Food Safety / Regulatory Compliance

Have You Assessed Your Food Fraud Vulnerability?

GFSI clearly requires a food fraud assessment, and FSMA strongly implies it; but processors do not appear ready.

By Dr. John Spink of the Michigan State University Food Fraud Initiative

This column was created after conversations with several senior industry leaders who are in charge of food fraud prevention for their Fortune 1000 companies. “Wait, what? What is required for GFSI compliance?” was an answer we heard more often than we expected, a bit of a revelation.

For food fraud prevention, the Food Safety Modernization Act refers to “economically motivated adulteration,” with a broad focus covering all hazards that are economically motivated. FSMA does not require companies do anything to pass an audit — but it does hold companies accountable for any and all hazards. We emphasize that after a food fraud incident, illness or death, it would be logical for a government investigator to ask, “How did you determine this was NOT a ‘hazard that requires a preventive control?’ ”

The Global Food Safety Initiative clearly defines the scope of food fraud to include all types of fraud (e.g., not just adulterant-substances but also theft, tampering, counterfeiting, etc.) and all products (e.g., incoming goods such as raw materials and outgoing goods including finished products destined for retail shelves.) GSFI requires that a Food Fraud Vulnerability Assessment be completed and documented, and then that a Food Fraud Prevention Strategy be completed and documented. There are no further published requirements or guidance on the method, process, details, length, depth, etc.

One immediate point: If your company is compliant with a GFSI schema for food fraud, then you should be compliant with FSMA on the subject.

A method to begin assessing food fraud vulnerabilities is to start from the top-down (“macro level”) and conduct a “pre-filter” or initial screening. It is understandable if the first assessment has a low degree of certainty and robustness. This initial screening is based on COSO (Committee of Sponsoring Organizations of the Treadway Commission) managerial accounting principles in Enterprise Risk Management. The pre-filter enables you to identify where a more detailed vulnerability assessment is needed … or not. The first assessment is often one matrix for all incoming goods and one matrix for all outgoing goods — each having no more than five types of market segments and five groups of products.

An initial screening is directional and leads to subsequent vulnerability assessments having high degrees of confidence and robustness. Without an initial screening, the other extreme would be conducting a full Food Fraud Vulnerability Assessment on every supplier-product combination (potentially at the ingredient level). For even a medium-sized company, this could involve 1,000 suppliers, with each supplier providing an average of 10 product variations which would require 10,000 separate assessments. It was estimated the fully detailed vulnerabilities assessments could take years to complete.

You should minimally conduct an annual Food Fraud Incident Review. Confirm that all your actions meet the GFSI scope of all types of food fraud. Also confirm these meet the GFSI scope of all products from both incoming goods (e.g., ingredients) and outgoing goods (e.g., finished goods) through to the consumer.

If you require GFSI compliance for your suppliers, do you have a process in place to review and confirm what they are doing to address food fraud by January 2018? If no, then you probably are not GFSI-compliant. So, survey your suppliers; provide an overview, definition and scope of food fraud; and point them to support resources.

If your customers (other manufacturers, retailers, etc.) require you to have GFSI compliance, do you have a process in place to review and confirm food fraud prevention compliance by January 2018? If not, you probably will not be GFSI-compliant.

It's a lot to handle. One resource is the Michigan State University Food Fraud Initiative’s free, open, online educational opportunities. There are also in-person executive education courses available. These include the development of an effective and efficient Food Fraud Prevention Strategy and another on conducting Food Fraud Vulnerability Assessments. (An actual Food Fraud Initial Screening is completed in the latter course).