An audit letter arrives. It asks you to produce, for a sample of trips you billed eighteen months ago, the proof that each ride actually happened: who drove, in what vehicle, from where to where, for which appointment, with what documentation. For most NEMT operators, that letter is the moment they discover which of those things their systems never captured. The trips were real. The proof was not built to survive a review.
I run engineering at Mindbowser, and the fraud-and-integrity side of NEMT is one of the clearest cases I know where the right software design at the point of the trip is worth more than any amount of cleanup after. The government has done something unusual here: through GAO, the HHS Office of Inspector General, the Department of Justice, and state attorneys general, it has documented exactly how NEMT fraud happens, scheme by scheme. And every scheme it describes is a software control waiting to be built. This is that mapping.
What the federal record actually shows
Start with the scale, because it sets the stakes. In its September 2022 report on NEMT fraud, the Government Accountability Office found that from fiscal year 2015 through 2020, state investigations produced 132 criminal convictions and 57 civil settlements or judgments involving NEMT providers, across 25 states. That is 189 outcomes, which GAO rounds to nearly 200. The cases concentrated in a handful of states, New York with 56, Ohio with 36, Indiana with 18, though GAO is careful to note that the distribution reflects where investigations happened, not where fraud is worst.
The Inspector General audits tell the same story in dollars. One review of New York City NEMT claims examined $269.6 million in payments and recommended the state refund $84.3 million, with another $112 million flagged as possibly noncompliant. Of 100 sampled claims, 17 were fully compliant, 41 were not, and 42 could not be determined either way. A Massachusetts audit found at least $14.1 million in improper payments, with 86 of 100 sampled service lines noncompliant, and for all 100, the driver qualifications and vehicle documentation were not adequately documented.
Now the number that reframes everything. In CMS’s FY2025 measurement, the Medicaid improper payment rate was 6.12%, about $37.39 billion. But CMS is explicit that an improper payment is not a measure of fraud, and that 77% of the improper amount was insufficient documentation, generally not indicative of fraud or abuse. Read that carefully, because it is the most useful fact on this page. The largest category of loss is not stolen money. It is money paid for real trips that could not be properly documented. And documentation is something software controls directly.
So the goal is not a fraud-detection product bolted onto a billing system. It is building, into the trip itself, the proof that each of the six schemes below cannot survive. Let me take them one at a time.
Scheme 1: Phantom trips, stopped by GPS proof-of-trip
The oldest scheme is billing for trips that never happened. GAO documented providers billing for trips to facilities that were closed, or for appointments that did not exist, or for members who were nowhere near the vehicle. The claim looks clean on paper because paper does not know where the van was.
The control is GPS proof-of-trip. When the trip is captured as a GPS breadcrumb, the start point, the route, and the destination, with system-generated, unmodifiable timestamps for each leg, a phantom trip stops being billable. A geofenced pickup and drop-off confirms the vehicle was actually at the member’s location and at the destination. The claim cannot be created without the trip data to back it. This is the same GPS and route data operators already collect for dispatch, turned into the evidentiary spine of the claim instead of a discarded byproduct.
Scheme 2: No-appointment and ineligible riders, stopped by claim-to-appointment matching
A subtler version bills for a real ride that should never have been covered: a trip for a member who was hospitalized or deceased on the date of service, or a ride with no actual medical appointment at the other end. The vehicle moved. The trip was not a covered benefit.
The control is matching, in two directions. Real-time eligibility verification at booking, through the standard 270 and 271 transactions, catches the member who is not covered on the date of service before the trip is dispatched. And claim-to-appointment matching ties each billed trip to a confirmed appointment, so a ride to nowhere has nothing to attach to. Both checks belong at the point of booking and claim creation, not in a post-payment review. Building them into the billing flow is the difference between catching the problem before the trip and refunding it after the audit, which is the same discipline that runs through purpose-built NEMT billing software.
Scheme 3: Inflated mileage and fake tolls, stopped by system-calculated distance
GAO and state cases describe a family of overbilling tricks: inflating the miles driven, adding tolls that were never paid, and splitting a single trip into several billable segments. Each one depends on a human entering a number the system does not check.
The control is to take the number out of human hands. When mileage is calculated by the system from the actual GPS route rather than entered by a driver or biller, inflation has nowhere to live. Tolls reconcile against the route. A trip that was run once cannot be split into three because the trip data describes one continuous trip. The pattern across all of these is the same: anywhere a billable value is typed in by a person, it is a place to substitute a system-computed value derived from the trip record.
PakarPBN
A Private Blog Network (PBN) is a collection of websites that are controlled by a single individual or organization and used primarily to build backlinks to a “money site” in order to influence its ranking in search engines such as Google. The core idea behind a PBN is based on the importance of backlinks in Google’s ranking algorithm. Since Google views backlinks as signals of authority and trust, some website owners attempt to artificially create these signals through a controlled network of sites.
In a typical PBN setup, the owner acquires expired or aged domains that already have existing authority, backlinks, and history. These domains are rebuilt with new content and hosted separately, often using different IP addresses, hosting providers, themes, and ownership details to make them appear unrelated. Within the content published on these sites, links are strategically placed that point to the main website the owner wants to rank higher. By doing this, the owner attempts to pass link equity (also known as “link juice”) from the PBN sites to the target website.
The purpose of a PBN is to give the impression that the target website is naturally earning links from multiple independent sources. If done effectively, this can temporarily improve keyword rankings, increase organic visibility, and drive more traffic from search results.
