ISO standards, safety regulations and fraud
Fear about what we are eating:
The horsemeat scandal in Europe, with meat products, from ready meals to beef burgers, found to have been contaminated with horsemeat and pork. The scandal erupted after tests were carried out by the Irish Food Authority on a range of meat products sold in major supermarkets. Prior to that, no such tests had been carried out as no one had expected horsemeat, or pork, to be found in beef products. The farm-to-fork journey involves a lot of hands, with a lot of opportunity for criminals to step in and exploit weak links in the chain. This is an example of fraud with “intentional adulteration or misrepresentation of foods or food ingredients for economic gain”.
Fear about what we are breathing:
The Environmental Protection Agency (EPA) found that many Volkswagen cars sold in America had a "defeat device" - or software - in diesel engines that could detect when they were being tested, changing the performance accordingly to improve results. The German car giant has since admitted cheating emissions tests in the US for 482,000 cars in the US only, including the VW-manufactured Audi A3, and the VW models Jetta, Beetle, Golf and Passat. But VW has admitted that about 11 million cars worldwide, including eight million in Europe, are fitted with the so-called "defeat device". This was named the big "diesel dupe". And it seems that many other car manufacturers are doing the same thing...
Fear about the medications we take:
Each year big pharmaceutical giants end up spending billions of dollars in paying for fraud, misrepresentation of data and other such corruption allegations leveled out against them.
GlaxoSmithKline (GSK) paid $3 billion, the biggest fine ever after pleading guilty on three criminal counts in US, Novartis ended up paying $420 million and Pfizer paid $2.3 billion in related scandals. Here are a few examples of such scandals:
- GlaxoSmithKline, the drug maker, promoted two drugs for unapproved uses and failing to report safety data about a diabetes drug to the US FDA.
- Merck and Mumps Merck was involved in fraudulently representing the mumps component of its MMR vaccine. The company was blamed for fraudulently informing the public that the MMR II, used to replace the MMR Pluserix, was an effective vaccine, while studies had proved that the vaccines' effectiveness were said to be falsified. Reports further described a supervisor working for Merck manually changing test results that showed the vaccine wasn't working and then hurriedly destroying the evidence to keep the fraud from being exposed.
- Roche and its medicine safety reporting system: European Medicines giant Roche had been alleged for working with national medicines agencies to investigate deficiencies in the medicine-safety reporting system of Roche. The company had identified about 80,000 reports for medicines that were marketed by Roche in USA that had not been evaluated to determine whether or not they should be reported as suspected adverse reactions to the EU authorities. About 15,161 reports of death of patients were included in these reports but the exact reason for these deaths or a probable link with the use of these medicines was not known.
- Pfizer Harmful deceit on Celebrex scandal: Pfizer's research director indicated that a study conducted to determine whether an arthritis drug, Celebrex, was safer than other drugs like ibuprofen, was falsely represented. When an internal email pointed out that, ‘Pfizer and its partner, Pharmacia, were able to misrepresent Celebrex as a safer alternative because they only released the results of half of a yearlong study." The email stated that the FDA swallowed their story, hook, line and sinker. Pfizer was said to be involved in widespread work to promote the drug in ways not necessarily backed up by medical science, and to overcome the doubts of critics. In August 2012, the company paid $60.2 million to the US to settle charges that the company bribed government officials, including hospital administrators, government doctors and members of the regulatory and purchasing committees in China, Russia, Italy, Bulgaria, Serbia, Kazakhstan and Croatia to approve and prescribe Pfizer products.
- Abbott's unlawful drug promotion: Abbot pleaded guilty to misbranding Depakote by promoting the drug to control agitation and aggression in elderly dementia patients and to treat schizophrenia, when the FDA approved neither of these uses. US DoJ said that the company had admitted that from 1998 through 2006, it maintained a specialized sales force trained to market Depakote in nursing homes for the control of agitation and aggression in elderly dementia patients, despite the absence of credible scientific evidence that Depakote was safe and effective for that use. The FDA had originally approved the drug for epileptic seizures, bipolar mania and the prevention of migraines. The drug was never approved for controlling behavioral disturbances in dementia patients. This was because the drug was found to be dangerous in elderly patients causing some of them to suffer from dehydration and anorexia after using this drug.
1/ How can companies operating under their ISO 22000, ISO 9001, ISO 14001, AS9100 ISO/TS 16949, or ISO 13485 certifications, along with the GMPs, GLPs, GCPs compliances, get away with fraud of this scale? Well, the truth is that any organization found to be intentionally shipping nonconforming product should be stripped of their certifications, approvals or literally shut-down when it is a regulated industry such as pharmaceuticals, aerospace, and medical devices. This is the most serious major nonconformance an auditor can find.
2/ how can management systems compliant to these standards or regulations allow for such fraud to happen? Well, fraud, can by-pass and circumvent them all! The Finance world with their major scandals that almost caused the collapse of the US and the world's economies (Subprime, Enron, Lehmann, Madoff), were the first ones to understand that without a whistleblower program, any policy, rule, regulation and law can be circumvented or violated. So the Sarbanes-Oxley (SOX) Act was created to protect whistleblowers working at publicly-traded companies or at contractors and subcontractors of publicly-traded companies. By enacting SOX, Congress intended to dismantle a corporate culture that discouraged employees from reporting fraudulent behavior internally or to outside authorities.
ISO standards, and GMP/GCP, regulations need to have requirements for a whistleblowing system to enhance their ability to ensure what they are meant to provide to consumers, patients, and citizens at large.
The requirements need to:
- Ensure the corporate whistleblowers can provide information about fraud and corporate deceit. A whistleblower needs not show that an actual violation occurred so long as the employee reasonably believes that the violation is likely to happen.
- Prohibit a broad range of retaliatory adverse employment actions, including discharging, demoting, suspending, threatening, harassing, or in any other manner discriminating against a whistleblower.
- Ensure that an employee must prove by a preponderance of the evidence that he/she engaged in protected activity; the employer knew that he/she engaged in the protected activity; he/she suffered an unfavorable personnel action; and the protected activity was a contributing factor in the unfavorable action. A contributing factor is any factor, which, alone or in connection with other factors, tends to affect in any way the outcome of the decision. Causation can be inferred from timing alone where an adverse employment action follows on the heels of protected activity.
- Once the employee proves the elements of whistleblower retaliation claim by a preponderance of the evidence, the employer can avoid liability only if it proves by clear and convincing evidence that it would have taken the same unfavorable personnel action in the absence of the complainant’s protected behavior or conduct.
- Ensure a prevailing whistleblower can recover lost wages and benefits, reinstatement, special damages, which includes emotional distress, impairment of reputation, personal humiliation, and other non-economic harm resulting from retaliation.
- Ensure a whistleblower can freely file a violation of company policy/rules, law, regulations, or threat to public interest/national security, as well as fraud, and corruption.
The newly released Auditor and Lead Auditor courses:
-The ISO 9001:2015 Auditor Training
-The ISO 13485:2016 Lead Auditor Training
-The ISO 13485:2016 Auditor Training
-The ISO 14001:2015 Lead Auditor Training
-The ISO 14001:2015 Auditor Training