In April 2026, the US Department of Justice (DOJ) announced the prosecution of over $500 million in healthcare fraud schemes, including coordinated pharmacy and provider networks that had been billing federal programs for years without detection. One of the most prominent cases in recent years is that of Paul Randall, charged with orchestrating a $270 million fraud against Medi-Cal using a network of pharmacies and clinics operating in coordination to generate false prescriptions and dispensations.
These cases share a common thread: they were not detected claim by claim. Each individual transaction, taken on its own, appeared normal. A legitimate prescription, a dispensation within coverage limits, a reasonable amount. The anomaly only becomes visible when the full pattern is analyzed: multiple providers, multiple pharmacies, multiple patients, all connected in ways that a human auditor reviewing individual claims would never see.
The fundamental problem with manual review
Claims auditing at most Latin American health insurers follows a model that the DOJ knows well and that its own prosecutors have described as insufficient: transactional review. An auditor reviews a claim, verifies the prescription exists, confirms the patient has coverage, checks that the amount is within the permitted range, and approves. The claim passes. The next claim passes. And the one after that.
The problem is that coordinated fraud is designed precisely to pass this filter. The operators of these networks understand audit rules and build their schemes so that each individual transaction meets the approval criteria. What they do not satisfy are the aggregate patterns: unusual concentrations of patients with a single prescriber, pharmacies dispensing disproportionate volumes of certain controlled medications, prescribers whose patients overlap with those of other prescribers in the same network.
What cross-claim patterns reveal
When claims are analyzed not as individual transactions but as a network of relationships, signals emerge that are invisible at the individual transaction level.
Prescriber concentration. A physician who prescribes an unusually high volume of a specific medication or therapeutic group generates a statistical signal. Each individual prescription is legitimate in form, but the aggregate pattern — hundreds of patients receiving the same treatment from the same prescriber — indicates behavior that requires investigation.
Patient overlap. When the same patients appear receiving treatments from multiple prescribers billing the same payer, the pattern may indicate coordination. Each individual medical visit appears normal, but the network of relationships between patients and providers reveals the underlying structure.
Frequency anomalies. A pharmacy dispensing a statistically improbable quantity of a high-cost medication, or a prescriber whose prescription frequency exceeds multiple standard deviations from the mean of their specialty, generates signals that are only detectable through utilization analysis.
Geographic patterns. Patients traveling unusual distances to visit a specific pharmacy, or pharmacies dispensing to patients from geographic regions far from their location, produce signals that require behavioral pattern analysis across multiple dimensions.
How rules-based and anomaly detection works
Inspector AI applies dozens of heuristic rules organized across 6 detection categories: clinical intelligence, utilization patterns, provider behavior, coverage compliance, financial anomalies, and continuous anomaly detection. Each category addresses a different angle of the problem, and it is the combination of signals across categories that enables identification of coordinated schemes.
Clinical intelligence verifies that dispensations have diagnostic justification and that treatments are consistent with the patient's profile. Utilization patterns detect early refills, excessive cumulative doses, and therapeutic duplications. Provider behavior analysis identifies prescribers and pharmacies whose activity deviates from the norms of their specialty or geographic area. Coverage compliance ensures dispensations conform to plan terms. Financial anomalies detect price and volume deviations. And continuous anomaly detection applies statistical models that identify pattern changes over time.
No single rule individually "catches" a fraud network. It is the correlation across rules that generates high-value signals. A prescriber with high concentration in a specific medication (utilization rule) whose patients overlap with those of another prescriber (behavior rule) and whose dispensing pharmacies show anomalous volumes (financial rule) generates a composite signal that no transactional audit would detect.
The difference between detection and prevention
The DOJ cases were resolved years after the fraud occurred. The Paul Randall case involved an investigation spanning years of fraudulent activity before formal charges. This means the healthcare system absorbed $270 million in losses before there was any consequence.
Post-payment detection, even when it works, has this structural problem: the money has already left. Real-time authorization systems, which evaluate each dispense event against detection rules before approving payment, fundamentally change this dynamic. The question shifts from "can we recover what we lost?" to "can we prevent the loss before it happens?"
What this means for Latin American insurers
We do not claim that Inspector AI would have detected the specific schemes prosecuted by the DOJ. What we can say is that the underlying pattern — coordinated claims across multiple providers, pharmacies, and patients — is precisely the type of signal that rules-based and anomaly detection captures and that manual review misses.
Latin American insurers face the same types of coordinated schemes, adapted to local context. Pharmacy fraud networks operate with the same logic in any market: individual transactions that appear legitimate, organized into patterns that are only visible through cross-claim analysis.
The difference between detecting a scheme in weeks and detecting it in years — or never detecting it at all — is technological. The tools exist. The question is whether the organization is using them.
To evaluate how pattern detection can be applied to your claims data, request a free analysis.