Note: All xpostfactoid subscriptions are now through Substack alone (still free), though I will continue to cross-post on this site. If you're not subscribed, please visit xpostfactoid on Substack and sign up
Scout's honor won't cut it |
Early this month, CMS released its annual proposal to update various rules governing the ACA marketplace, the Notice of Benefit and Payment Priorities (NBPP) for 2026. In one section, CMS proposes to clarify and perhaps expand upon its ability to swiftly suspend health insurance agents, agencies, and web-brokers (commercial enrollment platforms) suspected of fraud.
The proposed rule clarifies the conditions under which CMS will do what it is already doing under existing authority: Seek out and immediately suspend individuals* and entities whose enrollment records suggest a pattern of unauthorized enrollments and plan-switching and/or falsified income or eligibility information. Systemic failure to protect clients’ personally identifiable information is also grounds for immediate suspension.
In clarifying its authority and intent to act swiftly to shut down agent fraud, CMS acknowledges that such fraud has escalated in the past year:
Since the start of PY 2024 Open Enrollment, we have seen an increase in complaints from enrollees, applicants, and other individuals and entities to the Agent/Broker Help Desk regarding enrollments submitted without enrollee or applicant consent, enrollee or applicant eligibility applications submitted with incorrect information and without enrollee or applicant review or confirmation of the eligibility application information, and changes to enrollee or applicant eligibility applications made without enrollee or applicant consent.
The patterns of fraudulent behavior CMS states it will seek out closely mirror the allegations in the putative class action lawsuit filed (and amended here) against agencies TrueCoverage and Enhance Health and TrueCoverage’s captive web-brokers, BenefitAlign and Inshura, which CMS suspended this past August. (Inshura is simply TrueCoverage’s rebranding of the Enhanced Direct Enrollment platform BenefitAlign.) Indeed, the allegations of fraud patterns in the proposed rule read in part rather like an answer to the suit BenefitAlign filed to force CMS to lift its suspension (CMS’s fourth suspension of TrueCoverage, Inshura and/or BenefitAlign since 2018). Among the suit allegations echoed in the proposed rule changes:
Monitoring web-brokers (EDE platforms)
Past investigations using system monitoring data have borne results that show a connection between potentially noncompliant, fraudulent, or abusive behavior and the trends we monitor. For example, we monitor the number of unsuccessful person searches on approved Classic DE and EDE partner sites because, in our experience, there is often a correlation between a high volume of unsuccessful person searches and noncompliant, fraudulent, or abusive behavior. The person search feature is intended to help agents, brokers, and web-brokers find consumer applications to prevent duplicate enrollments, but in our experience, bad actors use this feature to find applications and make plan changes or NPN changes without consumer knowledge or consent, negatively impacting the consumer and compliant agents, brokers, and web-brokers.
(The recently-suspended BenefitAlign alleges in its suit that it processed 1.6 million enrollment applications in Open Enrollment for PY 2024.)
Monitoring agencies
Discovering agency-wide resources, such as company practices or directives, training manuals, or marketing material that suggests agency endorsement of or involvement in misconduct or noncompliant behavior or activities is another source of information we would use to determine whether to engage in a compliance review or take an enforcement action…
we have seen agency documentation instructing agents and brokers who work at the agency to fabricate enrollee or applicant incomes on eligibility applications submitted to the FFEs or SBE–FPs to ensure the enrollee or applicant has a zero-dollar policy….
Additionally, as part of these investigations and actions, we have reviewed agency procedures and directives instructing agents and brokers who work at the agency to not speak with the enrollee or applicant prior to enrolling them in a plan.
Monitoring agents
A non-exhaustive list of agent or broker data we monitor to identify behaviors or activities that may be indicative of misconduct or noncompliance with applicable HHS Exchange standards or requirements includes: (1) the number of Exchange transactions submitted to the FFEs or SBE–FPs to change enrollee or applicant eligibility application information or plan selections, (2) the volume of person search activities, (3) the number of submitted eligibility applications with missing Social Security Numbers (SSNs), (4) the number of enrollments submitted within a specified timeframe, and (5) the volume of submitted eligibility applications with NPN changes. We also review and consider complaints from enrollees, applicants, and other individuals or entities concerning agent and broker activities.
In elaborating its intent to respond to suspicious activity with immediate suspensions, CMS stresses that it already has the authority to do this. Part of the proposed rule is devoted to affirming CMS’s intent to focus not just on individual agents but also on agencies that employ many agents and exhibit a pattern of encouraging or mandating noncompliant behavior. CMS notes that some 640,000 enrollments record the National Producer Number (NPN) of an agency, rather than an individual agent. In cases where agency-level misconduct is suspected, CMS affirms its intent to direct enforcement action “at the lead agent(s) and any other agent, broker, or web-broker who is discovered to be involved in the misconduct or noncompliant activity.”
While CMS points toward a significant number of enrollments that show an agency’s NPN rather than an individual’s, agents who have had their clients poached complain that when rogue individual agents are identified, there is often nothing to tie them to an agency that may be training and directing them in bad practice. Hence, perhaps, CMS’s emphasis on analyzing EDE data (hello, BenefitAlign) and getting hold of actual agency training materials as well as on including applications with agency NPNs in its analysis.
With regard to imposing immediate suspensions of agents, agencies and web-brokers suspected of fraud or noncompliance, CMS stresses that it already has that authority. Its only proposed change to the existing provision granting that authority, CFR 45 § 155.220 (k)(3), is the addition italicized below:
HHS may immediately suspend the agent's or broker's ability to transact information with the Exchange if HHS discovers circumstances that pose unacceptable risk to the accuracy of the Exchange's eligibility determinations, Exchange operations, applicants, or enrollees, or Exchange information technology systems, including but not limited to risk related to noncompliance with the standards of conduct under paragraph (j)(2)(i), (ii), or (iii) of this section and the privacy and security standards under § 155.260, until the circumstances of the incident, breach, or noncompliance are remedied or sufficiently mitigated to HHS' satisfaction.
The first part of the federal code alluded to, paragraph (j)(2)(i), (ii), or (iii) of CFR 45 §155.220, lays out the conditions generally violated by the agent fraud or sloppy practice that’s come into focus recently. These include requirements that the agent provide both the client and the marketplace with accurate information; document that the client has taken positive action to affirm that the information provided to the marketplace is accurate; provide contact information that verifiably belongs to the client; provide an income estimate calculated by the client; and document that the client has taken action to confirm consent for the agent to assist with the application.
As much of the fraud of the past year-plus was at least initially enabled by vague rules concerning the obtaining of client consent, the NBPP also proposes modifying a Model Consent Form created in 2023 as part of the 2024 NBPP. The update would “include a section for documentation of consumer review and confirmation of the accuracy of their Exchange eligibility application information.” Startlingly, CMS confesses, “Until we finalized new requirements related to consumer consent in the 2024 Payment Notice, there was no mandate to document the receipt of consent of the consumer or their authorized representative, or to maintain such documentation.” That was the loophole that the unauthorized plan-switching/unauthorized enrollment gravy train drove through. While the requirement was in place for Plan Year 2024, enforcement lagged behind.
The second section of CFR 45 alluded to above, §155.260, lays out the exchange’s responsibility to protect applicants’ personally identifiable information (PII) and the responsibility of non-exchange entities that gain access to PII to maintain the security of that information. CMS cited failure to protect PII (by sharing it with overseas subsidiaries) in suspending the EDE BenefitAlign.
CMS more or less explicitly states that the purpose of the proposed added language is to send a message:
Though we believe our current authority in § 155.220(k)(3) allows HHS to implement system suspensions broadly based on circumstances that pose unacceptable risk to Exchange operations or Exchange information technology systems, in light of the increasing complaints about unauthorized enrollments, we propose amendments to § 155.220(k)(3) to increase transparency concerning the reach and application of system suspensions and more accurately capture in regulation when HHS may invoke this authority. These proposed amendments would allow HHS to immediately respond to discovered risks to the accuracy of Exchange eligibility determinations, Exchange operations, applicants, or enrollees, or Exchange information technology systems. They would also provide agents and brokers with an increased understanding of our approach to implement system suspensions. The proposed amendments would also better encapsulate the original intent of the § 155.220(k)(3) suspension authority, which included protecting against unacceptable risk to consumer Exchange data.
Agents and agencies are thereby placed on notice: ‘We will shut you down if you can’t document that your clients have attested to the accuracy of information provided on the application and confirmed their permission for you to act on their behalf.’
* Suspension under the provision in question, CFR 45 §155.220 (k)(3), does not terminate an agent’s registration with the marketplace, and agents can submit evidence that the suspension is unwarranted, or that the flagged conduct has been remedied or mitigated to HHS’ satisfaction. Agents suspended under this provision can continue to assist clients with enrollment, either by phone or “side-by-side” on Healthcare.gov, but not independently on an EDE platform. Suspension under other provisions, §155.220 (f) or (g), in contrast, suspend or terminate the agent’s exchange agreement.
Thanks for reading xpostfactoid! Subscribe for free:
Photo by Bryce Carithers
No comments:
Post a Comment