“I have to do this again? I signed up for this plan because I thought it would be convenient. Asking for backup every time I use the debit card is not convenient at all!” We received this email just the other day along with several others we could’ve picked from for this article. I’m pretty sure every FSA participant (and perhaps employers and brokers) with a debit card is under the mistaken impression that no backup is required when using said debit card. Here’s a wake-up call: nothing about the IRS substantiation requirements have changed since you got a debit card!!! You swipe, you send backup. It’s as simple as that. By the way, the FSA participant who sent us that email, we discovered after he sent the backup, used the card to pay a prior year expense. It was denied as ineligible and he had to pay his employer back. But, I digress…
Now, before I go into the boring IRS regulations to prove backup is required, we are aware that some third-party FSA administrators do not require as much (any?) backup for debit card swipes. We feel certain, in these cases, IRS guidance has been misconstrued for ease of administration. However, we take the approach that we have an obligation to our clients to administer their plans correctly, as the penalties of not doing so are harmful to the client and participants, if audited.
Substantiating substantiation
To prove our point, here are the boring regulations. Please feel free to let me know if you see anything vague or unclear.
Every claim paid with an electronic payment card must be reviewed and substantiated. (Clear enough?) Prop. Treas. Reg. §1.125-6(d)(6); see also Rev. Rul. 2003-43, 2003-21 I.R.B. 935 and IRS Notice 2006-69, 2006-31 I.R.B. 107.
Expenses cannot be reimbursed based on an employee’s self-substantiation; without appropriate third-party substantiation, this will cause all amounts paid under the plan to be included in gross income. Prop. Treas. Reg. §1.125-6(b)(3)(i); see also IRS Notice 2006-69, 2006-31 I.R.B. 107.
The IRS issued clear guidance that each and every debit card swipe must be adjudicated and properly substantiated and that only transactions that fit into VERY LIMITED categories require no additional paper substantiation because they are self-substantiating by their very nature. Four categories of expenses at medical care providers and 90% pharmacies (notice I did not mention dental or vision carriers) can be auto-substantiated:
- Medical/prescription copay match. The employer-provided group medical plan office visit or prescription copay matches the debit card swipe (up to a multiple of up to five times the copay amount). Copay’s that matches a dependent’s group medical plan do not auto-substantiate.
- Medical/prescription recurring expenses. A previous claim has been approved and a subsequent claim is incurred that is the same as the previously approved claim in a) amount, b) provider, and c) plan year period (e.g., for prescription refills on a regular basis).
- Medical/prescription real-time verified claims. A medical insurance carrier transmits medical claims data to an employer or third-party administrator identifying medical treatment codes in order to adjudicate claims. It is up to the insurer’s discretion whether or not they are willing to share this data.
- Medical/prescription real-time substantiation at retail merchants that use an Inventory Information Approved System (IIAS). Retail merchants verify approved Health FSA items for sale by comparing it to the IIAS list (this list excludes over-the-counter medications requiring prescriptions from medical providers). The IRS requires the employer (or third-party administrator) must have access to claims level details to protect them in the case of an IRS audit of the plan. Required claim details provided to the employer or TPA must include a) name of individual, b) transaction amount, c) date the expense was incurred and d) description of expense.
In cases #3 or #4, the employer or TPA must receive a data feed from the respective insurance carrier or the IIAS merchant in order for the claim to be considered auto-substantiated.
The four categories above are the only claims that auto-substantiate. Further, plans may not reimburse expenses based solely on a participant’s email describing the type of expense, the amount and the date. Likewise, a plan may not rely on a participant’s description of the expense, the amount, and the date when conducting after-the-fact adjudication of a debit card transaction.
It’s all clear, so why the confusion?
Why do some third-party administrators continue to allow participants to self-certify the eligibility of card transactions? They may argue that if the card is swiped at a location with a healthcare-related merchant category code it makes it impossible to use the card for an ineligible expense, therefore no substantiation is required. Sure, it would make our job of administering plans much easier if we used this “assumption” but it ignores the VERY LIMITED four categories of claims permitted to be auto-substantiated. What about the guy who paid a prior year expense in a new plan year with his debit card? What about people who swipe the card at dental or vision carriers? What about people who swipe the card at a cosmetic location for an ineligible procedure?
The IRS created Flexible Spending Account plans in 1978. The rules requiring claim backup have not changed with the exception of the VERY LIMITED four categories where medical/prescription copays can be auto-substantiated when using a debit card. Rule of thumb: When in doubt – you swipe, you send backup.
The regulation part of this article is provided by the Employee Benefit Institute of America (EBIA) Cafeteria Plan manual and a white paper written for O.C.A. Benefit Services, LLC. by Alston & Bird, LLP.