HHS Corporate Integrity Agreements: A Year in Review

Skadden Publication

Jennifer L. Bragg Avia M. Dunn Maya P. Florence


In 2022, the Department of Health and Human Services Office of Inspector General (OIG) entered into 31 new corporate integrity agreements (CIAs) with companies and individuals in lieu of exercising its permissive exclusion authority to bar entities and individuals from participating in federally funded health care programs because of fraud. Five of those CIAs were with drug or device manufacturers.1

The drug and device manufacturer CIAs entered in 2022 featured novel provisions regarding the role and expectations of the compliance officer and the management-level compliance committee. Also in 2022, OIG unveiled new “transition plan” provisions that are designed to ensure that companies have enduring compliance processes in place at the end of a CIA’s term. Finally, OIG made progress in restructuring the CIA template to make CIAs easier to interpret and more effective in providing de facto standards and best practices for companies that may look to CIAs for guidance.

Key Points Regarding 2022 Drug and Device Manufacturer CIAs

  • All five CIAs entered into in 2022 were tied to False Claims Act (FCA) settlements:
    • Two were premised on alleged kickbacks to physicians.
    • One was based on the submission of claims to federal health care programs for tests improperly performed by unqualified personnel.
    • One involved alleged false representations made to the Food and Drug Administration (FDA) during the pre-market approval (PMA) application process for a medical device.
    • One stemmed from alleged drug pricing violations and kickbacks to patients through alleged improper donations to a copay charity.
  • Three CIAs empowered OIG to limit the compliance officer’s noncompliance responsibilities, underscoring OIG’s view that implementing and maintaining an effective compliance program requires substantial focus, time and resources on the part of the compliance officer.
  • Three CIAs enhanced the role of the management-level compliance committee, shifting the role from “supporting” the compliance officer to require active oversight of specific compliance-related activities.
  • Three CIAs required the submission of “transition plans” to ensure the company maintains an effective compliance program after the expiration of the CIA.
  • Three CIAs were associated with settlements of under $20 million, which appears to confirm that OIG has consistent compliance expectations regardless of the size of a company or underlying matter.2

Key Drug and Device CIA Trends

OIG discretion to limit noncompliance responsibilities of compliance officers. CIAs have long required that any noncompliance responsibilities of a compliance officer should be “limited and must not interfere” with the compliance officer’s ability to perform the compliance oversight duties required of them under the CIA. In a significant development, the majority of these CIAs negotiated in 2022 instead require that the compliance officer “shall not have any noncompliance job responsibilities that, in OIG’s discretion, may interfere or conflict” with the duties required of them in the CIA. This provision appears to reflect OIG’s view that a substantial amount of time and level of oversight is required to maintain an effective compliance program. While this is undoubtedly true, an overly siloed compliance program may miss some of the benefits that companies have realized from taking a more holistic approach to managing — and mitigating — organizational risk, which includes but is not limited to compliance risk. It is unclear whether organizations with a more matrixed approach will meet OIG’s new expectations.

Heightened expectations of the compliance committee. As noted above, three CIAs negotiated in 2022 specifically task the compliance committee with, among other things, annually reviewing the CIA-mandated policies and procedures and training plan as well as with overseeing the risk assessment process and the transition plan. This is a significant departure from earlier CIAs, which simply required management level compliance committees to “support” the compliance officer in fulfilling his or her responsibilities, and reflects OIG’s enhanced expectations regarding an active and engaged compliance committee.

Financial recoupment. One 2022 CIA includes provisions requiring a drug manufacturer to implement a financial recoupment program that puts annual performance pay at risk of forfeiture and recoupment if an individual is determined to have engaged in significant misconduct. This provision is the latest of a series of CIAs that have included such requirements in recent years. It also aligns with recent Department of Justice guidance that corporate compliance programs should include provisions that tie incentive compensation to compliance metrics and permit recoupment for compliance violations.

Novel “transition plans.” In a March 29, 2022 speech, OIG Principal Deputy Inspector General Christi Grimm observed that an organization’s ability to detect and respond to risks is an “essential feature of modern, effective oversight and compliance.” Therefore, it is not surprising that, as noted above, three of the CIAs entered in 2022 require that the company submit to OIG a “transition plan.” Those plans must outline whether and how the entity will continue to include the compliance program architecture at the end of the CIA’s term, and also that the transition plan must be reviewed and approved by the company’s board of directors.

Price disclosure provisions. In 2021, OIG entered three CIAs with drug manufacturers that, for the first time, included provisions requiring both internal monitoring and disclosure to OIG of the internal deliberative processes around price increases and contract negotiations. One 2022 CIA included drug transparency provisions but it only required public disclosure of certain of the company’s drug price actions, not internal deliberative processes. The case at issue involved allegations that the company violated the FCA by underpaying Medicaid drug rebates and using an independent charitable foundation as a conduit to pay the copay obligations of federal health care beneficiaries. While it is not surprising to see price transparency provisions in the resulting CIA, DOJ has largely resolved its industrywide investigation of pharmaceutical manufacturers’ donations to independent charitable foundations, so it remains to be seen whether CIAs resulting from future DOJ settlements will also include price transparency provisions.

Conduct-specific provisions. In keeping with its general effort to develop CIA provisions that address specific risk areas in the underlying cases, one of the CIAs in 2022 includes a number of provisions relating to the submission of medical device PMAs. Specifically, the CIA (i) expanded the definition of a “reportable event” to include violations of PMA-related performance standards, (ii) added pre-submission review of PMAs as an element of the company’s annual risk assessment, and (iii) included a requirement that the company’s independent auditor annually review the company’s activities and processes relating to the submission of PMAs as well as the performance standards relied upon in those submissions. While some prior CIAs have included general, FDA-related provisions and controls,3 this appears to be the first CIA to include more expansive quality-related provisions and auditing requirements. This trend may continue as DOJ continues to pursue FCA cases based upon FDA quality and manufacturing issues. See our September 9, 2021, client alert, “Recent Enforcement Settlements Highlight Continued Scrutiny of Quality and Manufacturing Issues.”

Shift to a more standardized CIA template. The three CIAs entered in the second half of 2022 reflect changes to the standard CIA format, including most notably a stand-alone section containing defined terms. This welcome modification will both make CIAs easier to interpret and clarify OIG’s expectations. CIAs historically have had definitions scattered throughout the document. Those were, at times, internally inconsistent and hard to follow, and it sometimes was not clear if a definition in a specific section applied to only that section or throughout the entire CIA.

Explicit state Medicaid screening. CIA provisions regarding exclusion screening routinely define “ineligible person” broadly to include a person who is “currently excluded from participation in any Federal health care program,” which would presumably include individuals excluded from a state Medicaid program. Notably, the drug and device CIAs issued in the second half of 2022 stated explicitly that ineligible person screening should include publicly available state Medicaid program exclusion lists.


In September 2022, Lisa Monaco, Deputy Attorney General of DOJ, observed that "resourcing a compliance department is not enough; it must also be backed by, and integrated into, a corporate culture that rejects wrongdoing for the sake of profit.” The 2022 drug and device manufacturer CIAs are consistent with this view, reflecting heightened OIG expectations regarding the role and prominence of the compliance officer and compliance committee, and signaling an enhanced focus by OIG on ensuring that companies dedicate the resources and oversight necessary to maintain enduring compliance programs that adapt and evolve over time.

Both OIG and DOJ are increasingly conveying their expectations for modern, well-integrated compliance programs that, in their views, may serve as the antidote to corporate crime. Given the consistent government emphasis on compliance program design and implementation, companies should take the time now to review their compliance programs — including the role, resources and structure of their compliance department and compliance committee — to ensure their programs align with expectations of their regulators and reflect industry best practices.


1 These figures include the CIAs posted to the OIG’s website as of April 6, 2023. As of that date, there have been two CIAs in 2023, one with a group of physicians and one with a durable medical equipment supplier. Because the focus of this article is on drug and device manufacturers, those CIAs are not included in the analysis here.

2 The only drug and device settlement in 2022 that did not also result in a CIA involved a company that recently filed for chapter 7 bankruptcy and shuttered its U.S. operations.

3 For example, a CIA entered in 2019 was associated with a civil and criminal resolution regarding a company’s failure to report a device removal to the FDA and allegations that the company provided kickbacks and engaged in false and misleading promotional practices. In that CIA, the company was required to, among other things, train “covered persons” on topics relating to quality issues, including recalls and product complaint handling, develop recall-related policies and procedures and notify OIG of certain communications with FDA.

This memorandum is provided by Skadden, Arps, Slate, Meagher & Flom LLP and its affiliates for educational and informational purposes only and is not intended and should not be construed as legal advice. This memorandum is considered advertising under applicable state laws.