
A clinician sees a client for the eighth time in six weeks. The client is making progress. The clinician documents it carefully, submits the claim, and moves on to the next family. Months later, an audit letter arrives. Not because anyone did anything wrong, but because the managed care organization funding that care never told the provider where its authorization threshold sat. The clinician did everything a good clinician should do. It still wasn't enough to avoid scrutiny.
That gap, between clinically sound care and administratively defensible care, is where behavioral health compliance risk actually lives right now. Federal attention to fraud, waste, and abuse is intensifying, and a new government initiative aimed squarely at rooting out waste has put every provider on notice. But according to Derek Staub, a healthcare attorney at Frost Brown Todd, and Paige Dustmann, Compliance Director at Monolith Behavioral Intelligence Engine, the sharpest risk isn't the rare bad actor deliberately gaming the system. It's the much larger group of providers who are simply never told what "compliant" looks like until they've already fallen short of it.
Staub draws a clear line between deliberate fraud and honest error: a wrong billing code, a misunderstood documentation requirement, a visit count that crept past a threshold no one flagged. When a subset of providers behaves badly, the entire field absorbs the suspicion, and compliant organizations end up proving they belong in a different category than the one regulators are hunting.
The frustrating part, Staub notes, is that the fix for accidental noncompliance already exists. Providers who catch and self-report their own errors through year-end audits typically face no penalty. The problem is what happens when an error goes unexamined, or gets repeated because no one caught it the first time.
Underneath the regulatory pressure sits a more basic breakdown. Managed care organizations often authorize visits based on a narrow read of a client's active treatment goals. Providers, working from the full clinical picture, know recovery rarely moves in a straight line. Dustmann puts it simply: everybody learns at a different pace. A client might carry fifteen documented goals, but if an MCO only sees two or three currently in motion, authorization gets denied for visits the provider knows are clinically necessary.
Staub has represented providers who believed, correctly, that they were delivering appropriate care, only to discover later they had exceeded authorization limits they were never clearly told existed. As he puts it, the gap isn't usually willful. It's a failure of communication about what MCOs actually expect.
Platforms built for real-time, comprehensive documentation offer one piece of the answer. Monolith, for example, timestamps every service interaction as it happens and ties assessments directly into treatment plans, giving providers a documented, complete picture of a client's needs rather than a snapshot of whatever goals happen to be active. That kind of infrastructure turns documentation into something closer to advocacy: a record that makes the case for the care a client actually needs, not just proof that a visit occurred.
But technology alone doesn't fix a relationship problem. Staub's advice is more direct: providers need to initiate contact with their MCOs before a conflict forces the conversation. Ask what triggers a utilization flag. Ask what a complete authorization request should include. Ask early, and ask often, because MCOs rarely start that dialogue on their own.
A durable compliance strategy for behavioral health providers right now rests on a short list of fundamentals:
None of this is administrative housekeeping for its own sake. Every authorization a provider secures, every audit a compliant organization clears without incident, translates into care that reaches someone who needs it. The providers most at risk right now aren't the ones cutting corners. They're the ones doing the work well and assuming that's protection enough. It isn't, until the communication gap between providers and the MCOs funding their work finally closes.
---
This article is based on a recorded interview from the Expanding Access podcast. Views expressed are those of the interviewees.