How a National Insurance Broker's Street Marketer Program Became a $160M ACA Fraud Machine

TL;DR

• DOJ resolved a $160M+ ACA enrollment fraud case against AP of South Florida (APSF) and parent company AssuredPartners in April 2026
• Street marketers recruited homeless individuals and drug treatment patients into subsidized ACA plans using falsified income data; the government paid $141.5M in fraudulent subsidies
• APSF’s former president got 20 years. AssuredPartners paid $107M in civil False Claims Act penalties. APSF pled guilty and paid $27.6M in criminal restitution
• The failure wasn’t rogue employees — it was a compliant-seeming distribution model with zero oversight of the third parties inside it

If you run a book of ACA business through street marketers, community outreach teams, or referral networks, this case is your worst-case scenario spelled out in a federal plea agreement. And it’s worth reading carefully — because nothing about APSF’s setup was unusual until it was.

What Actually Happened

Between 2021 and 2022, AP of South Florida LLC (APSF) — then a subsidiary of AssuredPartners, one of the largest insurance brokerage networks in the country — ran a structured enrollment fraud operation through third-party street marketers working bus stops, homeless shelters, drug treatment clinics, and other locations throughout South Florida.

The mechanics were straightforward and devastating:

Step 1: Recruit. Street marketers were paid cash and gift cards to sign up anyone who would stand still long enough — homeless individuals, unemployed people, patients in addiction treatment programs. None of them were looking for health insurance. Most were already Medicaid-eligible.

Step 2: Falsify. APSF staff manipulated the income data on ACA applications so that applicants appeared to qualify for fully subsidized marketplace plans (essentially $0 premium). Anyone who was genuinely Medicaid-eligible had their applications deliberately denied — which manufactured a “qualifying event” that then triggered special enrollment period eligibility for marketplace plans.

Step 3: Collect. With each fraudulent enrollment, the federal government paid full Advanced Premium Tax Credits (APTCs) to the insurers covering those plans. APSF collected broker commissions. The enrolled individuals — many of them in active addiction treatment or receiving HIV medications — suddenly found themselves in plans they didn’t choose, with copays they couldn’t afford, losing access to the drugs keeping them alive.

Federal prosecutors identified $141.5 million in fraudulent APTC subsidies paid to insurers. A whistleblower with inside knowledge filed a qui tam lawsuit that kicked off the federal investigation.

The Resolution

DOJ announced the resolution in early April 2026, coordinated across criminal and civil tracks:

Cory Lloyd, APSF’s former president who ran the operation, was convicted at trial in November 2025 and sentenced to 20 years in federal prison. Dafud Iza, VP of a related Fiorella Insurance Agency, received 3 years.

The agencies involved: DOJ Criminal Division, DOJ Civil Division (Fraud Section), FBI, HHS Office of Inspector General, IRS Criminal Investigation, and the U.S. Attorney’s Office for the Middle District of Florida.

One notable footnote: Arthur J. Gallagher & Co. acquired AssuredPartners in early 2025, after the fraud ended but before resolution. APSF was explicitly carved out of that acquisition; Gallagher reserved the settlement amounts during due diligence and has no liability here. That’s a useful due diligence case study in itself — but that’s a separate post.

Why This Keeps Happening: The Incentive Model Is the Compliance Problem

This wasn’t a dark-of-night conspiracy. It was a distribution model — street marketers, community outreach teams, a referral network — that looked like a legitimate go-to-market strategy and had zero controls on what the people inside it actually did.

There are three structural failures that appear in almost every ACA enrollment fraud case, and APSF hit all three:

1. Volume incentives with no accuracy controls

Street marketers were paid per enrollment. There were no checks on whether the people they enrolled actually wanted, qualified for, or could use the plans. When you pay for volume with no consequence for bad data, you’re paying people to commit fraud — you just don’t know it yet.

Any broker compliance program with third-party enrollment partners needs to audit the metrics on both ends: enrollment volume and application accuracy, plan utilization, renewal rates. If your marketers are enrolling people who never use the plan, that’s a red flag.

2. No oversight of third-party data before submission

APSF had the technical ability to review applications before submission. They just didn’t. The income manipulation was happening upstream — by the time applications hit the marketplace system, they were already fraudulent.

The fix here isn’t complicated: sample audits of applications prior to submission. A random 5-10% review looking for implausible income figures, duplicate addresses, or enrollment clusters from specific recruitment locations would have surfaced this scheme quickly.

3. Deliberate Medicaid denial manipulation as a process feature

This is the detail that makes this case different from ordinary sloppiness. APSF deliberately denied Medicaid applications — a process step that had no legitimate business purpose — specifically to create qualifying events for marketplace special enrollment. That manipulation would have shown up in the data as an abnormal Medicaid denial rate. Nobody was looking.

Medicaid denial rates, plan non-utilization rates, and premium tax credit claim-to-enrollment ratios are all lagging indicators that a legitimate enrollment program should monitor routinely. They’re also exactly the data patterns federal investigators look for.

What the False Claims Act Means for AssuredPartners (and for You)

The civil resolution was under the False Claims Act, 31 U.S.C. § 3729. The FCA allows the government to recover treble damages — three times the amount of each false claim — plus per-claim penalties. The qui tam whistleblower provision is what got this case started: an insider filed a sealed lawsuit, the government investigated and intervened, and the whistleblower will receive roughly $24.3 million of the recovery.

The FCA exposure here was enormous. At $141.5 million in fraudulent subsidies, treble damages alone would approach $425 million before per-claim penalties. The $107 million civil settlement reflects some discount from maximum exposure, presumably for cooperation, corporate compliance remediation, and the limits of what AssuredPartners could actually pay.

If you’re a compliance officer at an insurance brokerage, the takeaway is this: the FCA applies to any entity that knowingly submits — or causes the submission of — false claims to the federal government. If your distribution partners are generating fraudulent ACA enrollments and you’re collecting commissions on them, you have FCA exposure. The “I didn’t know” defense is available only until you should have known.

30/60/90-Day Checklist for Insurance Broker Compliance Teams

If you use any form of third-party enrollment support — street marketers, community outreach organizations, lead generators, or referral networks — here’s where to start:

This week:

• Pull the roster of active third-party enrollment partners. When did each one last go through due diligence?
• Pull enrollment data by marketer/referral source. Flag anyone with anomalously high enrollment volumes relative to plan utilization
• Check whether your marketer contracts include compliance obligations, termination-for-cause provisions, and audit rights

Within 30 days:

• Conduct a sample audit of 5-10% of applications submitted through third-party partners. Review income data for plausibility
• Review your incentive compensation model. If it pays purely on enrollment count, redesign it to include accuracy or utilization metrics
• Review Medicaid denial rates in your pipeline. If you’re seeing abnormal denial-to-marketplace-enrollment conversions, investigate

Within 60-90 days:

• Implement a formal third-party marketer oversight program: periodic re-credentialing, monitoring metrics, escalation path
• Train enrollment staff on False Claims Act obligations — specifically the concept of “deliberate ignorance” and what it means for individual liability
• Establish a channel for enrollment staff to escalate concerns about third-party marketer behavior without retaliation risk

This isn’t hypothetical risk management. The APSF case ran for two years before it surfaced, generated $141.5 million in fraudulent subsidies, and produced a 20-year prison sentence. The structural vulnerabilities it exploited exist at other brokers right now.

The TPRM Lesson That Applies Everywhere

What happened at APSF is a TPRM failure as much as it’s a fraud case. Street marketers are vendors. They’re in your distribution chain. They touch federal programs on your behalf. And until this case, a lot of brokers treated them like salespeople rather than third-party risk.

The same principles that govern vendor risk at a bank — due diligence before engagement, contract controls, ongoing monitoring, periodic audits, termination rights — apply here. The difference is that most insurance broker compliance programs haven’t built that muscle.

If your vendor management program doesn’t cover enrollment distribution partners — the agents, orgs, and individuals generating applications on your behalf — it has a gap. This case is what that gap looks like when it goes wrong.

For a structured approach to third-party risk, see how we cover third-party business continuity and vendor resilience, and how similar False Claims Act exposure played out in the DOJ’s $14M action against Advanced Urology.

If you need a vendor risk framework you can actually implement — not a 40-page policy that collects dust — the Third-Party Risk Management Kit gives you the due diligence questionnaires, monitoring templates, and escalation workflows to build this out quickly.

Sources:

• DOJ Press Release — National Partnership of Insurance Brokers $160M Resolution
• Insurance Journal — Gallagher/AssuredPartners carve-out clarification
• InsuranceNewsNet — ACA Fraud Settlement Coverage
• False Claims Act, 31 U.S.C. §§ 3729–3733
• DOJ Healthcare Fraud Strike Force Overview