Insufficient documentation leads Medicare's $28.8B improper-payment bill. It's the coder's fix.
CMS reported Medicare fee-for-service made $28.83 billion in improper payments in FY2025, and it says the leading reason is insufficient documentation, not fraud. Weeks later, a January 2026 MGMA poll of 288 practices ranked denials and appeals their single biggest revenue leak. The common thread is the note, and that is the coder's desk.
Reviewed by Jess P., CPC
Published July 11, 2026

Key Takeaways
- →CMS reported the FY2025 Medicare fee-for-service improper payment rate at 6.55%, or $28.83 billion, down from 7.66% in FY2024.
- →CMS says most of those improper payments happened where a reviewer couldn't confirm the payment was proper because of insufficient documentation, which it notes is generally not a sign of fraud or abuse.
- →A January 6, 2026 MGMA Stat poll of 288 practices ranked denials and appeals the biggest revenue-cycle leak at 48%, ahead of front-end issues (23%), billing and collections (14%), coding (13%), and charge posting (2%).
- →An improper payment for insufficient documentation isn't a coding error in the usual sense. The code can be right and the service can have happened; the record just doesn't prove it to a reviewer.
- →The record that survives a CERT review, a payer denial, and a RADV letter is the same one: a note that shows the condition was evaluated and the service was medically necessary on the date billed.
Two numbers from early 2026 point at the same gap. CMS reported that Medicare fee-for-service made $28.83 billion in improper payments in fiscal year 2025, a 6.55% error rate, and it said the leading cause was insufficient documentation, not fraud. Weeks later, a Medical Group Management Association poll of 288 practices named denials and appeals their single biggest revenue leak. One is the government clawing money back after the fact. The other is practices losing it in real time. Both come down to the same thing: the note didn't prove the code.
The cause CMS keeps naming is documentation, not fraud
The FY2025 improper payments fact sheet puts the Medicare FFS improper payment rate at 6.55%, or $28.83 billion, down from the 7.66% CMS reported for FY2024. It's the ninth straight year the figure has stayed under the 10% statutory threshold.
The line that matters for coders is the cause. CMS writes that most of those improper payments happened where a reviewer couldn't tell whether a payment was proper because of insufficient documentation, and it adds that insufficient documentation is generally not a sign of fraud or abuse. The fact sheet lists the error buckets plainly: no documentation, insufficient documentation, and documentation that doesn't substantiate the payment. The number itself comes out of CMS's Comprehensive Error Rate Testing program, which samples paid claims and re-reviews the record behind each one. Insufficient documentation means the record that arrived didn't prove the service. It doesn't mean the service was fraudulent, or even wrong.
Denials are now the biggest leak in the building
On January 6, 2026, MGMA asked practices where they lose the most revenue. Denials and appeals came first at 48%, ahead of front-end issues at 23%, billing and collections at 14%, coding at 13%, and charge posting at 2%, across 288 responses. MGMA's respondents described denials that "felt more automated and less negotiable," with more payer edits and the same recurring reasons: medical necessity, invalid authorization, timely filing.
Strip the labels and most of those denials are documentation arguments. A medical-necessity denial says the record didn't connect the service to a condition that justified it. A "claim lacks information" denial says a required element was missing. You can appeal, but the appeal wins or loses on what the note already said on the date of service, and by then the note is frozen.
Why "insufficient" almost never means "blank"
The trap in the word insufficient is that it sounds like a missing note. It rarely is. The encounter happened, the provider documented something, the coder picked a defensible code. What's missing is the link a reviewer needs: the diagnosis stated to the specificity the record supports, the condition shown as evaluated or treated on that date, the medical necessity for the service spelled out instead of implied.
Risk-adjustment coders already work to that standard. An HCC isn't supported because a diagnosis sits on a problem list. It's supported when the encounter shows the condition was monitored, evaluated, assessed, or treated. A CERT reviewer on a fee-for-service claim and a RADV reviewer on a risk-adjustment chart are asking a version of the same question: does the record prove what the claim asserts. The MEAT criteria hold both to the same bar.
What a claim needs to survive the review
The fix isn't "document more." It's documenting the one element the reviewer will look for. This table maps CMS's own improper-payment cause categories to the gap in the record and the desk-level fix.
| CMS cause category | What the record is actually missing | The coder or biller fix |
|---|---|---|
| Insufficient documentation | The proof element: specificity, the assessment, or the order behind the service | Query for the missing element before the claim drops, not after the denial |
| No documentation | The note for the billed date never made it into the record | Reconcile billed services against filed notes at charge review, before submission |
| Medical necessity | The link between the diagnosis and why the service was needed | State the indication in the note and code the diagnosis to the supported specificity |
| Incorrect coding | The code doesn't match what the record supports | Confirm the code against the source description and the documented detail |
None of that is work invented for an audit. It's the same record behind a clean claim and a survivable appeal, and you build it once.
The pre-bill habit that beats the appeal
An appeal is the most expensive place to fix a documentation gap. The record is closed, and the staff time goes to arguing instead of preventing. MGMA's write-up points at the front end for the same reason: build financial clearance, meaning eligibility, coverage, and auth status, before the date of service, and lean on checklists for the service lines that draw the most denials. On the denials themselves, its advice is to appeal what matters and go after the root cause, not to fight every line.
For a small practice, the coding version of that is a short, boring pre-bill pass on the service lines that draw denials: check that each billed diagnosis is coded to the specificity the note supports, and that the reason for the service is on the page. Line up the supporting elements in an evidence worksheet so an appeal, if it comes, arrives as one packet instead of a scavenger hunt. When the note is ambiguous about whether a condition was actually addressed, that's a query, not a guess, and our provider query templates cover phrasing that stays compliant.
Where the human coder is still the control
Payers are automating the denial side, and MGMA's respondents felt it as edits that are harder to argue with. Practices are getting pitched documentation and coding tools to keep up. Whatever a tool drafts, the element a reviewer demands is still a judgment call: is this diagnosis supported to this specificity, does this note show medical necessity, is this the code the record proves. A tool can surface the gap. It can't decide the record proves the claim. The coder signs off that it does. Confirm any code you're about to defend against its official description in the Code Book, and check the codes on a specific encounter in the encoder while you work the note.
What this is and is not
None of this says CMS found $28.83 billion in fraud. CMS is explicit that insufficient documentation generally isn't fraud. The point is narrower and more useful: the largest preventable category of Medicare payment error, and the biggest revenue leak practices report, are the same gap seen from two sides. What CMS recovers and what a practice loses to denials both come down to whether the note proves the code. That's not a billing-department problem. It's the coder's.
What coders should do now
- 1Run a short pre-bill pass on your two or three highest-denial service lines: confirm each billed diagnosis is coded to the specificity the note supports, and that the reason the service was needed is on the page, not implied. Fixing it here costs a query; fixing it at appeal costs the record being closed.
- 2Before you appeal a medical-necessity or 'claim lacks information' denial, read the note as a reviewer would and ask which proof element is missing. If it was never documented on the date of service, the appeal can't create it. Route those to a documentation or query decision, not the appeal queue.
- 3Treat problem-list diagnoses as unproven until the encounter shows the condition was monitored, evaluated, assessed, or treated. The same MEAT standard that supports an HCC in a RADV chart keeps a fee-for-service claim off the insufficient-documentation pile.
- 4When a note is ambiguous about whether a condition was addressed or a service was indicated, send a compliant query instead of picking the more favorable read. A guess a reviewer overturns becomes both a denial and an audit pattern.
- 5Line up the supporting documentation for a diagnosis in an [evidence worksheet](/evidence) at the time you code it, so an appeal arrives as one packet instead of a scramble.
Frequently Asked Questions
What was Medicare's improper payment rate for FY2025?
CMS reported the FY2025 Medicare fee-for-service improper payment rate at 6.55%, or $28.83 billion, down from 7.66% in FY2024. CMS notes it's the ninth straight year the figure has stayed below the 10% statutory compliance threshold.
Does an improper payment mean Medicare found fraud?
No. CMS says most Medicare fee-for-service improper payments happen where a reviewer couldn't confirm the payment was proper, and that insufficient documentation is generally not a sign of fraud or abuse. It is a documentation-proof problem, not a fraud finding.
What does 'insufficient documentation' actually mean on a denial or audit?
It means a required element to prove the claim was missing from the record: the diagnosis wasn't stated to the supported specificity, the condition wasn't shown to be evaluated or treated on that date, or the medical necessity for the service wasn't documented. The service may have happened and the code may be correct; the note just doesn't establish it for a reviewer.
Why do practices report denials as their biggest revenue problem in 2026?
In a January 6, 2026 MGMA Stat poll of 288 practices, denials and appeals ranked as the biggest revenue-cycle leak at 48%, ahead of front-end issues (23%), billing and collections (14%), coding (13%), and charge posting (2%). Respondents described payer denials as more automated and less negotiable, with recurring reasons of medical necessity, invalid authorization, and timely filing.
How is a documentation denial connected to risk-adjustment coding?
Both turn on whether the record proves what the claim asserts. A CERT reviewer on a fee-for-service claim and a RADV reviewer on a risk-adjustment chart each ask whether the note supports the diagnosis and service billed. A record built to the MEAT standard, showing a condition was monitored, evaluated, assessed, or treated, answers both.
Sources
- Fiscal Year 2025 Improper Payments Fact Sheet — Centers for Medicare & Medicaid Services, Jan 15, 2026
- Comprehensive Error Rate Testing (CERT) program (Medicare fee-for-service improper payment measurement) — Centers for Medicare & Medicaid Services, Jul 11, 2026
- Detecting and fixing leaks across the revenue cycle (MGMA Stat poll, January 6, 2026) — Medical Group Management Association, Jan 6, 2026
Related Tools
MEAT criteria
Hold a diagnosis to Monitored, Evaluated, Assessed, or Treated before you call it documented, on a fee-for-service claim or a risk-adjustment chart.
Evidence builder
Line up the documentation that backs a diagnosis at the time you code it, so a denial appeal arrives as one packet instead of a scramble.
Code Book
Confirm a code against its official description and documented detail before you build a claim or an appeal on it.
Jess P., CPC
Certified Professional Coder
Jess reviews HCC Buddy editorial content for accuracy against the current CMS-HCC model and the active FY ICD-10-CM tabular release.
Get CMS Updates in Your Inbox
RADV news, model changes, and coding guidance — within days of CMS publishing, not quarters.
More from CMS Watch
An AI hit 91% predicting ICD categories. Its scoring counted sepsis for a UTI as correct.
July 10, 2026
PolicyA new study graded an AI comorbidity reader against billing codes. Coders get graded against the note.
July 9, 2026
PolicyCMS's July NCCI update adds 2,199 practitioner edit pairs. No modifier will bypass 424 of them.
July 9, 2026

