Food Safety Magazine

COVER STORY | April/May 2010

Food Safety’s New Regulatory Reality: Are You Prepared?

By Frank Oehl, Darin Floyd and Alan Fowler

Food Safety’s New Regulatory Reality: Are You Prepared?

High-profile cases of contaminated food products, as well as an increasing number of recalls, have sustained an ongoing awareness of—and concern about—the foods that reach America’s tables. As a result, food safety has become a growing concern for consumers and industry leaders. It is also a focus of reform for the U.S. government.

With a flurry of changes and new food safety regulations on the horizon, companies have the opportunity to discover more efficient and effective methods of consumer protection. Such discoveries will occur by assessing current activities, building a refocused program and establishing monitoring mechanisms to address the needs of a dynamic food safety program. This article examines some current drivers of food safety regulation, specific sections of bills pending in Congress and recommendations to help companies prepare for coming changes.

Drivers of Regulatory Change
Ensuring that food is safe for consumption can be a daunting task. There are myriad factors and interrelated parts that, in combination, make food safety a complex challenge. Some of the key drivers for more stringent regulations are demographic changes and consumer awareness, publicly visible recalls, supply chain complexity and globalization. These drivers are considered in more detail below.

Demographic Changes and Consumer Awareness
Shifting demographics and changing consumer awareness highlight the need to make food safety a priority. In recent years, consumers have increased their consumption of raw foods—which, obviously, are not typically exposed to heat or other decontamination processing. For example, from 1992 to 2005, fresh spinach consumption grew 180%.[1]

In addition, the U.S. population is becoming increasingly susceptible to foodborne illness. Approximately 25% of the population is made up of the elderly, children and pregnant women—some of the highest risk categories.[2] With one in five Americans expected to be over the age of 60 by 2015,[3] the population will only become more vulnerable.

To help companies better understand consumers’ food safety concerns, we commissioned a survey of 1,110 consumers in April 2008. The results indicate that consumers are extremely concerned about the lack of information about the food they eat, specifically, whether the ingredients are healthful and safe (Figure 1).

The same study found that 73% of those surveyed feel that food-related recalls have increased, 76% of respondents indicated that they are more concerned now than they were 5 years ago about the foods they eat and 57% have stopped eating a specific food because of a food recall (for an average length of about 6 months).[4]

This rising consumer awareness—and wariness—places the onus on businesses to adopt appropriate food safety standards and let the public know about their efforts. Consumers are voicing their concerns and pressuring the government to pass legislation that mandates proper food safety standards and provides for verification and enforcement.

Publicly Visible Recalls
Media coverage of food safety issues has increased dramatically since 1986. With one report after another of food-related crises, consumers have more doubts about the safety of the food they are eating and are less trusting of the companies that provide it. According to a Nielsen survey in December 2009, during a food safety scare, consumers trust the media more than companies and regulators.[5]

Despite consumer outcry and the efforts of many companies to deliver safe products, the number of annual recalls in the U.S. has more than tripled since 1999. What’s more, food- and beverage-related recalls continue to accelerate, jumping from 240 in 2006 to 565 in 2008 to 926 in 2009 (Figure 2).

The top two reasons for these recalls are Salmonella contamination and undeclared ingredients. One incident of Salmonella contamination, in January 2009, was widely reported in the media. This one recall alone involved more than 70 companies and over 3,900 specifc products due to a peanut-related Salmonella outbreak at a Georgia manufacturing facility.

The use of melamine in China to boost the protein content of baby formula was also widely reported in the media. Within China, this melamine contamination resulted in six infant deaths, as well as thousands of sickened babies, due to kidney stones and kidney disease. It also led to roughly a dozen countries banning the import of dairy products from mainland China.[6]

Given that a few melamine-contaminated food products had found their way into the U.S., this issue raised widespread concerns with consumers and highlighted the need for proactive regulation. As this article goes to print, Chinese officials are still working to identify and remove tainted products from store shelves.

As noted above, the way a company manages product recalls and communicates to the public has a direct impact on a consumer’s eating habits. Therefore, companies should be prepared to execute recalls smoothly. They should also be prepared to clearly communicate with consumers during recalls, particularly if their products are not affected.

Supply Chain Complexity
The growing complexity of modern supply chains makes it possible to ship food products—and any accompanying contamination—to multiple food producers and retailers within hours. Such was the case with the peanut-related Salmonella outbreak mentioned previously, as recalls quickly spread from bulk peanut butter to cookies and crackers to trail mix and Pad Thai.

With each handoff in the food supply chain, it becomes even more difficult to trace the contaminated products. This places an additional burden on manufacturers, distributors and retailers to capture data and track ingredients, not just within their own facilities, but also up and down the supply chain.

Not all organizations, however, are prepared to shoulder such a burden. In March 2009, Daniel R. Levinson, the inspector general of the Department of Health and Human Services, reported that federal health inspectors had found that the majority of food manufacturers and distributors are unable to identify suppliers or recipients of their products, despite federal rules that require them to do so. Additionally, one quarter of the food facilities contacted in the course of this study were not even aware that they were supposed to be able to trace their suppliers.

Globalization
Globalization further compounds food safety concerns, as international sourcing shifts more and more activities beyond a company’s direct control. This, of course, introduces more risk points throughout the supply chain.

Cultural and economic differences contribute to the food safety problem as well. Different geographic markets have different beliefs and experience with food safety risks, which results in various levels of safety measures and quality control mechanisms. And poorer economies simply may not have the capital to implement or enforce the appropriate food safety controls. In short, the more remote a product’s origin (or its ingredients), the greater the potential risk.

Similarly, the broader the market, the more damage a contaminated product can cause. For example, a single region in California now provides more than half the spinach consumed in North America. So it is easy to see how the packaged spinach E. coli scare in 2006, which originated in San Benito County, CA, resulted in an outbreak that was felt in 26 states.

Or consider the broad distribution of pet food manufactured in China. In 2007, the U.S. Food and Drug Administration (FDA) was notified of widespread sickness and deaths of dogs and cats across the U.S. The FDA traced the products to China and discovered that a portion of the pet food was even used to create feed for animals and fish destined for human consumption. Ultimately, the recall affected China, the U.S., Canada and South Africa. Although global recalls of food for human consumption have been rare, the risk of a global food safety issue is significant.

Political and Regulatory Responses
Governments around the globe have taken note of these factors. As a result, they are working to implement tougher food safety legislations, upping their investments in research and education programs, and seeking increased industry guidance to better respond to food safety and consumer protection issues.

In Europe, the EU Food Law was passed in 2002, and the European Food Safety Authority was established to enforce it. Similarly, Canada passed the Food and Consumer Safety Action Plan and Food Labeling Initiative in 2007, and a new Canadian Food Safety Act was proposed in 2009.

In response to such pressures and drivers, and to mitigate the risk of future outbreaks, the U.S. government has already enacted the Bioterrorism Act of 2002, which requires food and beverage companies to make traceability information available to authorities on demand. Country-of-origin labeling regulations were enacted for fish and shellfish in 2005 and expanded to cover a wide range of commodities in March of 2009.

Both state and federal governments in the U.S. are working to enact additional food safety laws. There are roughly nine food safety proposals currently pending in the U.S. Congress. Since January 2009, U.S. state legislatures have introduced more than 600 bills that address food safety.[7]

Furthermore, Dr. Margaret Hamburg, the new head of the FDA as of May 2009, has stated that she wants to restore public confidence in the FDA by putting science first and running an open and accountable operation. Noting that robust food safety standards and enforcement will require sustained effort, more money and stronger laws, Dr. Hamburg intends to require companies to follow written safety plans that are overseen by federal and state inspectors. In addition, she plans to strengthen traceability and import safety—traditionally, two weak links in the system—and shift the FDA’s strategy from responding to outbreaks to preventing them in the first place.

There is also a presidential push for food safety, as seen by the creation of the President’s Food Safety Working Group in March 2009. And in July 2009, the White House appointed Michael Taylor as the senior advisor to the commissioner of the FDA. Taylor’s position is widely described as that of a “food safety czar.”

For fiscal year 2011, the FDA has proposed a 30% budget increase for new safety standards, traceability frameworks, import safety checks and better risk analysis under the Transforming Food Safety Initiative. This budget proposal mirrors many of the components that are being debated in legislation now under consideration.

Pending U.S. Food Safety Regulations
With food safety reform now a government priority, several food safety proposals are now pending in the U.S. Congress:

• Food Safety Modernization Act of 2009
• FDA Food Safety Modernization Act of 2009
• FDA Globalization Act of 2009
• Safe Food Enforcement, Assessment, Standards & Targeting (FEAST) Act of 2009
• Consumer Product Safety Solutions Act of 2009
• Common Sense in Consumer Product Safety Act of 2009
• Consumer Product and Food Safety Information Act of 2009
• Relief to small and family-owned businesses
• Food Safety Enhancement Act of 2009

On July 30, 2009, the U.S. House of Representatives passed comprehensive food safety legislation for FDA-regulated foods in the form of the Food Safety Enhancement Act of 2009 (H.R. 2749). Sponsored by Rep. John Dingell (D-MI), this bill contains many of the same concepts found in competing food safety proposals. With a similar Senate bill (S. 510) on the fast track, and with a strong endorsement from President Obama, it is highly likely that H.R. 2749—or a bill very much like it—will be passed in the coming months.

If it does pass, H.R. 2749 will be the first law in 70 years to significantly change our nation’s approach to food safety. This legislation will grant the FDA the authority and resources to prevent foodborne illnesses from occurring and the tools to respond if they do. It will also increase the food industry’s responsibility for overseeing the safety of products and provide the FDA with new and enhanced enforcement authority to hold food product companies accountable when they fail.

To ensure a safer food supply, this law focuses on recalls, inspections, registration, safe practices, traceability and imports.

Mandatory Recall Authority for the FDA
One of the most important changes of this legislation is that it will give the FDA the authority to mandate recalls of tainted food, rather than relying on food producers to do so voluntarily. Furthermore, H.R. 2749 mandates that firms pay for the FDA’s costs associated with recalls.

Mandatory recall authority will shift some control from companies to the FDA and could affect a company’s ability to contain a recall. Companies with food safety weaknesses could be significantly affected by FDA intervention.

Inspections and Registration of Facilities
H.R. 2749 will bring about changes in the registration of food facilities, requiring companies to register annually beginning in 2010, at a fee of $500 per facility. Products from non-registered facilities would be considered misbranded, and their sale prohibited. Registered food facilities will be inspected by the FDA and will be required to comply with mandated documentation requirements and give the FDA greater access to their records. Refusing, impeding or delaying inspections would be prohibited.

The FDA’s authority to establish record-retention requirements presents a new challenge, as it could significantly affect companies that currently lack the infrastructure to capture and report relevant information.

Required Food Safety Plans
H.R. 2749 also will require mandatory Hazard Analysis and Critical Control Points (HACCP) plans. In addition, food facilities serving U.S. customers must implement comprehensive food safety and food defense plans. The FDA will be able to set safety standards that ensure the safe production and harvesting of fruits and vegetables, with compliance a requirement for food producers and distributors.

Many companies conduct some sort of analysis and have a control program in place, but this bill requires a risk-based analysis and scientific validation of the system of preventive controls. Companies must manage these new requirements and integrate required control activities into existing food safety programs.

Improved Tracking and Traceability
H.R. 2749 will allow the FDA to issue regulations that require food producers, manufacturers, processors, transporters or handlers to maintain the origin and distribution history of food products. It will also provide for a reinspection fee for facilities that commit violations that require additional inspections by the FDA. Technology will be essential in determining the origin, movement and reporting of food in the supply chain. Furthermore, this legislation will mandate the recall and notification—to both the FDA and consumers—of adulterated or misbranded articles of food.

In addition to fees, companies could face other financial impacts due to the need to maintain distribution histories and collect data related to the origin and movement of products. The FDA will have the ability to determine which technologies and methodologies may be used. Therefore, companies with programs already in place might need to implement new systems and processes, if the FDA does not approve their existing technologies and methodologies.

Imports Required to Meet Domestic Standards
This bill will hold importers to the same safety standards as domestic food producers (existing law and the changes noted above), while implementing an importer registration fee program. Among the H.R. 2749 requirements: All processed food labels must indicate the country where the final processing occurred, food manufacturers must disclose the country of origin for all source ingredients on their Web sites and produce must be accompanied by country-of-origin labeling.

Opportunity for Reassessment
Food safety is, of course, critically important to businesses throughout the supply chain—from farmers and food producers to distributors and retailers. A company faced with a significant food safety problem could face potential remediation costs in the tens, or even hundreds, of millions of dollars and significant damage to its reputation and brand.

Companies have traditionally responded to new regulatory requirements by layering on new compliance activities. With the tremendous public focus on food safety and the vast changes pending in Congress, companies have the opportunity to take a proactive stance.

Now is a good time to understand how new requirements align with existing laws and standards. It is also an
opportunity to examine whether a company’s current strategy to design and implement a food safety program can sufficiently—and efficiently—support upcoming compliance requirements and future business and regulatory changes. Reacting slowly to the new regulation could cause companies to play catch-up once the pending legislation becomes law.

In the face of coming changes in the regulatory landscape, companies should find the most efficient and effective way forward rather than continuing with piecemeal tactics. Companies can leverage technology to provide greater visibility of the end-to-end program, increase efficiency and reduce costs (see sidebar). The right technology solution could remove the overlap between multiple (and sometimes competing) risk and compliance programs. It could also improve control strategies that create and protect value by aligning activities with similar regulatory and business requirements—ultimately enhancing overall compliance efforts. The challenge, of course, is determining the best approach for building such a food safety program.

Preparing for Change: A Catalog Approach
As laws change and standards evolve, it is important for companies to understand the implications to their business, both internally and across the extended enterprise. These implications include:

• Vague and disparate requirements across multiple geographies and jurisdictions
• Overlapping requirements and redundant compliance and reporting activities
• Inconsistent interpretations of requirements for similar processes and systems
• Inconsistent application of policies and operational performance of controls
• Multiple audits of the business (internal, third-party, etc.) and excessive assessment costs
• Inconsistent management reporting regarding levels of compliance across the organization and extended enterprise

Traditionally, understanding how authoritative requirements affect the way organizations operate has been a challenge, especially given the dearth of global changes over the past few years. However, one way that organizations can prepare for pending regulatory changes and accelerate their response to current challenges is to use a catalog approach.

A robust requirements catalog is an integrated risk and compliance management solution composed of six core components. These components are supported by a common risk management infrastructure:

1. A requirements library, which provides a single, integrated repository of business requirements, such as regulatory sources (FDA, USDA, U.S. states, other countries, etc.), industry standards (HACCP, GFSI, ISO, etc.) and internal requirements (policies, customer specifications, contractual obligations, etc.). These authoritative requirements have been mapped, the overlap removed and then linked to risk statements and control definitions.

2. Control baselines, which provide a process for building and maintaining risk-rationalized controls by linking standards and regulatory requirements, risks, controls and test procedures to your operations. This enables a standardized view of the operating environment.

3. A policy-management portal, which provides an automated policy lifecycle that enables policy development to be updated as needed to meet or exceed changing authoritative requirements.

4. A risk and control self-assessment system, which provides an automated risk and control assessment process that supports the periodic risk and compliance assessment requirements of the organization. It allows an organization to go through assessment and testing once, while satisfying many reporting requirements. It also provides the structure for third-party self-assessments.

5. A key risk-monitoring system, which provides a metrics-driven capability for monitoring key risks aligned with business objectives.

6. A risk-management infrastructure, which provides a common infrastructure for establishing a governance model, risk management methodology, requirements library, data architecture and technology architecture.

The impact of a requirements catalog can be seen by viewing the control environment before and after the implementation of such an approach.

Before
Many organizations take an additive or “one-off” approach when dealing with new regulations and standards. Such an approach can create multiple discrete compliance programs, potentially leading to inconsistency and inefficiency in managing several requirements from multiple sources (Figure 3).

After
With a robust requirements catalog approach, the cost, complexity and workload required to support compliance efforts are reduced. Considerable cost efficiencies can be realized when the overlap related to compliance is removed and an integrated approach is applied across the organization (Figure 4).

Benefits
The successful deployment of a catalog approach can improve the efficiency and effectiveness of food safety programs and allow companies to demonstrate multiple benefits to management and regulators, including:

• A risk-based approach to compliance

• Common risk language and a single repository of business and regulatory requirements

• Classification of requirements by commonalities and activities designed to satisfy a set of requirements rather than a one-for-one approach

• Identification and elimination of overlapping requirements and redundant activities

• Consistent interpretations of requirements for similar processes and systems

• Consistent application of policies and activities across multiple geographies and jurisdictions

• Coordinated audits for multiple internal and third-party stakeholders (assess once, test once, and satisfy many)

• The ability to validate control design and effectiveness of suppliers and third parties

• Interactive risk and compliance dashboards with issue and corrective plan tracking

• Efficient reporting to management and third parties regarding levels of compliance across the organization and extended enterprise

• A roadmap for downstream automation of compliance representation

Certainly, there are many approaches that companies can take to prepare for regulatory change. Deloitte’s catalog approach has proved to be a reliable methodology for addressing evolving compliance requirements for complex, global organizations.

Staying Ahead of Food Safety Regulatory Trends
Multiple drivers of change have made food safety a critical issue that is being addressed by regulators. And businesses must respond. Business leaders in every part of the food supply chain—particularly in manufacturing and retailing—now recognize the significant risk exposure their companies face and are ready to take action on food safety.

In the past, companies were limited by confusing and conflicting requirements that made it hard to know which path to take. But now the stage is set to move forward. Regulatory requirements, more universally accepted principles and a high-level approach—such as the requirements catalog—are emerging that provide a clear and consistent direction for the future. Meanwhile, standards are converging globally, making it easier and more efficient for companies to comply.

Companies that take a broad view of food safety, and that quickly invest in the necessary skills, systems, processes and technologies, can more promptly respond to or even avoid a food safety incident. They can also be better positioned to stay ahead of and comply with H.R. 2749 or any other regulations that might come down the pike.

A comprehensive food safety program can differentiate companies in the marketplace, increase revenue by meeting customer needs more effectively, and reduce long-term effects by avoiding problems that could tarnish their reputation and require costly remediation. But, the overwhelming motivation to undertake such an initiative is this: to do the right thing for consumers and the company.

Therefore, the time is ripe for companies in the food industry to assess the current environment, build a refocused program and make use of technology to address the complexities of the new regulatory reality.

Read the sidebar "Technology Considerations"

Frank Oehl is a partner at Deloitte & Touche LLP and the national leader of Deloitte’s Food & Product Safety Services. He has more than 20 years of experience assisting clients in the consumer products industry with risk management and regulatory compliance initiatives. Oehl can be reached at foehl@deloitte.com.

Darin Floyd is a senior manager at Deloitte & Touche LLP. With over 20 years of experience in the consumer product and retail industries, Floyd focuses on food and product safety, as well as risk management, primarily with Fortune 1000 companies. Floyd can be reached at dfloyd@deloitte.com.

Alan Fowler is a manager at Deloitte & Touche LLP. He has more than 8 years of experience working in the restaurant industry sector and in Deloitte’s Food & Product Safety Services. Fowler can be reached at alanfowler@deloitte.com.


References
1. Calvin, L. 2007. Outbreak linked to spinach forces reassessment of food safety practices. Amber Waves: The Economics of Food, Farming, Natural Resources, and Rural America, June 2007. www.ers.usda.gov/AmberWaves/June07/Features/Spinach.htm
2. U.S. Department of Health & Human Services, Public Health Service. 2007. Progress Review Food Safety. December 20, 2007.
3. www.foodsafetyworkinggroup.gov.
4. Conroy, P., and D. Kutyla. 2008. What’s for Dinner? Consumers Seek Answers about the Food They Eat. Deloitte & Touche LLP report, www.deloitte.com.
5. The Nielsen Company, December 2009.
6. Swaminathan, N. 2008. Why is melamine in baby formula, your food — and your pets’ meals? Scientific American’s 60-Second Science blog, September 24. www.scientificamerican.com/blog/post.cfm?id=why-is-melamine-in-baby-formula-you-2008-09-24.
7. Zhang, J. 2009. Hoping to make food safer, states decide to go it alone. Wall Street Journal, May 12. online.wsj.com/article/SB124208733123008901.html.

 


Sidebar


Technology Considerations

To date, few technology investments have been planned with food safety in mind. New technologies—such as radio frequency identification (RFID), remote monitoring and tracking technologies—offer promise but are not yet widely accepted. However, where implemented, they have helped address various food safety challenges.

• Data collection: Bar coding and RFID technologies, integrated with manufacturing execution systems (MES) and enterprise resource planning (ERP) systems, provide comprehensive batch and lot traceability within the enterprise.

• Data management: Global data synchronization network (GDSN) technologies in conjunction with master data management (MDM) systems help business partners accurately exchange data in real time through universal standards.

• Process standardization: Consistent process definition across the enterprise helps standardize technologies to support those processes.

• Process integration: Integration of product lifecycle management (PLM), MES and ERP systems significantly improve the ability to capture and share product traceability data.

• Collaboration: Workflow, Electronic Data Interchange (EDI) and Web portal technologies facilitate internal and external collaboration, which often leads to improved communication and process efficiencies.

• Business intelligence: Business intelligence and dashboard reporting mechanisms provide immediate alerts to address food safety issues.

Categories: Regulatory: FDA, USDA