Compliance Programs:
Ineffective Programs Can Create “False Claims Act” Liability

 
  1. Introduction

On September 23, 2004, the United States District Court for the Eastern District of Pennsylvania issued a decision in the case of United States v. Merck-Medco Managed Care, LLC. This is a "qui tam" (“who sues on behalf of the king as well as for himself”) case that the Government brought against Merck-Medco for violation of the False Claims Act, 31 USC 3729 and the Anti-Kickback Act of 1986, 41 USC 52. Medco is a pharmacy benefit manager (PBM) that was a subcontractor to Blue Cross Blue Shield Association under a prime contract with the U. S. Office of Personnel Management (OPM). Medco was obligated to provide drug benefits to employees of the United States Government under their health plan that was managed by OPM.

The Government alleged that Merck-Medco made false statements and cancelled or destroyed mail order prescriptions to avoid paying penalties for delays in filling orders (“Liquidated Damages”), billed for prescriptions containing less than the required number of pills, created false records showing that physicians had been contacted to discuss various issues when no such contact took place, fraudulently induced physicians to authorize drug switches, and favored Merck drugs over other manufacturers even though Merck drugs were more expensive and may not have been prescribed by the attending physician.

“Qui Tam” is a provision of the False Claims Act, originally enacted in 1863 and later amended in 1986, that allows a private citizen to bring an action in the name of the United States charging fraud by government contractors and other entities that receive or use government funds, and share in any money recovered. The False Claims Act has both a civil and a criminal section. The Act makes it illegal for a government contractor to:

(1) knowingly present, or causes to be presented, to an officer or employee of the United States Government or a member of the Armed Forces of the United States a false or fraudulent claim for payment or approval;

(2) knowingly makes, uses, or causes to be made or used, a false record or statement to get a false or fraudulent claim paid or approved by the Government;

(3) conspires to defraud the Government by getting a false or fraudulent claim allowed or paid;

(4) has possession, custody, or control of property or money used, or to be used, by the Government and, intending to defraud the Government or willfully to conceal the property, delivers, or causes to be delivered, less property than the amount for which the person receives a certificate or receipt;

(5) authorized to make or deliver a document certifying receipt of property used, or to be used, by the Government and, intending to defraud the Government, makes or delivers the receipt without completely knowing that the information on the receipt is true;

(6) knowingly buys, or receives as a pledge of an obligation or debt, public property from an officer or employee of the Government, or a member of the Armed Forces, who lawfully may not sell or pledge the property; or

(7) knowingly makes, uses, or causes to be made or used, a false record or statement to conceal, avoid, or decrease an obligation to pay or transmit money or property to the Government,

According to the False Claims Act, the terms “knowing” and “knowingly” mean that a person, with respect to information —

(1) has actual knowledge of the information;

(2) acts in deliberate ignorance of the truth or falsity of the information; or

(3) acts in reckless disregard of the truth or falsity of the information, and no proof of specific intent to defraud is required.

  1. Alleged violations of the False Claims Act

This Government stated that Merck-Medco violated the False Claims Act by (A) presenting or causing to present to an agent of the United States a claim for payment; (B) the claim was false or fraudulent; and (3) Merck-Medco knew the claim was false or fraudulent. 31 U.S.C. 3729(a)(1). The Government also stated that Merck-Medco (C) made, used, or caused to be made or used, a record or statement to get a claim against the Government paid or approved; (D) the record or statement and the claim were false or fraudulent; (E) Merck-Medco knew that the record or statement and the claim were false or fraudulent; and (F) the United States suffered damages as a result. 31 U.S.C. 3729(a)(2).

Under subsection (a)(1) above, the Government was not required to prove that the false claims at issue actually harmed the Government, merely that the statements would have and could have. Under Subsection (a)(2) above, the Government must prove that the United States actually suffered harm. The Court stated that the False Claims reaches all fraudulent attempts to cause the Government to pay out sums of money.

In order to prove its case, the Government had to allege that Merck-Medco, at the time it submitted its false or fraudulent claim, (A) had actual knowledge of the information; or (B) acted in reckless disregard or deliberate ignorance of the truth or the falsity of the information. 31 U.S.C. 3729(b).

  1. Compliance

In this case, the Government claimed that Merck-Medco's compliance programs were either non-existent or insufficient, in satisfaction of the “reckless” requirements stated above. The decision does not explain the extent of the Merck-Medco compliance program, but the Court clearly ruled that the company submitted false claims in reckless disregard of their falsity. The decision does not state that upper management had any actual knowledge that the claims submitted by Merck-Medco were false, but it infers that the compliance program that was in place at Merck-Medco clearly was not sufficient to detect and prevent the false claims. Evidently, the Government was not able to conclusively prove that executives and directors of the company had (A) actual knowledge of the alleged false invoicing, or (B) sufficient involvement in the billing process to have “reckless disregard” or “deliberate ignorance” of the false claims submitted to Blue Cross Blue Shield.

The Government asserted in its complaint that Merck-Medco acted in “deliberate ignorance” of the falsity of the claims by acting “with reckless disregard or deliberate ignorance of the truth or falsity of the information it submitted to the United States and its contractors in support of its claims.” The Government claimed that “this reckless disregard or deliberate ignorance arose because:”

  1. The members of the Board of Directors and the Officers of the company “failed to satisfy their obligation to assure that the information and reporting systems exist in the organization that are reasonably designed to provide senior management and to the Board itself timely, accurate information sufficient to allow management and the Board…concerning the corporations compliance with the law”
  2. Merck-Medco “failed to implement a corporate compliance program which satisfied the requirements of proper corporate practice and Delaware law.”
  3. The compliance program in place was not reasonably capable of reducing the prospect of misconduct. According to the Government, “most employees were either entirely unaware of the existence of such a program or were not familiar with its details”
  4. There was no specific high-level personnel within Merck-Medco with direct responsibility for overseeing compliance with direct access to the CEO and the Board of Directors
  5. There was no compliance officer within Merck-Medco with responsibility for independently investigating and acting on matters related to compliance, including...designing and coordinating internal investigations
  6. When an internal investigation did occur, an affected executive would conduct the review but was not required to report the findings to the Board
  7. There were no effective methods of monitoring, auditing, or reporting on compliance
  8. There was no effective anonymous hotline
  9. There was no effective protection of whistleblowers
  10. There was no consistent enforcement through corrective actions
  11. Medco had no systems to assure reasonable steps to respond to reported offenses including detection and investigation of reported violations
  12. There was no code of ethics in place at Merck-Medco.
  1. Sentencing Guidelines

The United States Sentencing Commission has issued a guide to courts that, in part, describe events that may mitigate any substantial fines or other punishment that may be imposed on a corporation for violation of criminal statutes. This guide offers some factors that may be considered when deciding whether to mitigate the culpability of a corporation when a violation of law has occurred. These items include but are not limited to:

  1. An “effective program to prevent and detect violations of law” means a program that has been reasonably designed, implemented, and enforced so that it generally will be effective in preventing and detecting criminal conduct. Failure to prevent or detect the instant offense, by itself, does not mean that the program was not effective. The hallmark of an effective program to prevent and detect violations of law is that the organization exercised due diligence in seeking to prevent and detect criminal conduct by its employees and other agents. Due diligence requires at a minimum that the organization must have taken the following types of steps:
    1. The organization must have established compliance standards and procedures to be followed by its employees and other agents that are reasonably capable of reducing the prospect of criminal conduct.
    2. Specific individual(s) within high-level personnel of the organization must have been assigned overall responsibility to oversee compliance with such standards and procedures.
    3. The organization must have used due care not to delegate substantial discretionary authority to individuals whom the organization knew, or should have known through the exercise of due diligence, had a propensity to engage in illegal activities.
    4. The organization must have taken steps to communicate effectively its standards and procedures to all employees and other agents, for example, by requiring participation in training programs or by disseminating publications that explain in a practical manner what is required.
    5. The organization must have taken reasonable steps to achieve compliance with its standards, for example, by utilizing monitoring and auditing systems reasonably designed to detect criminal conduct by its employees and other agents and by having in place and publicizing a reporting system whereby employees and other agents could report criminal conduct by others within the organization without fear of retribution.
    6. The standards must have been consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense. Adequate discipline of individuals responsible for an offense is a necessary component of enforcement; however, the form of discipline that will be appropriate will be case specific.
    7. After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses, including any necessary modifications to its program to prevent and detect violations of law.
  2. The precise actions necessary for an effective program to prevent and detect violations of law will depend upon a number of factors. Among the relevant factors are:
    1. Size of the organization. The requisite degree of formality of a program to prevent and detect violations of law will vary with the size of the organization: the larger the organization, the more formal the program typically should be. A larger organization generally should have established written policies defining the standards and procedures to be followed by its employees and other agents.
    2. Likelihood that certain offenses may occur because of the nature of its business. If because of the nature of an organization's business there is a substantial risk that certain types of offenses may occur, management must have taken steps to prevent and detect those types of offenses. For example, if an organization handles toxic substances, it must have established standards and procedures designed to ensure that those substances are properly handled at all times. If an organization employs sales personnel who have flexibility in setting prices, it must have established standards and procedures designed to prevent and detect price-fixing. If an organization employs sales personnel who have flexibility to represent the material characteristics of a product, it must have established standards and procedures designed to prevent fraud.
    3. Prior history of the organization. An organization's prior history may indicate types of offenses that it should have taken actions to prevent. Recurrence of misconduct similar to that which an organization has previously committed casts doubt on whether it took all reasonable steps to prevent such misconduct.

An organization's failure to incorporate and follow applicable industry practice or the standards called for by any applicable governmental regulation weighs against a finding of an effective program to prevent and detect violations of law.

Although the guidelines do not ensure escape from some punishment, they provide good examples of what preventive actions the government will consider as being a good faith effort to prevent or detect some type of variance from statute and regulation.

  1. What should be done?

The Merck-Medco case is the first time that a contractor has been adjudged in violation of a criminal statute in part because their compliance program was substandard and insufficient. Therefore, some suggestions to strengthening the compliance program are:

  1. Prepare and publish a code of conduct for your company as quickly as possible if it is not already promulgated.
  2. The Manager of Compliance must be designated as a high-level position with direct responsibility for all compliance actions, and who has direct access to the Chief Executive Officer and the Board of Managers.
  3. The Manager of Compliance must be given the authority and responsibility for independently investigating and acting on matters related to statutes and regulations that require the company to act or not act in certain ways.
  4. All employees of the company must be informed of the existence and the details of the company's compliance program
  5. Regular reports, at least quarterly, must be given to the Board of Directors regarding any internal investigations.
  6. Establish periodic internal audits and establish methods of monitoring compliance and continuously monitor the hotline for notices of violations and protect reporters.
  7. Initiate any internal investigation based upon credible information concerning reported offenses.
  8. Consistently enforce company policies and procedures through corrective action.
  1. Penalties for Violation

A contractor is liable to the Government for a civil penalty of not less than $5,000 and not more than $10,000 for each false claim plus three (3) times amount of damages which the Government sustains because of the false claims. Each invoice is routine claim against the government, so each invoice submitted to the Government that is false is subject the civil penalty. If an employee knowingly (A) submits a false or fraudulent claim against the Government, he or she may be subject a fine of $25,000 and imprisonment of five (5) years; and (B) makes false or misleading statements to the Government regarding the claims submitted, that person may be subject to a fine of $10,000 and imprisonment for up to five (5) years for each false statement.

  1. Moral of the Story

Protect yourself and your company to the greatest extent possible by implementing and enforcing a vibrant compliance program within the company without delay!! The longer you delay implementing such a government contract compliance program, your company is at risk. Regardless of your company size, the Justice Department will not hesitate to prosecute your company for violations of the False Claims Act of other felonies and fraud, waste, and abuse.

Tom Petruska, Owner
Contract Unlimited Incorporated

Do you need assistance with Compliance Programs or other contracting issues?


The foregoing is not legal advice nor is it a legal opinion. Please contact your attorney for legal advice.