Ensuring Supply Chain Safety

Published on: 
Pharmaceutical Technology, Pharmaceutical Technology-07-02-2016, Volume 40, Issue 7
Pages: 30-33

Data integrity and cGMP issues demand closer scrutiny of suppliers. Bribery and corruption may become the next supply chain flashpoint.

As FDA has stepped up inspection of API and finished drug manufacturing facilities outside the United States, its inspectors are uncovering more reasons for drug company sponsors to do what they should be doing anyway:  assessing and monitoring their suppliers’ and business partners operations, quality systems, employee training, and overall business practices. Caution is required with all business partners, but can be much more complicated when these partners are thousands of miles away and do business in another language and culture.

Failure to be proactive can have far-reaching impacts. Drug shortages can result when FDA inspectors find problems at a sole offshore supplier’s API manufacturing plant and place that supplier on Import Alert. In other cases, contract manufacturer or supplier noncompliance can stop the development of a promising new drug, when a pre-approval inspection reveals a poor understanding of cGMPs, and FDA stops new or abbreviated new drug (NDA or ANDA) application review with a Complete Response Letter (CRL).  As Lachman Consultants’ Vice-President Arlene Ocampo recently warned (1), “Be ready, be smart, and be prepared.” That means making sure that your business partners are too, wherever they are based.

These were some of the issues explored in a June 22, 2016 webcast jointly sponsored by the law firms Dechert, LLP and Hyman, Phelps and McNamara, P.C. Ominously entitled “The International Pharma Supply Chain: Imperiled Like Never Before,” the program (2) touched on problems that are converging to keep pharmaceutical executives up at night: data integrity problems, an immature compliance culture at many facilities in developing regions, and the emergence of corruption and bribery, already seen on the physician marketing side, as a potential supply chain safety issue.

We’ve been hearing about serious manufacturing and quality issues at offshore facilities for some time. In an interview with attorneys at both firms preceding the webcast, Hyman Phelps Principal Douglas Farquhar said that the term “more imperiled” is anything but hype.

In the 12 months ending June 1, 2016, he notes, FDA issued 25 warning letters to pharmaceutical manufacturers, and, excluding compounding and marketing-related actions, 23 were issued to foreign facilities. “We’ve reached the point where 90% of warning letters are being issued to foreign facilities, many of which are in India and China,” Farquhar says. Considering that approximately 80% of the pharmaceuticals sold in the US are either made overseas or use APIs that are made offshore, he adds, “that’s a huge percentage of distribution.”

His colleague, Hyman, Phelps and McNamara lawyer and FDA alumnus Mark Schwartz, notes that data integrity is most often cited in warning letters to offshore suppliers, accounting for 43% of FDA’s Center for Drug Evaluation and Research’s (CDER’s) warning letters in 2011, but 78% of warning letters in 2015. Chinese and Indian manufacturers were cited in 31% of warning letters in 2011, he says, but four years later, that number had risen to 70%.

“Data integrity has become a huge problem, and CDER is now in a Catch-22 situation--either allow products into the country that could potentially violate requirements of the Federal Food,Drug,and Cosmetic Act and threaten to create a public health crisis, or put the manufacturers involved on import alert and potentially usher in drug shortages,” Schwartz says. Most common signs of poor data integrity include:

  • Back-dating lab notebooks

  • Hiding time and date settings on test results

  • Re-integrating analyses to achieve passing test results

  • Disabling system audit trails

  • Fabricating data.

It’s likely that data integrity has surfaced as a problem because regulators are inspecting more--and more offshore--facilities. In 2015, FDA conducted approximately 180 inspections of facilities in India and China. As Farquhar noted on the webcast, the agency has 13 staffers in China and wants to triple that number, and to double the 9–10 it has in India.

In addition, regulators in China, India and elsewhere are increasing their inspections, and including inspections of more foreign facilities, focusing currently on European suppliers (Sidebar).

In the June webcast, Schwartz pointed out better inspection practices, singling out Peter Baker, FDA India’s assistant country director, for particular respect. Several years ago, Baker (3) began applying sophisticated methods to examine facility computers to find hidden data (such as additional “unofficial” test results) in computer hard drive directories.

But fundamental issues are also at play, notes consultant John Avellanet, principal of Cerulean Associates, LLC.  “Nobody really teaches you not to backdate a lab notebook in college,” he says. “It’s a question of ethics, and then training by your company.”

Poor data integrity practices are everywhere, but Avellanet says that it is about 10% easier for inspectors to find problems at facilities outside of Western Europe and North America than within them. European and North American companies are used to being inspected regularly, not only by regulatory agencies but also by third parties such as International Organization for Standardization (ISO) auditors.  “There’s a level of expectation that [outsiders] will come and look at our work, when we signed and dated documents, our training records, and so on,” says Avellanet. “People at facilities in the US and Europe are more prepared for the obvious red flags,” he adds.

Even in developed regions, seasoned professionals may have difficulty translating good documentation into good electronic data practices. As a result, the people who evaluate offshore partners’ facilities are often from quality or purchasing departments. They may not really understand what good data integrity practices look like in day-to-day work, or know what to look for to find problems, he says. At the same time, Avellanet says, “Many pharma IT departments focus more on the ‘T’ than the ‘I,’ in IT, which makes it hard to translate IT-speak into quality or management language.”

Senior managers, meanwhile, may be so focused on the bigger picture that these issues get short shrift. “There is no line item in budgets for data integrity,” says Avellanet. “Those most affected by it must distill data integrity down to three talking points, and try to get funding.  It’s a tough row to hoe, since management tends to think of quality as overhead to begin with,” he says--until the company receives a warning letter or has a new drug development program put on hold.

Import alerts, which block APIs and finished pharmaceuticals from being sold in the US, may have given some companies a false sense of security, notes Farquhar.  More should take warning from current cases, and be sure to diversify their API suppliers. “For pharma companies that depend on, say, a single API supplier, it can take more than a year to recover once the supplier is listed,” he says.

Supplier noncompliance can also play a major part in curtailing development of a new branded or generic drug via a new drug application or abbreviated new drug application (NDA or ANDA). If the API used to make the drug was made by a company on the Import Alert list, FDA will not approve the drug, says Farquhar.

Since April 2016, FDA has issued two CRLs to two companies with new drug candidates (2). What was significant in these cases, Ocampo says, is that the CRLs were not based on the usual reasons (e.g., safety or efficacy problems with the drug), but because pre-approval inspections at offshore supplier facilities indicated cGMP compliance problems. “Within the past 12 months, we’ve had at least five clients come to us because their NDAs or ANDAs were not approved for this reason, says Farquhar.


Bribery and corruption
While the US government has brought numerous cases under the Foreign Corrupt Practices Act (FCPA) since it was enacted in 1979, US enforcement authorities have been particularly aggressive over the past decade, says Dechert partner and co-chair of its International Trade and Government Regulation practice, Jeremy Zucker. He notes that many past enforcement actions have targeted pharmaceutical companies that provided cash, trips, entertainment and other things of value to physicians at state-owned health systems to induce them to prescribe the companies’ products--and that Kara Brockmeyer, the chief of the FCPA unit at the US Securities and Exchange Commission (SEC), recently announced that the SEC again would focus on corrupt practices in the pharmaceutical industry. Zucker notes that supply chain is becoming an area of interest, and regulators are exploring whether local manufacturers and other partners are bribing foreign officials to secure commercial advantages. Local enforcement agencies in India, China, and other countries are increasing their own efforts to prosecute bribery, paying close attention to third parties, such as travel agencies and clubs, that could be involved in such deals.

“There is great potential for bribery and corruption to affect the supply chain, because money can, in theory, so easily be funneled through third - party agencies,” says Kareena Teh, a Hong Kong-based litigation partner with Dechert who leads the investigation practice in Asia. In addition, she says, “we see a lot of issues around customs and getting things in and out of China, and the potential for ‘inducement’ payments to be attempted.”

Inspection reports in some FDA warning letters, particularly those calling out basic plumbing issues with sinks and toilets at API manufacturers, beg the question of whether some local government official or inspector “greased the wheels” for manufacturers. “How else could these facilities pass local annual health and safety inspections when such problems existed?” Teh asked on the webcast (1).  She also recalled the case of Chen Wen-Hsiung, an inspector with the Taiwan FDA, who was reportedly paid more than $150,000 over two years, to warn local pharmaceutical companies of “surprise” cGMP inspections and help them pass (3).

Questionable business practices can take other forms, too. This was seen with the 2008 heparin recall, in which some of the heads of the Chinese suppliers implicated in the recall were related to each other.

Questions about heparin safety persist today. In March 2016, US representatives noted many inconsistencies that had not been explained or resolved, which reflect basic safety loopholes in the pharma supply chain (4). It’s important to be aware of contract wording, especially where additional payments are linked to milestones that involve other partners. Avellanet recalls a situation with a client who had outsourced a clinical project to an overseas contract research organization (CRO), with milestone payments built into the schedule. The CRO, in turn, provided milestone payments to local investigators, which resulted in fictional patient recruitment and the logic often found in these situations. “I get double the money if I enroll 10 patients instead of six. So who will know if I make up four more people? The sponsor doesn’t speak this language and by the time they get patient data, the trial will be over,” says Avellanet.

So what is a sponsor to do?  Thorough due-diligence and vetting of suppliers are crucial. “Mock audits are critical….and companies need to look hard at data integrity issues and at electronic recordkeeping, 21 CFR Part 11-type issues, including being sure to back up all data and store it remotely from the plant location,” says Farquhar, who believes in scheduling, and repeating, unannounced quality audits.

1. “Reminder: International Pharma Supply Chain Imperiled Like Never Before,” FDA Law Blog, June 16, 2016. 
2. A. Ocampo, “Complete Response Letters Due to Failed PAIs: More to Come?” Lachman Consultants’ blog, June 2, 2016.
2. E.K. Sharma, “Intensive Scare,” BusinessToday.com, March 16, 2014.
3. T. Sandle, “FDA Inspector Held on Bribery Probe,”August 16, 2015, DigitalJournal.com.
4. A. Shanley, “US Representatives Question the Safety of the Heparin Supply,” PharmTech.com, April 1, 2016.

Article DetailsPharmaceutical Technology
Vol. 40, No. 7
Pages: 30–33

When referring to this article, please cite it as A. Shanley, “Ensuring Supply Chain Safety," Pharmaceutical Technology 40 (7) 2016.