Megan Tinker, chief of staff for the Department of Health and Human Services Office of Inspector General (HHS OIG), kicked off the final day of RISE National 2026 with a keynote presentation that emphasized regulators and the Medicare Advantage industry share the same mission: better value and better quality of care for patients.
During her keynote, Tinker highlighted OIG’s recent work to demonstrate both scale of oversight and the urgency for robust compliance programs.
Among the watchdog’s key accomplishments since she last spoke at RISE National two years ago:
- $19 billion in monetary impact, including recoveries and audit findings
- 360 recommendations issued to HHS to improve program operations
- 1,577 criminal and civil actions executed
- Excluded 2,837 entities from federal health care programs, an important action because it prevents bad actors from reentering federal programs and protects beneficiaries and taxpayer dollars
Why managed care is a top priority
Tinker acknowledged the instability of the current Medicare Advantage landscape, including plan exits, provider withdrawals, and market shifts, but she stressed that the model persists because of its promise of coordinated, high-value care. Despite these changes, she said, managed care continues to be the primary and dominant payment system.
Given Medicare Advantage’s scale and growth, OIG has decided to dedicate a large portion of its limited resources toward oversight in this area focusing on access to care, financial oversight, and data accuracy and data-driven decision-making. These priorities reflect OIG”s research and findings across audits, evaluations, and enforcement.
One of the central talking points of her presentation was OIG's recent release of Medicare Advantage Compliance Program Guidance, the result of two years of listening sessions with payers, providers, vendors, and trade associations. “We didn’t want to produce another wonky government document… we wanted practical, meaningful guidance,” she said.
Tinker emphasized that the guidance isn’t mandatory, doesn’t replace Centers for Medicare & Medicaid Services (CMS) rules or audits and is intended as a critical tool for identifying and mitigating real-world risks.
The document focuses on seven major risk areas, including access to care, marketing/enrollment, risk adjustment, quality of care, third-party oversight, risks tied to organizational type, and accurate claims submission.
During her presentation, Tinker focused on the top three areas.
Focus area: Access to care, particularly with prior authorization and network adequacy
OIG’s evaluations reveal consistent problems in prior authorization, especially when delays or denials contradict Medicare coverage rules. Tinker said OIG understands that when prior authorization is done correctly it is an important tool for MA plans to coordinate care and to ensure appropriate care is given to beneficiaries.
What plans can do: To manage the risk, she urged attendees to make sure they know what the rules are related to prior authorization, review their prior authorization decisions and denials for trends, and audit and review when appropriate. Machine learning or artificial intelligence may help speed up the process, but she said to make sure to include a human in the process to ensure the accuracy of those decisions.
OIG investigations also uncovered problems with network adequacy, particularly in behavioral health care with cases of ghost networks and capacity shortages. The agency has found providers are unreachable, not accepting new patients, and entire counties listed without valid contracted providers, leading to settlements and corporate integrity agreements.
CMS plans to tighten network verification requirements for the 2027 plan year, making proactive compliance crucial, Tinker said.
What plans can do: To better manage network adequacy, she advised attendees to know their organization’s network and implement robust procedures to check the network over and over again. If you know the network has a weak or problematic area, take action. Make sure if you don’t have active providers, you remove them from your network and also independently verify the information. OIG often conducts secret shopping, pretending to be beneficiaries and calling to see whether the provider would take them on as a new patient. Tinker said organizations may want to do their own secret shopping .
Focus area: Risk adjustment
Tinker called risk adjustment “a big bugaboo” and presented striking statistics:
- $23.7 billion in improper Medicare Advantage risk adjustment payments in 2025.
- OIG audits have uncovered error rates as high as 97 percent for certain diagnoses.
- OIG’s enforcement actions have recouped more than $1 billion, including major settlements with Aetna and Kaiser.
She also noted OIG’s support for CMS' proposed prohibition on unlinked chart reviews, arguing that diagnoses should always be supported by service records
What plans can do: Self-audit aggressively, use data analytics to spot outliers and “things that don’t make sense”; and ensure third-party vendors meet compliance standards, as plans remain accountable for their actions.
Focus area: Marketing and enrollment
This is a relatively new area of concern and OIG is monitoring kickback-type relationships, such as payors paying brokers to refer beneficiaries to their plans; misleading marketing practices; and cherry-picking healthy enrollees or steering away sicker ones, a practice she referred to as lemon dropping.
What can plans do: She suggested that plans review their compensation arrangements to make sure they don’t create incentives to influence enrollment. Are they truly grounded in better care for your patients? Are they truly grounded in value, or are those incentives askew? Are they about making sure you don't have really sick beneficiaries that cost a whole lot of money? Are they about making sure you have people who are very healthy?
Make sure to evaluate all parts of your ecosystem, including your providers, vendors, as well as yourself, to make sure the agreements make sense and that they don’t include inappropriate incentives. Develop systems to review and monitor payments to and agreements with third-party marketing organizations. Monitor your agents and brokers and if something seems out of the ordinary, take action.
OIG resources for the industry
Tinker also encouraged organizations to use OIG’s tools, especially:
- General Compliance Program Guidance (2023)
- MA Compliance Program Guidance (2026)
- The Risk Adjustment Toolkit, which shows exactly how OIG identifies high-risk codes and was created after industry asked for more transparency.
- The Work Plan, updated monthly with new audits and areas of concern