Nautilus Contract X-Ray

Contract X-Ray / CAA 2026 Readiness

Fiduciary-aligned contracts, ready for CAA 2026.

CAA 2026 codifies what fiduciary best practice already required: active oversight of PBM contracts. Contract X-Ray evaluates whether your contract is built to that standard, ahead of staggered effective dates running through 2029.

01 · Why the law is the floor, not the ceiling

Fiduciary best practice. The law is the floor, not the ceiling.

There has never been a clear fiduciary standard for PBM contracts. ERISA and CAA 2021 set the obligations — loyalty, prudence, diligence — but those are principles, not specifications. CAA 2026 and the DOL rule that implements it codify more of the framework. Specific requirements around rebate pass-through, spread pricing, audit independence, and fee disclosure are now law. But the fiduciary judgment about what is in the best interest of participants stays where it has always been: with the plan sponsor.

Plan sponsors have the latitude to do business with whomever they choose, under whatever terms they choose. There is no reason to wait for staggered effective dates, and no reason to contract only to what the statute requires. The law is the floor. A fiduciary-grade contract is the ceiling, and it includes statutory requirements, regulatory requirements, fiduciary safeguards that protect against identifiable risks, and best practices that make the work more achievable.

Most PBM contracts in force today were written by PBMs, lightly reviewed, lightly negotiated. They fall short of this standard because they were never built to it. PBMs adapting to CAA 2026 will work to preserve the economics the new rules curtail. The contract is where that adaptation either succeeds or fails, and the plan sponsor is the only party with the standing to draw that line.

Contract X-Ray sets the bar at fiduciary-aligned standards now. Statutory, regulatory, fiduciary safeguard, and best practice — all four together, applied today, ahead of the staggered effective dates that run through 2029. Plan sponsors are asking for contracts built to that standard. PBMs that recognize where the market is moving are adopting model language to meet it. The first public benchmark of which PBMs have done so publishes at RosettaFest in July.

Standard Statutory, regulatory, fiduciary safeguard, and best practice
Authority ERISA, CAA 2021, CAA 2026, DOL rule, and fiduciary judgment
Applied Now, ahead of full implementation

02 · Where the contract carries the burden

Four provisions where the contract determines what the plan sponsor can actually do.

A CAA-2026-ready contract holds up at four specific provisions where the contract determines what the plan sponsor can actually do. Four of the ten Contract X-Ray provisions intersect directly with the standards CAA 2026 codifies.

  • P5

    Audit Rights & Verification

    Active oversight depends on the contractual authority to audit. Restricted audit clauses (pre-approved firms only, blackout windows, no extrapolation, single annual look) constrain what the plan sponsor can verify and what evidence supports the oversight obligation.

  • P4

    Data Ownership & Rights

    Verification requires data. Contracts that restrict access to claims, eligibility, or rebate data limit the plan sponsor’s ability to confirm that disclosures match operational reality.

  • P3

    Rebate & Manufacturer Revenue

    A CAA-2026-ready contract treats manufacturer-derived revenue as plan revenue. Contracts silent on full rebate pass-through, or that retain categories of manufacturer revenue outside the rebate definition, create attestation gaps the plan sponsor will have to resolve.

  • P10

    Administrative Fee Transparency

    All compensation sources, direct and indirect, fall under the fiduciary disclosure standard CAA 2026 codifies. Contracts with aggregated or non-itemized fee structures create disclosure friction the plan sponsor must resolve.

03 · What a Contract X-Ray analysis tells you

A specific read on where your contract stands.

A Contract X-Ray analysis returns a score and citation for each of the four CAA-relevant provisions plus the other six. The output identifies where contract language meets the standard, where it falls short, and where the contract is silent.

For plan sponsors at renewal, the analysis becomes the input to a CAA-2026 readiness negotiation: specific provisions ranked, specific language proposed, and specific evidence on how the current contract compares to a reference set drawn from 20+ distinct PBMs.

See where your contract stands on CAA 2026.

Analyze your contract →

04 · How the market is responding

PBMs are building forward. The first public benchmark publishes in July.

The plan sponsor view of CAA 2026 readiness is one side of the conversation. The PBM view is the other. PBMs that recognize the market is moving toward fiduciary-aligned contracts are using the Contract X-Ray framework to build forward rather than defend backward. Five to ten PBMs will be working actively with the methodology by mid-2026.

The market signal is about to become public.

Coming July 29–31, 2026

CAA 2026 Readiness Quarterly Report

At RosettaFest 2026 in Nashville, the National Alliance of Healthcare Purchaser Coalitions will publish the first CAA 2026 Readiness Quarterly Report. The report includes two things: a list of PBMs that have agreed to publicly disclose their Fiduciary Alignment Score, and market statistics drawn from the Contract X-Ray reference set.

This is the public benchmark plan sponsors and advisors have been asking for. PBMs that opt in to disclosure send a market signal that their contracts hold up to fiduciary scrutiny. PBMs that decline send a different signal. After RosettaFest, the report publishes quarterly.

Venue RosettaFest 2026, Nashville
Publisher National Alliance of Healthcare Purchaser Coalitions
Methodology Contract X-Ray, Nautilus Health Institute

If you are a PBM and want to participate in the first published list, learn more on the PBMs page or .

05 · What this is not

Three things the framework does not claim to be.

  • Not legal compliance advice. The framework evaluates whether contract language meets the fiduciary standard CAA 2026 codifies. Whether your plan is in compliance with a given CAA 2026 provision on a given effective date is a determination for your ERISA counsel.
  • Not a DOL filing or attestation. A Contract X-Ray report is an analytical document for the fiduciary process. It is not a regulatory submission and it does not substitute for any disclosure or attestation the law requires.
  • Not a guarantee. A contract that meets the standard on the four CAA-relevant provisions still requires operational practice that matches what the contract says. Strong contract language and weak operational practice produce the same exposure as weak contract language.

06 · When to look at this

For every audience reading this page, the answer is now.

Waiting for an effective date is not a strategy. The law is the floor a contract has to clear eventually. The fiduciary-aligned standard is the ceiling a contract should clear now. Most plan sponsors are at one of three moments where the conversation is easier to start than to defer.

Plan sponsors

At renewal

Run the analysis now. Use the output as the input to the renewal negotiation.

Advisors

With every client

Quick Look as the discovery step. Full Assessment as the negotiation foundation.

PBMs

Before the July publication

Engage the methodology now to participate in the first CAA 2026 Readiness Quarterly Report.

CAA 2026 starts with your contract.

Free Quick Look. PDF in your inbox within minutes.

Analyze your contract →