By the time authorities busted a fake AIDS clinic in Miami, it had bilked Medicare of more than $4.5 million. Still, the man behind the scheme remained far ahead of the agents pursuing him.
Michel De Jesus Huarte, a 40-year-old Cuban-American, hadn't simply avoided arrest. He had hatched a plan to steal millions more from Medicare by forming at least 29 other shell companies — paper-only firms with no real operations. Each time, he would keep his name out of any corporate records. Other people — some paid by Huarte, some whose identities had been stolen — would be listed in incorporation papers.
The shells functioned as a vital tool to hide the Medicare deceit — and not only for Huarte. Hundreds of others have used the veil of corporate secrecy to help steal hundreds of millions of dollars from one of the nation's largest social service programs, a Reuters investigation has found.
Huarte is now behind bars and did not respond to requests for comment. But basic checks by Reuters of Medicare providers in one city — Miami — suggest shell companies remain prime tools in perpetrating fraud. Simply by reviewing the incorporation records of Medicare providers in two buildings there, reporters uncovered information that one government official said could prompt "a serious criminal investigation" of some of the companies.
The fraud rings merge stolen doctor and patient data under the auspices of a shell company and then bill Medicare as rapidly as possible. Other shell companies are often layered on top to camouflage the fraud, law enforcement officials say.
Some of the shells purport to be billing companies; they form a buffer between the sham clinics and Medicare. Others pay kickbacks to doctors and patients who sign off on bogus medical claims or sell their Medicare ID numbers to enable the shell company to bill the government. Still other shells act as fronts to launder the profits.
The key to this kind of fraud, known as a "bust-out" scheme, is for each of the fake companies to bill as much as possible before authorities catch on. Shell companies become a tool that helps keep the crooks ahead of the cops.
"This is a 'Catch Me If You Can' environment," says Ryan K. Stumphauzer, a former assistant U.S. attorney with the Department of Justice in Miami who prosecuted the Huarte case and scores of other Medicare frauds involving shell companies. "We had no clue who Huarte was. We had no idea there was some mastermind out there."
Last year, "improper payments" resulted in $48 billion in losses to the Medicare program, nearly 10 percent of the $526 billion in payments the program made, according to a Government Accountability Office report last March. Exactly how much of those payments moved through shell companies remains unclear. That's because neither Medicare nor law enforcement agencies systematically track how often such companies are used in the frauds. And not until 2007 did the federal government form task forces to exclusively target Medicare fraud rings.
But recent indictments issued by those task forces indicate that shell-perpetrated fraud is pervasive. Reuters examined indictments issued since 2007 in the eight states that have Medicare fraud task forces in place. The examination found that shell companies were involved in more than a third of the fraudulent Medicare claims identified by the task forces — $1 billion of the $2.9 billion uncovered.
The indictments and other cases indicate that at least 300 shell companies posed as legitimate Medicare providers and billing firms, or laundered payments from Medicare. Court records show shells have purported to provide services ranging from treating varicose veins to supplying prosthetic limbs.
"These companies are nameless, faceless entities collecting billions in secret," says Patrick Burns, director of communications for the advocacy group Taxpayers Against Fraud in Washington, D.C. Medicare is "chasing it," he says. "But they're not getting any closer."
Tools of deception
The shell companies bedeviling Medicare exemplify a national problem that Reuters documented in a series of stories this year. During the last decade, Washington has called on the rest of the world to clean up shady financial flows and improve corporate transparency to combat terrorism and tax evasion.
Even so, U.S.-based shell companies remain a significant tool of deception — in this case, to swindle hundreds of millions of dollars from taxpayer-supported Medicare.
In one of the largest cases of Medicare fraud ever charged, the operation was enabled by shell companies. In October 2010, federal prosecutors indicted 44 members of an Armenian organized crime ring. Their network, which stretched from Los Angeles to Savannah, Ga., used 118 shell companies in 25 states to pose as Medicare providers, billing more than $100 million, according to federal indictments in three states.
The difficulty of spotting — and stopping — shell-perpetrated Medicare fraud is compounded by incorporation laws that vary from state to state and make forming fake businesses easy.
Intentionally submitting false corporate information constitutes fraud in every state. But none check the validity of corporate records when a company incorporates or collect information on the "beneficial owners" — those with a controlling interest in the corporations.
Because Huarte's shell companies, like others, were incorporated with various state governments, the corporate documentation gave the fake clinics a veneer of legitimacy. And because Huarte was seldom listed in the incorporation papers, connecting him to the cons became more complicated.
The strategy enabled the scheme to go largely undetected by authorities for years, even though most of the operations had mailing addresses that betrayed their fiction. More than a dozen corresponded to UPS stores, Reuters found. Others tracked back to shabby apartments.
For example, a purported cancer clinic called Bellemeade Oncology Care lists its address in Georgia state records as 1500 Bellemeade Dr., #4D, Marietta, Ga. But a visit to the address reveals it isn't a clinic at all. Rather, it's an apartment with a broken washing machine on the front stoop and a pick-up truck parked in the grass outside the complex on Atlanta's north side.
In Florida, FBI agents say almost every Medicare fraud scheme involves shell companies. There, Reuters scrutinized incorporation documents for firms located in two buildings near the Miami International Airport. In a building with dimly lit corridors, a rickety elevator and almost no one in sight, a host of companies purport to provide services to Medicare recipients. But telltale signs of fraud abound.
Many of the 26 companies in the buildings had replaced corporate officers at least once in the last four years. Some had changed ownership, or their corporate executives represented more than one medical-related company. Law enforcement officials consider such activities to be red flags for fraud.
Reuters subsequently asked analysts from the Recovery Accountability and Transparency Board to use its software programs to examine the companies. The board monitors $787 billion in stimulus funds for fraudulent activity using sophisticated computer systems; last year, it had worked with Medicare officials to look for patterns of fraud.
Earlier this month, board head Earl E. Devaney said the companies Reuters identified represent "a pretty big case."
Devaney, who is also the inspector general for the Department of the Interior, says the board's analysis of the 26 Medicare providers led investigators to another 15 Medicare entities associated with those providers. He believes the findings could prompt a "serious criminal investigation."
The Miami Medicare providers, he said, "have the distinct look of the kinds of scams we've seen before." The results of the board's analysis were sent to the inspector general of the Department of Health and Human Services for further investigation, Devaney said.
Federal prosecutors struggled for years to spot, let alone stop, Huarte's shell game. They describe his operation as "remarkable for its geographic breadth, organization, sophistication, and size." From 2005 until early 2009, Huarte and at least seven co-conspirators operated at least 35 fake Medicare clinics in Florida, Georgia, Louisiana, North Carolina and South Carolina, court records show.
During that time, his scams operated "virtually uninterrupted," according to a September 2009 superseding indictment and other court records filed in U.S. District Court in Florida.
They billed Medicare for more than $100 million and received at least $34 million in payments for non-existent HIV and AIDS treatments and varicose vein care and pain management therapy that never occurred.
The key: Huarte stayed steps ahead of authorities by setting up new companies before the government could sniff out the fraud from his old ones, court records show.
"It was like whack-a-mole for a time," says Alanna Lavelle, a director of investigations for Medicare contractor WellPoint Inc., who chased the case against Huarte for more than a year. "It became frustrating."
It began like this: In 2005, Huarte and his co-conspirators formed or acquired control of six medical clinics in Florida, each with its own office. Patients were then recruited and paid kickbacks to periodically appear at the clinics or allow use of their Medicare numbers, according to a plea agreement signed by Huarte in October 2009. The clinics were shams - patients weren't receiving legitimate treatment there. Later, when authorities caught on, Huarte created shell companies consisting of entirely fictional clinics -- those that corresponded with mailbox stores, for instance.
Most of the clinics purported to treat HIV and AIDS patients. Bills submitted for expensive injections of drugs such as Infliximab and Rituxan, which fight immune system deficiencies, cost Medicare as much as $7,800 per dose, according to the indictment.
To disguise Huarte's role, "straw owners" were paid as much as $200,000 to put their names on Florida incorporation records and bank accounts. In return, some straw owners agreed to "flee to Cuba to avoid law enforcement detection or capture," according to the indictment.
For instance, Madelin Machado is listed as president of Zigma Medical Care, the fake Miami clinic that collected $4.5 million from Medicare. In January 2008, after authorities figured out the scam, Machado was indicted for healthcare fraud in Florida. She subsequently disappeared, although she's still listed as Zigma's president in state records.
Huarte's cover-ups proved successful for years, even as he secretly directed his fake companies, authorities say. He later replaced Zigma and the other Florida clinics with shell clinics in Atlanta such as New Age Family Institute and Elusive Quality, according to federal court records. Although each was registered in state incorporation records, neither the Centers for Medicare and Medicaid (CMS) nor state officials checked the validity of the corporate documents, a review that may have uncovered the fraud.
CMS, which runs Medicare, says it doesn't have the resources to analyze incorporation records for each of its 1.5 million providers and suppliers. Those records are separately maintained by each state.
Almost all of Huarte's corporate data proved a lie. The purported representative of New Age Family Institute was a deaf retiree whose identity had been stolen, an FBI affidavit said.
Medicare claims filed by each of the fake clinics were accompanied by all the right doctor, patient and treatment codes, say law enforcement officials and fraud investigators.
But New Age Family Institute was purportedly located in Atlanta at 205 South 49th St., according to state incorporation records. A Google Maps search shows that address doesn't exist. Elusive Quality's address - 925B Peachtree Street N.E., Suite 131 - was actually a UPS store in Atlanta's Midtown district.
Some of the people listed as officers in incorporation papers say they didn't know their names had been used until contacted for this article.
One, Jimmie Dominic Dancer, is an instructor at the Emory University School of Medicine in Atlanta. State incorporation records name him as the chief executive and chief financial officer of S.T.R. of Georgia, a purported HIV and AIDS clinic in Atlanta that was part of the Huarte fraud network.
Dancer says he was surprised to learn that his name was listed in state records. A specialist in internal medicine, he says he has not practiced medicine since 2002. "I've never been a CEO or CFO," he said. "I've never heard of S.T.R. of Georgia."
The big con
For much of 2008, Huarte continued his use of shell companies outside of Florida. From February to December 2008, he and co-conspirators formed at least 29 new sham Medicare clinics in Georgia, North Carolina, South Carolina and Louisiana, according to state incorporation records.
Authorities say Huarte bought lists of real Medicare beneficiaries from a Medicare contractor and from employees of a company that administered benefits. Then he submitted claims in the beneficiaries' names.
But instead of billing Medicare directly as he had done initially, Huarte changed his approach, court records show. He began charging Medicare Advantage Plans, a program administered by private health insurers such as WellPoint and UnitedHealthcare Group, according to the indictment and a July 2009 motion to revoke bond.
A break came in early 2008, when a Medicare beneficiary complained to WellPoint that his Medicare benefits statement was wrong. It listed him as having received HIV treatments from a Huarte sham clinic called BIBB Group Services — but he didn't have HIV and he'd never received any such care.
WellPoint fraud investigator Lavelle says her team began to review the claims and the incorporation records for other clinics in Georgia.
Reuters also reviewed records and found that BIBB Group's purported home in the central Georgia town of Warner Robins — 1000 Martha Street, Suite F — is an abandoned building behind a $59-a-night motel.
Despite efforts to stop him, Huarte and his cohorts adapted.
Using stolen patient information, they called WellPoint's customer service line. They pretended to be the patients, Lavelle says, and asked to change the patients' billing addresses to post office boxes. That way, the patients themselves wouldn't receive benefits letters and the fraud might remain undetected, she says.
For the next 15 months, WellPoint denied claims and stopped payment on checks worth $34 million that were sent to Huarte clinics.
After BIBB Group claims were blocked, new ones flowed in from new shell clinics. They first came from First Choice Group Services, Lavelle says. When those were stopped, new bills for HIV and AIDS treatments came from Strong Hope Co., In Excess LLC and More Than Ready Co. LLC. Each of those firms was formed in August 2008, according to Georgia state records.
"We saw more unusually named clinics pop up," Lavelle says. "We actually thought they were playing with us."
The addresses for Strong Hope, In Excess, More Than Ready and four other shell clinics also tracked to UPS stores. They billed Medicare for $15.1 million in false medical services and received $4.2 million in payments, according to court records.
Huarte's four-year Medicare fraud spree was finally ended in 2009. That's when federal investigators in Florida identified co-conspirators who ran Miami check-cashing businesses that turned the Medicare checks into cash. Early that year, the check-cashers agreed to secretly wear recording devices that caught Huarte and others talking about the scam.
In October 2009, Huarte, the master of the Medicare shell game, pleaded guilty to healthcare and mail fraud. He was sentenced to 22 years in a federal prison in Pennsylvania and ordered to repay $18.3 million.
Although WellPoint had blocked millions in payments, Huarte's fake clinics outside Florida had still received more than $12 million from almost a dozen private insurers, according to Huarte's plea agreement. In total, his fraud garnered at least $34 million from Medicare.
At a sentencing hearing in January 2010, former prosecutor Stumphauzer told the judge why he felt Huarte deserved a lengthy prison term for his shell-driven scam.
"I think what really troubles me most is their innovation," he said, according to a court transcript.
"Every time Medicare gets close, every time Medicare clamps off one path, it never occurs to them to stop stealing. They just evolve the scheme and steal some more."
Funding the fraud fight
CMS says it has been handcuffed in combating shell companies that posed as legitimate providers because it lacked the resources to extensively review the backgrounds and addresses of providers. Less than 5 percent of all payments were subjected to audits.
That led to a system in which Medicare cut checks and asked questions later. Analysts and law enforcement officials call it "pay and chase."
Until recently, Congress offered little funding to help Medicare prevent abuses. But the healthcare reform law passed in March 2010 allocates $350 million over the next 10 years to fight fraud in Medicare and Medicaid, its sister program for the poor. The law also imposes stiffer sentences for the scam artists.
CMS is installing new fraud-fighting computer analytics to check the backgrounds of doctors and providers to ensure, for example, that Medicare ID numbers aren't being stolen. The programs may help connect the people to the corporations they're running about 75 percent of the time, says Peter Budetti, deputy administrator and director of program integrity at CMS.
Beginning in January, the locations of providers also will be checked by "geo-spatial mapping," Budetti says.
In the aftermath of the Huarte case, CMS and private contractors launched a comparison of UPS store addresses and Medicare provider locations. Investigators visited 823 locations and found that 185 providers — 22 percent — listed a UPS store as the practice location on their Medicare enrolment application. CMS says 134 providers have had their license revoked or deactivated.
New providers also will be subject to automated enrolment screening. Their names will be checked against databases that include the federal government's banned contractor lists, state and federal criminal dockets, and state licensing records.
But how much shell-perpetrated fraud these steps will eliminate remains unclear. The dragnet, for instance, might prompt criminals to simply create new shell companies — entities with no prior histories that wouldn't register on any government watch list.
Nor do the steps address the fundamental loophole. Although the new screening system will have access to state incorporation records, CMS acknowledges it will still struggle to pierce the shell-company veil because states don't collect information on the real owners when corporations are formed or sold.
"We want to catch this stuff when it's at the $30,000 level instead of the $10 million level before anyone notices," Budetti says.
"With the shell companies, these people just keep trying over and over again."
Additional reporting by Kelly Carr; editing by Blake Morrison and Michael Williams.