Last Friday, the U.S. Department of Justice ("DOJ" or the "Department") announced that settlements and judgments under the False Claims Act ("FCA") reached a record $6.8 billion in fiscal year 2025 ("FY25"). This total, the highest in the statute’s history, follows the $2.9 billion that DOJ recovered in FY24, underscoring both a surge in whistleblower activity and the Department's continued emphasis on emerging areas of government program fraud beyond the healthcare sector.

By way of background, the FCA, among other things, imposes liability on anyone who knowingly makes or uses a false record or statement that is material either to a false or fraudulent claim or to an obligation to pay or transfer money or property to the government. The FCA allows whistleblowers, or “relators,” to file qui tam lawsuits on behalf of the government. Under the FCA, violators may be liable for treble damages – i.e., three times the government’s losses – along with substantial civil penalties assessed for each false claim. As a result, even seemingly minor claims can quickly lead to significant financial exposure.

Violations can include, for example, overbilling, misrepresenting compliance with contract or regulatory requirements, or falsely claiming eligibility for federal funds. In FY25, whistleblowers filed a record 1,297 new qui tam actions, exceeding the previous high of 979 whistleblower actions in FY24. In addition, the DOJ opened 401 new FCA investigations, reflecting broad enforcement across multiple federal programs.

An Increasing Focus Beyond Healthcare

Although healthcare fraud remains significant – accounting for over $5.7 billion in recoveries – FY25 highlights a growing focus on government contract and procurement fraud. FCA investigations increasingly target misrepresentations related to federal contracts, loans, grants, and supply chain compliance, including violations tied to cybersecurity standards.

Cyber Fraud

Contractors who overstate cyber capabilities or misrepresent compliance can face substantial FCA liability. According to the Fact Sheet, contractor HealthNet agreed to pay $11.2 million to resolve allegations that it falsely certified compliance with cyber requirements it its DOD contract to administer TRICARE, while MORSECORP agreed to pay $4.6 million for cyber violations relating to its contracts with the Army and Air Force.

In higher education, Penn State and Georgia Tech resolved allegations relating to cyber compliance for $1.25 million and $875,000, respectively, in connection with defense contracts. In the Penn State matter, the allegations involved the institution's failure to implement required cyber controls and to adequately develop plans of action to remedy identified cyber deficiencies. In the Georgia Tech case, the allegations involved the institution's failure to meet cyber requirements in Air Force and DARPA contracts, including that it failed to install and run anti-virus tools on computers, servers, and networks at a lab that was used to conduct sensitive cyber-defense projects for the government.

As the foregoing shows, FCA enforcement continues to expand into contractor cyber compliance and the cases highlight the risks associated with overstating cyber maturity or failing to remediate known deficiencies. As cyber requirements continue to evolve across the federal contracting landscape, contractors – large and small – should closely assess their cyber compliance posture to reduce exposure to both DOJ enforcement actions and whistleblower-driven FCA claims.

Military and Defense Procurement Fraud

FY25 also saw significant FCA recoveries tied to military and defense contracting. Allegations included overbilling, submitting false cost/pricing data, and misrepresenting compliance with contractual obligations, all of which highlight the continued risk of fraud in procurement and defense contracting.

In connection with defense contracting, for example, the Department saw its second-largest procurement fraud case in history. In that case, Raytheon agreed to pay $428 million to resolve allegations that it knowingly provided false cost and pricing data during negotiations with DOD for numerous government contracts and double-billed on a weapons maintenance contract.

In other matters, L3 agreed to pay $62 million to resolve allegations that it failed to disclose accurate and complete cost/pricing data, while Lockheed agreed to pay $29.7 million to resolve allegations of defective pricing on contracts for the F-35 fighter jet. Further, DRI Relays agreed to pay $15.7 million for supplying military parts that failed to meet specifications, and DynCorp agreed to pay $21 million to resolve litigation alleging inflated subcontractor charges.

Taken together, these FCA resolutions underscore the government’s continued focus on procurement integrity and its willingness to pursue large, complex enforcement actions against even the most sophisticated defense contractors. With liability arising from pricing disclosures, billing practices, and technical compliance failures, among other areas, contractors face meaningful FCA exposure that warrants sustained compliance attention and early engagement with experienced FCA counsel.

Trade and Pandemic Fraud

Beyond cyber issues and defense contracting, DOJ’s Trade Fraud Task Force contributed to FCA enforcement by pursuing cases involving customs duties, trade compliance, and related procurement fraud. Pandemic-related program fraud and misrepresentations in federal loan or grant programs remain additional areas of focus.

Whistleblowers Drive Recoveries

As expected, whistleblowers remained central to FCA enforcement in FY25. More than $5.3 billion in total recoveries stemmed from qui tam actions, with relators typically receiving 15–30% of the proceeds when claims are successful. The significant financial incentives under the FCA’s qui tam provisions continue to drive robust whistleblower activity. Notably, matters in which DOJ intervened generally resulted in substantially larger recoveries than cases pursued solely by relators, underscoring the critical role of government involvement.

The record 1,297 qui tam filings – up from the prior record of 979 in FY24 – further illustrate the FCA’s continued prominence as an enforcement mechanism across a wide range of industries, including healthcare, technology, defense, logistics, and manufacturing. Whistleblower participation remain a key driver of DOJ’s ability to identify, investigate, and resolve alleged fraud.

Looking Ahead

DOJ’s FY25 data demonstrates the Department’s continued commitment to protecting taxpayer funds and holding entities accountable for misrepresentations or noncompliance across government programs. The record recoveries and high volume of qui tam filings indicate that FCA enforcement is expanding beyond traditional healthcare sectors, with cyber and procurement fraud at the forefront.

Companies engaged in federal contracting should therefore view these trends as a call to strengthen internal controls, compliance systems, and cybersecurity measures. Those that proactively address these risks are better positioned to avoid costly FCA litigation and demonstrate good faith cooperation in the event of an investigation.

. . .

#govcon #falseclaimsact #fca