RADV Audits: Implications and Recommendations for Medicare Advantage Organizations

CMS is well underway in initiating and conducting its Risk Adjustment Data Validation (RADV) audits of Medicare Advantage (MA) organizations for PY 2019, and PY 2020 audit notices are likely to arrive by the end of September. The timing for subsequent PY audits is less clear, but notices will likely be coming soon given CMS’s announced plans to complete all remaining audits by early 2026, including all contracts for PY 2020 and beyond. This approach marks a significant deviation from the agency’s prior policy of reviewing only a fraction of contracts and at a much slower pace.

As discussed below, CMS’s new policy reflects the Administration’s overall focus on reducing alleged fraud, waste, and abuse. This push should prompt MA organizations to develop long- and short-term plans for handling RADV audits facing their organizations – as well as addressing their findings.

I. New CMS Policy Reflects Administration’s Push to Cut Alleged Fraud, Waste, and Abuse

Amid a federal push to cut back on alleged fraud, waste, and abuse within government programs, MA organizations have become the subjects of unprecedented and increased regulatory scrutiny. CMS’s change to its RADV audit policy imposes a heavy burden and substantial risk on MA organizations. Plans should mobilize resources in the short term to comply with audit requests and prepare for the possibility that audits could lead to demands for significant financial recovery (or other enforcement actions) should audit findings indicate allegedly unsupported diagnosis codes.

Identifying and penalizing MA organizations for alleged overpayments has been a stated priority for the Trump administration. In a July 2025 interview with Yahoo Finance, Dr. Oz spoke directly to CMS’s plans for audit-based enforcement, noting:

We have a process called RADV that allows us to go back to the late teens and, for the first time, audit Medicare Advantage companies. Based on what we find, we’re going to pull money back from them. We expect it will be billions and billions of dollars. But more importantly, we’re sending a message to the industry: Listen, I want you to succeed. I want you to thrive, but not at the expense of the American taxpayer.

II. RADV Audit Preparation for MA Organizations

Given Dr. Oz’s statements – and the long-term investment implied by the government’s recent efforts to expand CMS’s audit staff from 40 to nearly 2,000 medical coders – it seems almost certain that the government’s commitment to RADV audits will persist through the remainder of the President Trump’s second term. As such, health plans should strongly consider complementing their immediate plans for short-term RADV audit compliance with long-term strategies for navigating an increasingly active regulatory landscape.

As CMS ramps up its auditing capabilities in an effort to follow through on its ambitious auditing goals, MA organizations face a double-pronged challenge of complying with ongoing audits and preparing for the possibility of receiving recoupment requests and/or other enforcement penalties once audits are complete. Audits for PYs 2018 and 2019 are ongoing, with initial findings expected to be issued by early 2026. Once notified of alleged overpayments, MA organizations will have a 60-day window to initiate appeals.

MA organizations may also benefit from developing a longer-term legal strategy applicable to their various risk adjustment programs and compliance efforts. On September 9, 2025, Crowell & Moring’s health care practice will host a webinar to provide critical insights on how MA organizations can reduce their risk and prepare for RADV audits and their aftermath. Our attorneys will cover topics such as:

• How to efficiently and effectively respond to incoming RADV audit requests;
• How to preserve appeal rights and opportunities to push back on adverse audit findings; and
• How to assess and mitigate risks (financial and otherwise) from RADV audits, and to prepare for any subsequent government action or requests for recovery related to such audits.

For more information, we encourage all MA organizations interested in preparing a long-term RADV strategy to attend our webinar, review our strategic playbooks on audits and appeals and potential legal challenges to CMS’s new policy, and reach out to their preferred Crowell attorney for individual guidance.