False claims and qui tam enforcement trends

We have seen record-breaking False Claims Act (FCA) enforcement activity: FCA settlements and judgments topped $6.8 billion for fiscal year 2025 – the highest annual total in the statute’s history and more than double the prior year – while a record 1,297 qui tam lawsuits were filed. We will summarize the key themes of 2025 enforcement trends and point to developments for 2026 within this client alert.

Our partners Kate Seikaly and Rizzy Qureshi recently spoke at American Conference Institute’s 13th Annual Advanced Forum on False Claims and Qui Tam Enforcement in New York. Deputy Assistant Attorney General for the Civil Division, Brenna Jenny, provided the keynote speech, which we have summarized. Using content from the conference and our first-hand experience in handling FCA cases, we have created this summary of the key themes in current and future FCA enforcement for our clients.

Key themes

1. Health care fraud remains the dominant enforcement priority

Health care-related fraud accounted for over $5.7 billion of FCA recoveries in FY2025, roughly 83% of all recoveries. The DOJ-HHS FCA Working Group was relaunched in July 2025 to formalize interagency collaboration, and we expect priority enforcement areas in 2026 to include alleged Medicare Advantage fraud, including barriers to patient access; schemes that result in increased prescription drug prices; and medical necessity and substandard care, particularly involving medical devices and durable medical equipment Companies should expect an increased use of data analytics and AI-powered fraud detection. As DAAG Jenny put it: “Your next whistleblower could be your data.”

2. Expansion beyond health care: New enforcement initiatives

Though health care-related fraud accounted for the vast proportion of FCA recoveries in 2025, DOJ priorities now explicitly encompass:

• Civil Cyber-Fraud Initiative: Pursuing entities that knowingly misrepresent cybersecurity practices or fail to meet contractual cybersecurity requirements. Approximately 10 cyber-related settlements occurred in calendar year 2025, totaling $84 million, and we expect this trend to continue in 2026.
• Civil Rights Fraud Initiative: Launched in May 2025, this initiative uses the FCA to pursue recipients of federal funds who knowingly violate federal civil rights laws, with a particular focus on DEI programs. Civil Investigative Demands are being issued across industries, including technology, telecom, utilities, defense, pharmaceuticals, and automotive. Significant questions remain about what an enforcement action might look like, in particular with respect to the issues of materiality, scienter, and damages.
• Trade fraud and tariff evasion: Customs violations can trigger FCA liability even for companies that do not do business with the government. Recent settlements include Ceratizit USA ($54.4 million) and Evolutions Flooring ($8.1 million) for false country-of-origin declarations.

3. Third-party liability exposure is growing

The conference emphasized that FCA liability can extend beyond an entity that directly submits claims to the government. Private equity (PE) firms, consultants, and parent companies face increased exposure:

• Private equity: The DOJ has signaled that PE firms exercising active management of portfolio companies may be held liable for knowingly facilitating false claims. One PE firm settled for $1.75 million in a case involving direct employee involvement in non-compliant conduct.
• Consultants: One global consultancy firm settled for $650 million for allegedly causing false claims by directing strategies that increased unsafe prescription practices.
• Parent companies: One health care corporation faced $949 million in liability for knowledge and inaction regarding its subsidiary’s systemic non-compliance.

4. AI presents both risks and enforcement opportunities

AI is emerging as a significant enforcement focus. DOJ scrutiny includes overstated AI performance claims, data-quality and model-validation failures, and AI-driven billing errors. Recent enforcement examples include a health care company paying $23 million for alleged AI-assisted coding that upcoded ER visits, and a wound care provider settling for $45 million for EHR algorithm-driven inappropriate billing. Both the government and whistleblowers are increasingly using AI tools to detect billing anomalies and identify potential violations.

5. Constitutional challenges to qui tam provisions

Supreme Court justices have signaled interest in examining the constitutionality of qui tam provisions under Article II. The Eleventh Circuit’s decision in United States ex rel. Zafirov v. Florida Medical Associates, following oral argument in December 2025, may clarify this matter. In-house counsel should preserve this issue for appeal and monitor case law developments carefully.

6. Parallel proceedings and coordination

DOJ and HHS continue to work in tandem on civil and criminal enforcement. The DOJ’s Galeotti Memo (May 2025) emphasized prosecution of individuals alongside corporate remedies for health care fraud, procurement fraud, and tariff evasion. Companies facing investigations should anticipate multi-agency coordination, including involvement from state Medicaid Fraud Control Units.

Compliance recommendations for in-house counsel

• Conduct a certification inventory: Map all federal and state funding streams and contract clauses that include certifications and identify “conditions of payment” versus “conditions of participation.”
• For PE sponsors: Conduct deep-dive audits into regulatory “red flags” before acquisition of a portfolio company and maintain a clear separation between investment oversight and day-to-day billing or clinical decisions to avoid being legally classified as a direct “operator” of fraudulent activity.
• Invest in data analytics: Companies should deploy tools similar to those used by the FCA Working Group to detect errors and anomalies early, before a government inquiry.
• Prepare for internal investigations: Ensure sufficient expertise, confidentiality, and independence in the investigative team, maintain privilege throughout the investigation, and preserve all data sources – including ephemeral messages.
• Consider voluntary self-disclosure: Entities that make proactive, timely disclosures receive credit during FCA resolution. The DOJ Criminal Division’s revised Corporate Enforcement Policy provides for declinations when companies self-disclose, cooperate, and remediate appropriately.
• Treat compliance as litigation-grade evidence: Documentation of certifications, control testing, and remediation efforts may become critical evidence in FCA matters.

If you have any questions on this client alert or need assistance in handling FCA matters, please reach out to our team members below.

Client Alert 2026-25