Food defence – protecting your brand from intentional adulteration

Multinational companies engaged in food production on a global scale are subject to food safety requirements in most, if not all, of the jurisdictions they operate in. Food manufacturers that are based in or export to the US are required by the FDA Food Safety Modernization Act (FSMA) to have risk mitigation strategies to reduce the risks associated with intentional adulteration (IA), as part of a comprehensive food defence plan. Similarly, China has its Food Safety and Product Quality Laws that state penalties for manufacturers and sellers of adulterated products. 

The risks associated with IA are profound and must be addressed proactively, using established methodologies under the management of experienced practitioners. The term food defence refers to measures to protect food from IA and tampering. Failures related to food defence can result in severe consequences for a company in the form of product recalls, reputational damage and regulatory penalties. 

Maintaining a secure food supply is a fundamental concept from any perspective – consumer, government or food producer. While general quality and safety issues keep regulators, inspectors and mindful consumers busy in ensuring that food is safe, IA is a risk that demands special attention. 

Attacks on our food supply 

IA is, in essence, an attack on our food supply. More specifically, IA occurs when a person or group of people intentionally contaminate a food product with the aim of causing wide-scale harm to public health. The act can be perpetrated by a disgruntled employee who seeks revenge on their employer and co-workers, or is in some cases economically motivated. Consequences can include economic disruption, illness and death. Some notable examples include:

• An incident in Australia in 2018 where strawberries were contaminated with needles. A farm supervisor was arrested but never charged. 
• A 2014 incident in Japan where seafood was laced with malathion, an insecticide. A worker at a food factory was arrested and sentenced as a result. 

Building a resilient defence 

A key component in developing a resilient food defence strategy is a vulnerability assessment (VA), which identifies key steps in the process that could pose increased risks of contamination. Once identified, vulnerabilities are ranked in terms of risk of IA. As stated above, IA is often perpetrated by disgruntled employees. As such, assessments must always consider the risk of a bad-actor inside the organisation. 

High-ranking or significant vulnerabilities are more likely to cause widespread harm if exploited. Factors that determine the severity of vulnerabilities include: 

• The degree of physical access to the food product (such as an unsecured, isolated area without CCTV coverage) 
• Processes where a significant volume of contaminant could be distributed (including mixing, bulk liquid receiving and liquid storage) 
• The potential health impact if a contaminant was added at the process in question (would it be automatically removed by filtration or identified during a manual quality check?) 

Once vulnerabilities have been identified and ranked via the assessment process, mitigation strategies must be put in place. Mitigation should be risk-based, appropriate and commensurate with the assessment findings. The resulting safeguarding measures make up the basics of a food defence plan.

Our experience 

Control Risks has conducted investigations for multinational companies aimed at identifying the perpetrators and root causes associated with incidents of IA. In one recent engagement, we worked with a multinational food manufacturer to investigate the source of dangerous foreign objects in food products manufactured in China for export. Customers had suffered injuries and escalated complaints, leading to a nationwide recall in an overseas market. We helped our client respond with a strategy to address the root cause and mitigate future risks.

• We reviewed a range of factors in assessing the likely causes for the introduction of the foreign objects in the product. Investigators, working onsite at the affected factory, examined both potential weaknesses in the production process (non-human factors) as well as human behaviour scenarios.
• Examination of the production value stream ruled out risks associated with the introduction of foreign objects to raw materials, including bulk liquids. Moreover, food production processes at the factory revealed no likely sources of accidental introduction of foreign objects. 
• By following a process of elimination, our investigators were able to determine that the most likely source of foreign objects in the finished product was IA. 
• A review of CCTV footage identified suspicious behaviour by an employee within the material timeframe, at locations that our process review identified as vulnerable. The employee was interviewed and made statements that supported a conclusion of IA. 
• Based on the investigation and process review, we were able to make detailed recommendations for food defence improvements at the site, including employee disciplinary action, as well as optimising training, physical security and production processes. 

Ideally, food manufacturers will deploy expert teams to conduct assessments and mitigate risks before consumer reports of contaminated products. However, any food defence plan must take into consideration the risk of an insider deliberately attempting to contaminate food. Strategies that only address accidental contamination, or do not adequately reflect the extent to which a disgruntled employee might go to, do not pass muster in the fallout of an IA incident. When a product recall necessitates an investigation to determine whether contamination is accidental or malicious, it is key to go beyond traditional food defence measures and deploy experts trained in evidence collection, interviewing and strengthening internal controls.