FRA-003

CNAM AI Healthcare Fraud Detection

Download PDF
France Europe & Central Asia High income Full Production Deployment Confirmed

Caisse nationale de l'assurance maladie (CNAM); Caisses primaires d'assurance maladie (CPAM)

At a Glance

What it does Anomaly and change detection — Compliance and integrity
Who runs it Caisse nationale de l'assurance maladie (CNAM); Caisses primaires d'assurance maladie (CPAM)
Programme Assurance Maladie (French National Health Insurance)
Confidence Confirmed
Deployment Status Full Production Deployment
Key Risks Data-related risks
Key Outcomes Fraud detection: EUR 628 million in fraud detected and stopped in 2024 (35% increase over 2023); EUR 263 million in fraud prevented or avoided (55% increase); 20,000 legal actions (91.
Source Quality 3 sources — News article / media, Government website / press release

The Caisse nationale de l'assurance maladie (CNAM), France's national health insurance fund, has deployed artificial intelligence for healthcare fraud detection through data mining and scoring algorithms. CNAM administers France's compulsory health insurance system, covering approximately 68 million beneficiaries and processing very large volumes of reimbursement claims, provider invoices, prescriptions, and supporting administrative records through the Assurance Maladie network.

Within that operational environment, fraud detection is not framed as a small pilot or a narrow technical experiment. The retained sources describe a mature anti-fraud function embedded in routine health-insurance administration. CNAM uses automated scoring and pattern-analysis tools to identify atypical billing behaviour among healthcare providers, suspicious reimbursement claims, and documentary anomalies that merit closer review by fraud investigators. The documented targets include falsified prescriptions, phantom billing, duplicate billing, irregular invoicing practices, and organised fraud in provider networks. This places the case squarely in the implementation and accountability layer of social insurance administration rather than in eligibility determination for beneficiaries.

The available reporting indicates that CNAM's approach combines large-scale automated screening with substantial human investigation capacity. The system analyses claims histories, provider billing records, prescription activity, beneficiary utilisation patterns, and related administrative signals in order to prioritise files for review. Those signals are then taken up by dedicated anti-fraud staff rather than being allowed to trigger sanctions automatically. The retained evidence points to approximately 1,600 anti-fraud agents in 2025, alongside six interregional judicial investigation units (Piej) and a specialised UCIFE unit with cybercrime authority. In practical terms, that means the AI and scoring layer functions as an investigative triage mechanism inside a broader enforcement apparatus, not as a fully autonomous decision-maker.

The scale of the reported outcomes is material. According to the Fondation IFRAP source retained in this file, CNAM identified and stopped EUR 628 million in fraudulent claims in 2024, up 35 per cent from the EUR 466.6 million recorded in 2023. The same source reports an additional EUR 263 million in fraud prevented or avoided, a 55 per cent year-on-year increase. It also reports roughly 20,000 legal actions in 2024, up 91.3 per cent, and EUR 50 million in financial penalties, up 109.4 per cent. Those figures do not by themselves prove that every detected case came from a single AI model, but they do show that algorithmically assisted fraud control is operating at meaningful institutional scale inside the national health insurance system.

A more concrete operational example is the Asafo-Pharma tool cited in the retained sources. This tool is described as helping pharmacists identify forged prescriptions, and in 2024 it reportedly contributed to stopping 13.4 million fraudulent pharmacy transactions. That is important because it shows the anti-fraud system is not limited to background analytics on historical claims. At least part of the fraud-control architecture is embedded closer to frontline transaction points, where suspicious prescriptions and reimbursement attempts can be challenged before losses fully materialise.

A second example comes from the CPAM of Paris, which since August 2025 has used an experimental AI tool focused on fraud in the optical and hearing-aid sectors. The Acuité source says the system analyses suspicious documents such as falsified prescriptions and fake invoices. During its testing phase, it reportedly detected 125 cases of fraud and prevented hundreds of thousands of euros in losses. This sector-specific deployment suggests that CNAM's anti-fraud infrastructure is not static. Instead, it appears to be extended and adapted where existing controls leave residual vulnerabilities, especially in domains where documentary manipulation is prevalent.

The sources also show how automated detection links to real enforcement action. In April 2025, Assurance Maladie announced the deconventioning of seven health centres belonging to one network across six departments for four to five years. That press release is useful not because it discloses model architecture, which it does not, but because it demonstrates the real-world consequences of the fraud detection and investigation pipeline. Flagged cases can culminate in sanctions affecting provider participation in the public insurance system, which is why this case is coded as high decision criticality even though the final action is taken by human investigators and enforcement authorities.

At the same time, the evidence base has limits and the description is intentionally conservative. The retained sources support claims about data mining, scoring, fraud typologies, enforcement outputs, and specific sectoral tools, but they do not disclose the precise model families, training methodology, hosting environment, vendor stack, or formal algorithmic impact assessments. Legacy references to inaccessible or unconfirmed ISSA and OECD materials were therefore excluded from the scoped narrative. What remains is a source-bounded description of a confirmed production deployment: CNAM uses AI-assisted fraud detection and document analysis within its national health insurance anti-fraud operations, with large-scale screening feeding into human investigation and enforcement.

Classifications follow the DCI AI Hub Taxonomy. Hover over field labels for definitions.

AI Capabilities

Anomaly and change detection primaryClassification Perception and extraction from unstructured inputs

Use Cases

Compliance and integrity primaryData quality and anomaly detection Operational and process automation

Social Protection Functions

Implementation/delivery chain
Accountability mechanisms primaryManagement of contributions and withdrawals Monitoring and evaluation
SP Pillar (Primary) The social protection branch: social assistance, social insurance, or labour market programmes. Social insurance
Programme Name Assurance Maladie (French National Health Insurance)
Programme Type The type of social protection programme, classified under social assistance, social insurance, or labour market programmes. View in glossary Health Insurance
System Level Where in the social protection system the AI is applied: policy level, programme design, or implementation/delivery chain. View in glossary Implementation/delivery chain
Automation Subtype For operational automation cases: (a) document processing and generative staff assistance, or (b) workload and resource forecasting. (a) Document processing and generative staff assistance
Programme Description France's compulsory national health insurance system administered by CNAM (Caisse nationale de l'assurance maladie), covering approximately 68 million beneficiaries. CNAM processes healthcare claims, reimburses medical expenses, and manages provider relationships through its network of local health insurance funds (CPAM). The system employs approximately 100,000 staff across its network of agencies.
Implementation Type How the AI output is produced: Classical ML, Deep learning, Foundation model, or Hybrid. Affects validation, compute requirements, and governance profile. View in glossary Classical ML
Lifecycle Stage Current stage in the AI lifecycle, from problem identification through to monitoring, maintenance and decommissioning. View in glossary Monitoring, Maintenance and Decommissioning
Model Provenance Origin of the AI model: developed in-house, adapted from open-source, commercial/proprietary, or accessed via third-party API. View in glossary Not documented
Compute Environment Where the AI system runs: on-premise, government cloud, commercial cloud, or edge/device. View in glossary Not documented
Sovereignty Quadrant Classification of data and compute sovereignty: I (Sovereign), II (Federated/Hybrid), III (Cloud with safeguards), or IV (Shared Innovation Zone). View in glossary Not assessed
Data Residency Where the data used by the AI system is stored: domestic, regional, or international. View in glossary Not documented
Data Residency Detail Additional detail on the specific data hosting arrangements and jurisdictions. CNAM is a French public agency; fraud detection data processing occurs within France's health insurance infrastructure. Specific compute and hosting details for the fraud detection scoring tools are not documented in verified sources.
Cross-Border Transfer Whether data crosses national borders, and if so, whether documented safeguards are in place. View in glossary Not documented
Decision Criticality The rights impact of the decision the AI supports. High criticality requires HITL oversight; moderate requires HOTL; low may operate HOOTL. View in glossary High
Human Oversight Type Level of human involvement: Human-in-the-Loop (active review), Human-on-the-Loop (monitoring), or Human-out-of-the-Loop (periodic audit). View in glossary HOTL
Development Process Whether the AI system was developed fully in-house, through a mix of in-house and third-party, or fully by an external provider. View in glossary Not documented
Highest Risk Category The most significant structural risk source identified: data, model, operational, governance, or market/sovereignty risks. View in glossary Data-related risks
Risk Assessment Status Whether a formal risk assessment, informal assessment, or independent audit has been conducted for this system. Informal assessment
Documented Risk Events No publicly documented adverse events specific to CNAM's AI fraud detection systems. Estimated total healthcare fraud of approximately EUR 4 billion annually against EUR 628 million detected suggests significant detection gaps. The fraud detection system's effectiveness in the optical and hearing aid sectors required a separate experimental AI tool launched in August 2025, indicating sector-specific coverage limitations.

Risk Dimensions

Data-related risks
Data quality failure
Governance and institutional oversight risks
Weak documentation or auditability
Model-related risks
Opacity or limited explainability
Operational and system integration risks
Inadequate real-world validationMonitoring gap

Impact Dimensions

Privacy and data security
Disproportionate surveillance or profiling
Systemic and societal
Increased administrative burden on frontline staff
  • Data minimisation controls
  • Human oversight protocol
CategorySensitivityCross-System LinkageAvailabilityKey Constraints
Administrative data from other sectorsPersonalLinks data across multiple systemsCurrently available and usedCross-referenced data from provider registration systems and professional licensing databases to verify provider legitimacy and detect deconventioned practitioners
Beneficiary registries and MISSpecial categoryLinks data across multiple systemsCurrently available and usedHealthcare claims data covering approximately 68 million beneficiaries; includes provider billing histories, prescription records, beneficiary utilisation patterns, and reimbursement transaction data
Financial and payments data: programme operationsPersonalLinks data across multiple systemsCurrently available and usedProvider payment records, invoicing data for optical and hearing equipment, pharmacy transaction records; used for anomaly scoring and pattern detection across healthcare billing

Acuité (2025) 'La CPAM de Paris se dote d'une intelligence artificielle pour traquer la fraude optique et audio', Acuité, 2025. Available at: https://www.acuite.fr/actualite/ocam/318764/la-cpam-de-paris-se-dote-dune-intelligence-artificielle-pour-traquer-la-fraude (Accessed: 26 March 2026).

View source News article / media

Assurance Maladie (2025) 'Lutte contre les fraudes : l'Assurance Maladie déconventionne 7 centres de santé d'un même réseau', L'Assurance Maladie Presse, 7 April. Available at: https://www.assurance-maladie.ameli.fr/presse/2025-04-07-cp-cds (Accessed: 26 March 2026).

View source Government website / press release

Fondation IFRAP (2025) 'Assurance-maladie : 628 millions d'euros de fraudes détectées... sur 4 milliards de fraudes estimées', Fondation IFRAP, 2025. Available at: https://www.ifrap.org/emploi-et-politiques-sociales/assurance-maladie-628-millions-deuros-de-fraudes-detecteessur-4-milliards-de-fraudes-estimees (Accessed: 26 March 2026).

View source News article / media
Deployment Status How far the system has progressed into real-world operational use, from concept/exploration through to scaled and institutionalised. View in glossary Full Production Deployment
Year Initiated The year the AI system was first initiated or development began. 2020
Scale / Coverage The scale and geographic or population coverage of the deployment. Nationwide; approximately 68 million beneficiaries; EUR 628 million in fraud detected in 2024; 1,600 anti-fraud agents; 20,000 legal actions initiated in 2024
Funding Source The source(s) of funding for the AI system development and deployment. French national social security budget (CNAM operational funding)
Technical Partners External technology vendors, academic partners, or development partners involved. No specific external technology vendor identified in verified sources for fraud detection tools.
Outcomes / Results Fraud detection: EUR 628 million in fraud detected and stopped in 2024 (35% increase over 2023); EUR 263 million in fraud prevented or avoided (55% increase); 20,000 legal actions (91.3% increase); EUR 50 million in financial penalties (109.4% increase); Asafo-Pharma tool stopped 13.4 million fraudulent pharmacy transactions in 2024; Paris CPAM experimental AI detected 125 fraud cases in optical/hearing sectors. (IFRAP; Acuité)
Challenges Estimated total healthcare fraud of approximately EUR 4 billion annually versus EUR 628 million detected indicates the majority of fraud remains unidentified. The optical and hearing aid sectors required a separate experimental AI tool, suggesting the main fraud detection systems have sector-specific limitations.

How to Cite

DCI AI Hub (2026). 'CNAM AI Healthcare Fraud Detection', AI Hub AI Tracker, case FRA-003. Digital Convergence Initiative. Available at: https://socialprotectionai.org/use-case/FRA-003 [Accessed: 1 April 2026].

Change History

Updated 31 Mar 2026, 06:35
by system (system)
Created 30 Mar 2026, 08:39
by v2-import (import)