.

An effective SIU should therefore operate as both an investigative department and an intelligence function.

Core Skills Needed Within an SIU

Claims processing knowledge

Investigators and analysts must understand how Medicare, Medicaid, commercial, and managed care claims move through the organization. They should understand claim forms, adjudication logic, authorization workflows, reimbursement methodologies, contracts, edits, adjustments, and payment policies.



Without claims knowledge, legitimate billing differences may be mistaken for suspicious activity, while more sophisticated schemes may go undetected.

Claims processing knowledge

Investigators and analysts must understand how Medicare, Medicaid, commercial, and managed care claims move through the organization. They should understand claim forms, adjudication logic, authorization workflows, reimbursement methodologies, contracts, edits, adjustments, and payment policies.



Without claims knowledge, legitimate billing differences may be mistaken for suspicious activity, while more sophisticated schemes may go undetected.

Auditing, analytics, and reporting



Fraud control increasingly depends on the ability to analyze large volumes of claims and provider data.

SIU personnel should be able to:

• Identify unusual billing frequencies
• Compare providers against appropriate peer groups
• Analyze procedure and diagnosis relationships
• Review modifier utilization
• Detect duplicate and overlapping services
• Evaluate place-of-service inconsistencies
• Examine billing before and after provider education
• Identify changes in volume, intensity, or service mix
• Trace patterns across multiple members, providers, facilities, and dates of service

CMS maintains a dedicated Data Analytics and Systems Group that uses research, statistics, and data analysis to support program integrity across Medicare, Medicaid, Medicare Advantage, and prescription drug programs.

Source: CMS – Data Analytics and Systems Group

Regulatory and legal interpretation

SIU personnel must understand the difference between:

• An innocent billing error
• A contractual disagreement
• Incorrect coding
• Wasteful utilization
• Abusive billing
• A credible allegation of fraud
• Conduct requiring repayment
• Conduct requiring referral or escalation



Legal counsel should be involved when investigations raise concerns involving intent, privilege, evidence preservation, contractual rights, provider termination, government reporting, or possible civil or criminal exposure.

Relevant federal authorities may include the False Claims Act, Anti-Kickback Statute, Stark Law, Civil Monetary Penalties Law, and federal exclusion authorities.

Source: HHS-OIG – Fraud and Abuse Laws

Medical Record Review

Claims data may identify the pattern, but medical records are often needed to determine whether the billed service was supported.

Clinical reviewers may assess:

• Medical necessity
• Documentation sufficiency
• Level-of-service support
• Procedure performance
• Diagnosis support
• Modifier justification
• Frequency of services
• Quality-of-care concerns
• Consistency between the record and submitted claim

Clinical review should be performed by personnel whose experience and credentials align with the services being evaluated.

Investigation development

An investigation is more than reviewing a suspicious claim.

A structured investigation may involve:

1. Receiving an allegation or analytic lead
2. Conducting preliminary validation
3. Defining the issue and scope
4. Preserving relevant evidence
5. Expanding the claims review
6. Requesting records or provider information
7. Conducting interviews when appropriate
8. Consulting coding, clinical, legal, or contractual experts
9. Calculating financial exposure
10. Documenting findings
11. Determining corrective action
12. Referring credible allegations when required
13. Monitoring the provider after resolution

CMS provides a Managed Care Fraud Referral Toolkit to help Medicaid agencies and managed care organizations improve the quality and completeness of fraud referrals.

Source: CMS – Managed Care Fraud Referral Toolkit

Recommended SIU Staffing Structure

A developing SIU may begin with one experienced professional who can perform reporting, analysis, and preliminary investigative work. As volume increases, responsibilities should become more specialized.

A typical structure may include:

• Fraud analyst
• Healthcare fraud investigator
• SIU supervisor or director
• Clinical reviewer
• Certified coder
• Compliance liaison
• Legal counsel
• Claims operations liaison
• Medical director or physician advisor
• Data analyst or payment integrity specialist

The SIU should work closely with claims operations and auditing because those departments often encounter the first indication of unusual billing.

Medical management personnel may provide expertise involving quality of care, utilization, medical necessity, and peer review. Provider relations may help distinguish suspected misconduct from contracting, education, or communication problems. Compliance should oversee reporting obligations and program governance.

The following sample job descriptions can be adapted to an organization’s size, lines of business, contractual requirements, and investigative workload.

Sample Job Descriptions for  SIU and FWA Teams

Fraud Analyst

Position summary

The Fraud Analyst provides preliminary analysis of reports on fraud, waste, abuse, and improper billing. This position supports detailed investigations by collecting data, identifying trends, organizing evidence, and assisting investigators in evaluating suspicious claims or provider activity.

Primary responsibilities

• Collect claims, provider, authorization, enrollment, and payment data
• Run fraud, waste, abuse, and payment integrity reports
• Perform preliminary analysis in coordination with investigators
• Identify providers exhibiting unusual or potentially improper billing patterns
• Compare billing activity against peer groups, policies, and historical behavior
• Gather documents needed for investigations
• Maintain organized case files, workpapers, and supporting evidence
• Assist with overpayment calculations and claims sampling
• Track investigation status, findings, referrals, and recoveries
• Prepare summaries for investigators, compliance leadership, and legal counsel
• Maintain effective relationships with claims, medical management, provider relations, and other operational departments
• Handle confidential information in accordance with organizational policy and applicable law

Recommended qualifications

• Healthcare payer, managed care, claims, coding, auditing, or investigative experience
• Knowledge of medical claims and reimbursement processes
• Experience with data analysis and report interpretation
• Understanding of medical record review
• Strong documentation and organizational skills
• Ability to handle confidential and sensitive information
• Proficiency with Microsoft Excel, reporting tools, and claims systems
• Bachelor’s degree or equivalent relevant experience
• 
  

Clinical experience may also be valuable, particularly for organizations handling complex medical necessity and quality-of-care investigations.

Valuable additional experience

• Familiarity with Medicaid, Medicare, or Medicare Advantage program integrity
• Certified Professional Coder or similar credential
• Experience working with providers
• Experience with claims auditing or payment integrity software
• Knowledge of the organization’s claims platform
• Familiarity with state-specific fraud reporting requirements
  

Healthcare Fraud Investigator

Position summary

The Healthcare Fraud Investigator is responsible for developing and conducting investigations involving suspected fraud, waste, abuse, overpayments, and improper billing. The investigator evaluates allegations, analyzes evidence, coordinates with internal departments, and recommends appropriate corrective or referral actions.

Primary responsibilities

• Conduct investigations involving suspicious claims and provider activity
• Evaluate data from claims, authorizations, medical records, contracts, enrollment files, complaints, and external sources
• Determine whether allegations are supported by credible evidence
• Identify providers that may be submitting inaccurate, unsupported, or misleading claims
• Expand claim samples when broader patterns are identified
• Coordinate medical record requests and reviews
• Conduct interviews when appropriate
• Develop investigative timelines and case strategies
• Maintain detailed case notes and evidence
• Consult with coding, clinical, legal, and compliance personnel
• Calculate potential overpayments and financial exposure
• Recommend provider education, recovery, corrective action, monitoring, or referral
• Contact appropriate authorities when referral is required
• Manage relationships with claims, compliance, provider relations, and medical management personnel
• Monitor resolved investigations for continued or recurring billing concerns

Recommended qualifications

• Healthcare payer, managed care, investigations, coding, auditing, or law enforcement experience
• Strong understanding of medical claims and reimbursement
• Knowledge of medical record review
• Strong analytical and interviewing skills
• Ability to write clear investigative reports
• Ability to manage confidential information professionally
• Proficiency with claims systems, spreadsheets, databases, and research tools
• Bachelor’s degree or equivalent professional experience

Valuable additional experience

• Registered Nurse, Certified Professional Coder, Certified Fraud Examiner, Accredited Healthcare Fraud Investigator, or comparable credential
• Payer-side claims or payment integrity experience
• Knowledge of Medicaid and Medicare fraud requirements
• Experience investigating providers or healthcare organizations
• Familiarity with state reporting and referral processes
• Experience working with Medicaid Fraud Control Units, regulators, or law enforcement
  

SIU Supervisor

Position summary

The SIU Supervisor is responsible for directing the organization’s fraud control and investigative activities. This individual sets priorities, supervises personnel, coordinates complex investigations, maintains regulatory compliance, and reports SIU performance to executive and compliance leadership.

Primary responsibilities

• Establish SIU policies, procedures, and investigative standards
• Develop the SIU’s annual work plan with the compliance department
• Assign and prioritize investigations
• Supervise analysts and investigators
• Coordinate related investigations involving common providers, owners, members, or billing patterns
• Review investigative plans, evidence, findings, and case closure recommendations
• Ensure investigations are completed consistently and timely
• Coordinate with legal counsel on evidence, privilege, reporting, and enforcement issues
• Oversee provider trending and post-investigation monitoring
• Maintain relationships with compliance, claims, medical management, provider relations, and quality management
• Review state, CMS, HHS-OIG, and law enforcement fraud alerts
• Ensure credible allegations are reported to the proper authorities
• Oversee recovery, corrective action, and provider education efforts
• Develop performance measures for prevention, detection, investigation, referral, and recovery
• Report material findings and emerging risks to executive leadership
• Support regulatory audits and requests for information
• Maintain appropriate case confidentiality and access controls

Recommended qualifications

• Significant healthcare or managed care experience
• Strong background in investigations, coding, auditing, or payment integrity
• Knowledge of Medicare, Medicaid, and commercial payer operations
• Experience supervising investigative or compliance personnel
• Understanding of medical record review
• Strong written and verbal communication skills
• Ability to interpret regulatory and contractual requirements
• Bachelor’s degree or equivalent professional experience

Valuable additional experience

• Previous SIU management experience
• Clinical, coding, legal, compliance, or investigative certification
• Experience working with providers and government agencies
• Knowledge of the organization’s claims platform
• Experience developing annual fraud control plans and regulatory reports
• Experience presenting findings to executives, boards, regulators, or law enforcement
  

Building an Investigation Workflow That Produces Results

Strong personnel alone will not create an effective SIU. The department also needs repeatable processes.At a minimum, the organization should establish written procedures for:

• Receiving allegations
• Evaluating anonymous complaints
• Assigning case priority
• Conducting preliminary reviews
• Opening and closing cases
• Preserving evidence
• Requesting medical records
• Coordinating with legal counsel
• Calculating overpayments
• Referring credible allegations
• Reporting to regulators
• Recovering identified overpayments
• Appealing or resolving provider disputes
• Monitoring providers after corrective action
• Protecting whistleblowers and confidential sources

HHS-OIG advises that fraud complaints should include as much specific information as possible because detailed allegations are more likely to support a meaningful investigation.

Source: HHS-OIG – Before You Submit a Complaint

Case files should clearly document what was alleged, what was reviewed, what evidence was obtained, how the evidence was evaluated, and why the organization reached its conclusion.

A regulator or external investigator should be able to follow the reasoning without reconstructing the entire investigation.

The Role of Claims Analytics and Provider Profiling

Traditional investigations are often reactive. A complaint, whistleblower report, audit finding, or unusual claim triggers the review.

Claims analytics allow the SIU to become more proactive.

Provider profiling can help identify:

• Sudden billing increases
• Unusual procedure combinations
• Excessive modifier utilization
• High units or service frequency
• Duplicate billing
• Unbundled services
• Global-period conflicts
• Services inconsistent with specialty
• Unsupported place-of-service patterns
• Billing outside expected member demographics
• Repeated use of terminated or invalid codes
• Outlier behavior compared with similar providers
• Billing activity inconsistent with authorization data

Analytics do not prove fraud. They identify activity that deserves review.

That distinction is critical. Automated tools should support professional judgment, not replace it. Investigators must consider contracts, policies, clinical circumstances, documentation, provider explanations, and applicable regulatory guidance before drawing conclusions.

FWA and SIU Software that can help with research and investigations

An SIU should be evaluated using a balanced set of operational and financial measures. Useful measures may include:

• Cases opened and closed
• Average investigation cycle time
• Dollars recovered
• Payments prevented
• Provider education completed
• Corrective action plans implemented
• Referrals submitted
• Referral acceptance rates
• Investigations resulting from analytics
• Repeat issues after case closure
• Provider monitoring outcomes
• Payment policies changed
• Claims edits implemented
• Encounter-data corrections
• Regulatory deadlines met
• Investigation backlog
• Return on investment



Not every successful investigation produces a recovery. Some result in policy clarification, provider education, contract amendments, stronger claims edits, improved documentation, or confirmation that the billing was appropriate.

Those outcomes still have value.

PCG Software’s Virtual Examiner® analyzes claims and historical billing activity to identify potential coding, reimbursement, compliance, payment integrity, and fraud, waste, and abuse concerns.

Virtual Examiner® can assist SIU and payment integrity teams by identifying:

• Provider billing trends
• Duplicate and overlapping services
• Unbundling concerns
• Modifier issues
• Global-period conflicts
• Frequency and utilization anomalies
• Diagnosis-to-procedure conflicts
• Specialty-related billing inconsistencies
• Potential overpayments
• Claims requiring additional manual review

Virtual Reporter® allows authorized personnel to organize findings, evaluate provider patterns, create targeted audit scenarios, document reviews, and support investigative workflows.

The software does not determine that fraud occurred. Final investigative, clinical, legal, payment, and reporting decisions remain with the payer and its authorized personnel.



Used properly, claims analytics can help SIU teams spend less time manually searching for possible cases and more time evaluating the claims, providers, and patterns most likely to require attention.

Final Considerations

An effective SIU requires more than investigators. It requires reliable data, defensible procedures, experienced personnel, executive support, legal coordination, clinical expertise, and technology capable of identifying patterns that cannot be efficiently detected through individual claim review.

Health plans should periodically evaluate whether their fraud control program can answer five basic questions:

1. 
   
2. Are we consistently identifying suspicious billing activity?
3. Are we investigating credible allegations promptly and objectively?
4. Are our conclusions supported by clear evidence?
5. Are we reporting and referring cases when required?
6. Are we using investigation findings to prevent the same problem from recurring?

When the answer to any of these questions is uncertain, the organization may have more than an investigative gap. It may have a financial, compliance, and operational risk that continues to grow with every claim cycle.

CLICK HERE TO LEARN MORE ABOUT VIRTUAL EXAMINER