Copyright © Global Coalition for Sustained Excellence in Food & Health Protection, 2011 and ALL subsequent years: Unauthorized use and/or duplication of this material without express and written permission from this blog’s authors and/or owners is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Global Coalition for Sustained Excellence in Food & Health Protection with appropriate and specific reference and/or link to the original content.

Saturday, 2 May 2015

Dealing with Food Hazards, Threats and Fraud through HACCP, TACCP & VACCP – Impressed or Distressed?

Do you think that “HA” (Hazard Analysis) in HACCP, the FSMA HARPC (Hazard Analysis and Risk-based Preventive Controls) and the Safe Food for Canadians Act - Preventive Controls (SFCA - PC) are challenging? Brace yourself for greater challenges under the new ideas about TACCP (Threat Analysis and Critical Control Point) and VACCP (Vulnerability Analysis and Critical Control Point) systems. These ideas about mandatory GFSI (Global Food Safety Initiative) certification requirements for threat analyses aimed at dealing with food system defense against deliberate acts of sabotage or terrorism, and vulnerability assessment aimed at dealing with food fraud have started to circulate through the industry.

Don’t simply follow cute acronyms or slogans – scrutinize them to see if they offer more than fanciful buzz.

A company or business that is run by knowledgeable and experienced staff should not need to be forced by outside parties into conducting such analyses. In fact, most businesses already conduct these analyses formally or informally. Various analyses occur all the time in any operation that means business. Parameters of success, hazards, threats vulnerabilities, business opportunities, the impact of the operation on the environment and customers, the social well-being of employees and the community where it operates, market trends, and other similar considerations are among those things that are analyzed by a business as part of the routine of driving continuous improvement. All detected hazards, threats, vulnerabilities, etc. are customarily addressed as part of the normal course of running a business. Whereas the focus should be on doing well what has already been proven to work if done well, the introduction of “new” terminologies (buzz acronyms) like VACCP and TACCP that blur the focus is counter-productive. Although this may not be deliberately intended, suggesting the separate analyses of hazards, food fraud vulnerabilities and food security/defence threats is like suggesting a strategy that divides things up to confuse operators.

Divide, confuse and conquer is a strategy that devastates foes. This same strategy, if turned inward, can be equally devastating to friends. Why then are some schemes turning this strategy inward in their proposed risk assessment and mitigation processes? The erstwhile food industry system of implementing the effective and viable duo of HACCP and risk assessment is thus being divided up to confuse the na├»ve. My advice to any company that actually wishes to maintain control and successfully advance in the fight against the real enemies in food safety management is this: Don’t simply follow cute acronyms or slogans – scrutinize them to see if they offer more than fanciful buzz.

In the article by John Spink posted to the Michigan State University blog of May 8, 2014, the fraud prevention approach proposed by GFSI is described as holistic. In the opening paragraph of this article alone, I see many popular trend statements that, if allowed will muddy up proven methodologies. The quoted sections in bold italics are taken directly from John Spink’s opening paragraph. The text in red parentheses is my response to each quoted section or statement:

“In February 2014 the Global Food Safety Initiative (GFSI) presented their direction for including Food Fraud in their Food Safety Management System.” (. . . about time, food fraud has a long history in every country) “They have adopted a holistic Food Fraud scope” (If holistic, why divide it up into HACCP, VACCP and TACCP to confuse the industry even more?) “and have shifted their focus from risks to vulnerabilities.” (Should risk and vulnerabilities not already be simultaneously in focus in a proper risk assessment process?) “As I’ve mentioned before, as an industry we’re fortunate that there’s so much coordination so early in the process.” (“. . . early in the process” is from what historical point of reference? How early is February 2014 when as early as the fourth century B.C., Theophrastus (372 – 287 B.C.) reported on the use of food adulterants for economic reasons? [Ref: Fortin, Neal D., J.D. (2009). Food Regulation Law, Science, Policy and Practice. Hoboken, New Jersey, USA: John Wiley & Sons, Inc.]) “Collaborating to define the terms and the focus on prevention has been a key effort.” (The terms being defined do not present any new realities and are clearly splitting the erstwhile focus and causing operator disorientation.) “GFSI has played a central role in the process. (I agree and I hope that the process is not to divide, confuse and frustrate friends).
In this image from John Spinks article, “Intentional Adulteration” repeats as the focus of TACCP and VACCP. Although the motivation is different, treating the worse of the two should already address the other. So why separate these? Another point worth noting, small point perhaps, but it is worth noting that the food safety management system umbrella covers far more things than just the suggested HACCP, TACCP and VACCP (e.g. food safety matters relating to product research and development, etc.)

A Catch-and-Punish Approach:

These terminologies may be perceived as new solutions for old problems but a close look reveals otherwise. If you carefully examine the solutions being proposed with the infusion of these acronyms, they do not offer more than the age-old “catch and punish” approach. If old solutions have not worked, proposing new names for the same old solutions confuses more than helps the situation.

Any company that stays with the time-tested risk assessment and mitigation approach comprising of realistic and effective analyses of all associated hazards, threats and vulnerabilities will be well ahead in the fight against the real enemies that have waged war against food safety management efforts worldwide. In other words, forget VACCP and TACCP. They offer nothing more than cute acronyms for the same hazard analyses and risk assessment processes that have been historically implemented by the industry, perhaps not well enough. If, in your operation, these have not been implemented well enough, allowing the distraction of TACCP and VACCP will make things worse. You should stay singularly focused and implement a good process (one truly holistic process) for the analysis of all conceivable hazards, threats and vulnerabilities associated with your operation with the intent of applying the right mitigation strategies.

As for the effectiveness of dealing with the issues in question, the proposed TACCP and VACCP
processes suggest no more than acting on suspicion. They do not address the causes of deliberate food adulteration (whether ideologically or economically motivated). They also do not provide any guarantees that all instances of adulteration will be detected and avoided. Even where testing of every incoming lot of material is enforced, the testing methodologies will, by default, be sampling-based. Under mandatory certification requirements for TACCP and VACCP, much resources (time and money) will be spent testing materials for which results are more likely to be acceptable than otherwise. Sparring opinions are bound to be encountered regarding what audited parties can and will identify as "CCPs" for TACCP and VACCP. 
. . . and the fun begins with such moving targets.

The Argument about Anticipated Improvements to Managing Threats and Vulnerabilities:

If the argument is that the industry has not effectively done proper risk assessment in the past, introducing new confusing terminologies promises to worsen the effectiveness. Some people are already confused and are creating separate analyses templates for conducting VACCP and TACCP in addition to the HACCP templates that they have used in the past. I can almost guarantee that, in addition to reviewing the HACCP process, GFSI auditors will be looking for separate VACCP and TACCP processes completed by the audited parties. Interesting times await future interactions between the auditors and the audited parties under these proposed ideas of VACCP and TACCP.

Inadequacy of Snap-shot Audits and Predictable Push-back on Longer Audits:

Given the time constraints that attend these audits, some GFSI auditors are more likely going to focus only on the mere documentation of TACCP and VACCP processes. They are also likely to be looking for separate VACCP and TACCP processes (documentation) completed by the audited parties instead of looking for real evidence of actual or impending threats and vulnerabilities. How helpful will this be? Clearly, some companies have and can successfully manage their threats and vulnerabilities (and even better) without documented TACCP and VACCP. As such, many companies are most likely going to push back on any suggestions for longer audits.

Impending Storm
Watch for stormy times ahead as GFSI food safety certification schemes introduce audits that look at food fraud prevention. Differing opinions about what constitutes adequate VACCP or TACCP are bound to cause much confusion, at least at the early stages of introducing audits that look into these ideas. 

While they may start as general ideas, watch for auditing schemes to get increasingly prescriptive in an attempt to "standardize" expectations that they themselves do not yet fully understand. 

If you do not believe me that some of the schemes do not yet fully grasp the scope and depth of the confusion they are creating, go and read the BRC interpretation of Vulnerability Assessment under clause 5.4.2. It focuses on the material or ingredient in a way that makes one think that horse meat walks over to the ground beef vat and jumps in, or that all ground cumin everywhere are to be checked for the presence of ground peanut shells. The suggestions are made worse by introducing the idea of conducting fraud vulnerability assessments for groupings of materials. Any audit scheme that suggests food supply risk assessment according to food groupings will soon abandon the "groupings" idea.

Many of the suggestions appear to have ignored the fact that materials do not commit fraud; people do, deliberately and cunningly.

So what should a food business do if many of the materials it purchases are not already subject to extensive testing in the same way that “fruit juice is often tested for a comprehensive range of parameters, including DNA, isotopic analysis, added sugars and added water to prevent potential fraud”?

Watch for the back-pedaling by the schemes that is bound to take place as the industry awakens to the enormity of what has to be done to meet the hasty suggestions by these schemes. Very little success can be expected (if at all any success can be achieved) through the implementation of what many of the schemes currently suggest.

I can already see that the schemes do not even understand the scope and depth of the vulnerabilities and threats that they are attempting to address. Therefore they are offering hasty suggestions, setting poorly defined expectations and providing confusing guidelines. Yet they retain the power to issue certificates. So the industry must do what the schemes say, correct? I do not believe that this should be the case. A better approach is possible. You may contact me or read my other posts on fraud prevention if you wish to learn more about the approach that I prefer.

Posted By Felix Amiri
Felix Amiri is the current Food Sector Chair of GCSE-Food & Health Protection

Friday, 1 May 2015

The Live Fish Option

If all you do is to simply follow, 
you'll get no further than behind others.

Regarding food safety and quality management systems, some have said that simply going with the flow is wise. I did not have to dig at all to find a contradicting but wiser opinion: “Only dead fish go with the flow”: Origins of this wise quote.
Whether you credit the quote to Sarah Palin, Bobbie Louise Hawkins,   Thomas Whittemore, the Rev. Mr. Daly, of Powerscourt, or an earlier source, this quote holds true in a very practical sense in the food industry. Many companies, in pursuit of their food safety development, management and certification, are simply “going with the flow”. They feel compelled and fail to see that it is an artificial compulsion. Those selling certification programs do not tell them about other avenues that provide relief from the overbearing burden. The certificate purveyors actually create confusion with the frequent re-arrangement of the same requirements in the so-called new versions of schemes. This drives the artificially-compelled certificate seekers to keep coming back to them for help.
When people ought to learn the truth, it is uncivilized to leave them in the dark. It is worse than a crime for anyone to cleverly create more darkness or confusion in order to take advantage of the vulnerable.
I dare say your company is not among the dead fish or those playing dead and going with the flow. As a viable and reasonable operator, your food business is not simply going with the flow, or is it? Will you continue in your determination to be different if you have always shunned popular fads? Will you dare to be different if you have been going with the flow in the past? You may cause some uneasiness among those who have abandoned reason but you will be respected. I invite you to venture with SSQA and see the difference.

With its exasperating impositions, the direction of flow for the certificate-crazed food industry mob is obvious.  Among the most exasperating requirements is the idea that all operations must be certified to some particular schemes in order to be suppliers to others that are certified to the same schemes. The exasperation could be worth enduring if the certifications actually guaranteed anything.

The exasperation will only intensify with every knee-jerk imposition of certification schemes. You probably already know what I am talking about because you have seen or experienced it. So far, you are managing to keep up with the flow but for how long? Redirection and relief are possible but not from where the industry crowd is headed. Dare to take a turn in the SSQA direction and see the difference.

Posted By Felix Amiri

Felix Amiri is the current Food Sector Chair of GCSE-Food & Health Protection