The Compliance Trifecta: FCA, AKS & Stark — What Actually Puts Providers at Risk 

By Faina Vardanyan, Billing Department, WCH 

A practical guide to federal fraud and abuse regulations — and why understanding them is your best protection against audit, penalty, and claim denial. 

Federal enforcement of healthcare fraud and abuse laws has never been more aggressive. In 2025 alone, the National Health Care Fraud Takedown resulted in charges against 324 defendants, with a combined financial impact of $14.6 billion. For providers — whether solo practitioners or large group practices — understanding the three cornerstone laws of healthcare compliance is not optional. It is operational survival. 

The Three Laws at a Glance 

False Claims Act (FCA) Prohibits submitting fraudulent claims to federal healthcare programs. Covers knowingly submitted false or fraudulent claims, including those resulting from reckless disregard or failure to correct identified errors.

Anti-Kickback Statute (AKS)  Criminalizes offering, paying, or receiving anything of value to induce or reward referrals reimbursable by federal programs.

Stark Law   A strict-liability civil law prohibiting physician self-referrals to entities providing Designated Health Services (DHS).

SECTION 1. STARK LAW: THE SELF-REFERRAL PROHIBITION 

Stark Law — formally the Physician Self-Referral Law — prohibits a physician from referring patients to receive Designated Health Services (DHS) payable by Medicare or Medicaid if the physician (or an immediate family member) has a financial relationship with the entity providing those services, unless a specific exception applies. 

Designated Health Services include: clinical laboratory services, physical and occupational therapy, imaging (MRI, CT, ultrasound), radiation therapy, durable medical equipment, home health services, and inpatient/outpatient hospital services. 

A prohibited referral occurs when all three elements are simultaneously present: a physician referral, a DHS service, and a qualifying financial relationship. Stark defines financial relationships as either ownership/investment interests or compensation arrangements — and even indirect ownership through another organization can qualify. 

Key Exceptions (Must Be Fully and Continuously Met) 

Stark is not violated if a recognized exception is fully satisfied. The most commonly applicable exceptions in everyday practice include: 

• In-Office Ancillary Services Exception — allows a group practice to perform and bill for certain ancillary services (like lab work) within the same practice, under specific supervision and billing requirements. 

• Bona Fide Employment Exception — allows hospitals to pay employed physicians a salary and productivity bonus, provided compensation reflects fair market value and is not tied to DHS referral volume. 

• Personal Services / Independent Contractor Exception — applies to written contracts with set, FMV compensation for identified services (e.g., medical directorships, quality consulting). 

• Space and Equipment Rental Exceptions — permit rental arrangements that reflect FMV, are fixed in advance, and do not vary with referral volume. 

Stark violations do not require intent. Even a good-faith arrangement that fails to meet every element of an exception can result in claim denials, mandatory refunds, civil monetary penalties, and False Claims Act exposure — regardless of whether the referrals were medically appropriate. 

SECTION 2. ANTI-KICKBACK STATUTE: INTENT AND REMUNERATION 

Unlike Stark Law, the Anti-Kickback Statute (AKS) is a criminal statute that requires intent. It prohibits knowingly offering, paying, soliciting, or receiving anything of value — directly or indirectly — to induce or reward referrals of items or services reimbursable under federal healthcare programs. 

The AKS definition of “remuneration” is intentionally broad: it encompasses cash, gifts, free services, inflated compensation, discounts, and non-monetary benefits. There is no safe “small dollar” threshold — even nominal value can trigger the statute if one purpose of the arrangement is to influence referrals. 

AKS Safe Harbors 

The OIG has established regulatory safe harbors that, if fully met, protect an arrangement from AKS prosecution. Common safe harbors relevant to billing and practice management include: 

• Bona Fide Employment — compensation to employees for legitimate services, even productivity-based, provided it does not reward improper referrals. 

• Personal Services and Management Contracts — requires a written agreement, pre-set FMV compensation, and commercially reasonable terms. 

• Space and Equipment Rental — must reflect FMV, be set in advance, and not vary with referral volume. 

• Discount Safe Harbor — discounts from vendors are permitted if properly disclosed and accurately reported to federal programs. 

“The legal focus under AKS is not the amount alone — but whether one purpose of the arrangement is to induce referrals. A billing company paid on a percentage of collections, or a practice offering free services to attract federally-reimbursed patients, may face scrutiny regardless of how the arrangement is labeled.” 

SECTION 3. HOW ENFORCEMENT AGENCIES ACTUALLY FIND YOU 

Modern enforcement is data-driven and proactive. The Centers for Medicare & Medicaid Services (CMS) and the Office of Inspector General (OIG) do not wait for complaints. They analyze billing patterns systematically and flag outliers for review. 

Real-world enforcement outcomes: 

• $14.6B — Financial impact of the 2025 National Health Care Fraud Takedown 

• $345M — Community Health Network Stark/AKS settlement, 2024 

• $160M — Arriva Medical / Alere Inc. AKS settlement 

Specific patterns that trigger audit selection include: high frequency of Modifier 25 appended to minor procedures; excessive use of Modifier 59 to override NCCI edits; disproportionate distribution of Level 4 or 5 E/M codes compared to specialty benchmarks; abnormal telehealth utilization under Modifier 95; and significant increases in billing volume without a corresponding growth in providers or patient population. 

Enforcement mechanisms include data mining and outlier analysis, Comparative Billing Reports (CBRs), pre- and post-payment medical review, whistleblower (qui tam) actions under the False Claims Act, and overpayment tracking and refund monitoring. 

SECTION 4. HIGH-RISK AREAS BILLING TEAMS MUST MONITOR 

Many violations arise not from intentional fraud but from operational gaps in billing processes. The following represent the highest-risk areas in day-to-day medical billing: 

• Upcoding or downcoding E/M services — selecting a code level not supported by the clinical documentation. 

• Improper modifier use — applying Modifiers 25, 59, or 95 without the documentation to support them. 

• Unbundling services — billing separately for components that should be reported as a single bundled code. 

• Billing for services not rendered or not medically necessary — including cloned documentation or unsupported time statements. 

• Failure to return identified overpayments — retaining known overpayments beyond 60 days converts an error into a potential False Claims Act violation. 

SECTION 5. WHAT A STRONG COMPLIANCE PROGRAM LOOKS LIKE 

Compliance is not a legal department function — it is an operational responsibility shared across billing teams, clinical staff, administrators, and leadership. A structured compliance program for any practice or billing organization should include: 

• Regular risk assessments and scheduled internal audits with documented findings and corrective action plans 

• Monitoring of NCCI edit overrides, denial trends, and E/M distribution against specialty benchmarks 

• Ongoing education and training for billing and coding staff on Medicare rules, fraud and abuse laws, and payer-specific requirements 

• A designated Compliance Officer responsible for program implementation, periodic reviews, and staff education 

• Clear, anonymous reporting mechanisms for compliance concerns and consistent disciplinary standards 

• Legal consultation as part of routine compliance review — especially when evaluating new compensation arrangements or responding to payer audit findings 

“Billing teams, administrators, providers, and leadership must understand how financial relationships, documentation standards, and coding decisions intersect with federal law. Proactive compliance is always less costly than reactive defense.” 

SECTION 6. THE BILLING COMPANY’S ROLE IN YOUR COMPLIANCE 

Your billing partner is not a passive processor — they are a front-line participant in your compliance posture. Billing companies that flag anomalous coding patterns, track modifier utilization against benchmarks, alert providers to documentation gaps, and refuse to submit claims without adequate clinical support are actively protecting both parties from enforcement risk. 

Conversely, a billing company that operates on percentage-based compensation tied to Medicare collections, offers free services to attract federally-reimbursed clients, or ignores repeated payer audit findings may itself become a compliance liability for your practice. 

When evaluating or working with a billing partner, providers should ask: Does this company conduct proactive internal audits? Do they track denial trends and report findings? Do they maintain certified staff with current knowledge of Medicare rules? Do they have a documented compliance program? 

The answer to those questions determines not only your revenue cycle performance — but your legal exposure. 

YOUR BILLING SHOULD PROTECT YOU, NOT EXPOSE YOU 

At WCH Service Bureau, compliance is built into every step of our billing process — from coding review to denial management. We help providers stay focused on patient care while we stay focused on keeping your claims clean, accurate, and audit-ready. 

Talk to WCH about your billing: wchsb.com 

SOURCES & REFERENCES 

1. U.S. Department of Justice. National Health Care Fraud Enforcement Action, 2025. justice.gov/opa/pr/national-health-care-fraud-enforcement-action 

2. Centers for Medicare & Medicaid Services. Physician Self-Referral (Stark Law). cms.gov/medicare/fraud-and-abuse/physicianselfreferral 

3. Office of Inspector General, U.S. Dept. of Health & Human Services. Anti-Kickback Statute. oig.hhs.gov/compliance/anti-kickback-statute 

4. Office of Inspector General. OIG Compliance Program Guidance for Third-Party Medical Billing Companies. oig.hhs.gov/documents/compliance-guidance/698/cpgbilling.pdf 

5. AAPC Tashkent Local Chapter. The Big Three: FWA, AKS & Stark Law — Educational Webinar by Faina Vardanyan. March 2025. 

6. U.S. Department of Justice. Community Health Network Agrees to Pay $345 Million to Resolve False Claims Act Allegations. 2024. 

7. CMS. Medicare Claims Processing Manual, Chapter 1 — General Billing Requirements. cms.gov/regulations-and-guidance/guidance/manuals 

8. Office of Inspector General. OIG Safe Harbors Under the Anti-Kickback Statute. 42 C.F.R. § 1001.952.