The DOJ probe puts the in-home HRA playbook on trial.

UnitedHealth's Q1 2026 SEC filing made the DOJ criminal investigation public. Prosecutors are questioning physicians about UNH's coding processes and the role of software-suggested diagnoses in those processes. The probe was opened in May 2025 but the SEC disclosure forced the timeline into the open.

On January 14, 2026, Senator Chuck Grassley released a 50,000-page majority staff report. The report dissects internal UnitedHealth training materials, software documentation, and operational guidance showing prompts to clinicians to consider specific diagnoses tied to higher MA reimbursement. The Grassley report is now a public document and the DOJ filings reference it.

The DOJ also has active False Claims Act litigation against Elevance, Independent Health, and Kaiser. Cigna already paid $172,294,350 to settle FCA allegations in September 2025. The cited misconduct pattern in the Cigna settlement: cursory in-home assessments with no follow-up testing, imaging, or treatment.

Why this is a physician-group problem, not just a payer problem

The fact pattern DOJ is prosecuting is straightforward. A chart review or in-home health risk assessment captures a diagnosis. The diagnosis appears in the risk adjustment submission. Nothing else in the patient's care record references that diagnosis: no lab, no imaging, no treatment, no follow-up note. The DOJ position is that the diagnosis was either inaccurate or that the patient was not receiving the care implied by the diagnosis.

That is the same fact pattern many medical groups use to close gaps for MA contract bonuses. The annual wellness visit plus retrospective sweep model, with no downstream documented care for the conditions captured, is now under direct enforcement scrutiny.

If your group runs that model, you are carrying enterprise-level FCA risk. Not theoretical. The DOJ is filing cases on this exact pattern.

The OIG data behind the prosecution wave

OIG's April 2025 evaluation, referenced and re-flagged through 2026, found that diagnoses reported only on HRAs or HRA-linked chart reviews, with no other supporting service record, generated $7.5 billion in MA risk-adjusted payments for 2023. 1.7 million enrollees were affected. In-home HRAs drove almost two-thirds of the dollars.

OIG was explicit about the interpretation. Either the diagnoses are inaccurate, or the enrollee did not receive needed care for documented conditions. Both interpretations support an FCA case. DOJ chose the framing that supports prosecution.

The audit exposure on your books today

Run one query. Pull every HCC captured in the last 12 months that has no downstream encounter activity. No lab. No imaging. No treatment plan. No follow-up note. No referral. That list is your audit exposure on a single screen.

If the list is more than 10% of total captures, you have material exposure. If it is more than 20%, you have enterprise-level exposure. The DOJ does not need to prove fraud. The FCA standard is that the diagnosis caused a claim for payment that was not supported by the underlying clinical reality. The pattern is the case.

What to watch next

Three things in the next 90 days. The DOJ docket on the UnitedHealth probe, where new filings will signal scope. The next OIG individual contract audit (the Gateway Health and Priority Health audits in early 2026 established the methodology, more are coming). And the Grassley report's follow-up hearings, where additional internal documents may surface from other payers.