Recent advances, while encouraging, remain unequal to the task. The vast data systems used by CMS are not coordinated across regions and functions, and integration with law-enforcement data is far from complete. Meantime, old habits persist. For example, the way in which CMS corrects errors inadvertently shows criminals how better to exploit the system. Thousands of phony claims can be promptly paid provided they conform to billing protocol; some frauds extend for years.