How common is professional license fraud?

More common than most employers assume. The HHS OIG identified over 1,200 cases of healthcare credential fraud in its 2024 annual report. NMLS reports that approximately 2-3% of license applications contain material misrepresentations. Exact rates for real estate are harder to pin down since enforcement is state-by-state, but state commissions collectively report hundreds of cases annually.

What are the most common types of license fraud?

The three most common types are: presenting an expired license as current (most frequent), using a license that belongs to someone else (identity fraud), and fabricating a license entirely using forged documents. Less common but growing is diploma mill fraud, where the underlying education credential is fake even though the license application process was followed.

Can employers be held liable for hiring someone with a fraudulent license?

Yes, if the employer failed to perform reasonable due diligence. Courts and regulators evaluate whether the employer followed industry-standard verification procedures. Primary source verification (checking directly with the state board) is the accepted standard. Employers who relied solely on candidate-provided documents without independent verification face greater liability exposure.

Detecting Fraudulent Licenses During Hiring

License fraud isn’t rare, and it’s not always sophisticated. The majority of fraudulent credentials that make it past hiring screens succeed because the employer didn’t verify the license with the issuing authority. According to the HHS Office of Inspector General, healthcare credential fraud cases have increased steadily over the past five years, with over 1,200 cases flagged in their 2024 annual report alone. For employers, detection starts with knowing what to look for and building verification into the hiring process before a fraudulent hire creates liability.

What types of license fraud do employers encounter?

License fraud falls into several categories, each requiring different detection methods.

Expired licenses presented as current

This is the most common type and often isn’t intentional deception. A candidate provides a license document that was valid when printed but has since expired. The license number is real, the name is correct, and the document looks legitimate because it was legitimate at one point.

Why it slips through: Employers who accept a copy of the license document without checking current status with the state board will miss this every time. The document itself tells you nothing about current validity.

Detection method: Primary source verification. Check the license number against the state board’s online database or through an API query. The database shows current status, not historical status.

Identity-based fraud

A candidate uses someone else’s valid license, typically belonging to a family member, former colleague, or a licensee with a similar name. The license number is real and the license is active, but it belongs to a different person.

Why it slips through: If verification only confirms the license number is valid without cross-referencing the licensee’s name and identifying details, the fraud won’t be caught. Some state board databases show limited information, making cross-referencing harder.

Detection method: Verify that the name, date of birth, or other identifying information on the state board record matches the candidate’s credentials. Some states include the licensee’s address, which provides an additional cross-reference point.

Fabricated licenses

The candidate presents a completely fictional license, either a forged document or a fabricated license number. This is less common than the other types but does occur, particularly with candidates from states where license lookup tools are difficult to use or where board databases have limited online access.

Why it slips through: If the employer doesn’t attempt verification at all, any document that looks official enough may pass review. Fabricated documents have become more convincing with accessible design tools and high-quality printing.

Detection method: Any attempt at primary source verification will catch this. The license number won’t exist in the state board database.

Diploma mill and credential mill fraud

The license itself may be legitimately issued by the state board, but the underlying education credential is fraudulent. The candidate attended a diploma mill (an unaccredited institution that sells degrees) and used that degree to apply for licensure. Some state boards have caught and closed this pathway, but gaps remain.

Why it slips through: The license appears valid because the state board issued it based on application materials that passed their review. The fraud occurred at the education level, not the licensing level.

Detection method: This is the hardest type to catch. It requires verifying the educational institution’s accreditation status and, in some cases, confirming the degree directly with the institution. For nursing, checking whether the program is approved by the state board of nursing and accredited by ACEN or CCNE adds a layer of protection.

What are the red flags during hiring?

Experienced credential reviewers look for patterns that suggest a closer look is warranted.

Red Flag	What It Might Indicate	Next Step
Candidate can’t recall license number	Possible fabrication or using someone else’s license	Ask for the number in writing, then verify
License state doesn’t match work history	Possible use of another person’s license	Cross-reference resume and license details
Reluctance to authorize verification	Candidate may know the license won’t check out	This is a serious concern; proceed with verification regardless
License number format doesn’t match state pattern	Possible fabrication	Check the state board’s license number format
Multiple name variations across documents	May be using different identities	Reconcile all documents carefully
Education from an unfamiliar institution	Possible diploma mill	Verify institutional accreditation
Gap between education completion and licensure	Could indicate failed exams or revoked/reissued license	Ask candidate to explain; verify full history
License issue date predates stated education completion	Timeline inconsistency	Verify both the education and the license independently

None of these red flags prove fraud on their own. People change their names, transfer licenses between states, and attend legitimate institutions that aren’t nationally known. But each one is worth investigating rather than dismissing.

How should employers structure the verification process?

A fraud-resistant verification process has three layers, and the key is completing all three before the employee starts licensed work.

Layer 1: Document collection and review

Collect the license document from the candidate along with authorization to verify. Review the document for obvious issues:

Does the license format match what you’d expect from that state board?
Is the license number in the correct format for that state?
Does the name exactly match the candidate’s legal name?
Is the issue date and expiration date consistent with that state’s renewal cycle?

This layer catches only the most obvious forgeries, but it’s a quick first filter.

Layer 2: Primary source verification

This is the critical step. Verify the license directly with the issuing state board through one of these methods:

State board online lookup - Most boards offer free public license verification through their websites. Results typically show license status, expiration date, and disciplinary history.
NURSYS (nursing) - The National Council of State Boards of Nursing maintains NURSYS, which provides verification across participating state boards.
NMLS Consumer Access (MLO) - NMLS offers free public lookup of MLO license status at nmlsconsumeraccess.org.
API-based verification - The License Guide API provides programmatic access to licensing data, which is faster and more scalable for organizations verifying multiple hires.

Document what you find. Record the date, source, and result of every verification check. This creates the audit trail that protects your organization if questions arise later.

Layer 3: Background and history review

Beyond current license status, check for disciplinary history, license revocations or surrenders in other states, and any criminal background that would affect licensure.

NPDB (National Practitioner Data Bank) for healthcare providers
State board disciplinary databases
Background check services that include licensing records

An honest limitation: no verification system catches everything. A licensee with a clean record in one state may have a problematic history in another state that doesn’t share data effectively. Cross-state information sharing is improving, but it’s not seamless. The NLC’s coordinated licensure information system helps for nursing, but real estate has no equivalent.

What are the consequences of hiring someone with a fraudulent license?

The organizational exposure is significant and extends beyond regulatory fines.

Regulatory penalties: CMS can cite healthcare facilities for employing unqualified practitioners. State boards can fine organizations that fail to verify credentials. CFPB can take enforcement action against lenders for SAFE Act violations.

Legal liability: If a fraudulently licensed employee causes harm (patient injury, financial loss to a client, botched real estate transaction), the employer’s liability exposure increases substantially. Insurance carriers may deny claims when the underlying credential was invalid.

Voided work product: In real estate, transactions completed by unlicensed agents may be voidable. In mortgage lending, loans originated by unlicensed MLOs face potential rescission. In healthcare, patient care documentation by unqualified providers creates medical-legal issues.

Reputational damage: News coverage of credential fraud incidents at healthcare facilities, brokerages, or lending institutions damages trust with clients, patients, and referral partners.

What do enforcement actions actually look like?

Published enforcement data from state boards and federal agencies provides concrete examples.

Healthcare example: The Texas Board of Nursing reported multiple cases in 2024-2025 of individuals practicing nursing with expired or fabricated credentials. In several cases, staffing agencies placed these individuals at healthcare facilities without performing primary source verification. The facilities faced CMS survey deficiencies, and the staffing agencies faced board sanctions.

MLO example: CFPB enforcement actions between 2022-2025 include cases where lending institutions employed loan officers whose NMLS licenses had lapsed or were in states where they weren’t authorized to originate. Per-day penalties under the SAFE Act accumulated quickly, with several enforcement actions exceeding $500,000.

Real estate example: State real estate commissions regularly publish actions against brokerages that employed agents whose licenses had lapsed. These cases often involve the brokerage paying fines and returning commissions earned during the period of unlicensed activity.

How can technology help?

Manual verification works for small organizations, but it doesn’t scale. Technology fills the gap in three ways.

Automated primary source verification: Instead of manually checking state board websites one at a time, API-based solutions can verify licenses in bulk. The License Guide API supports batch verification across professions and states.

Continuous monitoring: Rather than verifying only at hire, automated monitoring flags status changes, disciplinary actions, and expirations as they happen. This catches situations where a license was valid at hire but becomes problematic afterward.

Pattern detection: Sophisticated systems can flag inconsistencies that a human reviewer might miss, such as a license number format that doesn’t match the stated issuing state, or a timeline that doesn’t add up.

What technology can’t do: No automated system replaces professional judgment entirely. Edge cases, unusual state-specific rules, and ambiguous records still require a human reviewer. The best approach combines automated screening with human review for flagged cases.

What should employers do right now?

If you’re not currently performing primary source verification for every licensed hire, that’s the place to start. It’s the single highest-impact change you can make.

Beyond that:

Standardize your process. Write down the verification steps and make them mandatory, not optional. Everyone involved in hiring should follow the same checklist.
Train hiring managers. The people interviewing candidates should know the red flags listed above. Many fraud cases could have been caught earlier if someone had asked the right questions.
Verify before the start date, not after. A verification completed after the employee has already started working doesn’t protect you from the liability that accrued during the gap.
Don’t stop at hire. Initial verification is necessary but not sufficient. Ongoing monitoring catches licenses that become invalid after the hire date.

For more on building a comprehensive verification workflow, see our guides on licensing compliance. To explore API-based verification for your organization, visit the License Guide API documentation or contact our team for guidance.