The payer landscape for ABA therapy is layered and operationally complex. A single practice may bill Medicaid fee-for-service, multiple Medicaid managed care organizations, state and federal commercial plans subject to autism insurance mandates, self-funded ERISA plans, TRICARE through the Autism Care Demonstration, and a collection of individually negotiated single case agreements with out-of-network commercial payers. Each of these payer channels carries its own compliance obligations, credentialing requirements, documentation standards, and audit exposure. A buyer who does not separately diligence each payer channel before closing is acquiring liabilities without a complete accounting of what those liabilities are.
The analysis that follows covers twelve categories of payer-related diligence that counsel must address in any ABA practice acquisition of material size. The framework is organized to move from the broadest coverage landscape issues through the specific compliance and documentation risks, then through payer-specific structural issues, and finally to the contractual mechanisms for allocating payer risk between buyer and seller in the purchase agreement.
The ABA Coverage Landscape: State Medicaid EPSDT Mandates, MCO Structures, and Payer Mix Analysis
Applied behavior analysis therapy for children with autism spectrum disorder is covered under Medicaid in every state through the Early and Periodic Screening, Diagnostic, and Treatment mandate established by Section 1905(r) of the Social Security Act. EPSDT requires state Medicaid programs to cover any service that is medically necessary for children under age 21, even if the service is not otherwise covered under the state's adult Medicaid plan. Because ABA therapy is established as medically necessary for children with autism spectrum disorder under the weight of clinical evidence and federal agency guidance, EPSDT functions as a floor below which no state Medicaid program can fall in its ABA coverage for pediatric beneficiaries.
The practical reality of EPSDT coverage is more complex than the federal mandate suggests. Most states have moved their Medicaid populations into managed care, meaning that the EPSDT coverage obligation is discharged through contracts with Medicaid managed care organizations rather than directly by the state Medicaid agency. Each MCO implements the EPSDT mandate according to its own prior authorization protocols, medical necessity criteria, and covered service definitions, which may vary materially from other MCOs operating in the same state and serving the same patient population. An ABA practice that operates in a state with three or four competing Medicaid MCOs may have materially different documentation requirements, authorization timelines, and denial rates across those MCOs even though all of them are contractually required to cover ABA therapy under their EPSDT obligations.
Payer mix analysis is the foundational step in ABA diligence. Buyers should request a complete payer mix breakdown organized by payer name, payer type (Medicaid fee-for-service, Medicaid MCO, commercial, TRICARE, self-pay), and revenue contribution over at least the preceding 24 months. The analysis should identify the five to ten largest payers by revenue contribution and the trend in each payer's share of total revenue, because shifts in payer mix are often early indicators of credentialing problems, contract disputes, or changes in patient referral sources. A practice that has seen its Medicaid MCO revenue share decline while self-pay or out-of-network revenue has increased may have experienced credentialing issues with one or more MCOs that it has not disclosed in its representations.
The geographic footprint of the practice also shapes the payer landscape analysis. A multi-state ABA practice faces distinct Medicaid program structures, MCO rosters, and state autism insurance mandates in each state of operation. Medicaid managed care penetration rates, the scope of EPSDT implementation, and the enforceability of state autism mandates against Medicaid MCOs vary significantly across states. A buyer acquiring a practice with locations in three or four states should conduct a state-by-state payer landscape analysis rather than relying on aggregate payer mix data, because the revenue risks and compliance obligations in each state may be fundamentally different from the others.
Medicaid Overpayment and Clawback Exposure: The Federal 60-Day Rule, State Recovery Programs, and Successor Liability
The federal 60-day rule, codified at 42 U.S.C. Section 1320a-7k(d), requires providers and suppliers who have received an overpayment from a federal healthcare program to report and return that overpayment within 60 days of the date on which the overpayment is identified. An overpayment that is not reported and returned within 60 days of identification becomes an obligation under the False Claims Act, and the provider faces potential FCA liability for each retained overpayment. The practical significance for ABA buyers is that an ABA practice that has received Medicaid overpayments and has not timely reported and returned them has an existing FCA exposure that does not extinguish at closing. A buyer who acquires the target's liabilities in a stock purchase or who expressly assumes Medicaid liabilities in an asset purchase inherits this exposure.
State Medicaid overpayment recovery programs operate independently of the federal 60-day rule and have their own lookback periods, audit methodologies, and recovery mechanisms. Most states apply a five-year lookback period for Medicaid overpayment recovery, consistent with the False Claims Act's six-year limitation period for non-fraud claims and the statute's tolling provisions for fraudulent concealment. State Medicaid Integrity Contractors and their successor program integrity entities conduct post-payment audits of ABA providers using data analytics to identify billing patterns that suggest overpayments, including claims for services that exceed peer norms in frequency or intensity, claims submitted without corresponding treatment authorizations, and claims billed under HCPCS codes that the documentation does not support.
Successor liability in the Medicaid context is determined by a combination of federal common law, state law, and the specific structure of the acquisition. Asset purchases with explicit exclusions of Medicaid liabilities generally provide more protection against successor liability than stock purchases, but neither structure eliminates successor liability risk entirely. Federal courts have held that a buyer may be liable for the seller's Medicaid overpayments under a de facto merger or mere continuation theory even in a structured asset purchase if the buyer acquires substantially all of the seller's assets, continues the seller's business without interruption, and the seller is left without assets sufficient to satisfy its own creditors. The appropriate protection is a combination of targeted due diligence to quantify the exposure, indemnification provisions that survive closing for the full Medicaid lookback period, and an escrow or holdback sized to cover the estimated liability.
The due diligence process for Medicaid overpayment exposure should include a review of all Medicaid program integrity correspondence received by the target in the preceding five years, a review of any Medicaid provider audits or desk reviews conducted or initiated during that period, a review of the target's internal billing compliance records for any self-identified overpayments and the status of any voluntary repayments, and an independent billing audit of a representative sample of Medicaid claims by a qualified healthcare compliance consultant. The audit should apply the applicable state Medicaid program's coverage rules, documentation requirements, and coding guidelines rather than generic billing standards, because ABA Medicaid billing requirements vary materially across states and the audit must test compliance with the rules that actually apply to the target's claims.
Documentation Audit Risk: Session Notes, BIRP and SOAP Formats, Treatment Authorizations, and Progress Report Standards
ABA documentation requirements imposed by Medicaid and commercial payers are among the most granular in behavioral health billing. A covered ABA session is not simply the delivery of therapy by a qualified technician. It is a clinical service that must be supported by a treatment plan developed and signed by a supervising Board Certified Behavior Analyst, a valid prior authorization from the applicable payer covering the specific service code and intensity level, a session note that documents the specific skills targeted during the session with reference to the treatment plan goals, the name and credential level of the technician who delivered the service, the supervising BCBA's contact with the patient and the technician during the applicable supervision period, and a progress note that periodically documents the patient's progress toward treatment plan goals and supports the medical necessity of continuing services.
BIRP and SOAP note formats are the two most commonly used session note structures in ABA billing compliance. BIRP notes document Behavior (what the patient presented), Intervention (what the therapist did), Response (how the patient responded), and Plan (adjustments to the treatment approach). SOAP notes document Subjective findings, Objective data, Assessment of progress, and Plan for next session. The specific format required is typically specified in the payer's provider manual or the Medicaid state plan, and a practice that uses a consistent internal format that does not map to the payer's required structure may face documentation deficiency findings even if the underlying clinical information was recorded. A buyer conducting documentation diligence should request a sample of session notes across multiple payers and service codes and review them against the applicable payer documentation requirements, not against a generalized industry standard.
Treatment authorization management is a recurring source of audit risk in ABA practices. Prior authorizations for ABA services are time-limited, service-code-specific, and often restricted to a defined number of hours per week or per authorization period. A claim submitted for a session delivered outside the authorized period, under an expired authorization, at an intensity level exceeding the authorized hours, or under a service code different from the authorized code is potentially subject to recoupment even if the service was clinically appropriate and well-documented. Practices with high session volumes and multiple active authorizations across many patients often have authorization tracking systems that do not catch authorization lapses in real time, resulting in services billed without valid authorizations that are identified only when a payer initiates a post-payment audit.
Progress reports are the clinical documentation used to support authorization renewals and demonstrate medical necessity for continued ABA services. Payers typically require progress reports at defined intervals, commonly every six months for Medicaid MCOs and every three to six months for commercial payers, and may require that progress reports be completed by the supervising BCBA and submitted before a new authorization will be issued. A practice whose progress report completion rates are low, whose progress reports are not completed by credentialed BCBAs, or whose progress reports are filed late relative to authorization renewal deadlines will have authorization gaps in its billing records that create recoupment exposure. The documentation diligence should confirm that the target's progress report completion rates and content quality are adequate to support the authorization renewal workflow for each major payer.
HCPCS CPT Code Compliance: 97151 Through 97158, 0362T, 0373T, and ABA Billing Integrity
The HCPCS CPT codes applicable to ABA services were significantly restructured in 2019 when the American Medical Association introduced a new code set replacing the prior H code billing framework used in many states. The current ABA billing code set includes CPT 97151 for behavior identification assessment, 97152 for behavior identification supporting assessment, 97153 for adaptive behavior treatment by protocol, 97154 for group adaptive behavior treatment by protocol, 97155 for adaptive behavior treatment with protocol modification, 97156 for family adaptive behavior treatment guidance, 97157 for multiple-family group adaptive behavior treatment guidance, and 97158 for group adaptive behavior treatment with protocol modification. Category III codes 0362T and 0373T cover exposure behavioral intervention and multidisciplinary team conference services respectively, and some payers have adopted these codes while others have not.
Each code in the ABA set carries specific provider qualification requirements that determine who may bill for the service. CPT 97155, the protocol modification code, requires delivery by a BCBA or other qualified healthcare professional, because it involves clinical decision-making about treatment plan adjustments that cannot be delegated to a Registered Behavior Technician. CPT 97153, the treatment-by-protocol code, may be delivered by a technician under BCBA supervision, but the supervising BCBA must maintain the minimum supervision ratios required by the BACB Professional and Ethical Compliance Code and by the applicable payer's coverage policy. Billing 97155 for services actually delivered by an RBT without BCBA presence is upcoding; billing 97153 when the supervising BCBA did not meet minimum supervision requirements is a documentation deficiency that may also constitute a billing compliance violation.
Unbundling risk in ABA billing arises most commonly when practices separately bill assessment codes and treatment codes for services that should be billed as a single encounter under the code that most accurately describes the complete service rendered. The ABA code set includes both assessment and treatment codes, and a patient encounter that combines behavioral assessment activities with direct treatment may appropriately be billed under the assessment code or the treatment code depending on the primary purpose of the session and the documentation of time allocation. Practices that routinely bill separate assessment and treatment codes for the same session may be unbundling services in a manner that results in double payment for a single encounter.
The OIG Work Plan has included ABA billing in its annual priority areas for provider compliance review, reflecting the agency's recognition that the rapid growth of ABA as a covered service has been accompanied by billing and documentation compliance challenges across the provider community. Buyers should confirm that the target has an internal compliance program that addresses ABA-specific billing risks, that the program is implemented and not merely documented, and that the target has conducted internal billing audits using the applicable Medicaid and commercial payer standards within the preceding 24 months. A target that lacks an internal compliance program or that has not conducted recent billing audits should be treated as having undisclosed compliance risk until an independent audit confirms otherwise.
Commercial Payer Credentialing Transfer: CAQH Re-Attestation, BCBS, Aetna, Cigna, UnitedHealthcare, and Anthem Enrollment
Commercial payer credentialing is the process by which a provider entity establishes its right to participate in a payer's network and to receive reimbursement at contracted rates. For ABA practices, credentialing operates at two levels simultaneously: the organizational credentialing of the practice entity as a participating provider, and the individual credentialing of each BCBA and other qualified healthcare professional employed by the practice as an authorized rendering provider. Both levels of credentialing must be current and complete for the practice to bill for ABA services to a given commercial payer's members at in-network rates.
CAQH ProView is the primary credentialing data platform used by major commercial payers to collect and maintain provider credentialing information. Most major commercial payers, including BCBS plans, Aetna, Cigna, UnitedHealthcare, and Anthem, rely on CAQH to store provider credentials rather than maintaining independent credentialing files. A provider must maintain a current CAQH profile with quarterly re-attestation to remain eligible for network participation with these payers. A practice whose BCBAs have not maintained current CAQH profiles, or whose organizational CAQH profile does not accurately reflect the current ownership structure and provider roster, may have credentialing gaps that are not visible in the practice's billing records but that would become apparent in a payer audit of the provider file.
Ownership change provisions in commercial payer contracts typically require the provider to notify the payer of any material change in ownership within 30 to 90 days of the change occurring, and many contracts give the payer the right to terminate the provider agreement or to require re-credentialing upon a change in ownership. A buyer acquiring an ABA practice through an asset purchase is a new legal entity that lacks any existing credentialing relationship with the commercial payers that served the prior practice, and must apply for network participation as a new provider. The new provider enrollment process with BCBS plans, Aetna, Cigna, UnitedHealthcare, and Anthem typically runs 60 to 180 days from submission of a complete application, and the buyer will not be able to bill at in-network rates during the enrollment period.
Managing the credentialing transition requires advance planning that begins well before closing. Buyers should identify all commercial payers with which the target holds in-network agreements, review the change of control provisions in each agreement, and initiate the applicable notification and enrollment processes as early as commercially practicable given the confidentiality constraints of the pre-signing period. In transactions where the buyer cannot begin the enrollment process until the transaction is publicly announced, the parties should negotiate a post-closing revenue sharing or billing arrangement that allows the target entity to continue billing for services delivered by the buyer's clinicians during the enrollment gap. This transition billing arrangement must be structured carefully to comply with payer policies and applicable billing regulations.
State Autism Insurance Mandates: Age Caps, Dollar Limits, Visit Restrictions, and Exception Processes
All fifty states and the District of Columbia have enacted autism insurance mandates requiring that state-regulated health insurance plans cover ABA therapy and other autism-related services. The mandates differ significantly in their scope, coverage parameters, and enforcement mechanisms. A buyer acquiring an ABA practice must conduct a state-by-state mandate analysis for each state in which the practice operates, because the mandate provisions that govern the coverage obligations of the practice's commercial payers vary materially across states and directly affect the practice's collectible revenue for commercially insured patients.
Age caps are among the most significant mandate parameters for ABA practices, because ABA therapy is clinically beneficial across a wide age range and practices that serve adult patients depend on commercial coverage that extends beyond the pediatric age limits common in earlier autism mandates. Several states limit their autism insurance mandates to patients under age 18 or under age 21, effectively excluding adult autism patients from the mandate's coverage guarantee. A practice with significant adult caseloads in a state with a restrictive age cap may be relying on commercial payer coverage that is not guaranteed by state law and that is subject to termination or modification by the payer without triggering the mandate's protections.
Dollar limits and visit caps in state autism mandates establish annual maximums on covered ABA services that may be materially below the annual cost of intensive ABA therapy for a patient with high clinical need. A state mandate that caps annual ABA coverage at a dollar amount below the cost of recommended therapy intensity effectively shifts the excess cost to the patient or to a secondary payer, which may or may not be available. A practice operating in a state with a low dollar cap or a restrictive visit limit should have billing processes that identify patients approaching the annual limit and initiate the payer's exception or appeals process before the limit is reached, because revenue from services delivered after the limit is exhausted without an approved exception is at risk of non-payment.
Exception processes under state autism mandates allow patients or providers to request coverage beyond the mandate's standard limits when clinical necessity supports additional services. The availability, structure, and success rates of these exception processes vary by state and by payer. A practice whose revenue model depends on consistent approval of exception requests should have documented evidence that it has a track record of successfully navigating each payer's exception process, because a new owner without that track record may not replicate the same success rates. The buyer's diligence should request data on the volume and outcome of mandate exception requests filed by the target in the preceding two years, organized by payer and state.
Payer Diligence Cannot Be Compressed Into a Standard Healthcare Acquisition Checklist
ABA payer compliance is specialty-specific, state-specific, and payer-specific. A buyer who approaches ABA diligence with a generic behavioral health framework will miss the billing code compliance issues, documentation deficiencies, and credentialing gaps that generate the material post-closing liabilities in these transactions. Counsel who has worked through ABA payer diligence knows where to look and what to quantify before the purchase agreement is signed.
MHPAEA Parity Enforcement for Self-Funded ERISA Plans: 2024 Final Rule, Comparative Analysis Obligations, and ABA as a Mental Health Benefit
The Mental Health Parity and Addiction Equity Act, as amended by the 21st Century Cures Act and implemented through the 2024 final rule issued jointly by the Departments of Labor, Health and Human Services, and Treasury, requires that group health plans and health insurance issuers that provide mental health or substance use disorder benefits do not impose treatment limitations on those benefits that are more restrictive than the limitations applied to substantially all medical and surgical benefits in the same classification. ABA therapy for autism spectrum disorder is classified as a mental health benefit under MHPAEA's implementing regulations in virtually all plan and issuer contexts, meaning that plans and issuers must apply the same prior authorization requirements, visit limits, medical necessity standards, and network adequacy standards to ABA coverage as they apply to comparable medical and surgical benefits.
The 2024 final rule expanded the scope of the comparative analysis requirement that plans and issuers must conduct to demonstrate MHPAEA compliance. Plans must now conduct and document a comparative analysis of each nonquantitative treatment limitation applied to mental health benefits versus the limitations applied to medical and surgical benefits in the same classification. This comparative analysis must be made available to the applicable federal agency, state regulator, or plan participant upon request. Payers who apply prior authorization requirements to ABA therapy that they do not apply to comparable medical and surgical services, who use medical necessity criteria for ABA coverage that are more restrictive than the criteria applied to comparable services, or who maintain provider network standards for ABA that are less favorable than the standards maintained for comparable medical services are potentially out of compliance with the 2024 final rule's expanded requirements.
For ABA practices, MHPAEA parity has both a defensive and an affirmative dimension. The defensive dimension is that the practice must avoid billing practices that could expose a commercial payer to a parity complaint that the payer then uses as leverage to renegotiate or terminate the provider agreement. The affirmative dimension is that a practice with an experienced parity advocacy function can use MHPAEA compliance as a tool for expanding patient access and protecting coverage for patients whose payers attempt to impose non-parity-compliant limitations. A target practice that has successfully used parity arguments to reverse coverage denials has demonstrated a compliance capability that has revenue value for a buyer.
Self-funded ERISA plans present the most complex MHPAEA compliance environment for ABA providers because ERISA preempts state insurance law, meaning that state autism insurance mandates and state parity laws that apply to fully insured commercial plans do not apply directly to self-funded plan benefits. Self-funded plans remain subject to the federal MHPAEA requirements but have more flexibility in benefit design than fully insured plans subject to state mandates. A buyer acquiring a practice with significant self-funded plan revenue should assess whether the self-funded plans in the target's payer mix are applying coverage limitations to ABA services that would not survive scrutiny under the 2024 final rule's comparative analysis framework.
TRICARE Autism Care Demonstration: Military Family Coverage, Network Participation, and ACD-Specific Compliance Requirements
The TRICARE Autism Care Demonstration is a Department of Defense program that provides ABA therapy coverage for military children with autism spectrum disorder. The ACD operates as a demonstration program administered through the Defense Health Agency, with regional managed care support contractors responsible for network management, prior authorization, and claims processing in each TRICARE region. ABA providers who participate in the ACD are subject to the program's specific coverage requirements, documentation standards, and billing protocols, which differ in some material respects from Medicaid and commercial payer standards.
ACD participation requires that the ABA provider be enrolled as a TRICARE-authorized provider and that each supervising BCBA hold current Board Certified Behavior Analyst certification from the Behavior Analyst Certification Board. The ACD's network structure operates through regional contractors that maintain separate provider panels for each TRICARE region, and a provider who participates in TRICARE in one region must separately apply for participation in each other region where it operates. An ABA practice with locations across multiple TRICARE regions should have a complete and current ACD provider enrollment file for each region, with documentation confirming that all supervising BCBAs are enrolled and that their credentials are current.
The ACD billing and documentation requirements are maintained by the Defense Health Agency and are updated periodically. The program uses the standard HCPCS ABA code set, but applies coverage policies and prior authorization requirements that may differ from those of Medicaid and commercial payers for comparable services. Authorization management for ACD patients requires tracking against ACD-specific authorization periods and service limits, and the ACD's claims adjudication system has historically had processing characteristics that differ from commercial payer systems, including longer adjudication timelines and more frequent requests for supporting documentation.
Military families are geographically mobile, and ACD patient rosters at ABA practices near military installations can be subject to significant turnover as active duty families receive orders to new duty stations. A practice whose revenue is heavily concentrated in ACD patients near a large military installation carries a geographic concentration risk that is distinct from the revenue concentration risks associated with a high-volume commercial payer relationship. The buyer's diligence should assess the patient census data for ACD patients across the target's locations and the historical turnover rate for the ACD patient population to develop a realistic projection of ACD revenue continuity post-closing.
Single Case Agreements vs. In-Network Contracts: Negotiation Leverage, Transferability Risk, and Revenue Concentration Analysis
Single case agreements are individually negotiated arrangements between an out-of-network ABA provider and a commercial payer that authorize coverage for a specific patient's ABA therapy at negotiated rates for a defined period. SCAs are common in ABA because the demand for ABA services frequently exceeds in-network provider capacity in many markets, compelling payers to authorize out-of-network services to meet their members' access needs and comply with state network adequacy standards. A practice with strong clinical outcomes and a referral base that generates consistent demand from patients enrolled in plans for which the practice is not in-network may be able to generate substantial revenue through SCAs negotiated at rates that exceed in-network contracted rates.
The revenue risk associated with SCA-dependent practices is that SCAs are structurally less stable than in-network contracts. An in-network contract establishes a durable relationship between a provider entity and a payer that governs billing for all members of the payer's health plans who choose to receive services from that provider. An SCA covers a single patient and expires when the authorized period ends. When an SCA expires, the payer has no obligation to renew it, and many payers use the renewal negotiation as an opportunity to renegotiate rates downward or to redirect the patient to a newly available in-network provider. A practice that has built its commercial revenue base on a large portfolio of SCAs rather than in-network contracts is operating on a contractual foundation that requires constant renegotiation and that is vulnerable to payer decisions to restrict out-of-network authorization.
The transferability issue for SCAs in an M&A context is significant. SCAs are typically non-assignable: they are issued by the payer to the specific provider entity that is out-of-network, and they do not transfer to a new owner in a practice acquisition. When a practice changes ownership, the payer has the right to decline to issue new SCAs to the buying entity, particularly if the payer now has adequate in-network capacity to serve the patient. A buyer who pays for the target's commercial revenue based on projections that include SCA revenue without adjusting for the risk that the SCAs will not be renewed under the buying entity's name is overpaying for revenue that may not survive the ownership transition.
The negotiation leverage that generates SCA revenue at favorable rates is not automatically transferred in an acquisition. SCAs are often the product of a specific relationship between the target practice's leadership and a payer's network relations team, or of a demonstrated track record of successful outcomes for a specific patient population that the payer is motivated to keep in treatment. A new owner who lacks those relationships or that track record may find that SCAs are renewed at lower rates or not renewed at all. The buyer's due diligence should model SCA revenue under scenarios that range from full continuity to complete non-renewal and confirm that the acquisition economics are viable across the range of plausible SCA outcomes.
Denial Management and Appeals: Prior Authorization Workflow, External Review Rights, and Operational Revenue Cycle Diligence
Prior authorization is the primary revenue cycle challenge in ABA billing. Virtually every commercial payer and Medicaid managed care organization requires prior authorization for ABA services before sessions can be delivered and billed, and the authorization process requires clinical documentation, BCBA review, and payer processing time that creates operational friction between the patient's clinical needs and the provider's ability to begin billing for services. A practice with a well-functioning prior authorization workflow will have defined timelines for submitting initial authorization requests, tracking authorization status, escalating pended or denied requests, and managing the transition between expiring and renewed authorizations. A practice without a systematic authorization management process will have authorization gaps, delayed starts of care, and denied claims that reduce net revenue.
Denial management begins with a classification of denial types that allows the practice to identify systematic problems in its billing and authorization processes. The primary denial categories in ABA billing are authorization denials (service delivered without a current authorization), coding denials (service billed under an incorrect HCPCS code), documentation denials (claim submitted without adequate supporting documentation), timely filing denials (claim submitted after the payer's filing deadline), and medical necessity denials (payer determination that the service is not medically necessary for the specific patient). Each denial type requires a different remediation approach, and a practice that addresses all denials through a single appeals workflow without categorizing and routing them appropriately will have lower appeal success rates than a practice with a differentiated denial management system.
External review rights are available for adverse coverage decisions affecting mental health benefits under the Affordable Care Act's external review provisions and under state external review laws that apply to state-regulated commercial plans. A medical necessity denial for ABA therapy from a commercial payer can be challenged through the payer's internal appeals process and, if upheld, referred to an independent review organization for external review. ABA practices with effective appeals programs use external review systematically for medical necessity denials that meet the criteria for external review and have documented external review success rates that demonstrate the appeals program's effectiveness. A buyer should request data on the target's external review filing rates and outcomes as part of revenue cycle diligence.
The revenue cycle diligence framework for an ABA acquisition should assess the days in accounts receivable by payer, the first-pass and final denial rates by payer and denial type, the appeal success rates by appeal level and denial type, the percentage of denied claims that are written off without appeal, and the volume and aging of claims in each stage of the appeals process. A practice with high write-off rates for appealed claims may be accepting revenue losses that a buyer with a more systematic appeals process could recover, which is a post-closing revenue opportunity. A practice with high write-off rates for unappealed claims may have systematic billing problems that generate denials that cannot be successfully appealed, which is a pre-closing compliance risk.
Billing and Coding Compliance: Upcoding and Unbundling Exposure, Supervision Ratio Violations, and OIG Work Plan Priorities
Billing and coding compliance in ABA practices requires ongoing attention to a code-specific regulatory environment that has been actively updated since the 2019 CPT code set transition. The transition from H-code billing, which many state Medicaid programs used before the AMA's adoption of the ABA-specific CPT code set, to the current 97151-97158 framework required ABA practices to implement new billing logic, retrain billing staff, and update clinical documentation templates to support the specific documentation requirements of each new code. Practices that executed this transition imperfectly may have residual compliance issues in their historical billing records that are not visible in their financial statements but that create audit exposure.
Upcoding in ABA billing most commonly occurs when a practice bills CPT 97155 for sessions that were delivered by RBTs without a supervising BCBA physically or virtually present in the manner required by the code's clinical coverage policy. The 97155 code covers protocol modification services that require BCBA-level clinical judgment, and its use is limited to sessions in which a BCBA or other qualified healthcare professional provides the service directly. Billing 97155 when the BCBA's involvement was limited to supervision from a remote location without real-time observation, or when the BCBA's supervision of the session did not meet the minimum supervision requirements under the applicable payer's coverage policy, is a coding compliance risk that recurs across ABA practices with high RBT-to-BCBA ratios and large caseloads per supervising BCBA.
Supervision ratio violations represent one of the most commonly identified compliance deficiencies in ABA program integrity audits. The Behavior Analyst Certification Board's requirements and the coverage policies of most Medicaid and commercial payers establish minimum standards for the ratio of RBT hours to BCBA supervision hours and for the frequency and format of BCBA supervision contacts. A BCBA who supervises more RBTs or more patient hours than the applicable standards permit may not be able to satisfy the documentation requirements for each supervised session, resulting in claims for sessions that cannot be supported by adequate supervision documentation. A target with high BCBA caseloads relative to the applicable supervision standards should be treated as having meaningful coding compliance exposure until an independent audit confirms otherwise.
The OIG's annual Work Plan has included ABA billing compliance as a priority area, reflecting the program's recognition that the rapid expansion of ABA as a Medicaid and commercial benefit has been accompanied by compliance challenges that warrant systematic oversight. OIG Work Plan items related to ABA have included reviews of Medicaid payments for ABA services without required BCBA supervision, reviews of claims for ABA services delivered by inadequately credentialed technicians, and reviews of the adequacy of state Medicaid agencies' oversight of ABA providers. A buyer should confirm that the target's compliance program addresses each of the ABA-specific risk areas identified in recent OIG Work Plan items and that the program has been actively implemented rather than existing only as a written document.
Reps and Warranties, Overpayment Reserve, and Special Indemnification: Allocating Payer Risk in the Purchase Agreement
The purchase agreement for an ABA practice acquisition must allocate payer compliance risk between buyer and seller through a combination of targeted representations and warranties, a specifically structured indemnification framework, and a financial reserve mechanism sized to cover identified compliance exposure. Standard healthcare M&A representations regarding compliance with applicable law and the absence of material violations are necessary but not sufficient: the ABA payer-specific risks identified through diligence must be addressed through representations that speak directly to the compliance categories most likely to generate post-closing liability.
The Medicaid compliance representation should confirm that all claims submitted to Medicaid and Medicaid managed care organizations during the representation period were submitted in compliance with applicable federal and state billing requirements, that the target has received no notice of a Medicaid overpayment finding or program integrity investigation that has not been disclosed, that all identified overpayments have been reported and returned within the timeframe required by 42 U.S.C. Section 1320a-7k(d), and that the target is not aware of any billing practice that would constitute a false claim under the False Claims Act or the applicable state false claims statute. The representation should survive closing for a period commensurate with the Medicaid lookback period, typically five years, and should be supported by an indemnification obligation that covers the full cost of any Medicaid overpayment recovery, including the cost of responding to the audit, any extrapolated overpayment amounts, and any civil money penalties.
The payer contract assignability representation should confirm the status of each material payer agreement with respect to change of control provisions, prior consent requirements, and assignability. Specifically, the representation should confirm whether each payer agreement requires prior written consent to assignment or transfer in connection with a change of control, whether any payer has been notified of the pending transaction and has indicated a position regarding the agreement's continuation, and whether any payer agreement contains a right of termination that has been triggered by the transaction. This representation is essential because a payer who exercises a termination right post-closing can eliminate a material revenue stream that was included in the acquisition's financial projections without any obligation to continue the relationship on comparable terms.
The overpayment reserve structure should be negotiated based on the results of the independent billing audit conducted during diligence, with the reserve amount representing the probability-weighted estimate of Medicaid and commercial payer overpayment exposure across the applicable lookback period. The reserve should be held in a separate escrow account, not merged into a general indemnification escrow, because the release conditions and the timeline for resolving Medicaid overpayment claims differ materially from the conditions applicable to general indemnification claims. Special indemnification provisions should address the specific scenarios in which the seller's pre-closing billing practices generate post-closing liability, including formal overpayment demands from state Medicaid agencies, MCO audit findings, and commercial payer recoupment demands. The indemnification should be backed by the escrow for the full Medicaid lookback period, with release of escrow proceeds conditioned on the absence of any pending audit or investigation at the time of the scheduled release. Acquisition Stars advises buyers and sellers on ABA practice acquisitions, with a focus on Medicaid and commercial payer compliance, billing audit diligence, and deal structure. Contact us at 248-266-2790 or through the form below to discuss your transaction.
Frequently Asked Questions
How do buyers estimate Medicaid clawback exposure when acquiring an ABA practice?
Estimating Medicaid clawback exposure requires a structured review of the target's billing records, remittance histories, and any correspondence from state Medicaid agencies or managed care organizations indicating overpayment findings. Buyers should request the full three-to-five year billing history organized by payer, service line, and HCPCS code, then engage an independent healthcare billing consultant to apply the state Medicaid agency's own auditing logic to a statistically significant sample of claims. The sample should weight toward the highest-volume codes, the service types most frequently subject to prior authorization disputes, and any periods during which the target expanded into new geographies or added new clinicians to its credentialing roster. If the state Medicaid agency uses extrapolation methodology to project sample error rates across the full claims universe, the buyer's consultant should apply the same methodology to the sample to generate a defensible reserve estimate. A well-structured indemnification escrow tied to a competently sized reserve is the appropriate risk management tool, not a simple reduction to purchase price that may undercompensate or overcompensate depending on actual audit outcomes.
What MHPAEA parity risk should buyers assess when acquiring an ABA practice with significant commercial payer revenue?
The Mental Health Parity and Addiction Equity Act applies to group health plans and health insurance issuers that provide mental health or substance use disorder benefits, and ABA therapy qualifies as a mental health benefit under the statute and implementing regulations in virtually all commercial plan contexts. The 2024 final rule issued by the Departments of Labor, Health and Human Services, and Treasury significantly expanded the analytical and documentation obligations that plans must satisfy to demonstrate parity compliance, including requirements to conduct and document comparative analyses of nonquantitative treatment limitations applied to mental health benefits versus medical and surgical benefits. A buyer acquiring an ABA practice should assess whether any of the commercial plans covering the target's patients have applied prior authorization requirements, visit caps, or medical necessity standards to ABA therapy that are materially more restrictive than the standards applied to comparable medical and surgical benefits. If the target has participated in external appeals proceedings or has records of parity-based complaints from patients or plan participants, those records are discoverable and potentially transferable liabilities. The buyer's diligence should also assess the target's own compliance with any parity-related obligations it has assumed under contracts with state-regulated commercial insurers, because state parity laws in several markets extend parity obligations beyond the federal floor.
How long does commercial payer re-credentialing typically take when an ABA practice changes ownership?
Commercial payer re-credentialing timelines vary significantly by payer, by the structure of the ownership change, and by whether the transaction is structured as an asset purchase or a stock purchase that preserves the legal entity holding existing provider agreements. For asset purchases, the buyer typically must enroll as a new provider with each commercial payer from scratch, because the existing provider agreements are assets of the seller entity and do not transfer automatically to a new legal entity. New provider enrollment timelines for the major commercial payers generally run 60 to 180 days from submission of a complete application, with BCBS plans, Aetna, and UnitedHealthcare each maintaining their own credentialing processes and timelines that are not coordinated with each other. During the enrollment period, the buying entity cannot bill for services under its own provider number, which creates a revenue gap unless the parties structure a billing arrangement that allows the target to continue billing under its existing enrollment number during a transition period. Stock purchases that preserve the target's corporate structure may allow continuity of existing provider agreements without formal re-credentialing, though most commercial payer contracts contain change of control provisions that require the payer's prior written consent and may trigger a re-credentialing requirement regardless of the transaction structure.
What denial rate benchmarks should buyers use when evaluating an ABA practice's revenue cycle health?
Denial rate benchmarks in ABA billing reflect the particular challenges of the specialty: high prior authorization requirements, complex documentation standards for session notes, frequent disputes over service intensity and medical necessity, and the susceptibility of telehealth-delivered services to payer-specific coverage restrictions. A first-pass denial rate above fifteen percent is a meaningful signal of revenue cycle dysfunction, though the appropriate benchmark depends on the payer mix. Medicaid managed care organizations tend to generate higher denial rates than commercial plans in many markets due to more aggressive prior authorization protocols and tighter medical necessity criteria. A practice with Medicaid MCO revenue comprising sixty percent or more of its total payer mix should be evaluated against Medicaid-specific benchmarks rather than blended ABA market averages. Days in accounts receivable is the companion metric to denial rate: a practice with a high denial rate but effective appeals processes may convert initially denied claims at a rate that keeps overall AR days within an acceptable range. Buyers should request at least 18 months of denial data organized by payer, denial reason code, and outcome of the appeals process to distinguish systemic billing problems from payer-specific disputes that the target has been managing effectively.
How frequently do state Medicaid agencies audit ABA provider documentation, and what triggers a targeted review?
State Medicaid agency audit frequency for ABA providers varies by state, by the volume of claims the provider submits, and by whether the provider has previously been identified through data analytics as a statistical outlier relative to peer providers. Most state Medicaid agencies conduct some form of routine post-payment review for high-volume behavioral health providers, and ABA practices that bill above the median claim volume for their state are generally subject to higher baseline scrutiny. Targeted audits are most commonly triggered by billing patterns that diverge from peer norms, such as consistently billing the highest-intensity assessment codes, high ratios of direct therapist hours to supervising BCBA hours, claims for services delivered to patients with session note documentation gaps, or credentialing discrepancies identified through routine provider file reviews. Medicaid managed care organization audits represent an additional audit channel beyond the state agency itself: MCOs are contractually required by their state contracts to conduct fraud, waste, and abuse oversight of their network providers, and some MCOs have developed their own ABA-specific audit protocols that apply data analytics to identify unusual billing patterns. A buyer should request records of all audits, desk reviews, and informal inquiries the target has received from any state agency, MCO, or federal program in the preceding five years, not only formal audit findings.
What is the conversion risk when a target ABA practice relies heavily on single case agreements for commercial payer coverage?
Single case agreements are individually negotiated arrangements between an out-of-network provider and a commercial payer that authorize coverage for a specific patient at negotiated rates for a defined period. The conversion risk for a buyer acquiring a practice with significant SCA revenue is that SCAs are typically non-transferable, patient-specific, and terminable on short notice by the payer without the continuation obligations that apply to in-network contracts. When a practice changes ownership, commercial payers are not contractually obligated to extend existing SCAs to the new owner, and many payers use ownership transitions as an opportunity to reassess whether to continue the SCA relationship or to direct the patient to an in-network provider. A practice that generates thirty percent or more of its commercial payer revenue through SCAs rather than in-network contracts presents meaningful revenue concentration risk in an acquisition, because the buyer cannot assume continuity of that revenue stream post-closing without affirmative steps to negotiate new SCAs or in-network enrollment with each applicable payer. Buyers should model a scenario in which all SCA revenue is lost within twelve months post-close and assess whether the remaining in-network revenue and Medicaid revenue support the acquisition economics before committing to the transaction at the negotiated price.
How does self-funded ERISA plan exposure differ from state-regulated commercial plan exposure in ABA M&A diligence?
Self-funded ERISA plans present a distinct compliance profile in ABA M&A diligence because they are governed by federal ERISA rather than state insurance law, which means that state autism insurance mandates and state parity laws that apply to fully insured commercial plans do not apply directly to self-funded plan benefits. A self-funded employer plan has broad discretion to design its ABA benefit structure, including applying age caps, dollar limits, and prior authorization requirements that state insurance mandates would prohibit if applied by a fully insured carrier. However, self-funded plans remain subject to the federal MHPAEA parity requirements, including the 2024 final rule's expanded comparative analysis obligations, and a self-funded plan that applies more restrictive benefit limitations to ABA therapy than to comparable medical and surgical benefits is potentially liable for parity violations. For a target ABA practice with significant self-funded plan revenue, the buyer should assess whether the target has experienced coverage disputes, denial patterns, or patient complaints arising from self-funded plan benefit limitations, because these disputes may signal that the target's revenue projections depend on continued coverage decisions that could change post-closing. The buyer should also confirm that the target's billing practices for self-funded plan patients are consistent with the plan documents for each major self-funded payer, because self-funded plans have the right to audit providers and recover overpayments based on their own plan terms.
How should buyers calculate the overpayment reserve in an ABA acquisition, and what should the escrow structure look like?
The overpayment reserve in an ABA acquisition should be calculated through a structured process that starts with identification of the risk categories most likely to generate Medicaid or commercial payer overpayment findings and then quantifies the financial exposure in each category based on the target's specific billing history and documentation practices. The primary risk categories are documentation deficiencies in session notes and treatment authorizations, billing for services at higher intensity levels than the documentation supports, claims for services delivered by technicians who lacked current RBT certification at the time of service, and claims submitted after the applicable payer's timely filing deadline. Each category should be evaluated against a statistical sample of claims, with the sample size and selection methodology designed to support extrapolation across the full claims population if a Medicaid auditor were to apply extrapolation to the same data. The resulting risk estimates should be summed across categories, with a probability-weighted adjustment for the likelihood that a formal audit would actually identify each type of deficiency and the likelihood that identified deficiencies would result in formal overpayment demands rather than documentation remediation requests. The escrow structure should hold the reserve amount for a period that extends beyond the applicable lookback window for each payer type, typically 36 months for commercial payers and 60 months for Medicaid, with defined release conditions tied to the absence of audit activity and the expiration of the lookback period.
Payer Risk in ABA Acquisitions Is Quantifiable. The Reserve Must Be Sized Before Signing, Not After.
Medicaid lookback periods run five years. Commercial payer recoupment rights run three. The indemnification framework in the purchase agreement must be designed with those timelines in mind, backed by an escrow sized to the audit results, and structured so that release conditions align with actual risk resolution. Counsel who has worked through ABA payer diligence builds these structures from the ground up on deal-specific data, not generic healthcare M&A templates.
Related Resources
ABA Autism Services M&A: Legal Guide
The complete legal framework for M&A transactions involving ABA therapy practices, covering Medicaid compliance, BCBA credentialing, state licensure, payer contracts, and purchase agreement structure.
RelatedBCBA and BCaBA Credentialing in ABA Practice M&A
How BACB certification requirements, supervision ratios, and credentialing continuity affect ABA acquisitions, with analysis of workforce retention risk and post-closing compliance obligations.
RelatedState ABA Licensure and Parity Laws in M&A
State-by-state analysis of ABA provider licensure requirements, autism insurance mandate coverage parameters, and parity enforcement frameworks that affect ABA practice acquisitions.
Payer diligence in an ABA practice acquisition is not a parallel track to the legal and financial diligence. It is the core of the diligence, because the practice's value is inseparable from its payer relationships and its ability to sustain compliant billing over time. A practice whose Medicaid claims are systematically underdocumented, whose commercial payer credentialing is fragmented, or whose revenue depends on SCA arrangements that will not survive the ownership transition is a fundamentally different asset from what its financial statements may suggest.
The buyer who understands this engages a qualified healthcare billing consultant to conduct an independent claims audit during diligence, negotiates representations and warranties that speak specifically to each material payer relationship, and structures an escrow and indemnification framework that reflects actual, quantified risk rather than a generic percentage holdback. Acquisition Stars advises buyers and sellers on ABA practice acquisitions, with particular focus on Medicaid and commercial payer compliance, billing audit diligence, credentialing transition planning, and payer risk allocation in the purchase agreement. Contact us at 248-266-2790 or through the form below to discuss your transaction.
Written by Alex Lubyansky, Managing Partner, Acquisition Stars. Alex advises on M&A transactions in healthcare services, including behavioral health, ABA therapy, and other licensed and regulated provider businesses, with a focus on payer compliance diligence, regulatory risk allocation, and deal structuring for transactions requiring Medicaid and commercial payer analysis.