oversight

Audit of the National Association of Letter Carriers Health Benefit Plan Ashburn, Virginia

Published by the Office of Personnel Management, Office of Inspector General on 2013-12-23.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                                                     U.S. OFFICE OF PERSONNEL MANAGEMENT
                                                           OFFICE OF THE INSPECTOR GENERAL
                                                                            OFFICE OF AUDITS




Final Audit Report

Subject:



              AUDIT OF THE
 NATIONAL ASSOCIATION OF LETTER CARRIERS
           HEALTH BENEFIT PLAN
            ASHBURN, VIRGINIA


                                           Report No. 1B-32-00-13-017


                                            Date: December 23, 2013




                                                          --CAUTION--
This audit report has been distributed to Federal officials who are responsible for the administration of the audited program. This audit
report may contain proprietary data which is protected by Federal law (18 U.S.C. 1905). Therefore, while this audit report is available
under the Freedom of Information Act and made available to the public on the OIG webpage, caution needs to be exercised before
releasing the report to the general public as it may contain propriety information that was redacted from the publicly distributed copy.
                                                     AUDIT REPORT



                                    Federal Employees Health Benefits Program
                                            Employee Organization Plan

                           National Association of Letter Carriers Health Benefit Plan
                                 Contract CS 1067                Plan Code 32
                                              Ashburn, Virginia




                       REPORT NO. 1B-32-00-13-017                                  12/23/13
                                                                             DATE: ______________




                                                                               ______________________
                                                                               Michael R. Esser
                                                                               Assistant Inspector General
                                                                                 for Audits




                                                          --CAUTION--
This audit report has been distributed to Federal officials who are responsible for the administration of the audited program. This audit
report may contain proprietary data which is protected by Federal law (18 U.S.C. 1905). Therefore, while this audit report is available
under the Freedom of Information Act and made available to the public on the OIG webpage, caution needs to be exercised before
releasing the report to the general public as it may contain propriety information that was redacted from the publicly distributed copy.
                               EXECUTIVE SUMMARY



                         Federal Employees Health Benefits Program
                                 Employee Organization Plan

                  National Association of Letter Carriers Health Benefit Plan
                        Contract CS 1067                Plan Code 32
                                     Ashburn, Virginia




                REPORT NO. 1B-32-00-13-017                 12/23/13
                                                     DATE: ______________

This final audit report on the Federal Employees Health Benefits Program (FEHBP) operations
at the National Association of Letter Carriers Health Benefit Plan (Plan), located in Ashburn,
Virginia, questions $204,222 in administrative expenses and lost investment income (LII). The
report also includes procedural findings regarding travel costs and the Plan’s Fraud and Abuse
(F&A) Program. The Plan agreed (A) with the questioned charges of $204,222 and the
procedural finding for administrative expenses, but disagreed (D) with the procedural finding
regarding the Plan’s F&A Program.

For the Plan’s F&A Program, we concluded that the effectiveness of this program cannot be
accurately measured and, therefore, we cannot determine the benefits of this program to the
FEHBP. However, we strongly believe that this Plan has a high probability of allowing fraud
and abuse to go undetected and unreported within the FEHBP. The issues regarding the Plan’s
F&A Program are divided into the following five areas of concerns: Lack of Anti-Fraud
Activities and Case Tracking; FEHBP Case Reporting; Vendor Communication; Lack of a
Specific Policy and Procedure Manual; and Costs and Benefits of the Plan’s Special
Investigations Unit.

Our limited scope audit was conducted in accordance with Government Auditing Standards.
The audit covered miscellaneous health benefit payments and credits from 2007 through
September 30, 2012, as well as administrative expenses from 2007 through 2011 as reported in
the Annual Accounting Statements. We also reviewed the Plan’s cash management practices
related to FEHBP funds and the Plan’s F&A Program from 2007 through September 30, 2012.




                                               i
Due to overcharges identified during our review of costs incurred for FEHBP benefit plan
brochures, we expanded our audit scope to also include benefit plan brochure charges in 2012.

The audit results are summarized as follows:

    MISCELLANEOUS HEALTH BENEFIT PAYMENTS AND CREDITS
    The audit disclosed no findings pertaining to miscellaneous health benefit payments and
    credits. Overall, we concluded that the Plan returned health benefit refunds and recoveries,
    including prescription drug rebates, to the FEHBP in a timely manner.

                            ADMINISTRATIVE EXPENSES

•   FEHBP Benefit Brochures (A)                                                         $204,222

    The Plan printed an excessive amount of benefit plan brochures for contract years 2007
    through 2012, resulting in overcharges of $198,776 to the FEHBP. As a result of this
    finding, the Plan returned $204,222 to the FEHBP, consisting of $198,776 for the excess
    printing costs and $5,446 for applicable LII.

•   Travel Costs (A)                                                                 Procedural

    The Plan did not charge travel costs in accordance with the Federal Acquisition Regulations
    (FAR). The FAR limits the amount of travel costs for lodging, meals, and incidental
    expenses that may be charged to a government contract to the maximum federal per diem
    rates on a daily basis. In 2011, despite the regulation, the Plan charged the FEHBP actual
    travel costs incurred for lodging and did not limit charges to the maximum federal per diem
    rates. Although the monetary impact of the samples we reviewed was immaterial, this is a
    procedural issue that potentially could have a material monetary impact in the future if not
    addressed by the Plan.
                                 CASH MANAGEMENT
    The audit disclosed no findings pertaining to cash management. Overall, we concluded that
    the Plan handled FEHBP funds in accordance with Contract CS 1067 and applicable laws
    and regulations.
                           FRAUD AND ABUSE PROGRAM

•   Special Investigations Unit (D)                                                   Procedural

    The Plan’s Special Investigations Unit is not in compliance with Contract CS 1067 and the
    FEHBP Carrier Letters, issued by the Office of Personnel Management (OPM), that are
    related to F&A Programs in the FEHBP. We have determined that the Plan’s F&A Program
    lacks the basic properties, processes, and procedures to detect, prevent, investigate, and
    report all potential fraud and abuse cases to OPM, OPM’s Office of the Inspector General,
    and/or other law enforcement entities.


                                                ii
                                                     CONTENTS
                                                                                                                            PAGE

       EXECUTIVE SUMMARY .............................................................................................. i

 I.    INTRODUCTION AND BACKGROUND .....................................................................1

II.    OBJECTIVES, SCOPE, AND METHODOLOGY .........................................................3

III.   AUDIT FINDINGS AND RECOMMENDATIONS .......................................................6

       A.     MISCELLANEOUS HEALTH BENEFIT PAYMENTS AND CREDITS ...........6

       B.     ADMINISTRATIVE EXPENSES ..........................................................................6

              1. FEHBP Benefit Brochures ................................................................................6
              2. Travel Costs ......................................................................................................7

       C.     CASH MANAGEMENT ........................................................................................8

       D.     FRAUD AND ABUSE PROGRAM ......................................................................8

              1. Special Investigations Unit ...............................................................................8

IV.    MAJOR CONTRIBUTORS TO THIS REPORT ..........................................................26

 V.    SCHEDULE A – CONTRACT CHARGES AND AMOUNTS QUESTIONED

       APPENDIX (National Association of Letter Carriers Health Benefit Plan reply, dated
                July 30, 2013, to the draft audit report)
                     I. INTRODUCTION AND BACKGROUND

INTRODUCTION

This final audit report details the findings, conclusions, and recommendations resulting from our
limited scope audit of the Federal Employees Health Benefits Program (FEHBP) operations at
the National Association of Letter Carriers Health Benefit Plan (Plan). The Plan is located in
Ashburn, Virginia.

The audit was performed by the Office of Personnel Management’s (OPM) Office of the
Inspector General (OIG), as established by the Inspector General Act of 1978, as amended.

BACKGROUND

The FEHBP was established by the Federal Employees Health Benefits (FEHB) Act (Public Law
86-382), enacted on September 28, 1959. The FEHBP was created to provide health insurance
benefits for federal employees, annuitants, and dependents. OPM’s Healthcare and Insurance
Office has overall responsibility for administration of the FEHBP. The provisions of the FEHB
Act are implemented by OPM through regulations, which are codified in Title 5, Chapter 1, Part
890 of the Code of Federal Regulations (CFR). Health insurance coverage is made available
through contracts with various health insurance carriers.

The National Association of Letter Carriers Health Benefit Plan was established in 1950 by the
National Association of Letter Carriers (NALC). In June 1960, NALC entered into a contract
with the Civil Service Commission, which is now the U.S. Office of Personnel Management, to
provide health benefits to federal employees and families. The Plan operates as a separate
division of NALC, with common officers and trustees. The Plan is open to federal government
and postal employees and annuitants who are members of NALC. Certain other individuals are
eligible by conversion from the FEHBP. The Plan covers approximately 231,000 individuals.

The Plan’s contract (CS 1067) with OPM is experience-rated. Thus, the costs of providing
benefits in the prior year, including underwritten gains and losses which have been carried
forward, are reflected in current and future years’ premium rates. In addition, the contract
provides that in the event of termination, unexpended program funds revert to the FEHBP Trust
Fund. In recognition of these provisions, the contract requires an accounting of program funds
be submitted at the end of each contract year. The accounting is made on a statement of
operations known as the Annual Accounting Statement.

Compliance with laws and regulations applicable to the FEHBP is the responsibility of the
Association and Plan management. Also, management of the Plan is responsible for establishing
and maintaining a system of internal controls.

All findings from our previous audit of the Plan (Report No. 1B-32-00-02-102, dated
April 21, 2003) for contract years 1999 through 2001 have been satisfactorily resolved. Also,
there were no findings to resolve from our supplemental audit of the Plan’s pension expenses
(Report No. 1B-32-00-02-110, dated August 1, 2005) for contract years 1998 through 2001.

                                                1
The results of this audit were provided to the Plan in written audit inquiries; were discussed with
Plan officials throughout the audit and at an exit conference; and were presented in detail in a
draft report, dated May 31, 2013. The Plan’s comments offered in response to the draft report
were considered in preparing our final report and are included as an Appendix to this report.




                                                 2
               II. OBJECTIVES, SCOPE, AND METHODOLOGY

OBJECTIVES

The objectives of our audit were to determine whether the Plan charged costs to the FEHBP and
provided services to FEHBP members in accordance with the terms of the contract. Specifically,
our objectives were as follows:

       Miscellaneous Health Benefit Payments and Credits

       •   To determine whether miscellaneous payments charged to the FEHBP were in
           compliance with the terms of the contract.

       •   To determine whether credits and miscellaneous income relating to FEHBP benefit
           payments were returned promptly to the FEHBP.

       Administrative Expenses

       •   To determine whether administrative expenses charged to the contract were actual,
           allowable, necessary, and reasonable expenses incurred in accordance with the terms
           of the contract and applicable regulations.

       Cash Management

       •   To determine whether the Plan handled FEHBP funds in accordance with applicable
           laws and regulations concerning cash management in the FEHBP.

       Fraud and Abuse Program

       •   To determine if the Plan operates an effective Fraud and Abuse (F&A) Program for
           the prevention, detection, and/or recovery of fraudulent claims as required by the
           FEHBP contract.

SCOPE

We conducted our limited scope performance audit in accordance with generally accepted
government auditing standards. Those standards require that we plan and perform the audit to
obtain sufficient and appropriate evidence to provide a reasonable basis for our findings and
conclusions based on our audit objectives. We believe that the evidence obtained provides a
reasonable basis for our findings and conclusions based on our audit objectives.

We reviewed the Plan’s FEHBP Annual Accounting Statements for contract years 2007 through
2011. During this period, the Plan paid approximately $4.9 billion in health benefit charges and




                                                3
$311 million in adminisu·ative expenses (See Figure 1 and Schedule A). The Plan also paid
approximately $38 million in other expenses and retentions (See Schedule A) . 1

Specifically, we reviewed miscellaneous health benefit payments and credits (e.g., reftmds,
subrogation recoveries, hospital and provider audit recoveries, fraud recoveries, prescription
dmg rebates, and other health benefit adjustinents/recoveries), cash management activities (e.g.,
letter of credit drawdowns, working capital adjustments, and interest income), and the Plan ' s
F&A Program from 2007 through September 30, 2012. We also reviewed adminisu·ative
expenses from 2007 through 2011. Due to overchar ges identified during our review of costs
incmTed for FEHBP health benefit brochures, we expanded our audit scope to also include health
benefit brochure charges in 2012.

fu planning and conducting our audit, we
obtained an understanding of the Plan' s                                          NALC Hea lth Benefit Plan
intem al conu·ol stm cture to help detennine                                         Contract Charges

the nature, timing, and extent of our
auditing procedures. This was detennined                        $1,250
to be the most effe ctive approach to select                    $1,000
ar eas of audit. For those areas selected, we             §
                                                          :.:    $750
primarily relied on substantive tests of                  :E
u·ansactions and not tests of conu·ols.                   ...    $500
Based on our testing, we did not identify                        $250
any significant matters involving the Plan 's
                                                                   $0
intem al conu·ol stm cture and its operations .                            2007        2008      2009        2010      201 1
However, since our audit would not
                                                                                            Contract Years
necessarily disclose all significant matters in
the intemal conu·ol stru cture, we do not
                                                                    I:IHealth Benefit Payments   • Administrative Expenses
express an opinion on the Plan's system of
intem al conu·ols taken as a whole .
                                                                            Figure 1 - Contract Charges

We also conducted tests to detennine whether the Plan had complied with the conu·act, the
applicable procurement regulations (i.e., Federal Acquisition Regulations (FAR) and Federal
Employees Health Benefits Acquisition Regulations (FEHBAR) , as appropriate) , and the laws
and regulations goveming the FEHBP. The results of our tests indicate that, with respect to the
items tested, the Plan did not comply with all provisions of the conu·act and federal procurement
regulations. Exceptions noted in the areas reviewed are set forth in detail in the "Audit Findings
and Recommendations" section of this audit rep01i. With respect to the items not tested, nothing
came to our attention that caused us to believe that the Plan had not complied, in all material
respects, with those provisions.

fu conducting our audit, we relied to vmying degrees on computer-generated data provided by
the Plan. Due to time consu·aints, we did not verify the reliability of the data generated by the
various inf01mation systems involved. However, while utilizing the computer-generated data

1
 We did not review other expenses and retentions for contract years 2007 tlu·ough 2011 , except for the cash
management ofthese funds.

                                                         4

during our audit testing, nothing came to our attention to cause us to doubt its reliability. We
believe that the data was sufficient to achieve our audit objectives.

The audit was performed at the Plan’s office in Ashburn, Virginia on various dates from
February 5, 2013 through March 21, 2013. Audit fieldwork was also performed at our offices in
Washington, D.C. and Cranberry Township, Pennsylvania.

METHODOLOGY

We obtained an understanding of the internal controls over the Plan’s financial, cost accounting
and cash management systems by inquiry of Plan officials.

We interviewed Plan personnel and reviewed the Plan’s policies, procedures, and accounting
records during our audit of miscellaneous health benefit payments and credits. We also
judgmentally selected and reviewed 150 high dollar health benefit refunds, totaling $8,705,949
(from a universe of 102,958 refunds, totaling $62,106,520); 50 high dollar provider offsets,
totaling $5,121,943 (from a universe of 55,043 offsets, totaling $27,434,273); 7 class action
settlements, totaling $1,802,368 (from a universe of 26 settlements, totaling $2,468,986); 30
fraud recoveries, totaling $429,252 (from a universe of 279 recoveries, totaling $626,023); and
all quarterly pharmacy drug rebates, totaling               , to determine if refunds and
recoveries were promptly returned to the FEHBP and if miscellaneous payments were properly
charged to the FEHBP. 2 The results of these samples were not projected to the universe of
miscellaneous health benefit payments and credits.

We judgmentally reviewed administrative expenses charged to the FEHBP for contract years
2007 through 2011. Specifically, we reviewed administrative expenses relating to natural
accounts, prior period adjustments, pension, post-retirement, employee health benefits, executive
compensation, lobbying, subcontracts, benefit plan brochure costs, and vendor cost containment.
We used the FEHBP contract, the FAR, and the FEHBAR to determine the allowability,
allocability, and reasonableness of charges.

We reviewed the Plan’s cash management to determine whether the Plan handled FEHBP funds
in accordance with Contract CS 1067 and applicable laws and regulations. We also interviewed
the Plan’s Special Investigations Unit regarding the effectiveness of the F&A Program, as well
as reviewed case recoveries to test compliance with Contract CS 1067 and the FEHBP Carrier
Letters.




2
  The sample of health benefit refunds included the 25 highest dollar refunds per year. For provider offsets, we
selected the 50 highest dollar offsets. For class action settlements, the sample consisted of six high dollar
settlements and one low dollar settlement. For fraud recoveries, we selected the five highest dollar recoveries per
year. For pharmacy drug rebates, we selected all 24 of the quarterly drug rebate amounts that were received by the
Plan during the audit scope.

                                                         5
            III. AUDIT FINDINGS AND RECOMMENDATIONS
A. MISCELLANEOUS HEALTH BENEFIT PAYMENTS AND CREDITS

  The audit disclosed no findings pertaining to miscellaneous health benefit payments and
  credits. Overall, we concluded that the Plan returned health benefit refunds and recoveries,
  including prescription drug rebates, to the FEHBP in a timely manner.

B. ADMINISTRATIVE EXPENSES

  1. FEHBP Benefit Brochures                                                                $204,222

     The Plan printed an excessive amount of benefit plan brochures for contract years 2007
     through 2012, resulting in overcharges of $198,776 to the FEHBP. As a result of this
     finding, the Plan returned $204,222 to the FEHBP, consisting of $198,776 for the excess
     printing costs and $5,446 for applicable LII.

     48 CFR 31.201-3(a) states, "A cost is reasonable if, in its nature and amount, it does not
     exceed that which would be incurred by a prudent person in the conduct of competitive
     business . . . If an initial review of the facts results in a challenge of a specific cost by the
     contracting officer or the contracting officer's representative, the burden of proof shall be
     upon the contractor to establish that such cost is reasonable."

     In addition, the OPM contracting office provides guidance to the carriers as to how many
     brochures are allowed to be printed. OPM determines the quantity of the brochures that
     the Plan may charge to the FEHBP for each contract year. Any brochures that are printed
     over the approved quantity are not chargeable to the contract.

     For the period 2007 through 2012, the contracting officer approved the printing of
     3,463,288 benefit plan brochures. However, the Plan printed 3,995,200 brochures. As
     stated above, the cost to print brochures over the amount approved by the contracting
     officer is not chargeable to the contract. Therefore, the $198,776 cost of printing the
     additional 531,912 brochures is unallowable.

     As a result of this finding, the Plan returned $204,222 to the FEHBP, consisting of
     $198,776 for the excess printing costs and $5,446 for applicable LII. We reviewed and
     accepted the Plan’s LII calculation.

     Plan’s Response:

     The Plan agrees with this finding and states that it returned these funds to the FEHBP on
     June 28, 2013.




                                                 6
   OIG Comments:

   We verified that the Plan returned $198,776 to the FEHBP for the excessive printing of
   benefit plan brochures and $5,446 for applicable LII.

   Recommendation 1

   Since we verified that the Plan returned $198,776 to the FEHBP for the excessive
   printing of benefit plan brochures, no further action is required for this amount.

   Recommendation 2

   Since we verified that the Plan returned $5,446 to the FEHBP for LII on the questioned
   printing expenses, no further action is required for this LII amount.

2. Travel Costs                                                                   Procedural

   The Plan did not charge travel costs in accordance with the Federal Acquisition
   Regulations (FAR). The FAR limits the amount of travel costs for lodging, meals, and
   incidental expenses that may be charged to a government contract to the maximum
   federal per diem rates on a daily basis. In 2011, despite the regulation, the Plan charged
   the FEHBP actual travel costs incurred for lodging and did not limit charges to the
   maximum federal per diem rates. Although the monetary impact of the samples we
   reviewed was immaterial, this is a procedural issue that potentially could have a material
   monetary impact in the future if not addressed by the Plan.

   48 CFR 31.205-46(a)(2) states that “costs incurred for lodging, meals, and incidental
   expenses . . . shall be considered to be reasonable and allowable only to the extent that
   they do not exceed on a daily basis the maximum per diem rates in effect at the time of
   travel as set forth in the . . . Federal Travel Regulations, prescribed by the General
   Services Administration . . . .”

   In 2011, the Plan charged administrative expenses of $68,195,699 to the FEHBP. From
   this universe, we selected a judgmental sample of 100 general ledger transactions to
   review, which totaled $2,286,525 in expenses charged to the FEHBP. To select these
   transactions, we divided the universe of 2011 general ledger transactions (accounts
   payable debits only) into four dollar quartiles (Q0: $500 to $1,163; Q1: $1,169 to $2,807;
   Q2: $2,808 to $12,788; and Q3: $12,842 to $900,000) and randomly selected 25
   transactions from each quartile. In addition, we judgmentally selected 10 travel
   transactions from two trips made in 2011, totaling $14,431, to review. We reviewed
   these general ledger transaction expenses for allowability, allocability, and
   reasonableness.

   Based on our review, we determined that the Plan did not properly charge the FEHBP for
   two travel transactions associated with lodging in 2011. Specifically, the Plan charged
   $247 to the FEHBP over the maximum federal per diem rates for daily lodging.


                                            7
     Although the excess lodging costs charged to the FEHBP were immaterial, our review
     identified a systemic issue in compliance with travel regulations that increases the risk of
     a cumulative, material monetary impact if left unaddressed.

     Plan’s Response:

     The Plan agrees with this finding. The Plan states that they “have implemented new
     procedures to ensure that travel costs for lodging, meals and incidental expenses do not
     exceed the maximum federal per diem rates . . . .”

     Recommendation 3

     We recommend that the contracting officer verify that the Plan implemented controls to
     ensure that travel charges are limited to the maximum federal per diem rates and that the
     controls have been documented in the Plan’s policies and procedures.

C. CASH MANAGEMENT

  The audit disclosed no findings pertaining to cash management. Overall, we concluded that
  the Plan handled FEHBP funds in accordance with Contract CS 1067 and applicable laws
  and regulations.

D. FRAUD AND ABUSE PROGRAM

  1. Special Investigations Unit                                                     Procedural

     The Plan’s Special Investigations Unit (SIU) is not in compliance with Contract CS 1067
     and the FEHBP Carrier Letters, issued by OPM, that are related to fraud and abuse
     (F&A) programs in the FEHBP. We have determined that the Plan’s F&A program lacks
     the basic properties, processes, and procedures to detect, prevent, investigate, and report
     all potential fraud and abuse cases to OPM, OPM’s Office of the Inspector General
     (OIG), and/or other law enforcement entities.

     Contract CS 1067 Section 1.9(a) states, “The Carrier shall conduct a program to assess its
     vulnerability to fraud and abuse and shall operate a system designed to detect and
     eliminate fraud and abuse internally by Carrier employees and subcontractors, by
     providers providing goods or services to FEHB Members, and by individual FEHB
     Members. The program must specify provisions in place for cost avoidance, not just
     fraud detection, along with criteria for follow-up actions. The Carrier must submit to
     OPM an annual analysis of the costs and benefits of its fraud and abuse program.”

     Overall, we found that the Plan’s SIU, or designated anti-fraud unit, functions more as a
     medical management unit for cost containment purposes than an investigative unit that
     detects, prevents, and investigates fraud and abuse activities. Many of the characteristics
     of an effective SIU were missing. For example, we found little to no communication or
     information sharing with its vendors; no electronic tracking system for any of its fraud


                                              8
and abuse activities; no proactive fraud detection software; and no capturing of costs for
its fraud and abuse activities.

The effectiveness of the Plan’s stated F&A program cannot be accurately measured and,
therefore, we cannot determine the benefits of the program to the FEHBP. However, we
believe that the Plan has a high probability and likelihood of allowing fraud and abuse to
go undetected and unreported within the FEHBP. These issues are discussed in detail
below and are divided into five areas of concerns.

•   Lack of Anti-Fraud Activities and Case Tracking
•   FEHBP Case Reporting
•   Vendor Communication
•   Lack of a Specific Policy and Procedure Manual
•   Costs and Benefits of the Plan’s SIU

Lack of Anti-Fraud Activities and Case Tracking

We were unable to perform a complete review to determine if the Plan’s SIU reported
potential FEHBP fraud and abuse cases to the OIG in accordance with Carrier Letters
(CL) 2007-12 and CL 2011-13, as the Plan does not maintain sufficient documentation
for us to do so. We did determine that the Plan was not in compliance with CL 2003-23
and Contract CS 1067 because the Plan’s F&A program does not contain the required
characteristics and tools to be effective. The Plan’s SIU functions as a medical
management unit for cost containment.

CL 2007-12 states that, “All carriers must send a written notification/referral to the
OPM-OIG within 30 days of becoming aware of any cases involving suspected false,
fictitious, fraudulent, or misleading insurance claims . . . .” which meet a specific
potential claims exposure threshold of $20,000 or more for providers and $10,000 or
more for FEHBP members.

CL 2011-13, effective June 17, 2011, states that all Carriers “are required to submit a
written notification to the OPM OIG (“OIG”) within 30 working days of becoming aware
of a fraud, waste or abuse issue where there is a reasonable suspicion that a fraud has
occurred or is occurring against the Federal Employees Health Benefits (FEHB)
Program.” There is no dollar threshold for this requirement.

CL 2003-23, Industry Standards for Fraud & Abuse Programs, includes required
minimum standards for every Plan to include in their fraud and abuse programs including
an anti-fraud statement, written fraud and abuse policy and procedures, formal training,
establishment of a fraud hotline, education, technology, security, and patient safety.

The Plan does not use an electronic case tracking system to capture complaints/
allegations; name/subject of allegation; investigative activity; case open/close dates;
provider Tax Identification Number (TIN); case status/disposition, etc. The Plan tracks
its case activity using an Excel spreadsheet that only includes a member name, member

                                         9
number, recovery or savings amount, date opened, and an allegation code. No other case
information was provided. The Plan stated that it does not capture case/subject name
(provider/member), TIN, date closed, and case disposition on its spreadsheets. Although
the Plan stated the additional information is available, it failed to provide the information
when requested.

Therefore, we did not have the specific information needed to determine what the
allegation involved; who made the allegation; the subject of the allegation (i.e., provider
type); and if the issue was a one-time billing error or if a pattern of fraud existed. The
spreadsheets appeared to be tracking a specific patient on a claim-by-claim basis. There
was no indication that anyone performed an investigation, spoke to the member or other
witnesses, reviewed past claims data for patterns, or determined if potential additional
losses exist. In fact, the Plan appears to be reviewing medical necessity for cost
containment, rather than maintaining a case tracking system typical of an anti-fraud unit
or SIU.

It was also determined that neither the Plan nor the SIU tracks incoming complaints from
all sources internally or externally. Specifically, the Plan does not track hotline calls
related to fraud and abuse on any standard complaint tracking database. Although the
Plan states that all foreign claims are routed to the SIU for review, the Plan does not have
any formal tracking of these claims nor does the Plan explain why all foreign claims are
routed to their anti-fraud unit for review if there is no allegation other than the claim was
submitted by a member living abroad. The Plan stated that foreign drug claims are
processed by its Pharmacy Benefit Manager (PBM), but the PBM does not track the
claims and could not provide any data related to any submitted foreign drug claims.

The lack of case tracking by the Plan is concerning. We have seen numerous errors in the
Plan’s submitted documents related to this issue during the audit scope. As an example,
the Plan stated in response to our Standard Information Request (SIR) that it referred a
case to the OIG, yet in response to another information request (IR), the Plan stated a
clerical error took place and this case had not in fact been referred. Another example is a
case notification the Plan submitted to the OIG in October 2011. This case is not found
in any material the Plan provided in support of its fraud and abuse activities.

Because of these inconsistencies, there is a high likelihood that potential fraud and abuse
may not be prevented, investigated, or properly reported to the OIG.

FEHBP Case Reporting

Reporting Cases to the OIG

Because the Plan does not have a system with a complete database of complaints and
cases, we used the Plan’s annual F&A reports to determine its compliance with CL 2007-
12 and CL 2011-13. We found that the Plan is not reporting cases to the OIG in a manner
that is consistent with the requirements in these carrier letters.



                                         10
The Plan submitted spreadsheets with provider and member data to substantiate its
reported annual fraud and abuse activities to OPM from 2007 through 2011, related to
“open cases.” The information in these spreadsheets is not consistent with a fraud and
abuse program, but rather describes a medical or claims management program for cost
containment purposes.

Based on CL 2007-12, whereby the Plan is required to report potential fraud and abuse
related to providers with exposure over $20,000, we found that the Plan should have
reported 93 of 189 “open cases” to the OIG during the audit scope. We could not
determine the timeliness of the reporting based on the information provided.

The Plan reported a total of 42 OIG referrals and a total of 163 open provider cases from
2007 through 2010. However, only 2 of the 42 OIG referrals could be located within the
163 total cases. It is not clear why the other cases the Plan referred to the OIG could not
be found.

From 2007 through 2010, we also reviewed the Plan’s reported open cases for members
and compared those open cases to the Plan’s noted OIG referrals. The Plan opened 40
member cases from 2007 through 2010 as reported on its annual F&A reports to OPM.
Of the 42 OIG referrals listed during this time frame by the Plan, only 2 were member
cases. Neither of these cases could be found in the Plan’s list of 40 open member cases.
As noted above the Plan does not have an adequate or effective case tracking system,
which likely caused these discrepancies. We also found that six of the member cases met
the financial threshold of CL 2007-12 for referral to the OIG, but that none of them were
listed in the OIG referrals by the Plan.

In 2011, the plan reported 11 “member” referrals and 2 “other” referrals in its annual
F&A report. To support the numbers submitted, the Plan provided a list of the 13
referrals, which were the same “Case Notifications” the Plan reported separately. CL
2011-13 defines “referrals” and “Case Notifications” as two separate and distinct fraud
and abuse reporting documents. The OIG has a record of receiving only one referral
from the Plan in 2011 and there is no record of receiving four of the listed notifications.

We found the same types of inconsistencies for provider cases reported in 2011. The
Plan appears to be over-reporting to OPM the number of “referrals” submitted to the OIG
in its annual F&A report. To make matters worse, its case tracking system is inadequate
or nonexistent.

We also noted that the Plan is not sending its referrals to the appropriate OIG personnel
and is not including the required documentation. As a result, there were delays in the
processing and evaluation of the referrals.

Without proper tracking of potential fraud and abuse complaints and referral of these
complaints to proper authorities, there is a high risk that fraud and abuse in the FEHBP is
not being prevented or detected.



                                         11
Incomplete and Inaccurate Reporting - FEHBP Annual Fraud and Abuse Reports

Our review of the Plan’s F&A reports showed that the data submitted for recoveries,
actual and projected savings, and cases referred to law enforcement could not be
confirmed, supported or verified. Additionally, we could not determine if the cases
opened, amount of recoveries, and the actual and projected savings reported were even
related to a fraud and abuse issue.

CL 2003-25 (FEHB Quality Assurance and Fraud and Abuse Reports) and Contract CS
1067 require the Plan to submit reports to OPM annually that contain certain fields of
information regarding a Plan’s fraud and abuse activities. The information that must be
provided in the report includes dollars identified as lost and recovered, actual and
projected savings, cases opened, cases referred to law enforcement, cases referred to the
OIG, and cases resolved through negotiated settlement. The annual report also requires
the plans to report whether their fraud and abuse program has adopted specific industry
standards as part of their program related to fraud and abuse.

In response to the SIR, the Plan provided documentation to support the data it submitted
in its annual F&A reports; however, much of the data provided did not match the data in
the reports and data to support projected savings was not provided.

For example, in 2007 the Plan reported to OPM that it recovered $108,374 related to
fraud and abuse. However, in response to the SIR, the Plan identified total recoveries of
$157,100. In addition, the allegation codes associated with most of the recoveries were
consistent with a medical management department and cost containment program, not an
anti-fraud unit. Only one recovery could be classified as a true fraud and abuse issue. As
a result, we determined that the Plan overstated its recoveries in 2007 by $17,771.

Furthermore, the Plan reported $6,540,150 of actual savings in 2007 on its F&A report,
but could only provide supporting documentation for $1,025,314. It is unclear where the
Plan obtained the additional $5,514,836 in reported savings. The Plan admitted that the
savings reflected in the annual F&A reports did not accurately reflect the program
savings. Additionally, $919,563 of the $1,025,314 appeared to be for medical review
savings, not from fraud and abuse. The actual savings was only $90,603, not the
$6,540,150 reported to OPM.

For each year of the audit scope, the analysis is the same. The Plan’s reported annual
fraud and abuse results are unsupported and overstated as the charts for “Fraud and
Abuse Recoveries” and “Fraud and Abuse Actual Savings” below show.




                                        12
         Chart: Fraud & Abuse Recoveries


        Recoveries Reported                          Potential F&A Recoveries    Difference Between      Difference Between
            to OPM via                                   Reason Code “1”        Reported & Supported   Reported & Reason Code
Year      Annual Report       Supported Recoveries   “Services Not Rendered”         Recoveries            “1” Recoveries
2007         $108,374               $157,099                $90,603                  ($48,725)                $17,771
2008          $50,687                $63,478                $23,241                  ($12,791)                $27,446
2009         $224,086               $118,742                 $8,981                  $105,344                $215,105
2010         $910,579               $124,883                 $7,845                  $785,696                $902,734
2011         $354,702               $114,480                 $2,314                  $240,222                $352,388

Total      $1,648,428               $578,862               $132,984                $1,069,746               $1,515,444




         Chart: Fraud & Abuse Actual Savings

          Actual Savings                              Potential F&A Savings      Difference Between      Difference Between
        Reported to OPM via      Supported Actual       Reason Code “1”         Reported & Supported   Reported & Reason Code
Year      Annual Report              Savings         “Services Not Rendered”           Savings               “1” Savings
2007         $6,540,150             $1,025,314               $90,603                 $5,514,836              $6,449,547
2008         $7,400,091              $441,650                $23,241                 $6,958,441              $7,376,850
2009       $14,436,402              $3,384,062                $8,981                $11,052,340             $14,427,421
2010       $18,010,438              $1,942,241                $7,845                $16,068,197             $18,002,593
2011       $10,822,622              $2,330,153                $2,314                 $8,492,469             $10,820,308

Total      $57,209,303              $9,123,420             $132,984                $48,086,283              $57,076,719



         The Plan overstated its F&A related recoveries by $1,069,746 and its F&A actual savings
         by $48,086,283 to OPM during the audit scope. The Plan’s activities and support
         provided clearly show that their SIU is not performing a fraud and abuse function, but a
         medical necessity review and management function for cost containment not typically a
         major part of an anti-fraud program.

         Also, every year the Plan incorrectly reported that it was in compliance with the eight
         industry standards listed under CL 2003-25. On the contrary, we found that the Plan has
         no separate corporate fraud and abuse written policies and procedure manual or
         document, has no proactive fraud detection software that performed retrospective
         analysis of claim trends of providers or members, and until 2010 had no program to
         address patient safety issues that evolve into fraud and abuse related to pharmaceutical
         abuses, such as narcotic abuse, altered prescriptions, and prescription splitting.

         It is unclear if the Plan reported any of the PBM savings on its annual F&A report to
         OPM. There was no indication the PBM was tracking and reporting to the Plan any
         potential fraud and abuse issues related to pharmacies or doctors who may have high


                                                           13
narcotic prescribing patterns. The OIG did not receive one reported potential fraud and
abuse case from the Plan via its PBM pharmacy audit activities during the audit scope.

In summary, the Plan has not been in compliance with Contract CS 1067, CL 2003-23, or
CL 2003-25 during the audit scope because it largely overstated and could not support its
annual F&A reports submitted to OPM. This non-compliance may have resulted in a
lack of appropriate oversight of paid claims and unknown damage to the FEHBP in
improper payments made to fraudulent providers and members.

Vendor Communication

One of the most significant deficiencies of the Plan’s SIU is its lack of communication
and information sharing with its vendors. The Plan provided overviews of its vendors’
F&A programs including Cigna HealthCare (the Plan’s PPO Network), United
Behavioral Health (the Plan’s Behavioral Health vendor), and CVS Caremark (the Plan’s
PBM). These vendors use specialized software to detect and prevent fraud, waste, and
abuse. Because these vendors are looking at claims data for multiple lines of business
they are aware of different patterns, trends and fraud schemes conducted by both
providers and members intent on committing fraud. However, the Plan does not take
advantage of these specialized services provided by its vendors. Instead the Plan relies
on its Information System and Services Department to develop and implement edits and
stops to identify potentially fraudulent claims.

Cigna Health Care (Cigna) – In addition to utilizing specialized software, Cigna offers
many fraud and abuse detection tools and contains characteristics of an effective SIU.
The objectives of its SIU are “to reduce claim costs for our clients, customers and Cigna,
recover overpayments when possible, assist in prosecutions by referring cases to state
Departments of Insurance and law enforcement and ensure compliance by referring
suspected fraud to Departments of Insurance . . . .” Cigna goes on to state, “to be
successful, our anti-fraud program must be a partnership between Cigna and our clients
and customers.” Cigna conducts a thorough investigation of each complaint, including
interviewing health care professionals and customers, reviewing medical records, and
analyzing claims. Cigna also uses data mining to detect suspicious or unusual billing; to
focus on peer group analysis; and to perform segmentation and cluster analysis. Cigna
uses link analysis software to identify and visualize connections between entities within
the claims data. Cigna’s SIU also provides reports to its clients to demonstrate the
savings generated from its anti-fraud activities.

United Behavioral Health – This organization performs multiple anti-fraud activities. It
has an effective case tracking database that includes tips or referrals, source and content
of allegations, all investigative activities, and case status/resolution. In addition, the
company uses fraud detection software to identify outliers and other anomalies within the
claims data and a variety of different reporting tools to query the claims system and
identify claims that potentially violate internal or national guidelines.




                                        14
CVS Caremark – This PBM has extensive edits in its claims processing system to prevent
fraudulent claims from being paid. They also use utilization based clinical rules that look
for patterns of potential controlled substance overuse or misuse. CVS Caremark also
detects and prevents fraud by using a comprehensive audit team to perform reviews of
pharmacies based on a risk model.

The Plan provided documentation suggesting that these vendors perform anti-fraud
activities on its behalf. After further review and discussion with the Plan, it was
discovered that neither Cigna nor United Behavioral Health perform any anti-fraud
activities for the Plan and that the Plan had no communication and shared no fraud and
abuse information with either vendor. Not only was this misleading information
provided in direct response to questions related to its vendors, it was also included in the
Plan’s SIU manual. We are concerned that the Plan would submit this incorrect and
misleading information to the OIG or include it in its manual, which is the main source of
anti-fraud and abuse information for Plan employees and others.

Also, the Plan only began a program to monitor members’ narcotic drug utilization in
2010 as a patient safety initiative. It relies on its PBM to perform audits of participating
pharmacies to uncover fraud and abuse. We were unable to determine the effectiveness
of the PBM’s anti-fraud and abuse activities because no case tracking or other supporting
documents, such as allegations, findings/recommendations, or financial recoveries were
provided regarding the pharmacy audits. Additionally, the Plan only requires quarterly
reports from its PBM of utilization issues within certain disease categories but requires
no reporting of potential fraud and abuse issues. Prior to 2010, it is unclear whether the
Plan had any F&A program or oversight of its PBM or prescription drug benefits.

During the audit scope, the Plan paid approximately $1.7 billion in pharmacy benefits to
FEHBP members with no apparent oversight or required reporting until 2011, when it
reported to the OIG a total of nine members with allegations of potential narcotic abuse
and doctor shopping as a patient safety initiative.

CVS Caremark did provide savings reports, but the reports were inconclusive as to
whether the savings were a result of a fraud and abuse program. The data did not include
or identify a case name, provider or subject, TIN, an allegation, a loss amount, case
disposition, or any information related to a fraud and abuse finding. Our review of the
PBM reports suggested they were utilization reviews performed on various diagnosis
categories. There appeared to be no fraud and abuse component.

In contrast to its vendors, the Plan does not use an electronic tracking system to track its
complaints/allegations and cases. It also does not perform thorough investigations of the
complaints and allegations it receives. The Plan does not use technology for detecting
and preventing fraudulent claims from being paid. Its vendors use a variety of tools
including proactive software, data mining, and link analysis to detect and investigate
trends, patterns, and various fraudulent schemes. We believe that the Plan should
incorporate many of these tools and processes into their SIU or begin using its vendors to
perform these anti-fraud services.


                                         15
Lack of a Specific Policy and Procedure Manual

Another deficiency we noted was the Plan's lack of a specific policy and procedme
manual. In response to the SIR, the Plan submitted documents from various intemal
som ces, including electronic claims manuals, NALC Newsletters, OPM letters and
guidance, patient safety initiatives, and program documents. The Plan stated it never
developed and published a separate corporate policy document because it had
incorporated fraud and abuse into all areas of the company.

However, without one specific reference to the Plan's policies and procedmes related to
fraud and abuse, all employees, including those in the SID, cunently have to review
multiple documents, manuals, websites, and other company references to detennine the
who, what, where, and when to rep01i potential fraud and abuse cases to the OIG. In
addition, a c01porate manual would enable the Plan to convey its policies and procedmes,
as well as OPM contract requirements, for rep01iing fraud and abuse to its vendors, with
one concise document. Without specific standards, requirements, processes, policies, and
procedmes published in one document related to fraud and abuse, it is unce1iain how the
Plan addresses fraud and abuse activities in the FEHBP effectively or is in compliance
with Contract CS 1067.

As a result of the deficiencies discussed above, we can only conclude that the Plan is not
in complian ce with Contract CS 1067, Section 1.9(a), and CL 2007-12, CL 2011-13 , and
CL 2003-23 . As such, the Plan has potentially allowed improper payments to be made
within the FEHBP. The Plan paid over $4.9 billion in claims dming the audit scope with
little to no F&A program oversight or rep01iing by its vendors to the Plan and
subsequently to the OIG.

Costs and Benefits of the Plan's SIU

As we have stated previously, in om opinion, the Plan operates more of a medical
management unit for cost containment rather than an anti-fraud program. Therefore, the
FEHBP is not receiving the benefits of an operational F&A program.

Contract CS 1067 requires that the "Canier must submit to OPM an annual analysis of
the costs and benefits of its fraud and abuse program."

The Plan's SID does not perfonn actual fraud investigations. The Plan's SID operates in
a medical management capacity reviewing claims for medical necessity, excessive
charges, duplicate billing, and services not rendered. The SID has six employees
including a part-time manager and five SID analysts. There is also a supervisor with
oversight responsibility of the SID, above the paii-time manager. We analyzed the costs
associated with this group to calculate a retum on investment (ROI) .

From 2007 to 2011, the Plan charged the FEHBP                  for the salaries and benefits
of its SID staff and managerial personnel;                '-'~<:uu•~
                                                                   Investigation, Equifax;
-       for Medical Records, Fraud Depruiment;                 for the National Health


                                        16
Care Anti-Fraud Association (NHCAA) membership and training. Therefore, the known
costs the Plan provided towards their stated F&A program totaled $3,800,116.

Additionally, there are other departments, including IT, claims and customer service,
mail room, and vendors that have responsibility for the Plan’s fraud and abuse program.
The costs of office space, equipment, and supplies should also be considered in
determining the total costs of the Plan’s F&A program. However, for various reasons,
the Plan could not determine these costs.

We determined that the Plan had $578,682 in recoveries and $9,123,420 in actual savings
relating to its stated fraud and abuse activities for a total of $9,702,102 during the audit
scope. This results in an ROI of 2.55:1. That is to say, for every dollar spent by the
Plan’s SIU, it recovered or saved $2.55. However, the reported recoveries and savings
were not substantially due to anti-fraud and abuse activities, and the Plan was unable to
provide all associated F&A costs. Nonetheless, we acknowledge that the recoveries and
savings produced by the Plan are a value to the FEHBP even if they are not associated
with anti-fraud activities.

As indicated in the charts above, we determined that the amounts potentially related to
fraud and abuse recoveries and actual savings result in potential recoveries of $132,984
and potential savings of $132,984 for a combined total of $265,968 during the audit
scope. However, the recoveries and savings we calculated based on our analysis of the
Plan’s Reason Code “1” are exactly the same. It would appear that the Plan is double
counting its recoveries and savings, which puts into doubt the validity of the Plan’s
provided recovery and savings data.

Ultimately, we could not verify any of the Plan’s activities, recoveries, and actual savings
to be F&A related. As a result, we were unable to calculate the ROI for the Plan’s F&A
program since we do not believe the Plan has a program in operation.

Therefore, based on the Plan’s unreported information related to costs and the lack of a
F&A program, the Plan is not in compliance with Contract CS 1067 in showing that its
F&A program is a benefit to the FEHBP.

Plan’s Response:

In general, the Plan disagrees with the OIG’s assessment of the Plan’s SIU that it “is not
in compliance with” Contract CS 1067 and FEHBP Carrier Letters related to F&A
Programs in the FEHBP and “lacks the basic properties, processes and procedures” to
detect, prevent, investigate, and report potential fraud and abuse cases. The Plan states
that it “does maintain a fully operational SIU department and that department endeavors
to operate in compliance with all applicable requirements.”

However, the Plan acknowledges that “its overall F&A Program could benefit from
additional automation, better guidance regarding the required use of particular tools,
including tracking methods, and more direct partnership with its outside vendors


                                         17
specifically related to F&A.” The Plan states that it “is willing to invest in enhancing the
tools available to its SIU, improving the reporting of its activities in order to better
demonstrate compliance and expanding its coordination with outside vendors.”

OIG Comments:

The Plan has not provided any additional information that would lead the OIG to
determine that its F&A program is in compliance with Contract CS 1067 and the
applicable Carrier Letter’s 2003-23, 2003-25, 2007-12, and 2011-13.

Plan’s Response (continued):

The Plan addresses specific points of the finding as follows:

1. “Whether the investigation of medical management incidents is consistent with a
   compliant F&A program”

   The Plan “disagrees that medical management is not a typical component of an anti-
   fraud unit of SIU. In our response to Audit Inquiry #2, we provided specific OIG
   guidance as well as guidance from CMS, DOJ, and DHHS which support our position
   that medical management is a key component of a program designed to investigate
   fraud, waste and abuse. Specifically, we call your attention again to a leading anti-
   fraud association’s understanding of what the most common types of health care
   fraud are, including performing medically unnecessary services, which the National
   Health Care Anti-Fraud Association (NHCAA) lays out in their document entitled
   ‘What Health Care Fraud Looks Like.’ These resources support the prominent
   inclusion of medical management-based investigations in the operation of the Plan’s
   F&A program.”

   OIG Comments:

   As we previously stated, the medical management function within a health plan
   performed for cost containment purposes plays a role in the prevention, detection, and
   investigation of fraud and abuse. However, it is not a substitute for nor does it
   indicate contractual compliance with a comprehensive fraud and abuse program.
   Many of the characteristics of an effective SIU were missing from the Plan’s
   program, such as communication or information sharing with its vendors and a case
   tracking system for the fraud and abuse activities and hotline calls. The lack of these
   characteristics has led to significant errors in the Plan’s annual F&A reports
   submitted to OPM which we document prominently in our findings. Furthermore, the
   Plan has no proactive fraud detection software and does not capture costs for its fraud
   and abuse activities; therefore, we could not determine whether the Plan’s F&A
   program is a benefit to the FEHBP.




                                         18
2. “Reporting and tracking of cases”

   The Plan disagrees that because it does not use an electronic tracking system, “that
   potential fraud and abuse is going undetected, not being prevented, not investigated
   and not properly reported to the OIG.”

   Case Tracking System: The Plan states that its SIU does track cases that are being
   investigated for fraud, waste, and abuse through an Excel spreadsheet to index the
   physical paper case files that contain all the case information including the
   information requested by the OIG. The spreadsheet is also used to calculate savings
   reported to OPM on the F&A report. Ultimately, the SIU relies upon the specific
   case files and not the Excel spreadsheet.

   The Plan further states, “that is why, in response to Objective 88, the supporting
   Excel spreadsheets did not include all the requested data elements and the Plan
   offered to deliver the non-captured data through a manual process by extracting the
   information from the actual paper file once a universe was selected. The OIG did not
   provide the NALC HBP a selected universe for this audit or request specific hard
   copy files.”

   Annual Reporting: The Plan explains that it “provided the ‘actual savings’ as
   reported on the annual F&A report in our response to SIR 88, Attachment 5, Section
   4 question 2C. When the Plan initially responded to SIR 88 Attachment 5, Section 4,
   Question 2D, we provided the cases opened within the scope of the audit and that
   were indexed on our SIU Excel spreadsheet. In IR#6 Section 4, Question 7, the Plan
   explained that the discrepancy between the data provided and the F&A report was
   due to a failure to include the claims fully excluded by the SIU. ‘Other claims fully
   excluded by the SIU’ are claims that our internal payment edits kicked to the SIU as
   possible fraud, waste or abuse. After internal review by SIU analysts, these claims
   were excluded as fraud, waste and abuse.”

   The Plan also states, “We considered that OIG might request the supporting data for
   the claims fully excluded by the SIU and assumed that request would be forthcoming.
   We regret any misunderstanding that caused us to wait for a request rather than
   provide the information in connection with our response. The Plan acknowledges
   that clerical errors, e.g. number of cases opened, dollars identified as lost and dollars
   recovered occurred on the F&A reports from 2007 to 2011. These errors have now
   been corrected and revised F&A reports have been re-submitted to OPM.”

   Notifications: The Plan “disagrees with the conclusion that it is not in compliance
   with OPM CL 2007-12 and CL 2011-13 related to the reporting of fraud, waste and
   abuse cases. The OIG audit pointed out the limitations of our manual case tracking
   system which we expect to address in our review of third party software specifically
   designed to track fraud waste and abuse cases. We are actively evaluating potential
   solutions to implement in the near future.”


                                        19
   OIG Comments:

   Case Tracking System: The Plan does not address our concerns related to proper
   case tracking of fraud and abuse issues, and ignores its failure to track incoming
   hotline complaints, foreign claim cases from their PBM, and the lack of
   communication and tracking of potential fraud and abuse complaints with its third
   party vendors.

   The Plan’s described manual case tracking system is unable to perform and track any
   type of comprehensive fraud and abuse activity. It fails to provide accurate savings
   or recoveries, and did not include basic fraud and abuse information. This lack of
   case and information tracking is the root cause of the Plan’s inaccurate annual F&A
   reporting to OPM and its failure to report cases to the OIG.

   Annual Reporting: The Plan’s statement that we did not request information related
   to its cases tracked for savings for “Other claims fully excluded by the SIU” and/or
   was waiting for the OIG to provide “a selected universe” is inaccurate. The OIG
   requested the information through the SIR Objective 88, Section IV, Question 2D,
   and as such the Plan was required to provide all the information, not just a portion of
   it. There is no requirement for the OIG to provide a selected universe to the Plan.

   Ultimately, the Plan failed to provide support for $48,086,283 of the $57,209,303
   F&A savings it reported to OPM during the audit period. The remaining $9,123,420
   was almost entirely related to reviews for medical necessity. Additionally, the Plan
   dismisses all of the other discrepancies noted in its annual F&A report as “clerical
   errors.”

   Furthermore, the Plan never provided the corrected annual F&A reports to the OIG
   and therefore we cannot verify whether the corrected information provided to the
   OPM Contracting Office by the Plan is accurate. The Plan supplied no reconciliation
   or explanation for correcting these annual F&A reports, nor did the Plan explain what
   information was used to correct them.

   Notifications: The Plan disagrees with the OIG findings that it did not report all
   F&A related cases per CL 2007-12 and CL 2011-13. However, the Plan provided no
   further documentation, details or explanation as to why they disagree with the OIG
   conclusions.

3. “Information sharing with vendors”

   The OIG contends that there are deficiencies in the Plan’s communication and
   information sharing with its vendors. In response, the Plan stated “while the Plan
   acknowledges that its coordination with the vendors specifically regarding F&A
   programs can be enhanced, and the Plan is willing to do more in the future, we
   respectfully disagree that the Plan lacks any communication and information sharing
   with its vendors in regard to fraud, waste and abuse.”

                                        20
   The Plan also states that it has taken advantage of the specialized services provided
   by its vendors and has expanded the direct sharing of information regarding suspected
   fraud and abuse. The Plan’s vendor, Optum, began running software to detect fraud,
   waste, and abuse over NALC claims on May 16, 2012. Its PBM vendor, CVS
   Caremark, has performed Utilization Review Pharmacy Management for the Plan
   since January 1997. This program detected potential fraud and abuse issues that
   include drug interactions, contraindications, over dosage, therapeutic duplications,
   and age inappropriateness. In 2010, CVS Caremark began its Patient Safety and
   Monitoring program.

   The Plan states, “The Utilization Review Pharmacy Management reports are sent to
   the Plan on a quarterly basis; and the cases arising from the Safety and Monitoring
   Program are reported to the Plan as they are detected. Since January 2010, the Plan
   has reported any pharmacy, physician, or member prescription fraud, waste and abuse
   related cases to the OPM OIG.”

   OIG Comments:

   We do acknowledge the Plan’s implementation of the Patient Safety and Monitoring
   program by its PBM in 2010, though this is a full seven years after OPM
   implemented the requirement in 2003 under CL 2003-23 Industry Standards for F&A
   Programs. In 2011, the Plan reported member-related cases with allegations of doctor
   shopping to the OIG, but no other provider-related (Pharmacy or Physician) cases
   from its PBM vendor have been detected or reported to the OIG.

   The Plan also notes that Optum now runs NALC claims through its fraud, waste and
   abuse software. This function began in May 2012; however, the Plan does not
   acknowledge that it has had no previous communication with this vendor related to
   fraud and abuse. The Plan has offered no details of the software program or how the
   vendor will report or share the information with the Plan or report detected cases to
   the OIG.

4. “Fraud, Waste and Abuse Policy Manual”

   The OIG contends that the Plan lacks a specific policy and procedure manual and
   that, without “one specific reference” to the Plan’s policy and procedures,
   employees, including those in SIU, have to review multiple documents, manuals,
   websites, and other references “to determine the who, what, where and when to
   report potential fraud and abuse cases to OPM OIG.”

   In response, the Plan states, “The 835 page document supplied to the OIG in response
   to SIR 88, Attachment 5, Section I, Question 8 as Exhibit C and referenced in OIG’s
   contention above, is a compilation of documents, information, training material and
   references that relate to the Plan’s policies and procedures for detecting and
   investigating fraud, waste and abuse. This document is used by the SIU Supervisor.


                                       21
   Information is extracted and disseminated to various departments as it applies to their
   specific job classifications.”

   The Plan also states that “employees who are most directly responsible for the day-to-
   day operations of SIU activities are thoroughly familiar with the materials compiled
   by the Plan and we believe the materials provided to and available to the Plan’s
   employees provide adequate guidance. However, we acknowledge that an overhaul
   of the Plan’s materials with the goal of producing a more centralized resource that
   operates as a manual would be beneficial and we will undertake that project.”

   OIG Comments:

   We agree with the Plan’s assessment that it would be beneficial to centralize its F&A
   manual into a separate document for policies, procedures, and processes related to its
   F&A program.

5. “Costs and benefits of the Plan’s F&A Program”

   The OIG contends that the Plan does not comply with the Contract CS 1067 and CL
   2003-23 requirements to submit an annual analysis of the costs and benefits of its
   F&A Program.

   In response, the Plan states, “The NALC Health Benefit Plan does provide an analysis
   of the benefits of its fraud and abuse program through the annual Fraud and Abuse
   Recovery and Savings Data report we provide OPM. The Actual Savings reported
   nets any costs for external medical review fees. Additionally, the OIG requires that
   FEHB plans complete an accompanying questionnaire every 3 years (or sooner if a
   major reorganization of the Plan or merger occurs). In 2011, the Plan responded to
   the Fraud and Abuse Questionnaire for Performance Indicators:

      Question #7: How do you measure the performance of your fraud control
      operation?

      Plan’s Answer: The number of claims reviewed, the number of claims audited,
      and the benefit dollars saved.

   The questionnaire does not indicate that the performance measure must be an ROI
   calculation. Furthermore, Contract CS 1067 does not require the Plan to calculate an
   ROI for the Plan’s Fraud, Waste and Abuse Program.”

   In addition, the Plan states, “We believe there may be other methods to calculate the
   costs of our Fraud and Abuse program. We invite discussion on the method the Plan
   will use to improve its ability to demonstrate its cost vs. benefit to the FEHB program
   in accordance with Contract CS 1067. We contend we do comply with all aspects of
   Contract CS 1067 in this regard notwithstanding our acknowledgement that we do not
   capture all of the costs as noted above of our Fraud and Abuse program.”


                                       22
  OIG Comments:

  Although we agree that the Plan is not required to provide an ROI calculation to OPM
  to show a cost benefit analysis of its F&A program, we fail to see how the Plan’s
  current system of “number of claims reviewed, the number of claims audited, and the
  benefit dollars saved” relates to a proactive fraud and abuse program. This method
  appears more suited for the performance of medical management reviews for cost
  containment purposes, and provides no factor related to the cost of doing business.

  In addition, the NHCAA, which was referenced earlier as the “leading anti-fraud
  association,” published the ROI standards in 2007 that are the basis of our
  calculation. Since the Plan is a member of the NHCAA and pointed out that it relied
  on its guidance for including medical management investigations in its F&A program,
  it should also be aware of and should incorporate these ROI standards in its reporting.

  We also would like to note that the Plan erroneously suggested that the “OIG requires
  that FEHB plans complete an accompanying questionnaire every 3 years (or sooner if
  a major reorganization of the Plan or merger occurs).” We believe the Plan is
  referring to a questionnaire or survey requested by OPM’s Healthcare and Insurance
  Office to be submitted along with the annual F&A report.

6. Other Plan Comments

  In response to OIG audit recommendation number 11 of this report (formerly
  recommendation number 10 of the draft report) the Plan states, “we believe the
  Program would benefit from more specific guidance regarding the types of cases that
  are expected to be addressed by the F&A Program.”

  In response to OIG audit recommendation number 12 of this report (formerly
  recommendation number 11 of the draft report) the Plan states, “we are currently
  evaluating third party proactive fraud detection software and plan to perform a cost
  benefit analysis to determine the total cost and benefit of these systems to the Plan
  and the FEHBP.”

  OIG Comments:

  We agree that the OPM contracting office should provide further guidance for Plans
  on F&A program expectations. We also are pleased the Plan is currently evaluating
  third party proactive fraud detection software and plans to perform a cost benefit
  analysis to determine the total cost and benefit of these systems to the Plan and the
  FEHBP.




                                       23
Recommendation 4

We recommend that the contracting officer require the Plan to implement an F&A
program that includes all of the current standards required by Contract CS 1067,
CL 2003-23, CL 2003-25, CL 2007-12, and CL 2011-13.

Recommendation 5

We recommend that the contracting officer require the Plan to create, publish, and
disseminate to all its employees a separate policy and procedure manual related to the
Plan’s F&A program. The policy and procedure manual should include the Plan’s
corporate strategy in the prevention, detection, and investigation of fraud, waste, and
abuse; definitions of fraud, waste, and abuse; and annual training requirements.

In addition, the manual should:
• identify the appropriate departments and contact information for personnel
    responsible for fraud, waste, and abuse issues within the Plan;
•    include all of the requirements and industry standards, case sharing, and reporting
    guidelines; and,
• reference the annual requirements of CL 2003-23 (F&A Industry Standards), CL
    2003-25 (Revised FEHB Quality Assurance and F&A Reports), and CL 2011-13 for
    reporting fraud and abuse issues to OPM and the OIG.

Recommendation 6

We recommend that the contracting officer verify that the Plan implements an F&A case
tracking system to track all incoming allegations of fraud, waste, and abuse from all
sources. The case tracking system should include the following minimum information:

•   a case number, name, and subject;
•   Tax Identification Number, National Provider Identifier, and Social Security Number;
•   address and state;
•   allegation and source of allegation;
•   case activity;
•   date case opened/initiated, date case closed, disposition of case, referral date, and case
    notification date to the OIG;
•   potential dollar exposure, actual determined loss, recovered amount, actual savings,
    and projected savings; and
•   assigned SIU investigator.




                                         24
Recommendation 7

We recommend that the contracting officer verify that the Plan implements a policy to
review and investigate all FEHBP potential exposure upon the initiation of all fraud,
waste, and abuse allegations and/or issues within the SIU for a period of four years from
the case initiation date. The Plan should timely report all fraud, waste, and abuse
allegations and/or issues, whether substantiated or not, based on the guidelines
established and required by CL 2011-13 (Mandatory Information Sharing via Written
Case Notifications to OPM’s Office of the Inspector General).

Recommendation 8

We recommend that the contracting officer direct the Plan to create a written strategy,
and implement appropriate oversight of its outside vendors related to F&A prevention,
detection, investigation, and reporting per OPM’s applicable contract and
CL 2011-13 reporting requirements.

Recommendation 9

We recommend that the contracting officer direct the Plan to provide OPM an annual
report identifying and detailing all costs associated with its F&A program.

Recommendation 10

We recommend that the contracting officer require the Plan to provide the methodology
and a measure of performance (based on industry standards) demonstrating that the F&A
program is a benefit to the FEHBP, in accordance with Contract CS 1067, Section 1.9(a).

Recommendation 11

We recommend that the contracting officer develop and distribute to all FEHBP Carriers
definitions for the terms “fraud,” “waste,” and “abuse” so that all Carriers are reporting
statistics to OPM based on the same definitions.

Recommendation 12

We recommend that the contracting officer direct the Plan to perform a study regarding
the use of proactive fraud detection software. The study should include:

•   an analysis of available systems used in the industry;
•   a description of the systems’ capabilities; and
•   the total costs and benefits of these systems to the FEHBP.

The contracting officer should also require that the Plan provide the assessment to the
contracting officer for review.



                                        25
                IV. MAJOR CONTRIBUTORS TO THIS REPORT

Experience-Rated Audits Group

                   Lead Auditor

                   Auditor

                     Auditor

                   Auditor



                    , Chief

               , Senior Team Leader

Office of Investigations

                  , Special Agent-In-Charge

                 , Senior Audit Advisor to the Assistant Inspector General for Investigations




                                               26
                                                                                                      V. SCHEDULE A
	

                                                                    NATIONAL ASSOCIATION OF LETTER CARRIERS HEALTH BENEFIT PLAN
	
                                                                                         ASHBURN, VIRGINIA
	

                                                                                CONTRACT CHARGES AND AMOUNTS QUESTIONED
	

CONTRACT CHARGES*                                                      2007                2008                2009                2010                2011		                                   TOTAL

HEALTH BENEFIT CHARGES                                              $685,021,545        $771,425,658      $1,090,444,707      $1,148,820,513      $1,159,052,951                              $4,854,765,374

ADMINISTRATIVE EXPENSES                                                52,069,474          56,679,396          64,789,882          69,338,689          68,195,699                               311,073,140

OTHER EXPENSES AND RETENTIONS                                           6,167,802           5,956,321           6,046,838           8,768,824          10,815,472                                37,755,257

    TOTAL CONTRACT CHARGES                                          $743,258,821        $834,061,375      $1,161,281,427      $1,226,928,026      $1,238,064,122		                            $5,203,593,771



AM OUNTS QUESTIONED		                                                  2007                2008                2009                2010                2011           2012        2013          TOTAL

A.		 M ISCELLANEOUS HEALTH BENEFIT PAYM ENTS
     AND CREDITS                                                               $0                  $0                  $0                   $0                  $0           $0          $0              $0

B.		 ADM INISTRATIVE EXPENSES

    1. FEHBP Benefit Brochures**		                                        $12,470              $5,236              $4,295              $8,367               $35,985    $136,502      $1,367        $204,222
    2. Travel Costs (Procedural)                                                0                   0                   0                   0                     0           0           0               0

    TOTAL ADM INISTRATIVE EXPENSES                                        $12,470              $5,236              $4,295              $8,367               $35,985    $136,502      $1,367        $204,222


C.		 CASH MANAGEMENT                                                           $0                  $0                   $0                  $0                  $0           $0          $0              $0

D.		 FRAUD AND ABUSE PROGRAM

    1. Special Investigations Unit (Procedural)                                $0                  $0                   $0                  $0                  $0           $0          $0              $0

    TOTAL FRAUD AND ABUSE PROGRAM                                              $0                  $0                   $0                  $0                  $0           $0          $0              $0

    TOTAL AM OUNTS QUESTIONED                                             $12,470              $5,236              $4,295              $8,367               $35,985    $136,502      $1,367        $204,222

* We did not review claim payments and other expenses and retentions, except for the cash management of these funds.
	
** We included lost investment income (LII) of $5,446 as part of this audit finding. Therefore, no additional LII is applicable for this audit finding.
	
                                                                                                                   APPENDIX
                       NATIONAL               ASSOC I ATION                   OF   LETTER        C ARRI E RS

                        HEALTH BENEFIT PLAN
                20547 Waverly Coun. .-\sht> urn. Virginia :!0 149 • <70:1 1 729-4677 ur I -888-636-NALC 16:!5:!1
                                      Fr"dric V. Rnlurulo, Pn:, iJcnl • ll rinn H"llmnn , Dirccwr
                                                               .. , · · ~·I




July 30, 2013



Senior Team Leader
Experience-Rated Audits Group



Exp erience Rated Audits Group

Office ofinsp ector General
U.S. Office of Personnel Management


Re: 	           OPM Draft Audit Report Response
                National Ass ociation of Letter Carriers Health Benefit Plan
                Audit Report Number 1B-32-00-13-017
                (Dated and R eceived May 31, 2013)




We appreciate the opportunity to comment on the procedural findings, conclusions and
recommendations in the above-r eferenced Draft Report ofthe limited scope audit of the National
Association of Letter Carriers Health Benefit Plan (the "Plan"). Our comments in response to
your findings are as follows:

   A. MISCELLANEOUS HEALTH BENEFIT PAYMENTS AND CREDITS

        OIG Draft Report: "The audit disclosed no .findings pertaining to miscellaneous health
        benefit payments and credits. Overall, we concluded that the Plan returned health
        benefit refunds and recoveries, including prescription drug rebates, to the FEHBP in a
        timely manner. " Draft Report, p. 6.

        NALC Health Benefit Plan R esponse: Th e Plan has no comments.




                                                          9 o3rd of Trust~ts 

                                 RGndcU L. K~ l ler-   lAwrence 0. Brown, Jr.• Ch.     Mlohool J. Gi ll 

B. ADMINISTRATIVE EXPENSES

  1. FEHBP Benefit Brochures                                                 $198,776

   OIG Draft Report:
  "The Plan printed an excessive amount ofhealth benefit brochures for contract years
  2007 through 2012. As a result, the FEHBP was overcharged $198, 776. "Draft Report,
  p. 6.

  NALC Health Benefit Plan Response:
  While we believe the quantity printed was justifiable for business reasons, we
  acknowledge that charging the FEHBP contract for the full amount printed, rather than
  the OPM allowed amount, was an inadvertent error on our part, and therefore we are in
  agreement with this fmding. We returned these funds and lost investment income to the
  Federal Employees Health Benefits Program on June 28, 2013. OIG has requested the
  bank statements showing this and we will provide them as soon as they are available.


  2. Travel Costs                                                            Procedural

  OIG Draft Report:
   "The Plan did not charge travel costs in accordance with the Federal Acquisition
   Regulations (FAR). The FAR limits the amount oftravel costs for lodging, meals, and
   incidental expenses that may be charged to a government contract to the maximum
  federal per diem rates on a daily basis. In 2011, despite the regulation, the Plan charged
  the FEHBP actual travel costs incurred for lodging and did not limit charges to the
   maximum federal per diem rates. Although the moneta1y impact ofthe samples we
  reviewed was immaterial, this is a procedural issue that potentially could have a material
  moneta1y impact in the future if not addressed by the Plan. " Draft Report, p. 7.

  NALC Health Benefit Plan Response:
  We are in agreement with this fmding and have implemented new procedures to ensure
  that travel costs for lodging, meals and incidental expenses do not exceed the maximum
  federal per diem rates on a daily basis.


C. CASH MANAGEMENT

  OIG Draft Report: "The audit disclosed no .findings pertaining to cash management.
  Overall, we concluded that the Plan handled FEHBP funds in accordance with Contract
  CS 1067 and applicable laws and regulations." Draft Report, p. 8.

  NALC Health Benefit Plan Response: The Plan has no comments.




                                          2

D. FRAUDANDABUSEPROGRAM

 The Draft Report contends generally that the Plan's Special Investigation Unit ("SIU")
  "is not in compliance ·with" Contract CS 1067 and FEHBP Carrier Letters related to
 Fraud and Abuse ("F&A") Programs in the FEHBP and "lacks the basic properties,
 processes andprocedures" to detect, prevent, investigate and report potential fraud and
 abuse cases. (Draft Report, p. 8; Recommendation 3), The Plan respectfully disagrees
 with this assessment, as set forth more fully below in response to particular topics
 addressed in the Draft Report. The Plan acknowledges that its overall F &A Program
 could benefit from additional automation, better guidance regarding the required use of
 particular tools, including tracking methods, and more direct partnership with our outside
 vendors specifically related to F&A. However, the Plan does maintain a fully operational
 SIU department and that department endeavors to operate in compliance with all
 applicable requirements. We respectfully suggest that denoting the Plan's SIU as
  "lacking the basic properties, processes and procedures" of a F &A program is an
 overbroad characterization that is not supported by the voluminous information provided
 to OIG during the audit and the Plan's stated willingness to provide additional
 information as requested. As noted below, the Plan is willing to invest in enhancing the
 tools available to SIU, improving the reporting of its activities in order to better
 demonstrate compliance and expanding its coordination with outside vendors. We
 address specific points in the Draft Report below.

 Whether the investigation of medical management incidents is consistent with a
 compliant F&A program
 OIG contends that most of the cases tracked by the Plan's SIU involved medical 

 necessity reviews and were indicative "more ofmedical management" for "cost 

 containment and not typical ofan anti-fraud unit ofSIU " Draft Report, p. 10 


 "The OIG acknorl'ledges that medical management for cost containment purposes plays a
 role in the prevention, detection and investigation ofF&A, However, the Plan's medical
 managementflmction is its only F&A Program component." Draft Report, p. 20

 NALC Health Benefit Plan Response:
 The Plan respectfully disagrees that medical management is not a typical component of
 an anti-fraud unit of SIU. In our response to Audit Inquiry #2, we provided specific OIG
 guidance as well as guidance from CMS, DOJ, and DHHS which support our position
 that medical management is a key component of a program designed to investigate fraud,
 waste and abuse. Specifically, we call your attention again to a leading anti-fraud
 association's understanding of what the most common types ofhealth care fraud are,
 including performing medically unnecessary services, which the National Health Care
 Anti-Fraud Association (NHCAA) lays out in their document entitled "What Health Care
 Fraud Looks Like."These resources support the prominent inclusion of medical
 management-based investigations in the operation of the Plan's F&A program.




                                         3

The Plan also respectfully disagrees that medical management is the only component of
our fraud, waste and abuse program. In SIR #88, Attachment 5, the Plan listed all case
notifications to OIG in 2011 and 2012. Some of the examples ofthese cases are:

    •    Altered checks
    •    Failure to notify carrier of divorce
    •    Doctor RX shopping
    •    Doctor up-coding

Additionally, the Plan supplied the OIG a listing of case referrals from 2008-2012.
Examples of these cases are:

     •   Bogus claims
     •   Plan jumper
     •   Fraudulent checks
     •   Services not rendered

These examples clearly demonstrate that the Plan's fraud, waste and abuse program
addresses indicators of fraud, waste and abuse beyond medical management. Moreover,
as stated above, the NCHAA lists medical management as one of the most common
forms of fraud, waste and abuse. In summary, the Plan's F&A program appropriately
addresses medical management in addition to other types of activities that indicate
potential fraud, waste or abuse.

Reporting and tracking of cases
OIG contends that because the Plan does not use an electronic tracking system, "that
potentialfraud and abuse is going undetected, not being prevented, not investigated and
not properly reported to the OJG. " Draft Report, p. I 0; (Recommendations 5 and 6). Our
comments below address the following statements in the Draft Report:

The Plan's F&A reports "showed that the data submittedfor recoveries, actual and
projected savings, and cases referred to law enforcement could not be confirmed,
supported or verified Additionally, we could not determine if the cases opened, amount
ofrecoveries, and the actual and projected savings reported were even related to a .fraud
issue." Draft Report, p. 15; (citing CL 2003-25); (Recommendation 6).

The Plan "overstated and could not support" its annual F &A reports submitted to OPM.
Draft Report, p. 18.

"Additionally, the plan has failed to track, document and record its SJU anti-fraud
activity, including incoming allegations, sources, tax identification numbers and other
basic investigative information or actions needed to support the performance ofany
proactive F&A investigation or activity related to the allegations ofservices not
rendered up-coding, unbundling, excessive or unnecessary charges, or medical
necessity. The Plan only provided evidence that it performs a claim by claim pre­
payment revie·w ofthese associated allegations." Draft Report, pp. 20-21.


                                           4

"The Plan failed to report potentia/fraud and abuse cases per CL 2007-12 and CL 2011­
13 ". Draft Report, p. 21.

 ''The Plan states that it submitted its annual F&4 reports in accordance with OPM
guidance. Including the number ofcases opened, and the amount ofrecoveries and
actual savings in its annual F&A reports which were based on medical management
determinations is applicable when the issue is directly related to a fraud and abuse
activity or issue. However our review showed that ·we could not substantiate that any of
the allegations reported and reviewed by the Plan's medical management based SIU
were F&A related." Draft Report, p. 21.

NALC Health Benefit Plan Response:
Tracking System: The Plan's SIU does track cases that are being investigated for fraud,
waste and abuse. We utilize an Excel Spreadsheet to index the physical paper case files
that contain all the case information including the information requested by OIG. The
spreadsheet is also used to calculate savings that is reported to OPM on the F&A report.

The Draft Report states that Excel is not a tracking system; however, it is not intended to
function as a tracking system in and of itself. The Excel spreadsheet does provide the
basic capabilities of case tracking but ultimately, the SIU relies upon the specific case
files and not the spreadsheet. That is why, in response to Objective 88, the supporting
Excel spreadsheets did not include all the requested data elements and the Plan offered to
deliver the non-captured data through a manual process by extracting the information
from the actual paper file once a universe was selected. The OIG did not provide the
NALC HBP a selected universe for this audit or request specific hard copy files.

We also note that neither the OPM contract nor the Carrier Letters that address F&A
programs indicate that any particular or prescribed tracking systems be used, or a
comprehensive list of required data elements. The Plan uses the spreadsheet for the
purposes set forth above, relying upon the completeness of the paper file to provide
tracking information. Had OIG requested particular files to review, the Plan would have
complied, thereby affording OIG the opportunity to review the files for inclusion of those
elements not included in the spreadsheet.

Annual reporting: We provided the "actual savings" as reported on the annual F&A
report in our response to SIR 88, Attachment 5, Section 4 question 2C. When the Plan
initially responded to SIR 88 Attachment 5, Section 4, Question 2D, we provided the
cases opened within the scope of the audit and that were indexed on our SIU Excel
spreadsheet. In IR#6 Section 4, Question 7, the Plan explained that the discrepancy
between the data provided and the F &A report was due to a failure to include the claims
fully excluded by the SIU. "Other claims fully excluded by the SIU" are claims that our
internal payment edits kicked to the SIU as possible fraud, waste or abuse. After internal
review by SIU analysts, these claims were excluded as fraud, waste and abuse.
Examples of the exclusions are:



                                         5

    •   Provider billed for services not rendered
    •   Altered charges
    •   Ineligible person using insurance card
    •   Excessive charges by provider
    •   Medical necessity

We considered that OIG might request the supporting data for the claims fully excluded
by the SIU and assumed that request would be forthcoming. We regret any
misunderstanding that caused us to wait for a request rather than provide the information
in connection with our response. The Plan acknowledges that clerical errors, e.g. number
of cases opened, dollars identified as lost and dollars recovered occurred on the F &A
reports from 2007 to 2011. These errors have now been corrected and revised F&A
reports have been re-submitted to OPM.

With respect to the Draft Report statement that OIG "could not substantiate that any of
the allegations reported and reviewed by the Plan's medical management based SIU
were F&A related", we believe that had a request been made for the physical files, the
documentation would have confirmed, supported and verified that the cases listed in the
Excel spreadsheets provided were F &A related.

Notifications: The Plan respectfully disagrees with the conclusion that it is not in
compliance with OPM CL 2007-12 and CL 2011-13 related to the reporting of fraud,
waste and abuse cases. The OIG audit pointed out the limitations of our manual case
tracking system which we expect to address in our review of third party software
specifically designed to track fraud waste and abuse cases. We are actively evaluating
potential solutions to implement in the near future.

The Plan acknowledges that it was not sending notifications to the Regional Special
Agent but rather to the OIG' s hotline investigator, investigative analyst or a field
investigator. This was corrected on April 13, 2011 as soon as it was brought to our
attention by OPM OIG.

Information sharing with vendors
OIG contends that there are deficiencies in SUI's communication and information
sharing with its vendors. Draft Report, p. 13; (Recommendation 7).

NALC Health Benefit Plan Response:
The Plan has taken advantage of the specialized services provided by its vendors and has
expanded the direct sharing of information regarding suspected F &A.

Opturn began running software to detect fraud, waste and abuse over the NALC claims
on May 16, 2012. A spreadsheet outlining their savings results was provided to the OIG.
This report is now being sent on a quarterly basis to the Plan; and we have requested the
report to be expanded to include the underlying case information.




                                         6

Caremark- Our PBM has performed Utilization Review Pharmacy Management for the
Plan since January 1997. This program detected potential issues that include but are not
limited to drug interactions, contraindications, over dosage, therapeutic duplications, and
age inappropriateness. This program insures patient safety and performs medical
management in our prescription drug program. OIG acknowledged that medical
management is a component of a fraud, waste and abuse. The medical management
aspect of the program was to contain costs but more importantly was done to insure
patient safety. The program results were summarized in our response to OIG.
In addition, Caremark's Safety and Monitoring program began in January 2010. This
program evolved from the Utilization Review Pharmacy Management program. Software
to detect fraud, waste, and abuse through these programs were also summarized in our
response to OIG. In addition, a detail of the Safety and Monitoring program was
provided. The Utilization Review Pharmacy Management reports are sent to the Plan on
a quarterly basis; and the cases arising from the Safety and Monitoring Program are
reported to the Plan as they are detected. Since January 2010, the Plan has reported any
pharmacy, physician, or member prescription fraud, waste and abuse related cases to the
OPMOIG.

We are always looking for ways to increase the level of inter-communications with the
vendors. One area we have explored with certain vendors is whether they are able to
integrate their fraud, waste and abuse procedures with the Plan's procedures under
Contract CS 1067 and the Carrier Letters. While some efforts have not progressed
further based on these limitations, we believe we can overcome these issues in order to
make better use of the vendors' own programs. In sum, while the Plan acknowledges that
its coordination with the vendors specifically regarding F&A programs can be enhanced,
and the Plan is willing to do more in the future, we respectfully disagree that the Plan
lacks any communication and information sharing with its vendors in regard to fraud,
waste and abuse.

Fraud,Waste and Abuse Policy Manual
OIG contends that the Plan lacks a specific policy and procedure manual and that,
without "one specific reference" to the Plan's policy and procedures, employees,
including those in SIU, have to review multiple documents, manuals, websites and other
references "to determine the who, what, where and when to report potential fraud and
abuse cases to OPM 0/G. "Draft Report, p. 15; (Recommendation 4).

NALC Health Benefit Plan Response:
The 835 page document supplied to the OIG in response to SIR 88, Attachment 5,
Section I, Question 8 as Exhibit C and referenced in OIG's contention above, is a
compilation of documents, information, training material and references that relate to the
Plan's policies and procedures for detecting and investigating fraud, waste and abuse.
This document is used by the SIU Supervisor. Information is extracted and disseminated
to various departments as it applies to their specific job classifications.

The Plan has published a policy statement in its electronic claims manual (referenced in
but not part of the 835 page document) since 2006 and prior to that, it was published in


                                         7
paper form. The electronic claims manual (ECM) defmes fraud, waste and abuse;
instructs how to detect fraud in each department and who to report it to. All new
employees in the claims areas receive the policy; and the overwhelming majority of the
new employees are hired in the claims areas. In addition, all claims analysts are trained
in the Plan's fraud and abuse procedures specific to their job classification. Finally, the
Plan includes a fraud and abuse statement on its website and in its brochure.

The Plan's employees who are most directly responsible for the day to day operation of
SIU activities are thoroughly familiar with the materials compiled by the Plan and we
believe the materials provided to and available to the Plan's employees provide adequate
guidance. However, we acknowledge that an overhaul of the Plan's materials with the
goal of producing a more centralized resource that operates as a manual would be
beneficial and we will undertake that project.

Costs and benefits of the Plan's F &A Program
OPM contends that the Plan does not comply with the Contract CS 1067 requirement and
CL 2003-23 to submit an annual analysis of the costs and benefits of its fraud and abuse
program. Draft Report, p. 18; (Recommendations 9, 10 and 11).

NALC Health Benefit Plan Response:
The NALC Health Benefit Plan does provide an analysis ofthe benefits of its fraud and
abuse program through the annual Fraud and Abuse Recovery and Savings Data report
we provide OPM. The Actual Savings reported nets any costs for external medical
review fees. Additionally, the OIG requires that FEHB plans complete an accompanying
questionnaire every 3 years (or sooner if a major reorganization of the Plan or merger
occurs). In 2011, the Plan responded to the Fraud and Abuse Questionnaire for
Performance Indicators:

       Question #7: How do you measure the performance of your fraud control
       operation?

       Plan's Answer: The number of claims reviewed, the number of claims audited,
       and the benefit dollars saved.

The questionnaire does not indicate that the performance measure must be an ROI
calculation. Furthermore, Contract CS 1067 does not require the Plan to calculate an ROI
for the Plan's Fraud, Waste and Abuse Program.

We understand there may be benefits in using an ROI which captures the costs of office
space, equipment and supply costs however, as we indicated in our response to the SIR,
the NALC Health Benefit Plan does not employ a static budgetary process as part of its
management of operations. We believe there may be other methods to calculate the costs
of our Fraud and Abuse program. We invite discussion on the method the Plan will use
to improve its ability to demonstrate its cost vs. benefit to the FEHB program in
accordance with Contract CS 1067. We contend we do comply with all aspects of



                                         8

       Contract CS I 067 in this regard notwithstanding our acknowledgement that we do not
       capture all of the costs as noted above of our Fraud and Abuse program.

       With respect to Recommendation 11, we are currently evaluating third party proactive
       fraud detection software and plan to perform a cost benefit analysis to determine the total
       cost and benefit of these systems to the Plan and the FEHBP.

       Finally, with respect to Recommendation 10, we believe the Program would benefit from
       more specific guidance regarding the types of cases that are expected to be addressed by
       the F&A Program.

We look forward to working with the OPM OIG and our Contract Specialist to address these
areas, and to receiving additional guidance on F&A as OIG has indicated is forthcoming.




Administrator
NALC Health Benefit Plan


Cc:                       U.S. Office of Personnel Management
                         .S. Office of Personnel Management
                        President, NALC
                       Director, NALC Health Benefit Plan




                                                9