Designed for busy in-house counsel and compliance professionals, this newsletter seeks to bring you up to speed on key federal and state False Claims Act (FCA) developments, with links to primary resources. Each quarter, Morrison Foerster provides key takeaways and discusses some of the most significant false claims topics.
In this second newsletter of 2025, we answer the following questions: What lessons do we draw from the U.S. Department of Justice (DOJ)’s recent announcement about its work in the FCA arena? How might the Supreme Court’s recent ruling in an FCA case impact the definition of “claims” under the FCA? And how is DOJ starting to enforce its priorities under the FCA? The answers to this quarter’s questions—plus a discussion of two states’ efforts to expand FCA liability—are here in our MoFo April 2025 FCA Update.
Federal
DOJ Signals Continued Robust Enforcement of the FCA. On February 20, 2025, Deputy Assistant Attorney General (DAAG) Michael Granston and Director Jamie Ann Yavelberg of the Civil Division’s Commercial Litigation Branch confirmed at the Federal Bar Association (FBA)’s Qui Tam Conference that DOJ would continue aggressive enforcement of the FCA in four key areas, as we discussed in a recent client alert: healthcare fraud including Medicare Advantage (Part C), cybersecurity, pandemic relief fraud, and tariffs and customs avoidance. It is noteworthy that DOJ leadership confirmed that DOJ would continue to defend the constitutionality of the FCA’s qui tam provisions before the Eleventh Circuit in Zafirov ex rel. United States v. Florida Medical Associates, LLC—a matter that we have watched closely since the October 2024 district court opinion. As discussed below, we are already seeing some of these priorities play out in announcements from DOJ. With DOJ committed to aggressive enforcement of the FCA, entities that do business with the government or otherwise submit claims for funding or reimbursement should pay special attention to how their compliance programs will be viewed by regulators and enforcers.
Supreme Court Holds that E-Rate Reimbursement Requests Are “Claims” Under the FCA. The U.S. Supreme Court has issued a unanimous opinion in Wisconsin Bell, Inc. v. United States, ex rel. Heath on the question of whether reimbursement requests submitted under the Federal Communications Commission (FCC)’s Schools and Libraries Universal Support program (known as the “E-Rate Program”) are claims under the FCA. As we explained in our October newsletter, although the FCC established the E-Rate Program, it is funded by private contributions and administered by a private, nonprofit corporation. Wisconsin Bell initially moved to dismiss a whistleblower’s FCA claim on the grounds that the alleged submissions were not actionable “claims” under the FCA because they didn’t involve government funds or requests to government agents. The Seventh Circuit held that the government provided E-Rate Program funding through its role in the “collection and distribution” of contributions and by depositing into the fund monies from the U.S. Treasury. Thus, the contribution of Treasury money was enough to qualify these reimbursement requests as “claims” under the FCA.
The Court’s 9-0 decision upheld the Seventh Circuit’s ruling, noting that it was not unusual for money to come into the public fisc from private parties—just like taxes, fines, or fees of all kinds—and thus E-Rate funds collected from fees on the private sector are also subject to the FCA. The decision may have broader implications for quasi-governmental programs. For example, in its brief, Wisconsin Bell cited Fannie Mae and Freddie Mac as quasi-governmental programs “falling within the FCA’s crosshairs.” These private, federally chartered companies insure a vast number of mortgages in this country. Wisconsin Bell cautioned that a decision by the Supreme Court that such programs are subject to treble damages under the FCA may impact their willingness to backstop mortgage loans and could also impact federally chartered nonprofits, like the Boy Scouts, Veterans of Foreign Wars, and the U.S. Olympic Committee, that are private entities financed with private funds. We will see if this ruling has a broader impact on comparable quasi-governmental programs—and look for the qui tam bar to test the waters.
DOJ Announces Two Cybersecurity FCA Settlements. After signaling at the FBA’s Qui Tam Conference that it would continue to prioritize its enforcement of the Civil Cyber-Fraud Initiative that it began several years ago, DOJ announced that it had entered into an $11.25 million settlement with Health Net and its parent Centene Corp. to resolve allegations that Health Net falsely certified compliance with cybersecurity requirements under a Department of Defense contract.
Health Net contracted to manage healthcare support services for the Defense Department’s Health Agency’s TRICARE health benefits program between 2010 and 2018. The contract required Health Net to follow certain federal cybersecurity and privacy requirements, such as scanning for vulnerabilities and fixing related security flaws in its network. The settlement resolved allegations that Health Net did not comply with these requirements, falsely certified compliance in annual certifications, and ignored reports from auditors about cybersecurity risks on its systems and networks.
On March 26, 2025, DOJ announced a $4.6 million settlement with MORSECORP Inc. to resolve allegations that MORSECORP submitted false claims for payment on contracts with the Departments of the Army and Air Force, because it knew that it had not complied with the cybersecurity requirements in those contracts. For example, MORSECORP allegedly used a third party to host emails without requiring and ensuring that such third party met appropriate security requirements, failed to implement all cybersecurity controls in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, failed to have a written plan for each of its covered information systems, and failed to correct its reported NIST SP 800-171 score. We expect DOJ to continue investigating alleged cybersecurity lapses by companies doing business with the government and companies should pay close attention to how regulators and enforcers currently view cybersecurity compliance.
DOJ Announces $8.1 Million Settlement Related to Evaded Customs Duties. On March 25, 2025, DOJ announced an $8.1 million settlement with Evolutions Flooring Inc. and its owners resolving claims that the company violated the FCA by evading customs duties on imports of wood flooring from China. Evolutions Flooring is alleged to have caused false information to be submitted to U.S. Customs & Border Protection (CBP) regarding the identity of the manufacturers and the country of origin of the wood flooring. Typically, CBP collects applicable duties, including antidumping and countervailing duties assessed by the government to protect against foreign companies “dumping” products on U.S. markets at prices below cost, while countervailing duties offset foreign government subsidies. As mentioned above, DOJ signaled at the FBA’s Qui Tam Conference that it expects robust enforcement of tariffs and customs avoidance in line with this administration’s foreign policy. We expect to see a large increase in investigations by DOJ of tariffs and customs avoidance.
State
California Considering Expanding State’s FCA Statute to Tax Matters. On March 28, 2025, a California state senator filed a bill to allow the attorney general, a local prosecutor, or a whistleblower to file a FCA suit based on suspected state and local tax fraud. The bill would allow government prosecutors, but not the civilian whistleblower, to have access to confidential tax records. Several prior attempts in California to pass similar legislation have failed. Other states, such as New York and Illinois, have expanded their FCA statutes to include tax matters. Opponents of this California bill are concerned that law-abiding taxpayers who make a judgment call on a state tax position may be sued by a whistleblower seeking to collect a reward. We will see if this bill succeeds where prior attempts to expand FCA liability to tax matters in California have failed.
Massachusetts FCA Statute Expanded. Earlier this year, Massachusetts enacted Bill H.5159, titled “An Act Enhancing the Market Review Process,” which extends FCA liability to owners or investors in entities that violate the Massachusetts FCA and fail to disclose that violation to the state within 60 days of discovery. The act defines “ownership or investment interest” to include (1) private equity firms, (2) private equity managed funds, and (3) investors holding at least a 10% stake, directly or indirectly, in a company that has violated the Massachusetts FCA. We have previously discussed federal and state regulators’ attempts to expand the scope of FCA statutes to include third-party investors. In our client alert, we discussed that DOJ has taken the position that investment firms may be found liable under the FCA, even when the investment firm is not directly involved in the claims submission process, if “their conduct played a significant and foreseeable role in advancing the scheme.” The Massachusetts statute expands exposure even further to sweep in third-party investors who fail to timely report FCA violations even though they had no role in the claims submission process. Private equity and venture capital firms should ensure that they are conducting robust due diligence in transactions involving companies that receive government funds.
[View source.]
