FORENSIC LEGIBILITY EXAMINER

CASE 102|HIGH-VALUE ASSET TRANSFER|2025-11-19|DISPOSITION: FEDERAL CONTRACT PAYMENT AUTHORITY NOT RECONCILED AGAINST DELIVERY AT CLOSEOUT; VERIFICATION OPPORTUNITY FORECLOSED ACROSS $11.2 BILLION IN CONTRACTS|ARCHIVE →

$11.2 Billion in Contracts Closed Without Verification

A federal contract authorizes payment. It also defines what the payment is for — the deliverable, the conditions, the performance standard the contractor must meet. When the contract closes, the government has a defined and final opportunity to confirm that what was paid for was delivered, and to recover any funds that were not properly expended. When that closeout does not occur — when contracts remain open past their eligibility date, when required documentation is never reviewed, when the reconciliation between payment and delivery is never performed — the evidentiary boundary encoded in the contract is never evaluated. The payment was authorized. The delivery was never confirmed against what was authorized. The last control was never exercised.

Failure classification: Federal Contract Payment Authority Not Reconciled Against Delivery Conditions at Closeout; Administrative Requirements Not Met Across Contracts Totaling $11.2 Billion

Agency:

Centers for Medicare & Medicaid Services (CMS), U.S. Department of Health and Human Services

Audit period:

Contracts eligible for closeout between October 1, 2018, and September 30, 2023

Contracts reviewed:

50 contracts totaling $11.2 billion selected for audit; all 50 failed to meet one or more administrative closeout requirements

Overdue at audit conclusion:

12 contracts totaling $2.1 billion remained overdue for closeout at the time the OIG audit concluded

Investigating authority:

U.S. Department of Health and Human Services, Office of Inspector General; Report No. A-04-24-02048, issued November 17, 2025

HHS contracting context:

In Fiscal Year 2023, HHS executed $38.5 billion in contracting actions; CMS accounted for $7.4 billion, or 19 percent

CMS response:

Concurred with both OIG recommendations; described corrective actions planned and in progress as of report date

Context

Federal contracts define an exchange: the government pays, the contractor delivers, and the terms of the exchange are specified in advance. Contract closeout is the administrative process by which the government confirms, at the conclusion of a contract, that the terms were met — that deliverables were received, that payments were accurate, that any unspent funds were recovered, and that the contractor's performance obligations were satisfied. Federal acquisition regulations establish closeout requirements precisely because closeout is the last point in the contract lifecycle at which the government can detect and correct improper payments.

CMS administers the federal government's largest health programs — Medicare and Medicaid — and contracts extensively with private entities for administrative services, data systems, program integrity functions, and operational support. In Fiscal Year 2023 alone, CMS accounted for nearly one in five dollars of HHS contracting activity. The scale of CMS contracting means that failures in contract administration propagate across a correspondingly large financial base.

Trigger

The HHS Office of Inspector General audited 50 CMS contracts totaling $11.2 billion that were eligible for closeout between October 2018 and September 2023. Every contract in the sample — all 50 — failed to meet one or more administrative closeout requirements. At the time the audit concluded, 12 contracts totaling $2.1 billion remained overdue for closeout entirely. The OIG characterized the full $11.2 billion as having been put at risk of fraud, waste, and abuse by the failure to close contracts in accordance with federal requirements.

The audit found that CMS lacked clearly defined documentation requirements, that roles and responsibilities for closeout were not adequately specified, and that no alternative procedures existed to ensure timely closeout when standard processes were not followed. The finding was not an isolated compliance gap. It was a systemic absence of the administrative controls that make contract payment verification possible.

Failure Condition

A contract is a credential. It encodes, at issuance, what was authorized — the payment amount, the deliverable, the conditions under which the payment is earned. Closeout is the mechanism by which that credential is evaluated at the point of completion: was the encoded condition met? The payment was made because the contract authorized it. The contract's evidentiary boundary — what was actually delivered against what was authorized — is only evaluated at closeout. When closeout does not occur, that evaluation never happens. The credential authorized the transfer. The transfer occurred. The correspondence between the two was never confirmed.

Across all 50 contracts in the sample, the closeout process that would have performed that evaluation was either incomplete or entirely absent. The government paid. The contracts closed, or remained open past their eligibility date, without verification that what was paid for was received. Improper payments — overpayments, unearned amounts, unrecovered balances — that would have been detectable at closeout remained undetected. The OIG identified this condition not as a series of individual contracting errors but as the consequence of CMS having no adequate policies, procedures, or defined responsibilities to ensure closeout occurred at all.

The structural condition this case documents is not unique to CMS or to this audit period. Federal contract closeout has been an identified weakness across HHS for years, as prior OIG work had established. What the 2025 audit makes precise is the scale at which an absent verification mechanism translates into financial exposure: $11.2 billion in contracts where the last available control was never exercised.

Observed Response

The OIG issued two recommendations: that CMS complete closeout for the 12 contracts totaling $2.1 billion that remained overdue, and that CMS develop policies and procedures clearly defining documentation requirements, roles and responsibilities, and alternative closeout procedures. CMS concurred with both recommendations and described corrective actions planned and underway. Both recommendations remained open and unimplemented as of the report date, with updates expected by May 2026. The OIG noted that the absence of adequate policies and procedures was itself the condition that allowed the failure to persist across a five-year audit window covering billions of dollars in contracting activity.

Analytical Findings

All 50 contracts in the OIG sample — totaling $11.2 billion — failed to meet one or more administrative closeout requirements; the failure was universal across the sample, not isolated to individual contracts
Contract closeout is defined by federal regulation as the last opportunity for the government to detect and recover improper payments; its systematic absence forecloses the only available reconciliation between payment authorized and delivery confirmed
CMS had no clearly defined documentation requirements, no specified roles and responsibilities for closeout, and no alternative procedures to ensure timely completion — the absence of policy was the condition that made individual failures inevitable
12 contracts totaling $2.1 billion remained overdue for closeout at the conclusion of the audit; the opportunity to verify delivery and recover unspent funds against those contracts had not yet been permanently foreclosed but was narrowing with each passing period
The OIG characterized the full $11.2 billion as having been put at risk of fraud, waste, and abuse — not because fraud was confirmed, but because the mechanism that would have detected it was never activated
Prior OIG work had identified HHS contract closeout deficiencies before this audit; the 2025 finding documents a condition that persisted through multiple audit cycles without systemic remediation
The evidentiary boundary encoded in each contract — what was authorized, under what conditions, against what performance standard — was never evaluated at the point where evaluation was both required and possible

References

1. U.S. Department of Health and Human Services, Office of Inspector General. "CMS Put $11.2 Billion at Risk of Fraud, Waste, and Abuse by Not Properly Closing Contracts." Report No. A-04-24-02048. Issued November 17, 2025.
2. Federal Acquisition Regulation (FAR), Subpart 4.804, Closeout of Contract Files; administrative closeout requirements for federal contracts.
3. HHS Office of Inspector General, prior reports on HHS contract closeout processes and procedures (referenced in A-04-24-02048 as background for audit rationale).
4. Centers for Medicare & Medicaid Services, FY 2023 contracting activity: $7.4 billion, representing 19 percent of HHS total contracting actions of $38.5 billion.