On February 23, 2023, The New York Department of Financial Services’ (“Department”) Pharmacy Benefits Bureau (“PBB”) announced a final request for public engagement as the Department looks to develop regulatory standards governing Pharmacy Benefit Managers (“PBMs”). To implement the Pharmacy Benefit Manager (“PBM Laws”) set forth in New York Insurance Law (“IL”) Article 29 and Public Health Law Sections 280-a and 280-c the Superintendent’s request, linked above, sought information on PBM audits of pharmacies as a means to reduce fraud, waste and abuse without unduly disrupting the health care services provided by pharmacies. Additionally, the Department asked that any consumer experiencing a spike in the cost of drugs reach out to DFS at  

The information resulting from the requested audits is hoped to inform the scope of regulations to be developed by the Department to provide a comprehensive regulatory framework, premised on consistent standards, and a transparent audit process to prevent “predatory and unfair practices”. Press Release- February 23, 2023: Superintendent Harris Announces Request for Public Engagement on Pharmacy Benefit Managers at the Department Looks to Develop Regulations | Department of Financial Services (

Among the specific grants of regulatory authority under the PBM Laws, the Department is empowered to make rules addressing “deceptive practices[,]” “anti-competitive practices[,]” and “standards and practices used in the creation of pharmacy networks and contracting with network pharmacies and other providers. . .”

In considering the exercise of these authorities, the Department seeks comments from interested parties including but not limited to answers to the following questions with respect to pharmacy audits conducted by PBMs:

  • For pharmacies:
  • In what way, if any, does an auditing PBM communicate its audit policies and procedures to your pharmacy? Please specify the method of communication (email, facsimile, etc.) and the type of document these policies and procedures appear in (provider manual, contract, etc.)
  • What types of audits have you experienced in the past five (5) calendar years? Please be specific as to whether they were onsite audits, prescription validations, invoice reconciliations, desktop audits, investigations, etc.
  • How many times per year for the past five (5) calendar years have PBM audits occurred for your pharmacy?
  • During the most recent audit conducted by a PBM for your pharmacy, was the purpose or subject of the audit identified prior to the audit occurring? Was the same identified purpose or subject included as part of the PBM’s draft and/or final audit report?
  • In what way, if any, have you been able to contact the auditing PBM with questions regarding audit findings, auditor conduct, or otherwise? Please specify the auditing PBM and the method by which they provided for communication (phone, email, etc.)
  • Have you ever been unsure why certain documentation that your pharmacy provided to correct a deficiency was not accepted by the auditing PBM? If so, please explain, providing documentation provided by the auditor setting forth the deficiency, the documentation provided by your pharmacy to correct the deficiency, and any response by the auditor to your submitted documentation.
  • Approximately how many claims were audited during the most recent audit of your pharmacy performed by a PBM?
  • Has your pharmacy experienced issues with audit results seeking the recoupment of claims relating to patient or prescriber denials?
  • Describe the impact audit findings have had on your pharmacy’s network participation?
  • Describe the impact audits have had on staffing at your pharmacy, particularly with respect to staff time used to respond to audit requests?
  • Anything not covered by the above questions that you believe the Department should take into consideration with respect to regulating pharmacy audits conducted by PBMs.
  • For PBMs:
  • Did your entity adopt as its professional auditing standards either or both the “Standards for Audit of Governmental Organizations, Programs, Activities, and functions” (known as the Yellow Book) as developed by the U.S. Government Accountability Office (GAO), and “The International Professional Practices Framework IPPF) (known as the Red Book) as developed by The Institute of Internal Auditors (THEIIA)? Please explain.
  • What do you consider the main purpose of pharmacy audits?
  • How do you share the savings created or payments clawed-back with the plans you administer benefits for?
  • What are your internal definitions of fraud and misrepresentation that are utilized to justify an audit?
  • Does your entity have a hotline set up for pharmacies to utilize with respect to questions regarding audits? If so, what are the hours of operation that a pharmacy can speak with a “live” person? If not, does your entity utilize a different method of communication?

Responses to the Department’s call to action are due by March 24 and can be submitted via email to

Jump to Page