PBM audits may reveal a window of opportunity for providers to significantly reduce potential liability to government payors. Health Law Alliance specializes in the defense of PBM audits, and routinely assists clients to manage PBM audit risk through strategic planning, including consideration of OIG-self disclosures.
If asked, every single provider would say that nothing good can come from a PBM audit. And they would be exactly right. Almost.
The One (and Only) Benefit of a Discrepant PBM Audit
There is one scenario (only one) in which a PBM audit may be helpful to provide notice of potential risk, and permit a small window of time in which to react. Specifically, PBM audits can be viewed as the "canary in a coal mine" because a discrepant PBM audit may signal that a broader government investigation will follow.
So you ask, how can a PBM audit possibly be a good thing? The answer is simple: if the PBM audit reveals concerns regarding the audit sample that apply to a broader universe of potentially problematic claims.
The following example helps illustrate the point: CVS Caremark conducts an audit that targets a high-reimbursing item paid by Medicaid and commercial plans. During the audit, physicians deny prescribing the item, and patients claim they never received and did not use the item. The pharmacy obtains a few attestations, but CVS reverses the claims and recoups from reimbursements due the pharmacy.
The Severe Downside to a Discrepant PBM Audit
Now, at this point, many providers would conclude that CVS has been satisfied, the audit is finished, and the matter closed. In many scenarios, they could not be more wrong.
PBMs and other MCOs are obligated to refer cases to government regulators that involve potential or suspected fraud, waste or abuse. In the example above, CVS determined that its investigative findings required a referral to the State's MFCU, with whom CVS maintains close relations because CVS hires many former government investigators after they leave public service. Accordingly, CVS's referral is readily accepted, and the State commences an investigation.
Ultimately, the MFCU concludes that the pharmacy was billing the high-reimbursing item improperly because it was offering kickbacks to physicians for the referrals in the form of prior-authorization support. The pharmacist is threatened with criminal prosecution or a lawsuit under the False Claims Act involving treble damages and crushing mandatory penalties. This exact fact-pattern plays out everyday across the country.
The Window of Opportunity Presented by a Discrepant PBM Audit
In our example, the window of opportunity presented by the audit has closed, and the provider's options are far more limited. Had the pharmacist made a self-disclosure, it is possible that this scenario would have been avoided. Specifically, OIG operates a voluntary forgiveness program, referred to as the Self-Disclosure Protocol (SDP), that providers can use to significantly reduce their risk at any point prior to the commencement of a government investigation. Accordingly, if a provider becomes aware of potentially invalid claims, whether through an audit or not, a voluntary OIG disclosure can be made to prevent a larger problem.
The OIG's Self-Disclosure Protocol applies to a wide range of conduct, including potential fraud and violations of federal criminal, civil, or administrative laws, including violations of the Anti-Kickback Statute and false billing. In conclusion, after the PBM audit in our example, the provider had an opportunity to self-report using OIG's Self-Disclosure Protocol across all potentially problematic claims, not just the ones that were subject to audit.
Whether an OIG Self-Disclosure is Right for You
The preparation and filing of an OIG self-disclosure can be complicated and time-consuming, so consideration should be given at the outset of any audit whether to begin preparations for a disclosure. Finally, an OIG self-disclosure ensures that the government claims are paid, which often does not happen when a PBM imposes recoupment.
HLA routinely assists providers to evaluate the best possible strategy for responding to a PBM audit or government inquiry. At times, that strategy may involve an OIG self-disclosure. Click HERE to schedule a free consultation today and speak to one of our experienced healthcare defense attorneys regarding whether an OIG disclosure is right for you.
MORE ARTICLES BY CATEGORY
OMIG Audit Defense New York: What the 2026 Work Plan Means for Providers
Every year, the New York Office of the Medicaid Inspector General (OMIG) releases its Work Plan outlining enforcement priorities. The 2026 plan sends a clear signal that Medicaid providers in New York are entering a far more aggressive enforcement environment.
Read More >>PBM Member Denial Audit Findings: A Growing Threat to Pharmacies
Pharmacies undergoing a Pharmacy Benefit Manager (PBM) audit are typically prepared to address inventory discrepancies and documentation issues. What many are not prepared for, however, is the increasing use of PBM member denial findings, allegations that a patient claims they did not receive and/or did not authorize the dispensing of a medication for which a claim was submitted.
Read More >>From Minor PBM Audit Finding to Major Liability: How Small Issues Trigger Big Consequences
Pharmacies often approach a PBM audit with the understanding that small discrepancies and modest recoupments are simply part of doing business. In today’s enforcement landscape, that assumption is no longer safe.
Read More >>HLA’s Latest PBM Win Highlights the Dangers of Inventory Discrepancies
Inventory discrepancies are one of the first things PBMs look for during an audit. Even minor clerical errors like entering the incorrect NDC or failing to return a medication to stock can snowball, creating major financial risks that could place your pharmacy in jeopardy.
Read More >>
