Preventive Medicine in Health Care Deals: A trouble-prone industry challenges buyers

Due diligence in health care-related mergers and acquisitions should have a unique focus. Because of the highly regulated nature of the industry, as well as the priority and the resources that government law enforcement gives to health care fraud, effective due diligence aimed at compliance issues is critical. Health care companies can run afoul of the law and be forced to pay hundreds of millions of dollars in criminal or civil settlements with the Department of Justice (DOJ) or even face a corporate “death penalty,” which prohibits the firm from participating in government-subsidized programs like Medicare. The buyer of a health care company that doesn’t take compliance due diligence seriously and do it correctly risks a disastrous and extremely expensive mistake. The health care industry is one of the most active M&A sectors, with both strategic and financial acquirers trolling for deals. Hospitals and other health care providers, medical equipment manufacturers, testing laboratories, pharmaceutical concerns, and others are regarded as attractive properties now and should remain coveted targets for the foreseeable future because economics are running in their favor. For many years, health care spending has outstripped general economic growth because of increased longevity of people, expensive new technologies, and the influence of Baby Boomers who have high quality-of-life expectations. Although spending slowed somewhat in 2004, it still grew by 7.9%, and health expenditures now represent 16% of GDP, according to figures recently released by the government. An average of $6,280 per person is spent each year on health care goods and services in America. Moreover, these figures do not take into account the effects of the expansive new drug benefit offered to senior citizens for the first time in 2006 under the Medicare Part D program. That program alone is expected to account for cumulative spending of more than $1.2 trillion dollars by the federal government between 2006 and 2015. Given the demographics of the U.S. population, as well as other political and economic factors at work, it’s hard to imagine health care spending slowing any time soon. Government Largesse Comes at a Cost Although the health care industry is attractive, investors must recognize that it results from a Faustian bargain with government. Federal, state, and local governments supply about 50% of the money spent on health care, and government spending is the constant economic driver in the industry. Hospitals, nursing homes, hospices, home services and other providers, pharmaceutical companies, device manufacturers, and virtually all other suppliers of health care goods and services are dependent on this steady stream of payments from governmental coffers. Without payments from Medicare, Medicaid, and other government programs, health care companies would lose a sizeable portion of their revenues and suffer catastrophic consequences to their bottom lines. Yet, these government benefits come with many strings attached. Regulatory, statutory, and contractual requirements can be onerous, ambiguous, and contrary to normal business practices. The Medicare and Medicaid statutes have been described by the courts as “among the most completely impenetrable texts within human experience.” Compliance with these complex laws and regulations, therefore, must be evaluated carefully as part of any due diligence effort in assessing the value of a health care target or the creditworthiness of a borrower in the industry. Risks Posed by Health Care Fraud Health care compliance failures are in many ways like environmental liabilities: They often involve old or hidden conduct with potential consequences that can extend many years beyond the closing of a deal. Alleged legal violations have required many health care companies to pay enormous damages and penalties in settlements with the government. A few examples of the substantial amounts that the DOJ and private whistleblowers have extracted from health care companies in recent years include: * Hospital giant HCA Inc. paid a total of $1.7 billion between December 2000 and June 2003 to settle fraud claims for allegedly submitting false cost reports, illegal payments to physicians, billing for unnecessary laboratory tests, “upcoding” medical bills to get higher reimbursements, billing for non-reimbursable costs, and other misconduct. * TAP Pharmaceutical Products Inc. paid $875 million to resolve criminal and civil charges in connection with fraudulent drug pricing and marketing of Lupron, a prostate cancer drug. * Serono Laboratories Inc., manufacturer of a drug for AIDS-related treatment, paid $704 million to settle allegations of kickbacks to doctors and pharmacies and illegal off-label marketing practices. * Fresenius Medical Care of North America paid $486 million to settle allegations of fraudulent blood testing claims and kickbacks and false claims relating to kidney dialysis services. * HealthSouth Corp. paid $325 million to settle allegations of fraud in its outpatient physical therapy business and inpatient rehabilitation business. The list of cases in which health care companies have paid tens or hundreds of millions of dollars could go on and on. Furthermore, the settlement amount does not cover the significant ancillary costs associated with a fraud settlement, such as forced changes in business practices; accountant, expert, and attorneys’ fees; and time and attention required from management to clean up the problem. Health Care Fraud And Compliance Due Diligence A carefully constructed due diligence review can add significant value to a deal. It can guide exit strategies and decisions on whether to do a stock or asset deal, what units of the target can be divested after closing, and what changes are needed in the company’s compliance efforts. The results of the health care diligence also may affect the need for indemnification or escrow provisions in the deal structure and the types of representations and warranties that are memorialized in the deal documents. However, a buyer can protect itself only if it has correctly identified and analyzed potential compliance problems. There are many concrete steps that can be taken during a due diligence review to root out the risks of potential health care fraud liabilities. The due diligence exercise should be tailored to the particular company and the business it’s in, but a few basic steps are recommended for almost any health care compliance due diligence. Potential or pending criminal investigations The consequences of a criminal conviction or guilty plea are severe for any health care-related company. They include heavy financial penalties, potential incarceration for individuals, and reputational harm. Criminal convictions and guilty pleas also can trigger other less obvious, but no less debilitating, collateral consequences. Criminal health care fraud convictions, for example, can lead to the loss of licenses that are critical to company operations. Criminal convictions also can lead to administrative sanctions by federal or state agencies, resulting in a company being excluded from Medicare, Medicaid, and other federal and state programs. Given the importance of the stream of income from these government programs, exclusion is commonly referred to as a corporate “death penalty.” One of the first priorities of a health care due diligence review, therefore, is to identify any potential or pending criminal investigations. The execution of search warrants and issuance of grand jury subpoenas are clear indications of a pending criminal investigation. Sometimes the government directly informs the company or its employees that they are targets in the criminal investigation. Yet, often the indications of trouble are more subtle. A due diligence review should closely question the target’s counsel and compliance officer about whether any current or former employees have been approached by government investigators for interviews. Any requests by government lawyers or investigators for documents will require careful follow-up to ascertain whether the government has launched a criminal investigation of the acquisition target. Risk of civil False Claims Act liability The government typically describes the civil False Claims Act (FCA) as its primary means of enforcing health care fraud laws. FCA lawsuits can be initiated not only by the government but also by private “qui tam” whistleblowers, such as current and former employees, competitors, sales personnel, and company contractors, who share in up to 30% of any money recovered by the government. The law imposes civil liability for knowingly presenting or causing to be presented a false or fraudulent claim to the federal government for payment or approval. FCA offers the DOJ and the plaintiffs’ bar a considerable financial weapon. Defendants found liable under the FCA must pay treble damages, which plaintiffs usually allege are three times the total amount billed to the government and penalties of up to $11,000 for each “false” claim to the government, along with the whistleblower’s attorneys’ fees and costs. Many state and municipal governments also have gotten into the act, enacting whistleblower laws with similarly onerous damages and penalties. With potentially huge bounties at stake, the DOJ and whistleblowers have put health care companies in their bull’s-eye. Recent FCA cases have attacked alleged improper conduct in a variety of industries: * Pharmaceutical companies have been found to have engaged in allegedly improper pricing and marketing practices, as well as the payment of alleged kickbacks to potential referral sources. * Durable medical equipment manufacturers have settled FCA cases involving alleged kickbacks. * Nursing homes have faced quality-of-care issues under FCA. * Hospitals have been accused of performing unnecessary tests and procedures, billing the government for experimental devices, and using improper billing codes (referred to as diagnosis related groups, or DRGs) to obtain inflated payments from the government. For very large health care companies, FCA lawsuits are a cost of doing business. It’s virtually impossible to run hundreds of health care facilities and/or employ tens of thousands of individuals without generating at least a small number of FCA lawsuits. The challenge for a due diligence review is to evaluate the level of risk associated with a particular qui tam lawsuit. Representatives of the target company may talk about the frivolous nature of a claim against the company or offer assurances that the company “has it under control.” Even if made with the utmost good faith, these assurances must be closely scrutinized by the due diligence team. A buyer will want to know whether the alleged misconduct is company-wide or localized, how integral the conduct is to the company’s business operations, how high up in the company it extends, the magnitude of the potential financial exposure, and the strength of the company’s defenses. While the outcome of FCA litigation cannot be predicted with any certainty, the due diligence exercise should provide a buyer with a rough sense of the magnitude of risk presented by the transaction. Analyzing a company’s risk for FCA liability is especially problematic because whistleblower cases are initially filed under seal – and, therefore, kept secret from the defendant company and the public – while the government completes its investigation and decides whether to take over the plaintiff’s case. Many cases remain under seal for years. Consequently, a whistleblower suit can be pending without the acquisition target even realizing that it is the defendant in a major FCA lawsuit. Reviews of employee exit interviews and compliance hotline complaints can help investors determine whether the company is a good candidate for future or pending qui tam cases. The issuance of civil investigative demands or inspector general subpoenas to the company or its employees also can be indications that the company may be the target of a civil DOJ investigation or a defendant in a still-sealed qui tam suit. Docket search Of all the tasks that can be done in health care due diligence, performing a docket search for litigation involving the target is one of the easiest, most cost-effective, and most often overlooked. In our experience, simple computerized searches have revealed a number of qui tam cases that were unsealed but never disclosed by the seller. Docket searches also have uncovered litigation alleging regulatory lapses that increased the risk profile of the target. Making sure that a buyer has seen a full list of the litigation facing the target should be an elementary step in any health care due diligence effort. Barred from doing business with the government Another important fact to check is whether the company, any of its units, or any of its key employees have been or are about to be excluded from participation in Medicare or Medicaid programs. Exclusion is an administrative sanction imposed by the Department of Health and Human Services (HHS), rather than DOJ prosecutors. This administrative “death penalty” can: * Force the closure or sale of the company or company units; * Prevent other health care companies from doing business with the target; * Prevent officers, directors, and managers from participating in company operations, a critical matter if the deal is designed to bring in talent from the target; * Prevent key inventors or innovators from participating in federally funded research or programs; and * Lead to similar administrative sanctions, referred to as “debarment,” by other federal and state government programs. The government maintains lists of companies and individuals that are excluded or debarred. Checking these publicly available exclusion databases for the status of company units and/or key employees is a basic due diligence step. Corporate integrity agreement Hundreds of health care entities confronted with fraud allegations have entered into corporate integrity agreements (CIAs) with the government. A CIA can have a mixed impact on a company’s value. In some respects, it can be a positive factor, because the company already has been through the process of dealing with an alleged compliance failure and has negotiated a resolution with the government. Companies operating under CIAs are required to improve their compliance programs. Moreover, companies with CIAs tend to be more sensitive to compliance issues in order to avoid the pain of another fraud case. However, a CIA also can negatively affect a company’s value. Spin-offs or divestitures of target units planned by a buyer may be impeded by a CIA and can require additional negotiations with the government. Corporate integrity agreements also contain their own compliance obligations over and above those that exist under fraud and abuse laws, and a company that fails to satisfy those requirements can be subjected to stipulated daily penalties and more draconian enforcement actions by the government. A Miami hospital, for example, recently was excluded because it allegedly failed to comply with the terms of its CIA. One of the CIA violations that allegedly contributed to the hospital’s exclusion was that the owners failed to notify the government when the hospital was sold to a new operator. Companies operating under a CIA typically are required to submit a number of reports to the government, and these reports are a treasure trove of important information for potential buyers. It is astonishing how often these reports are overlooked or, even worse, are reviewed without a full understanding of their significance during the due diligence process. If the target has been operating under a CIA, the buyer must be sure that its counsel has carefully reviewed all of these reports, paying particular attention to other pending or threatened proceedings against the company, digests of employee and customer complaints, and summaries of regulatory assessments made by state or local agencies. Reviewing the target’s compliance program The quality of a company’s compliance program speaks volumes about the level of attention being paid by management to health care fraud risks. Effective due diligence pays special attention to the target’s compliance program. During the review, a buyer needs to assess whether the compliance department receives adequate resources by asking these questions: * How well is it staffed? * Are compliance personnel well-qualified and appropriately compensated? * Does the compliance officer report directly to the board of directors and have authority to hire outside lawyers and auditors, if necessary? * Does the company have a toll-free hotline and do employees know how to use it? * How thorough and up to date are the company’s written compliance policies and procedures? The government has provided industry-specific compliance guidance, available at http://oig.hhs.gov/fraud/complianceguidance.html, that can be very helpful to potential buyers when assessing the quality of a company’s compliance program. Analyzing corporate relationships FCA cases involving alleged kickback violations have cost health care companies billions of dollars. Most involved the payment of perquisites or incentives to vendors, business partners, or referral sources. For example, HCA, when it was known as Columbia/HCA, was accused of offering doctors below-market rents on medical office space, hunting and fishing trips, loans to be used for investing in company capital projects, and consulting fees for work that was allegedly not performed. Several pharmaceutical manufacturers allegedly offered physicians junkets to Paris, free drug samples that were later billed to Medicare by the physicians, and research grants requiring minimal or no work by the recipients. Along with the obvious Paris jaunts and hunting trips, there are many gray areas and ambiguities in this area of the law. Discounts, rebates, and consulting agreements must be evaluated with both the federal Anti-Kickback Statute and the FCA in mind. Potential red flags can be handled a variety of ways. If time permits and there is good reason to believe that the government will not view the relationship as an abuse of federal programs, it’s possible to get a government advisory opinion approving the arrangements. Sometimes a well-reasoned and carefully documented written opinion of qualified counsel can mitigate risks in this area. Occasionally, corporate relationships and other arrangements are uncovered in due diligence that are difficult to reconcile with existing interpretations of the law. These can be especially painful discoveries for both buyers and sellers. Because the Anti-Kickback Statute prohibits not only the offer but also the receipt of certain payments involving federal programs, a violation typically implicates one of the company’s contracting partners. Moreover, the government argues that a provision in the Medicare statute requires self-reporting and repayment of any funds that were obtained by the company under an illegal relationship or through any other overpayment. Some state false claims laws also impose civil liability if a company fails to self-report after determining that it has received payments from a false claim. There are many strong, legitimate defenses to alleged kickback violations, and the government has failed to win convictions in a number of high-profile criminal cases. However, as the billions of dollars paid to resolve civil litigation demonstrate, it’s important that a buyer address potential kickback issues during a health care compliance review. What is important to the government Each year, the HHS Office of the Inspector General publishes a Work Plan in which it summarizes the agency’s enforcement and audit priorities for the coming year. Current and past work plans are available at: http://oig.hhs.gov/publications/workplan.html. Certain industries are prone to specific types of fraudulent schemes by virtue of their structure and reimbursement system. Has the target focused its ethics efforts, including its training and internal audits, on the problem areas highlighted by the government? A thorough due diligence also may involve its own fresh, outside look at the health care company’s conduct in the hot areas found in the Work Plan. Be prepared to walk This last piece of advice applies not so much to conducting due diligence itself but to the attitude of the potential investor. Many of today’s health care transactions occur in a very competitive auction environment. It’s easy to get caught up in the chase. However, if due diligence uncovers major questions about possible fraud issues, weak controls, or the lack of culture of compliance, these signals cannot be ignored. Rather, they should result in a substantial reduction in the price the buyer is willing to pay – especially if it will cost a bundle to fix problems post-closing – or the buyer’s decision to walk away. Michael Waldman is a Partner, and Beth McClain is Special Counsel, in the Washington office of Fried Frank Harris Shriver & Jacobson. (c) 2006 Mergers and Acquisitions Journal and SourceMedia, Inc. All Rights Reserved. http://www.majournal.com http://www.sourcemedia.com