The U.S. Department of Justice (DOJ) published its 2025 False Claims Act (FCA) statistics on Friday with a record-breaking $6.8 billion in judgments and settlements last fiscal year. This was the highest recovery since 2014, when DOJ collected $6.2 billion, and more than doubled last year’s $2.9 billion total.
Of the $6.8 billion in total judgments, $5.34 billion stemmed from cases filed by qui tam relators (whistleblowers), and the number of qui tam complaints soared past last year’s record of 979 cases to 1297 cases filed in 2025. The Trump Administration has encouraged more whistleblowers to come forward in support of its policy goals, particularly to challenge claims made by contractors that are purportedly operating illegal Diversity, Equity, and Inclusion (DEI) programs. While this may have contributed to the rise in relators’ complaints last year, DOJ’s press release contained no mention of DEI. However, the press release highlighted several small customs-related settlements and newly initiated cases in 2025—another one of the Administration’s policy priorities—and previewed one larger settlement involving tungsten carbide products from China that will be credited to 2026 recoveries.
Healthcare fraud continued to comprise a sizable majority of DOJ’s overall recovery and totaled $5.7 billion, with the balance of recoveries mostly resulting from cases based on federal procurement fraud and pandemic-related fraud. Notably, DOJ also highlighted cybersecurity fraud recoveries, touting nine cybersecurity fraud settlements in 2025.
Procurement Fraud
Recoveries in connection with Department of Defense (DOD) contracts increased nearly seven-fold in 2025—up to $633,927,500 compared to $93,283,935 in 2024. The 2025 total included several sizable settlements with major names in federal contracting regarding defective pricing, and a variety of other procurement fraud issues:
- One federal contractor paid $428 million to settle allegations of submitting false cost and pricing data on numerous DOD contracts.
- Another federal contractor paid $62 million to settle allegations that it violated the Truth in Negotiations Act by failing to disclose accurate, complete, and current cost or pricing data in connection with DOD contracts for various communication equipment.
- A major consulting firm paid $15.9 million to resolve allegations that two of its program managers obtained confidential competitive information about another contractor and source selection information from an Air Force employee, which they used to fraudulently obtain a General Services Administration (GSA) contract.
- A federal contractor paid a $15.7 million settlement over selling DOD electrical parts that did not meet military specifications under multiple contracts and subcontracts.
Cybersecurity Fraud
DOJ’s cybersecurity related settlements more than tripled since last year and totaled $52 million. The nine 2025 settlements highlight the government’s increased focus on cybersecurity enforcement, both in federal procurement and in connection with federal healthcare programs and recordkeeping. With the recent launch of DOD’s Cybersecurity Maturity Model Certification Phase 1 in November 2025, this trend of increasing cybersecurity enforcement undoubtedly will continue.
The nine settlements DOJ reached in 2025 include the following:
- A federal contractor paid $4.6 million to resolve allegations that, among other violations, it submitted an inaccurate NIST SP 800-171 assessment score to DOD and failed to correct it when a third party consultant provided a corrected score, and it hosted emails on a third-party site without ensuring that the third part met DOD cybersecurity requirements.
- An administrator of the TRICARE health benefits program paid $11.2 million to settle allegations that it breached DOD’s cybersecurity requirements, when it failed to check for and remedy security vulnerabilities on its systems, ignored third-party reports of cybersecurity risks, and falsely certified compliance with DOD cybersecurity requirements.
- A federal contractor paid $9.8 million to settle allegations that a genomic sequencing system it sold to the government contained cybersecurity vulnerabilities and did not comply with applicable cybersecurity standards.
Key Takeaways for Contractors
The 2025 FCA statistics confirm that DOJ is paying close attention to compliance with federal cybersecurity requirements, cost & pricing data (both for federal contractors and pharmaceutical companies obtaining reimbursements), and tariff and customs fraud. Particularly with CMMC Phase 1 underway, federal contractors should make it a priority to audit their cybersecurity compliance and/or readiness in the coming year, and take necessary action to remedy any discovered vulnerabilities. For GSA Schedule contractors and others selling supplies to the government, this is the time to audit country of origin information and compliance. Given the recent dramatic rise in qui tam relators, creating a culture of compliance around these hot enforcement priorities could go a long way in not only preventing regulatory violations, but also ensuring employees know that the company is trying to do the right thing.
[View source.]
