Help us to help
What exactly did the auditor say?
Very few of us (food or packaging) are going to perform full analysis on incoming materials, nor does the code ask for it (manufacturing anyway) I've attached the change guidance. In Manufacturing, the food fraud is also not mandatory, just saying
2.7.2
Food Fraud
New section.
What does it mean? In July 2014, GFSI published a discussion paper “GFSI position on Mitigating the public health risk of food fraud”, in which it states “The GFSI Board recognizes that the driver of a food fraud incident might be economic gain, but if a public health threat arises from the effects of an adulterated product, this will lead to a food safety incident”.
Food fraud is often described as EMA, economically motivated adulteration. However, it is more than that. As well as adulteration, food fraud includes substitution, dilution, addition, misrepresentation or tampering of food ingredients or food products. It is in fact illegal deception for economic gain.
The economic risks of food fraud to the industry are apparent. It is estimated that fraud costs the global food industry between $US40bn -$US50bn every year (Australian Food News, 11th July 2017). However, the public health impacts are less so. In many cases, the health impact of food fraud is not known until after the fact, when consumers become sick and the adulterant is detected.
GFSI now requires that a food fraud vulnerability assessment and mitigation plan are incorporated into the food safety management systems in all GFSI benchmarked schemes. SQF in edition 8 now requires food fraud o be considered for the site (2.7.2), and for incoming materials and ingredients (2.4.4.5, 2.4.4.6).
What do I have to do? Although this element is not mandatory, it is a key GFSI requirement and can only be exempted on receipt by the Certification Body (CB) of a written request from the site justifying exemption. If the justification is accepted by the CB, the element can be exempted. If not, and the site has not completed a vulnerability assessment and mitigation plan, then the CB is required to raise a major non-conformance against 2.7.2.
For many sites, food fraud is a new consideration and the hardest part is getting started. What is a vulnerability assessment? What is a mitigation strategy?
The food fraud strategy is similar to the
HACCP methodology sites are familiar with. In general terms it is:
1. Identify the risks (vulnerabilities)
2. Determine corrective and preventative actions (mitigation strategies)
3. Review and verify
4. Maintain records
The food fraud requirements talk about ‘vulnerabilities’ rather than ‘risk’. A risk (ISO 31000 Risk Management) is something that has occurred frequently before, will occur again, and there is enough data to conduct a statistical assessment. A vulnerability is more a condition that could lead to an incident (Dr John Spink, MSU). GFSI considers an “incident” to be a “consumer health risk if not addressed”.
‘Vulnerabilities’ need to be identified in incoming materials and ingredients, and within the site. Not all materials and ingredients are subject to risk, and the highest risks may be from minor or infrequent ingredients that originate from sensitive geopolitical areas, or suppliers with poor past histories. Ingredients can be prioritised based on perceived risk.
Within the site, vulnerabilities may include the potential for intentional or accidental substitution, dilution, or adulteration. The question that needs to be asked is “who benefits financially from internal food fraud”?
Mitigation strategies will be developed based on the identified vulnerabilities.
Although SQF requires that the food fraud vulnerability assessment and mitigation plan l be reviewed and verified at least annually, the site should be constantly aware of their supplier history and changes in the supply chain that could impact the vulnerabilities.
SQFI recommends that suppliers initiating their food fraud strategies seek assistance from one of the many resources that are available on-line. Although SQFI lists these resources, we take no responsibility for the information they provide or the outcomes of the assistance they offer.
SQFI partners with the Food Fraud Initiative at Michigan State University (MSU)
http://foodfraud.msu.edu. This group offers free on -line training for sites and auditors on food fraud called Massive Open On-line Courses or MOOCs.
Other resources that could be considered include the PwC food fraud vulnerability assessment, and the USP Food Fraud Database.
Auditing Guidance As with suppliers, food fraud is also relatively new to auditors, and SQFI recommends that all SQF auditors seek training in food fraud strategies through the resources outlined above, or through their internal CB training.
The auditor must avoid pre-determining site’s food fraud vulnerabilities or making a quick decision on 2.7.2 Food Fraud. Food fraud is a new and inexact science, and there is no prescribed methodology for determining vulnerabilities or their mitigating actions. It is based on the information that the site has available at the time.
The auditor will seek evidence of compliance to this requirement by review of documents and records, and interview. Evidence may include:
• There is an awareness within senior management of the need for a food fraud vulnerability assessment and mitigation strategies.
• There is a current, documented vulnerability assessment in place that identifies key ingredient vulnerabilities including justification for their inclusion. The methodology for selecting the key ingredient vulnerabilities shall be available.
• The vulnerability assessment shall include an evaluation of the site vulnerabilities including from staff, contractors, and other associates.
• There are documented mitigation (ie prevention) strategies in place for all identified vulnerabilities, which identify what is to be done and who is responsible.
• The mitigation strategies are active, and are being reviewed for effectiveness.
• The vulnerabilities and mitigation strategies are reviewed at least annually.
• There are records available of review of the food fraud program.
2.7.2.1
The methods, responsibility and criteria for identifying the site's vulnerability to food fraud shall be documented, implemented and maintained. The food fraud vulnerability assessment shall include the site's susceptibility to product substitution, mislabeling, dilution and counterfeiting which may adversely impact food safety.
New element.
2.7.2.2
A food fraud mitigation plan shall be developed and implemented which specifies the methods by which the identified food fraud vulnerabilities shall be controlled.
New element.
2.7.2.3
The food fraud vulnerability assessment and mitigation plan shall be reviewed and verified at least annually.
New element.
2.7.2.4
Records of reviews of the food fraud vulnerability assessment and mitigation plan shall be maintained.
New element.