Food fraud—also known as economically motivated adulteration (EMA)—occurs when someone intentionally misrepresents a less expensive food product or ingredient for a more expensive one. The Food and Drug Administration (FDA) estimates food fraud impacts about 1% of the food industry worldwide, though this number is likely higher since food fraud can be difficult to detect. Beyond its economic impacts, food fraud can cause significant health issues, ranging from lead poisoning to allergic reactions that may even result in death.
Seafood fraud often happens when a less expensive species of fish is substituted for a more expensive species. For example, wild-caught salmon and shrimp are more expensive than farm-raised (i.e., aquacultured) salmon and shrimp. Producers who swap or mislabel fish to say it is wild caught when it is not can fraudulently earn higher profits at lower cost.
Misbranding such as this clearly results in economic fraud due to the market value of different species of fish. Of more concern, this misbranding may also prevent consumers from correctly identifying what they are eating—and the potential safety hazards associated with certain seafood. These hazards may include allergenic proteins, natural marine toxins, and scombrotoxin formation, which can all present food safety risks if the food is not accurately labeled.
This practice of mislabeling is prohibited under FDA’s Food, Drug, and Cosmetic (FD&C) Act Section 403: Misbranded Food. The Food Safety Modernization Act (FSMA) Intentional Adulteration Rule further requires companies to implement preventive controls to protect against intentional adulteration of human and animal food.
New Industry Guidance
In August 2023, FDA issued new industry guidance, including The Seafood List, to provide more information on the acceptable market, common, scientific, and vernacular names of seafood species sold in the U.S. The intent of this guidance is to:
- Help industry properly label seafood and products containing seafood ingredients with a name that is not false or misleading.
- Facilitate consistency in the U.S. marketplace.
- Reduce confusion among consumers.
In September 2023, in collaboration with the National Oceanic and Atmosphere Administration (NOAA), the National Institute of Standards and Technology (NIST) also announced four new reference materials to help assess the authenticity of seafood and verify where fish is caught or produced. These reference materials specifically address Wild-caught Coho Salmon (RM 8256), Aquacultured Coho Salmon (RM 8257), Wild-caught Shrimp (RM 8258), and Aquacultured Shrimp (RM 8259),
NIST’s reference materials are intended to help regulators and law enforcement agencies differentiate between farmed and wild-caught salmon and shrimp and assess whether imported salmon and shrimp are authentic:
- For shrimp, genetic analysis methods are used to determine the origin of the shrimp, as wild-caught shrimp are a different species than aquacultured shrimp.
- For salmon, scientists analyze the ratio of omega-3 to omega-6 fatty acids. Aquacultured salmon has roughly twice the amount of omega-3 fatty acids compared to wild-caught salmon.
Importantly, these materials can also be used for food safety purposes and detecting allergens, as well as testing for metals and other contaminants. Values for crude protein are provided in the guidance for labs to detect allergens.
According to NIST chemist Benjamin Place, “If a food processing place can use the reference material to say this is the species that it is, then consumers can have more confidence. You now know when you go to a store, you can have full faith the seafood product is the species it says it is and that the labels are true.”
What You Can Do
As always, it is better to take a proactive approach to managing food fraud rather than being caught on the defensive. Facilities should:
- Conduct a vulnerability analysis to identify those areas that pose the greatest risk of food fraud or intentional adulteration.
- Develop and implement a Food Defense Plan to outline risks, mitigation/prevention strategies, monitoring plans, corrective action response, verification activities, and recordkeeping policies.
- Train employees to understand what food fraud is, how to identify fraudulent products specific to their work, and their responsibilities in ensuring food safety by reporting suspicious materials.
- Conduct a mock exercise to assess the effectiveness of the Food Defense Plan and intentional adulteration programs.
According to the Food and Drug Administration (FDA), millions of Americans have food allergies. While most reactions are mild, some people experience severe or even life-threatening symptoms. FDA’s Current Good Manufacturing Practice (cGMP), Hazard Analysis, and Risk-Based Preventive Controls for Human Food (PCHF) Rule (21 CFR Part 117) requires domestic and foreign food facilities that manufacture human food develop and implement a Food Safety Plan that includes an Allergen Program to address this concern.
Eight Becomes Nine
While many different foods can cause many different types of reactions and symptoms, the Food Allergen Labeling and Consumer Protection Act of 2004 (FALCPA) identified what has commonly been known as the “Big 8” major allergens:
- Fish (e.g., bass, flounder, or cod)
- Crustacean shellfish (e.g., crab, lobster, or shrimp)
- Tree nuts (e.g., almonds, pecans, or walnuts)
Sesame was added as the ninth major food allergen when the Food Allergy Safety, Treatment, Education, and Research (FASTER) Act became effective on January 1, 2023. FALCPA requires that food labels clearly identify the food source names of any ingredients that are a major food allergen or contain protein derived from a major food allergen. The intent of FALCPA is to help allergic consumers identify foods or ingredients that they should avoid to prevent an allergic or other reaction due to hypersensitivities.
On the heels of the FASTER Act’s effective date, FDA recently published draft guidance for Food Allergen Programs in September 2023. This is part of the Agency’s ongoing updates to its Draft Hazard Analysis and Risk-Based Preventive Controls for Human Foods Guidance for Industry. Comprised of 16 chapters, FDA has been releasing new chapters since the guidance was announced in 2016 as they are developed to help facilities develop a Food Safety Plan in accordance with regulatory requirements. The most recent guidance published includes Chapter 11: Food Allergen Program.
Chapter 11 focuses on developing a Food Allergen Program to ensure finished food is properly labeled for major food allergens and, even more so, to protect food from major food allergen cross-contamination. According to FDA, “Some manufacturers are intentionally adding sesame to products that previously did not contain sesame and are labeling the products to indicate presence, rather than taking appropriate measures to minimize or prevent cross-contact.” Through the new guidance, FDA is encouraging industry to prevent allergen cross-contamination rather than intentionally adding sesame (or other major allergens) to products and then labeling them to comply with the law.
FDA recognizes the challenges of ensuring products are allergen-free, and the guidance is intended to help companies find solutions to meet the needs of consumers with food allergies. Chapter 11 explains how to develop and implement a Food Allergen Program by providing detailed recommendations for each aspect of the Program. It offers multiple examples for illustrative purposes that demonstrate ways to significantly minimize allergen cross-contact and undeclared allergens using cGMPs and preventive controls.
Labeling errors are the major reason for most FDA food allergen recalls. As such, the new chapter also offers guidance on how to monitor and verify that food allergies are properly declared and correctly labeled. In addition, the guidance addresses what facilities can do when allergen presence due to cross-contact cannot be completely avoided, including using allergen advisory statements.
Previously Published Guidance
The comprehensive Draft Guidance for Industry remains a work in progress. In addition to Chapter 11: Food Allergen Programs, the following draft chapters are currently available:
- Chapter 1: The Food Safety Plan
- Chapter 2: Conducting a Hazard Analysis
- Chapter 3: Potential Hazards Associated with the Manufacturing, Processing, Packing, and Holding of Human Food
- Chapter 4: Preventive Controls
- Chapter 5: Application of Preventive Controls and Preventive Control Management Components
- Chapter 6: Use of Heat Treatments as a Process Control
- Chapter 14: Recall Plan
- Chapter 15: Supply-Chain Program for Human Food Products
- Chapter 16: Acidified Foods
FDA plans to still publish the following chapters as they are developed:
- Chapter 7: Use of Time/Temperature as a Process Control
- Chapter 8: Use of Product Formulation or Drying/Dehydrating as a Process Control for Biological Hazards
- Chapter 9: Validation of a Process Control for a Bacterial Pathogen
- Chapter 10: Sanitation Controls
- Chapter 12: Preventive Controls for Chemical Hazards
- Chapter 13: Preventive Controls for Physical Hazards
- Chapter 17: Classification of Food as Ready to Eat or Not Ready to Eat
Whether for allergen management or other identified hazards, taking a systematic approach to establishing risk-based preventive controls helps protect food products—and the consumer—from biological, chemical, and physical risks. FDA’s guidance can provide an excellent resource for meeting regulatory requirements and protecting consumers.
In July, the Safe Quality Food (SQF) Institute published an article citing the most common non-conformances encountered during certification audits. Interestingly, the transition to SQF edition 9 has changed the number and types (i.e., critical, major, minor) of non-conformances SQF is seeing, with non-conformances related to pest prevention, Food Safety Plan, cleaning and sanitation, and management review and internal audits topping the list.
KTL’s food safety experts break down SQF’s top non-conformances and what you can do to address them.
Prioritizing Pest Prevention
According to SQF, pest prevention is the leading non-conformance under edition 9, with both critical and major findings. Exposure to pests—and the diseases they carry—creates the risk of food contamination and the spread of infectious diseases. Companies need a pest prevention program, whether managed internally or by a third-party contractor, that integrates sufficient measures to minimize pest populations. This may include mechanical preventions and controls, waste minimization, or controlled use of pesticides.
- Review any findings with your food safety team and the pest control contractor, if used. Include frequent review of the approved chemicals or chemicals used for any treatment and ensure the site has access to copies of their safety data sheets (SDSs). Corrective and preventive actions (CAPAs) should be applied to act right away on any open observations. CAPAs should be regularly monitored and tracked to closure. If a third-party contractor is used, open observations should be discussed with the contractor; they may have helpful information on how to handle a pest issue.
- Review pest control trending data at monthly management review meetings. This will help ensure pest prevention data is tracked and monitored. It can also help identify larger, more systemic issues that might necessitate additional CAPAs to resolve the problems.
- Incorporate evaluation of pest prevention performance into the validation and verification schedule.
- Validation should include review of inspection records (at each visit), an annual assessment by the food safety team or pest control provider, and review of trends at the annual management review meeting.
- Verification should include a monthly visual inspection during internal good management practices (GMP) inspections. A simple check to ensure these inspections are thorough enough can involve putting a business card in a tin can for pest control to find and identify on the report.
SQF Tip Sheet: Pest Prevention
Strengthening the Food Safety Plan
The Hazard Analysis and Critical Control Points (HACCP) Food Safety Plan is the foundation of the SQF System. Given this, it makes sense that non-conformances related to the Food Safety Plan always top the list. SQF indicates that many of these findings are now being marked as critical with edition 9. The most common non-conformances include missing hazard analysis, incomplete ingredient hazard analysis, and misidentification of critical control points (CCPs).
- Review and update the HACCP Plan at least annually or whenever there is a change to operations (e.g., ingredients, processes, equipment, etc.) to ensure all inputs and outputs are identified and appropriately managed.
- Use a risk ranking chart to identify risks; determine their severity and likelihood; and document when a hazard is controlled by a GMP, CCP, or other preventive control (PC).
- Use specification sheets and known information about ingredients to facilitate the identification of hazards during the hazard analysis. Ensure copies of any studies or guidance documents are available to the HACCP team and any applicable updated scientific consensus is reviewed. Hazards should be specifically identified rather than just listed as general categories (e.g., biological, chemical, etc.).
- Document everything in a food safety management system (FSMS). Recordkeeping proves that all requirements of the Plan are met.
SQF Tip Sheet: HACCP Food Safety Plan
Emphasizing Cleaning and Sanitation
Cleaning and sanitation methods vary based on the nature of operations, as well as the microbiological and allergen risks. Regardless, every facility needs to develop, implement, and document a cleaning and sanitation program that fits their production processes. According to SQF, this area remains second on the list of major findings in edition 9.
- Understand all the areas and equipment that need to be cleaned and sanitized in the facility. Pay attention to the condition of floors, ceilings, walls, doors, etc. to ensure you are maintaining a hygienic and safe environment.
- Create a robust cleaning and sanitation, preventive maintenance, and maintenance schedule. Regular maintenance of equipment, utensils, and building materials is crucial to prevent non-conformances.
- Incorporate monitoring of the cleaning and sanitation program into the validation and verification process:
- Validation: Review sanitation records and logs, environmental monitoring records, and trending data to identify areas of concern.
- Verification: Conduct visual inspections and records review. Consider swab testing to monitor compliance and trends, especially if using a contracted company for cleaning and sanitation. Review GMP inspection findings and CAPAs at monthly management meetings and track to closure.
SQF Tip Sheet: Cleaning and Sanitation
Management Review and Internal Audits
SQF includes management review (126.96.36.199) as minor nonconformance, highlighting the importance of incorporating food safety culture into the review process. Internal audits remain a crucial way to identify areas of improvement, though they are now on the minor non-conformance list.
- Set objectives/goals for the year and monitor the performance of these objectives at monthly and annual management review meeting. Resources should be allocated appropriately based on trends identified in these meetings to reach goals and ensure the overall effectiveness of the food safety culture.
- Conduct regular GMP inspections, trend results, review them during management meetings, and identify CAPAs, as necessary.
- Distribute food safety questionnaires to personnel to gather input. Review results during management review meetings and use the data collected to create action plans for maintaining or improving scores.
- Conduct a comprehensive internal audit at least annually and address any identified gaps in compliance. Internal audit findings should be reviewed at monthly and annual management review meetings. CAPAs should be assigned for findings, and data can be used to refine food safety objectives/goals.
Knowing and truly understanding the requirements of the SQF Code—or any of the Global Food Safety Initiative (GFSI) certification standards—is essential to avoiding non-conformances. Paying particular attention to the identified top non-conformances can help facilities to proactively mitigate these risks, strengthen food safety culture, and improve overall compliance.
The threat of terrorism against our food supply is as real today as it ever has been. Whether it’s an attack on the products themselves, such as product tampering or sabotage, or a cyberattack against a company’s internet infrastructure, it can be harmful and costly if not recognized in advance. Plans should be in place to not only respond to such an attack but also to prevent it. ~ Rod Wheeler, NSF.org
National Security Memorandum
On November 10, 2022, President Joe Biden signed National Security Memorandum-16 (NSM-16) to strengthen the security and resilience of U.S. food and agriculture. This critical sector has continued to face increasing deliberate and naturally occurring threats to security and resilience, including intentional adulteration (IA), catastrophic events (e.g., pandemics that impact critical infrastructure), consequences of climate change, and cyber- and technology-related vulnerabilities.
NSM-16 replaces Homeland Security Presidential Directive 9 (Defense of United States Agriculture and Food – HSPD-9) and outlines the Administration’s guidance to:
- Identify and assess the threats of greatest consequence. This includes redefining how chemical, biological, radiological, and nuclear threats are defined; focusing on increased cyber threats and climate change impacts; and enhancing threat and risk assessments by mandating a continuous process to assess and mitigate risks and vulnerabilities.
- Strengthen partnerships to enhance the resilience of the workforce, who are typically the first line of response, and coordinate our government to act more efficiently and effectively. Essential critical infrastructure workers need guidance to work safely, while supporting operations during high-consequence incidents.
- Enhance preparedness and response by training partners on how to prepare for and respond to threats, increasing testing and diagnostic surge capacity, and standardizing diagnostic and reporting tools to facilitate timely information sharing.
Ongoing Security Actions
NSM-16 builds upon ongoing actions by the Administration to strengthen the resilience of the U.S. food and agriculture supply chains.
- U.S. Department of Agriculture (USDA) considers defense of the food and agriculture sector critical. USDA’s Food Safety and Inspection Service (FSIS), Animal and Plant Health Inspection Service (APHIS), and National Institute of Food and Agriculture (NIFA) have launched numerous programs to protect these sectors, including FSIS working to help industry partners develop effective food defense plans.
- U.S. Department of Homeland Security (DHS) Office of Health Security Health, Food, and Agriculture Resilience (OHS/HFAR) directorate is also working to help safeguard the American food supply against catastrophic incidents by bringing a national security perspective to the food and agriculture sector. In recent years, OHS/HFAR has engaged directly with partners to perform risk assessments, develop strategic guidance, and design and deliver tailored exercises to better prepare for, respond to, and recover from catastrophic events.
- U.S. Food and Drug Administration (FDA) is engaging with federal; state, local, tribal, and territorial (SLTT) governments; the private sector; and academia on the following activities:
- Conduct of vulnerability assessments
- Risk mitigation analysis
- Federal risk mitigation strategy
- Strengthening existing efforts for information sharing procedures
- Research and development
Roles of Food Safety and Food Defense
According to USDA-FSIS, to prevent, protect against, mitigate, respond to, and recover from threats and hazards of greatest risk to the food supply, preparedness efforts must encompass food safety and food defense.
Food safety provides for the protection of food products from unintentional contamination. Food defense involves the protection of food products from intentional contamination or adulteration (e.g., biological, chemical, physical, or radiological) that causes harm to public health or disrupts the economy in other ways.
The anticipated outcome of combined food safety and food defense efforts is food security. Food security exists when all people, at all times, have physical, social and economic access to sufficient, safe and nutritious food which meets their dietary needs and food preferences for an active and healthy life (United Nations Food and Agriculture Organization (FAO)).
Your Role: Food Defense Plan
Food defense involves putting security measures in place to reduce the chances of someone intentionally contaminating the food supply. FDA’s Food Safety Modernization Act (FSMA) rule on Mitigation Strategies to Protect Food Against Intentional Adulteration (IA) establishes requirements for industry to play an active role in improving the nation’s food security and resilience. This rule requires covered facilities to prepare and implement food defense plans.
The food defense plan incorporates four major elements:
- The vulnerability assessment identifies those areas in the process that pose the greatest IA risks. Each step in the facility’s process should be evaluated for the following:
- Potential severity and scale of the impact on the public.
- Physical access to the product.
- Ability to successfully alter/contaminate the product.
- Facilities must develop and implement mitigation/preventive strategies at each step in the process to address vulnerabilities and minimize the risks of IA.
- A system must be put in place to ensure implementation of mitigation strategies and to effectively manage the following:
- Monitoring mitigation strategies, including frequency.
- Corrective action response.
- Verification activities.
- Appropriate recordkeeping must be maintained for food defense monitoring, corrective actions, and verification, and key personnel must receive appropriate training.
The safety and security of our country’s food products requires developing, implementing, and enforcing policies and programs to support strong food defense. And it requires continually involving all employees in these food defense and security efforts to create a robust food safety culture. The threats to our nation’s food supply—and to those companies who work in the food supply chain—will continue. Taking an active role in controlling what you can and proactively managing your organization’s food defense efforts can play a significant role in securing the food supply chain.
According to the World Health Organization (WHO), foodborne diseases affect 1 in 10 people worldwide each year. Safe food is a key contributor to reducing these foodborne illnesses and other poor health conditions, including impaired development, micronutrient deficiencies, noncommunicable and communicable diseases, and mental illnesses. Only when food is safe can we fully benefit from its nutritional value.
FAO Strategic Priorities for Food Safety
In March 2023, the Food and Agriculture Organization of the United Nations (FAO) published its Strategic Priorities for Food Safety 2022-2031 to “support members in continuing to improve food safety at all levels by providing scientific advice and strengthening their food safety capacities for efficient, inclusive, resilient and sustainable agrifood systems.”
The Strategic Priorities document is structured around four strategic outcomes:
- Governance (intergovernmental and intersectoral) is coordinated and reinforced at all levels.
- Scientific advice and evidence provide the foundation for decisions made about food safety.
- National food control systems are continually strengthened and improved by supporting members in:
- Evaluating food control systems, identifying needs, and designing programs.
- Developing and transitioning economy countries to participate in Codex Alimentarius work.
- Developing and updating food safety standards, legal frameworks, government policies, and operational procedures and guidelines.
- Generating relevant food safety data to reflect the national situation.
- Implementing technology developments in food control and food safety management.
- Public-private partnerships along the food chain are being fostered to ensure food safety management and controls.
World Food Safety Day
On June 7, countries around the globe celebrated World Food Safety Day, focusing this year on “Food Standards Save Lives” as the theme. Established by the United Nations General Assembly in 2018, World Food Safety Day is an annual observation intended to mobilize action to prevent, detect, and manage foodborne risks and improve human health. The WHO and the FAO jointly facilitate the observance of World Food Safety Day.
This year’s theme coincides with the 60th anniversary of Codex Alimentarius, a collection of food standards, guidelines, and codes of practice that encourage governments and food safety advocates around the world to focus on the importance of applying safety standards.
Along with WHO and FAO, the U.S. Food and Drug Administration (FDA) is calling on everyone to join in the efforts to ensure safe food for all. Check out FDA’s information on ways to reduce foodborne illnesses and the Guide to World Food Safety Day 2023 for ideas on how you can participate in World Food Safety Day every day.
The National Bioengineered Food Disclosure Standard defines bioengineered foods (a/k/a genetically modified organisms (GMOs)) as “foods that contain detectable genetic material that has been modified through certain laboratory techniques and for which the modification could not be obtained through conventional breeding or found in nature.”
Genetic engineering allows scientists to take a beneficial gene (e.g., insect resistance or drought tolerance) and transfer it to a plant. Genetic modifications can create many desirable results, including higher crop yields, less crop loss, longer storage life, better appearance, enhanced nutritional value, or some combination thereof.
Genetic engineering can also be used to create a plant-based protein. The Food and Drug Administration (FDA) is aware that some developers are now exploring transferring genes for proteins that are known food allergens (including the “Big 9”) into new plant varieties for foods. Managing this introduction of food allergens into bioengineered food is a significant concern.
The FDA, Environmental Protection Agency (EPA), and U.S. Department of Agriculture (USDA) work together to ensure bioengineered foods are as safe and healthful for humans, plants, and animals—or even more so—as their non-GMO counterparts.
- FDA ensures those who produce, process, store, ship, or sell bioengineered foods or foods with bioengineered ingredients meet the same food safety standards as all other foods. FDA’s voluntary Plant Biotechnology Consultation Program allows developers to work with FDA on a product-by-product basis to evaluate the safety of bioengineered foods before they enter the market.
- EPA regulates the safety of the substances that protect bioengineered plants to make them resistant to insects and disease and monitors all types of pesticides used on crops.
- USDA Animal and Plant Health Inspection Service (APHIS) establishes regulations to ensure bioengineered plants do not harm other plants.
In April 2023, FDA issued a letter to developers and manufacturers who intend to transfer genes for proteins that are known food allergens into new plant varieties for foods. The letter serves as an important reminder that developers of these new plant varieties are obligated to make sure the products they market are safe for consumers and implement all measures needed to comply with the Food, Drug, and Cosmetic (FD&C) Act.
If not appropriately managed, the development of these plants could result in the presence of an unexpected allergen in the bioengineered food product. And if an unexpected allergen enters the food supply, there is real risk of a severe or even life-threatening allergic reaction and, subsequently, needing to recall affected products.
The FDA implores, “We are specifically reminding those developers who are now exploring development of these types of plant varieties of their responsibility for food safety. In particular, we are reminding them to consider the allergenicity issues related to their products, and how they would be stewarded from production to manufacturing to consumption so that they do not inadvertently or unexpectedly enter the food supply.”
The FDA is asking developers to consider the food safety risks posed by such allergens and to plan early in development to manage those risks. Developers who intend to create these plant varieties using proteins that are food allergens need to:
- Take advantage of the Plant Biotechnology Consultation Program early in the development process to ensure new varieties meet FD&C Act requirements and consumers are protected.
- Develop a robust risk management plan that includes significantly stronger mitigation strategies and practices (e.g., crop segregation) to provide assurance that foods containing the transferred allergen are not mixed with other foods.
- Consider whether the entire supply chain can maintain appropriate conditions to prevent allergens from inadvertently entering the food supply.
- Properly label bioengineered foods by declaring the presence of an allergen on the food label.
The most effective way to respond to an emergency is to properly plan for it before it happens. That’s precisely why so many federal, state, and municipal laws and regulations require many facilities to develop and implement some sort of Emergency Response Plan (ERP).
Effective Emergency Response
An ERP is intended to outline the steps an organization needs to take in an emergency—and after—to protect workers’ health and safety, the environment, the surrounding community, and the business itself. The requirements developed by various agencies are important, as they establish the components that must be included in an ERP to comply with regulations and respond effectively.
Most ERPs contain the same basic information. However, it can get complicated when a facility is subject to more than one regulation requiring an ERP, because even though the various regulations share many similarities, they also contain important differences (e.g., command structures, training requirements, equipment needs, operating protocols). Often, facilities end up creating a different ERP to respond to the different regulatory requirements. In an actual emergency, this can create inconsistencies or, worse yet, an implementation nightmare trying to figure out which ERP to follow.
Importance of Integration
The solution lies in integration. For example, consider an integrated management system that allows organizations to align standards, find common management system components (e.g., terminology, policies, objectives, processes, resources), and add measurable and recognizable business value. The same can be done with the various ERPs required within a facility.
It shouldn’t come as a surprise that in 1996, the U.S. National Response Team (NRT) published initial guidance for consolidating multiple ERPs into one core document. The Integrated Contingency Plan (ICP or One Plan) is a single, unified ERP intended to help organizations comply with the various emergency response requirements of the Environmental Protection Agency (EPA), U.S. Coast Guard, Occupational Safety and Health Administration (OSHA), Department of Transportation (DOT), and Department of Interior (DOI). The ICP Guidance does not change any of the existing requirements of the regulations it covers; rather, it provides a format for consolidating, organizing, and presenting the required emergency response information.
While the ICP does not currently incorporate all federal regulations addressing emergency response, it does establish a basic framework for organizations to pull in ERPs for any applicable regulations. And the benefits of doing so are many:
- Streamlined planning process. A single document simplifies the planning, development, and maintenance process. When plans are integrated, it minimizes duplication of effort, eliminates discrepancies and inconsistencies, and helps the organization identify and fill in gaps.
- Improved emergency response. It is much easier—and faster—for emergency responders and employees to navigate one plan rather than multiple separate ones. One plan allows for a single command structure with defined roles rather than potentially conflicting responsibilities. This all allows responders to act quickly and decisively to minimize potential disruption to the organization and public.
- Greater compliance. An integrated ERP provides improved visibility to all parts of the organization’s emergency response and helps reveal gaps that could prove costly and/or dangerous. This is especially important for organizations that must comply with several regulations.
- Potential cost savings. Streamlined and simplified planning reduces the resources required to build the plan. An integrated ERP may also help eliminate regulatory fines and minimize the need for and associated costs of emergency response/cleanup efforts.
Find Your Format
The goal of an integrated ERP is not to create new requirements but to consolidate existing concepts into a single functional plan structure. Regardless of what the plan looks like, it should start with:
- An assessment of the facility’s vulnerabilities to various emergency situations.
- An understanding of the various applicable emergency planning laws and regulations to determine which specific requirements must be incorporated. For example, food emergency response has different implications that must be integrated, particularly when it comes to recovery. A food production facility that is ordered or otherwise required to cease operations during an emergency may not reopen until authorization has been granted by the regulatory authority. Food facilities also have strict guidelines to follow for salvaging, reconditioning, and/or discarding product.
With this understanding, the ERP should then comprise step-by-step guidelines for addressing the most significant emergency situations. The core plan should be straightforward and concise and outline fundamental response procedures. More detailed information can be included in the annex. Most ERPs should include the following basic elements:
- Facility information. Consolidate common elements required in various plans, including site description, statement of purpose, scope, drawings, maps, roster of emergency response personnel, emergency response equipment, key contacts for plan development and maintenance, etc.
- Steps to initiate, conduct, and terminate a response. Outline essential response actions and notification procedures, with references to the annex for more detailed information. Provide concise and specific information that is time-critical in the earliest stages of the response and a framework to guide responders through key steps to deliver an effective response.
- Designated emergency responders. Develop a single command structure for all types of emergencies. Assign qualified, high-level individuals who are familiar with emergency procedures to fill emergency roles. In addition, list the appropriate authorities for specific emergencies, as well as their contact information.
- Evacuation plan/routes and rally points. Clearly mark evacuation routes and identify rally points where employees should meet upon exiting. Do not allow employees to leave designated rally points until it has been documented they have safely left the building.
- Data and information backup technology. Develop provisions for data backup to secondary/off-site systems, as well as alternate options for communications and power.
- Designated plan for communication. Outline who is communicating what, when they are communicating it, and how it is being communicated. This includes internal communication, as well as communication to customers/clients/suppliers/vendors that may be impacted, the media, and the appropriate regulatory authorities.
- Supporting materials. The annex should provide detailed support information based on the procedures outlined in the core plan and required regulatory compliance documentation. Importantly, facilities should create a table that cross-references individual regulatory requirements with the plan to ensure there are no gaps and to demonstrate compliance.
The goal of emergency response planning is to minimize impacts to the environment and workers’ health and safety, as well as disruptions to operations. An integrated ERP has the potential to significantly reduce the number of decisions required to respond in an emergency, eliminate confusion and disagreement regarding roles and responsibilities, and enable a timelier, more coordinated response.
That all being said, an integrated ERP will only be effective if it is thoroughly and consistently communicated to all employees. These best practices will help ensure that the integrated ERP functions not only on paper, but also in practice:
- Periodic training is vital to ensure employees understand the ERP and are fully aware of emergency response procedures. It is especially important in an integrated ERP that first responders are trained to handle all potential emergencies rather than more narrowly trained on response for a single regulation.
- Routine drills significantly improve understanding of the ERP, clarify employee roles, test procedures to ensure they work, and diminish confusion during an emergency.
- Posting an abbreviated version of the ERP throughout the plant provides easy access to all employees if an emergency occurs. This summary version of the ERP should highlight the most vital information for quick response: recognized hazards, high-level emergency procedures, evacuation routes, and key contacts.
Since corporations do not act independently, the only way to hold them accountable for a violation and to enforce the law is to hold corporate directors who are responsible for the violations accountable. They may be held to the same standard as the corporation in terms of accountability (United States v. Park, 421 U.S. 658 (1975)).
The Park Doctrine—also known as the Responsible Corporate Officer (RCO) Doctrine—imposes strict, vicarious criminal liability upon RCOs for misdemeanor Food, Drug, and Cosmetic (FD&C) Act violations. The word vicarious is important, because it means RCOs can be penalized without having personally participated in the violation, having been an accessory to it, or even being aware of it. And recently, there have been increasing cases of holding corporate leaders accountable for food safety issues that negatively impact public health.
A legal doctrine is a set of rules or principles typically established through legal precedent that courts widely follow. The following two landmark cases set the precedent for the Park Doctrine.
The Park Doctrine has its roots in a 1943 Supreme Court case—United States v. Dotterweich. In this case, the jury determined that Dotterweich, as President of the company, was guilty of FD&C Act violations because he shared in the responsibilities related to the transaction of mislabeled product, even though he had no knowledge of the violation. With this decision, the Court held that individuals could be held criminally liable for the company’s FD&C Act violations.
1975 marks the Supreme Court decision on the United States v. Park. In this case, Park (the President and CEO of a national retail food chain) knew about a rat infestation issue but delegated responsibility to employees to resolve the issue. When it was not resolved by the FDA’s inspection, Park and the company were both charged with FD&C Act violations for introducing adulterated food into interstate commerce. Again, the Court maintained that RCOs are held to strict accountability standards, and—very importantly—liability does not require proof of negligence, intent, involvement, or even awareness of wrongdoing. Rather, liability is based solely on the RCO’s role and responsibilities. Park had a duty to remedy the violations and to implement measures to prevent them—he did neither.
Park Doctrine Criteria
In January 2011, the Food and Drug Administration (FDA) published criteria for recommending Park Doctrine prosecutions that factor in the individual’s position in the company, his/her relationship to the violation, and whether the RCO had the authority to correct or prevent the violation. Specific factors under consideration also include the following:
- Whether the violation involves actual or potential harm to the public.
- Whether the violation is obvious.
- Whether the violation reflects a pattern of illegal behavior and/or failure to heed prior warnings.
- Whether the violation is widespread.
- Whether the violation is serious.
- The quality of the legal and factual support for the proposed prosecution.
- Whether the proposed prosecution is a prudent use of Agency resources.
Holding Individuals Accountable
A broad theme in law enforcement these days is holding individuals accountable, said Mary El Riordan, Senior Counsel in the Administrative & Civil Remedies Branch of the U.S. Department of Health and Human Services Office of Inspector General (HHS OIG). Million-dollar settlements do not change behavior, but holding individuals accountable does.
On September 15, 2022, the Department of Justice (DOJ) released the Monaco Memo, affirming its focus on holding individuals accountable. Deputy Attorney General Lisa O. Monaco stated in her address that the DOJ’s top priority for corporate criminal enforcement is going after individuals who commit and profit from corporate crime. The Monaco Memo is fundamentally about individual accountability and corporate responsibility and represents a desire on the part of the DOJ and FDA to use the Park Doctrine to increase the numbers of criminal convictions of RCOs.
Proactively Mitigating Risks
It is clear the DOJ and FDA are taking an increasingly aggressive stance and prosecuting more RCOs, even without knowledge or intent to commit a violation. In the case of the Price Doctrine, it is a crime to do nothing. It is ultimately the RCO’s duty to be aware of, prevent, and address potential violations.
To do so, there are several best practices companies can take to proactively mitigate risk:
- Implement and maintain an integrated management system (i.e., quality, food safety) to help identify compliance obligations and manage risks through an organized set of policies, procedures, practices, and resources.
- Conduct internal audits. Audits provide an essential tool for continually improving and verifying compliance performance. Routine audits should ensure policies and procedures are being followed and identify concerns before they become major violations.
- Engage in regular monitoring activities. Regular environmental monitoring that focuses heavily Zones 1 and 2 (i.e., food contact surfaces and surfaces directly adjacent to food contact surfaces, respectively) is vital to preventing foodborne illnesses.
- Establish clear roles and responsibilities for all employees, including leadership. Provide training for RCOs on the Park Doctrine so they clearly understand their duties and obligations.
- Resolve corrective and preventive actions (CAPAs) immediately. CAPAs are those actions an organization takes to make improvements and/or eliminate causes of non-conformities. Failure to conduct a CAPA may be considered a major non-conformance.
- Create a culture that encourages employees to speak freely when there are issues. Food safety culture is being integrated more completely and significantly into many of the Global Food Safety Initiative (GFSI)-benchmarked food safety certification standards to encourage widespread adoption.
- Be responsive and work with the FDA. The FDA sends warning letters to companies in violation of the FD&C Act (see example 2022 Warning Letter). The letter specifically outlines the required response and related consequences: You are responsible for investigating and determining the causes of the violations identified above and for preventing their recurrence or the occurrence of other violations. It is your responsibility to ensure your facility complies with all requirements of federal law, including FDA regulations. You should take prompt action to correct or implement corrections to the violations cited in this letter. Failure to do so may result in legal action without further notice, including, without limitation, seizure, injunction, or administrative action for suspension of food facility registration if criteria and conditions warrant.
Location: Chicago, Illinois (other locations considered)
KTL is seeking a Food Safety Specialist with 5-10 years of professional food safety consulting or relevant food industry experience to join our team. This individual will work under the direction of KTL Project Managers and Senior Consultants to manage and execute tasks for KTL’s food safety projects and meet client expectations. The Food Safety Specialist must have working knowledge of FDA, USDA, and GFSI requirements as they apply to food/food packaging manufacturing, processing, and distribution, and experience implementing/maintaining food safety documents and plans.
Responsibilities and tasks include the following:
- Providing HACCP, SOP, and SSOP development and implementation support
- Conducting gap assessments to FDA, USDA, and GFSI (i.e., IFS, BRC, FSSC22000, SQF) requirements
- Conducting relevant food safety training for clients
- Researching FDA, USDA, and GFSI regulatory requirements and maintaining standards updates
- Researching labeling regulatory review
- Interpreting third–party regulatory audits
- Reviewing, recommending, and coordinating efforts for environmental contaminants and pathogen testing program
- Working with clients and KTL senior staff to identify Food Safety Management System (FSMS) and program gaps and implement solutions for continuous improvement
- Maintaining and updating documents to ensure conformance and compliance consistency
- Participating in the development and management of KTL’s SharePoint® tools
- Assisting in growing clients and other business development efforts, as requested
- B.S. degree in food science, biology, chemistry, technology, microbiology, or other related life science
- 5-10 years of related food industry experience in Quality Assurance/Control; experience in cooking, processing, manufacturing dairy, low-acid canned food, meat, or seafood preferred
- Excellent communication and presentation skills
- Excellent research, analytical, writing, and organizational skills
- Microsoft SharePoint® and information management systems experience
- High–risk food or ingredients experience
- Understanding of food safety in food packaging
How to Apply
Forward a resume to email@example.com.
KTL is a management consulting firm providing EHS, sustainability, food safety, and quality consulting services to a wide range of industry, municipal, university, and government clients. Our focus is to build strong, long-term client partnerships and provide value-added solutions that simplify management systems, improve compliance, and establish more sustainable operations. KTL specializes in developing and implementing strategies, processes, and tools that complement our clients’ investments in existing programs and resources. Our highly qualified personnel have an in-depth knowledge of U.S. federal, state, and international EHS requirements; global food safety compliance; ISO management systems; and information management tools. Our consultants possess the education, work experience, and professional registrations necessary to provide value-adding consulting services to our clients.
Food Safety System Certification (FSSC) 22000 is a complete Global Food Safety Initiative (GFSI)-benchmarked certification scheme that is aligned with the ISO management system approach and harmonized structure. The first version of FSSC 22000 was published in 2009, and more than 16,000 sites have been certified under the scheme since.
On March 31, 2023, the Foundation FSSC published the most recent version of the FSSC 22000 scheme (FSSC V6.0) to:
- Integrate the requirements of ISO 22003-1:2022.
- Strengthen the requirements to support organizations in their contributions to meeting the United Nations’ Sustainable Development Goals.
- Incorporate feedback from the FSSC 22000 V6.0 development survey.
Overview of Changes
Foundation FSSC has set a 12-month period—between April 1, 2023 and March 31, 2024— for companies to transition from V5.1 to V6.0. In addition to changes in some of the requirements (as outlined below), V6.0 includes a realignment of the Food Chain Categories in accordance with ISO 22003-1:2022 and GFSI requirements (i.e., including Trading and Brokering (FII) and removing Farming (A)). Among others, some of the significant changes to the requirements include the following:
Food safety and quality culture. As we are seeing with other GFSI certification schemes, ISO management systems, and the FDA New Era of Smarter Food Safety, culture requirements are becoming more prominent. FSSC 22000 V6.0 requires senior management to “establish, implement, and maintain a food safety and quality culture objective as part of the management system,” addressing the following elements at a minimum: communication, training, employee feedback and engagement, and performance measurement of defined activities.
In addition, organizations must develop and implement a a documented food safety and quality culture plan that outlines objectives and timelines and follows the management system process of continuous improvement (i.e., plan-do-check-act (PDCA)).
Quality control. Quality control is a new clause of FSSC 22000 V6.0 that aligns with clauses 5.2 and 6.2 of ISO 22000:2018. Under this clause, organizations must establish, implement, and maintain a quality policy, objectives, and parameters in line with finished product specifications for all products within the scope of certification. As part of the quality program, organizations also need to establish and implement quality control and line startup and changeover procedures to ensure products meet customer and legal requirements.
Food loss and waste. The regulatory community has identified the lack of circularity in the food industry and a real need for addressing food waste. FSSC V6.0 now requires organizations to develop a documented policy with objectives and detailed strategy to reduce food loss and waste within the organization and the related supply chain.
Equipment management. Organizations must establish and implement a risk-based change management process for new equipment and/or any changes to existing equipment. This includes having documented purchase specifications to address such things as hygienic design, legal and customer requirements, and intended use of the equipment.
Allergen management. The requirement to have a documented allergen management plan is not new to V6.0. However, in addition to a including a risk assessment of all potential sources of allergen cross-contamination and related control measures, V6.0 now requires validation and verification of control measures; precautionary or warning labels as an outcome of the risk assessment to identify allergen cross-contamination risks (warning labels do not exempt the organization from implementing allergen control measures/verification testing); allergen awareness and control measures training; and annual review of the allergen management plan.
Environmental monitoring. V6.0 expands on the previous requirements for organizations to have a risk-based environmental monitoring program (EMP) for relevant pathogens, spoilage, and indicator organisms and documented procedures for evaluating the effectiveness of all controls in preventing contamination. V6.0 requires that the EMP must be reviewed for continued effectiveness at least annually, including when specific triggers occur (e.g., significant changes related to products, processes, legislation; when no positive test results have been obtained over an extended period; and when there is a repeat detection of pathogens during routine environmental monitoring).
Validation/verification of packaging claims. When a claim is made on the product label or packaging, the organization must maintain evidence of validation to support the claim and must have verification systems in place to ensure product integrity.
Food defense. V6.0 clarifies and strengthens requirements related to food defense. Organizations now must conduct and document a food defense threat assessment based on defined methodology to identify and evaluate potential threats linked to processes and products. In addition, the food defense plan must be based on the threat assessment, specify mitigation measures and verification procedures, and be implemented and supported by the food safety management system (FSMS).
Food fraud mitigation. Again, V6.0 clarifies and strengthens food fraud mitigation requirements by requiring organizations to conduct and document the food fraud vulnerability assessment to identify potential vulnerabilities and develop and implement appropriate mitigation measures. The food fraud mitigation plan must be based on the vulnerability assessment, specify mitigation measures and verification procedures, and be implemented and supported by the FSMS.
Other requirements. V6.0 also includes clarifications on the requirements for the certification process and implements the addition of a QR Code on FSSC 22000 certificates for improved traceability. It updates Communication Requirements (2.5.17) so organizations must 1) inform the certification body within three days of serious events/situations that may impact the FSMS and/or the integrity of the certification, and then 2) implement corrective measures as part of the emergency response and preparedness process. In addition, the standard requires that major nonconformities must be closed by the certification body within 28 calendar days from the last day of the audit. If this is not possible, the Corrective Action Plan must include temporary measures and controls necessary to mitigate the risk until permanent corrective action can be implemented.
Sites currently certified to FSSC 22000 have a transition period of 12 months to prepare their FSMS to be audited against the V6.0 requirements. The next year affords these organizations the time to assess current FSSC 22000 elements; identify improvements that are internally desirable and/or required by the new V6.0; and implement those updates to reduce nonconformances with FSSC 22000 V6.0. This can be done through a series of phases to ensure adoption throughout the organization:
Phase 1: Internal Assessment. Review existing FSSC 22000 food programs, processes, and procedures; document management systems; and employee training tools and programs to identify those areas in need of updates, development, and/or implementation to meet the requirements of V6.0.
Phase 2: FSMS Updates. Based on the assessment, develop a plan for updating your FSSC 22000 FSMS, including major activities, key milestones, and expected outcomes. This may include updating/developing programs, processes, procedures, and training with missing V6.0 requirements.
Phase 3: Training. To ensure staff are prepared to implement and sustain the updated FSSC 22000 V6.0 program, they must be trained on applicable requirements; specific plans, procedures, and good manufacturing practices (GMPs) developed to achieve compliance; and the certification roadmap to prepare for future assessments.