For most CFOs leading multisite healthcare organizations, January is not a gentle glide into the new year. It’s the start of audit season—a convergence of financial audits, payer program integrity reviews, and Medicaid documentation checks.
In 2025, the stakes are higher. With the HHS-OIG’s 2025 Work Plan signaling increased scrutiny on behavioral health data integrity and "Revenue Cycle Leakage," audits are shifting from "checking the math" to "checking the compliance engine."
Even if your books are clean, the CMS 2025 Physician Fee Schedule—with its 2.8% conversion factor reduction and new "Advanced Primary Care Management" codes—means any audit adjustment hurts more than it did last year.
Here are five practical, non-obvious tactics to protect your margin and maintain compliance.
1. Validate Eligibility & Authorization Workflows (Before the OIG Does)
Most CFOs focus on reconciling revenue, but auditors—especially those following the OIG’s current interest in Medicaid Eligibility Redesign Data Processing—are looking at the "Proof of Right to Bill."
In behavioral health, dental, and DME, the #1 cause of audit adjustments isn't the rate; it’s the authorization-to-claim mismatch.
What to do: Run a pre-audit spot check of January encounters. Specifically, look for:
- Eligibility timestamps: Were they verified on the date of service?
- Prior-Auth linkage: Does the authorization number match the actual diagnosis and procedure codes billed?
- No Surprises Act (NSA) Compliance: If you are an OON provider or facility, do you have the signed Good Faith Estimate (GFE) on file? Auditors are increasingly looking for these as part of the "administrative audit trail."
2. Reconcile Q1 "Payer Drift" (The 2025 Fee Schedule Gap)
The 2025 Medicare Physician Fee Schedule didn't just cut the conversion factor; it introduced new complexity for telehealth and chronic care management. Most EHRs update their codes, but "Payer Drift"—the gap between a code update and the billing scrubber logic—causes silent audit findings.
What to do: Assign one owner to a "Payer Drift Review" to compare:
- Modifier usage: Are your scrubbers updated for the 2025 telehealth modifier changes?
- Allowable units: Payers often quietly adjust "medically necessary" unit caps in January.
- Denial Spikes: Compare January "Not Medically Necessary" denials against Q4. A spike here is a red flag that your clinical documentation hasn't caught up to 2025 payer policy changes.
3. Perform a "Revenue Chain of Custody" Check
Think of this as an audit of your audit trail. The OIG’s 2025 focus on "Safeguarding the Integrity of HHS Grants and Contracts" reminds us that the process of producing a number is as important as the number itself.
What to do: Follow a "sample of one" from Schedule → Documentation → Charge → Payment → AR. Look for "breaks in custody":
- Visits documented but never billed: Hidden revenue that auditors view as "incomplete reporting."
- Payment posting lag: If a claim was paid but sits in "Unapplied Cash" during audit week, it looks like an AR aging failure.
4. Create a "Problem Claim Archetype" List
Every organization has "problem buckets" that auditors love because they are easy to flag. For 2025, the OIG and CMS have highlighted specific targets:
- Behavioral Health: Documentation of "time and minutes" for group therapy.
- Labs: Clinical diagnostic laboratory tests (a mandated OIG review area for 2024–2025).
- DME: Proof-of-delivery records for managed care patients.
What to do: Build a "Top 10" list of your highest-risk claim types. Run a "Search and Destroy" project in January to fix documentation gaps before the auditors ask for those specific charts.
5. Standardize Posting Logic (Your Silent Audit Defense)
The most underestimated audit risk is manual payment posting. If your team relies on OCR (Optical Character Recognition) to read EOBs or manual entry, your auditors will find more "adjustments" due to human error.
What to do: Standardize and automate posting using 835 ERAs as the source of truth—not paper.
- Consistent Write-Off Reasons: Ensure your team isn't using "Contractual Adjustment" as a catch-all for denials. This is a red flag for auditors looking for hidden compliance issues.
- Automated Secondary Triggers: Ensure that when a primary payer pays, the secondary claim is triggered automatically. A lag here inflates your AR and draws unnecessary auditor questions.
Common Pitfalls to Avoid in 2025
- Pitfall #1: The "Guesswork" Close. Auditors prefer "accurate" over "fast." With the 2025 conversion factor changes, manual accrual guesswork is more likely to be wrong.
- Pitfall #2: Forgetting the "Price Transparency" Rule. As of July 2024, CMS tightened the Price Transparency Rule. Ensure your machine-readable files are updated for 2025; auditors are checking this as an "easy win" for non-compliance.
- Pitfall #3: Relying on "Tribal Knowledge." If your RCM lead "explains" how a process works but can't show a Standard Operating Procedure (SOP), an auditor will mark it as a control deficiency.
Final Thoughts: From Crisis to Operation
The best CFOs treat audit season as an operational reset. By focusing on regulatory-driven risks like payer drift and the "chain of custody," you don't just survive the audit—you build a cleaner, more predictable revenue engine for the rest of 2025.
And while automation (like Tally) can remove the manual burden of posting and reconciliation, the real value is in turning an audit from a "financial fire drill" into a "boring Tuesday."
That is the goal.
