Are you familiar with First Tier, Downstream, and Related Entities (FDRs)? This may be a new term for you to add to your repertoire, or it could be a common identifier in your everyday work. Whatever the case, working in conjunction and having a strategy for effectively identifying, communicating, and educating FDRs can be an uphill battle for health system administrators or managed care professionals alike.

Our team would like to fully equip you with the information you need to better understand and communicate with these partners when it comes to the ever-changing environments of compliance and government regulations as they pertain to the Centers for Medicare and Medicaid Services (CMS) requirements.

What are First Tier, Downstream, and Related Entities (FDRs)?

First Tier, Downstream, and Related Entities (FDRs) are defined by CMS as any party that enters into a written arrangement with a Medicare Advantage organization or Part D plan sponsor to provide administrative services or healthcare-related services. As a healthcare provider, this means that your vendors may be considered FDRs and you may be responsible for monitoring and auditing their compliance with CMS standards as a Medicare Advantage participant. 

Examples of First Tier, Downstream, and Related Entities (FDRs):

  • Physicians
  • Hospitals
  • Pharmacies
  • Other Providers
  • Claims Processing Vendors
  • Patient Management Vendors
  • Credentialing Companies
  • Field Marketing Organizations
  • Call Centers

Centers for Medicare and Medicaid FDR Guidelines

The Centers for Medicare and Medicaid Services (CMS) gives details for its qualifications and guidelines for FDRs and Medicare Parts C and D in the following report: Medicare Managed Care Manual Chapter 21 – Compliance Program Guidelines | Prescription Drug Benefit Manual Chapter 9 – Compliance Program Guidelines. We’ve used this resource to clearly understand how FDRs are defined and the importance of sponsors to properly qualify contractors when it comes to adherence to regulations involving Medicare Advantage, Managed Care, and more.

To more easily define these key terms, CMS provides a glossary of terms that are essential to a foundation of relevant terminology and discussion when it comes to understanding the relationships between Medicare sponsors and contractors. In this post, you’ll find keywords that help clarify the various agencies in play.

Who are First Tier Entities? 

First Tier Entities could be defined as any party that enters into a written arrangement, acceptable to CMS, with an MAO or Part D plan sponsor or applicant to provide administrative services or health care services to a Medicare-eligible individual under the MA program or Part D program (See, 42 C.F.R. § 423.501).

A First Tier Entity could include the following:

  1. Administrative Services
  2. Healthcare services to a Medicare-eligible individual under the Medicare Advantage program or Part D program. (Independent practice association, Hospital, PHO)

Who are Downstream Entities? 

Downstream Entities are any party that enters into a written arrangement, acceptable to CMS, with persons or entities involved with the MA benefit or Part D benefit, below the level of the arrangement between an MAO or applicant or a Part D plan sponsor or applicant and a first tier entity. These written arrangements continue down to the level of the ultimate provider of both health and administrative services (See, 42 C.F.R. §, 423.501).

A Downstream Entity could include the following:

  1. Hospital within a health system that has entered into a system level agreement
  2. Credentialing verification organization

Who are Related Entities? 

Related Entities are any entity that is related to an MAO or Part D sponsor by common ownership or control and has the following characteristics:

  1. Performs some of the MAO or Part D plan sponsor’s management functions under contract or delegation
  2. Furnishes services to Medicare enrollees under an oral or written agreement  
  3. Leases real property or sells materials to the MAO or Part D plan sponsor at a cost of more than $2,500 during a contract period.

(See, 42 C.F.R. §423.501).

Who are Pharmacy Benefit Managers (PBMs)? 

A Pharmacy Benefit Manager is an entity that provides pharmacy benefit management services, which may include contracting with a network of pharmacies; establishing payment levels for network pharmacies; negotiating rebate arrangements; developing and managing formularies, preferred drug lists, and prior authorization programs; performing drug utilization review; and operating disease management programs. Some sponsors perform these functions in-house and do not use an outside entity as their PBM.

Many PBMs also operate mail-order pharmacies or have arrangements to include prescription availability through mail-order pharmacies. A PBM is often a first tier entity for the provision of Part D benefits.


Compliance Program Requirements for  First Tier, Downstream, and Related Entities (FDRs) 

All FDRs participating in Medicare Advantage are required to maintain certain compliance requirements – even any of your vendors who are considered FDRs. As a provider organization, non-compliance with you or your FDRs could result in a Corrective Action Plan, retraining, or even termination of your contract with the Medicare Advantage plan administrator.

Compliance Requirements

  1. Code of Conduct
  2. Exclusion Screening
  3. Offshore Operations Reporting
  4. Monitoring and Auditing FDRs

Below are some factors to consider in determining whether an entity is an FDR:

  • The function to be performed by the delegated entity
  • Whether the function is something the sponsor is required to do or to provide under its contract with CMS, the applicable federal regulations or CMS guidance
  • To what extent the function directly impacts enrollees
  • To what extent the delegated entity has interaction with enrollees, either orally or in writing
  • Whether the delegated entity has access to beneficiary information or personal health information
  • Whether the delegated entity has decision-making authority (e.g., enrollment vendor deciding time frames) or whether the entity strictly takes direction from the sponsor
  • The extent to which the function places the delegated entity in a position to commit health care fraud, waste or abuse
  • The risk that the entity could harm enrollees or otherwise violate Medicare program requirements or commit FWA.

* For more information on requirements for contracts with FDRs, see Pub. 100-16, Medicare Managed Care Manual, chapter 11, §110.

Reporting and Auditing Requirements

Reports and audits require a lot of time and energy, let’s be honest. Collection and sorting through endless rows and columns of data is a daunting task for any organization, and when it comes to government regulations and documentation requirements that could change any given day, having a specialized team is essential to gathering information. Many health systems around the nation are struggling to find the right tools or resources for obtaining this data for accurate reporting and auditing.

When it comes to vendor management, there are many levels of attestation and essential document verification necessary to properly record whom you are doing business with and to maintain compliant relationships when it comes to a variety of outsourced services. These processes, particularly when it comes to solving for current Medicare Advantage or similar requirements from the Centers for Medicare and Medicaid Services (CMS) are requiring a lot of time and effort for internal teams to qualify and record healthcare vendor data for auditing and reporting.

Educating Healthcare Vendors

The complexities of vendor relationships cannot be understated or taken lightly. Because of the nature of so many different types of vendors on your roster, the extent to which they interact with Personally Identifiable Information (PII) or Protected Health Information (PHI) can determine how they are categorized by CMS.

The Centers for Medicare and Medicaid Services has provided some examples of who would qualify for each level of definition in the FDR model as they pertain to Medicare Parts C and D.

ProviderTrust Blog Medicare Pat C Sponsor

There can be a lot of confusion as vendors are not necessarily completely informed of compliance requirements when it comes to Medicare Part C, the Affordable Care Act, and specific CMS requirements. CMS describes the importance of this process by using the following language:

It is critical that sponsors correctly identify those entities with which they contract that qualify as FDRs. Sponsors are required to comply with CMS requirements for FDRs.

Unless it is very clear that an entity is or is not an FDR, the determination of FDR status requires an analysis of all of the circumstances. Sponsors should have clearly defined processes and criteria to evaluate and categorize all vendors with which they contract.”

ProviderTrust Blog Medicare Pat D Sponsor

Educating Your Healthcare Vendors About First Tier, Downstream, and Related Entities

Given this level of awareness within your healthcare vendor population, educating current contractors is so important and can be a little overwhelming when you think about how many organizations you currently do business with each day.

How to Gather and Organize Healthcare Vendor Data

With the increased demand for better data and an efficient capturing process, companies are looking to fill in the gaps with software solutions and data collection specialists. Our team at ProviderTrust has developed a model with an innovative enrollment portal that can manage vendor attestation and qualification of FDRs. Qualified data experts help communicate with vendors and get the job done in an efficient and cost-effective way, ensuring your organization stays compliant and has the most up-to-date information!


Ready to learn more? Visit our VendorProof solution page or give us a call at (615) 938-7878!

VendorProof Medicare Advantage

Written by Michael Rosen, Esq.

ProviderTrust Co-Founder, mrosen@providertrust.com

Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as Inc. Magazine’s Inc. 500 Award and Nashville Chamber of Commerce Small Business of the Year.

 Connect with Michael on LinkedIn