In the wake of several global incidents involving the adulteration of food, concerns over the adulteration of spices and many other food products have significantly increased. Recent regulatory and certification requirements have mandated addressing food fraud through vulnerability assessments and application of mitigating actions, but in many cases, companies struggle with knowing how to get started and whether they’ve done enough to be effective at addressing a vulnerability. Food fraud is not new. It has been recorded over thousands of years. Known events as far back as the Song (AD 960 to 1279) and Ming (AD 1368 to 1644) Dynasties in China mention instances of fraudulent tea substitution and liquor dilution.[1] For a complex supply chain like spices, the historical risk of food fraud and adulteration is high, which is why it is important to understand how your spice supplier manages food fraud vulnerabilities and what controls they have in place.

Spices: A Complex Global Supply Chain
The spice supply chain is a prime example of a complex global supply chain. Spices are grown all over the world, in both developed and underdeveloped regions. Spices can pass through multiple touch points, which can increase the potential introduction of a food fraud act. A traditional supply chain for spices starts with a grower and passes through collectors, processors, and brokers before it reaches the final consumer. A spice supplier must ensure they understand their total supply chain to determine where increased vulnerabilities exist. Spice suppliers must work to engage further upstream with their growers, processors, and agents to build in assurances and practices that will help reduce their vulnerability to food fraud.

Because of the history of fraud in spices coupled with a complex global supply chain, spice suppliers have had to insulate their products from food fraud through various management practices. The spice industry has implemented many of these practices to reduce instances of types of food fraud such as dilution, substitution, and unapproved enhancements. Leveraging the knowledge from this industry on how to manage food fraud is invaluable for all food companies as they work to build programs and meet requirements for addressing food fraud.

The Food Fraud Management System
Although the act of food fraud isn’t something new, the creation and development of a comprehensive food fraud management system are new for the food industry. Unlike traditional risk management of known hazards, the food fraud management system depends on a vulnerability assessment that relies on historic instances but must also anticipate and predict future occurrences as it is dealing with a human criminal element. Because of this element, the tools and resources for managing food fraud are slightly different from a traditional food safety management system and will require ongoing coordination of information from various functions within a food company to stay informed.

In recent years, regulations such as the Food Safety Modernization Act have required that types of economically motivated adulteration be evaluated to determine whether a hazard exists and must be addressed through preventive controls. In 2014, the Global Food Safety Initiative (GFSI) published a position paper on food fraud and now requires those seeking certification under a GFSI scheme to have programs to address food fraud. Specifically mentioned are the requirements to conduct a vulnerability assessment and to have control programs in place for identified vulnerabilities.[2]

The requirements under GFSI outline base expectations, but companies are left struggling with questions, such as: Where do I get information? What are the best tools to use? Am I evaluating this with the right information?

Having knowledge and guidance on how to pull together the components of a food fraud management system is what industry needs to assist with the development of an adequate and comprehensive program for both large and small companies. Challenges currently exist for the food industry in building a comprehensive food fraud management program. There continue to be gaps regarding accessing some of the information and intelligence needed to enable a comprehensive evaluation for the vulnerability assessment. Another challenge is the ability of companies to engage with suppliers at the source, as the source supplier may be a lower-tier supplier many steps removed from a company’s direct supplier.

The Vulnerability Assessment
One main requirement for addressing food fraud is to conduct a food fraud vulnerability assessment (FFVA). This singular task has a litany of considerations and questions surrounding it, such as: What assessment model do I choose? What information do I consider? There are existing FFVA models publicly available for companies to use. The U.S. Pharmacopeia offers guidance on how to conduct an FFVA with information on the types of information to include.[3] SSAFE offers an online tool to document an FFVA.[4] Companies can choose existing tools and models or can adapt and even create their own. The main thing to remember is to cover all types of food fraud when conducting the FFVA.

How Often?
Food fraud has a dynamic component in that there is an element of human behavior that results in frequent changes in risk. Conducting a vulnerability assessment once per year and then tabling it until the next review cycle a year later may leave your company at risk for a fraud incident. Incorporating activities to drive reevaluation of your process is critical to ensure the FFVA always remains updated.

Identifying Mitigating Actions
Once a food fraud vulnerability has been identified through the assessment process, the next step is to determine what actions can be taken to reduce the vulnerability of a food fraud incident for your company. In some cases, layering a variety of mitigation actions can reduce a vulnerability to an acceptable level for the organization.

Analytical Testing
Monitoring for food fraud through analytical testing is one of the most common avenues that companies choose. Selection of targeted versus nontargeted testing or a combination thereof must be decided across the various goods identified as having vulnerabilities. Because there is such a variety of testing available for food fraud monitoring, it is likely you will need to research what the best approach is on a case-by-case basis. Testing methods continue to be developed to monitor for types of food fraud, so staying up to date and informed on what is available is recommended.

As technology develops, different tools are emerging to assist with monitoring for food fraud. Handheld devices are a new technology that can offer a quick check of incoming goods at receiving or can be used in other areas of the supply chain to assist in monitoring. As with any new technology, ensure the technology you select has been properly vetted and is suitable for testing for the range of products you are assessing.

Increased Engagement and Presence
Engaging with suppliers who produce foods identified as having a higher vulnerability is another monitoring option. This can be done through increased presence and partnering, increased auditing, or through the development of unannounced audits specific to food fraud indicators. Understanding your supply chain is important to understanding where increased risks may lie, and understanding how your suppliers engage along the supply chain is also important in assessing vulnerability.

After you’ve determined vulnerable touch points in your supply chain, look for ways to engage and partner with those suppliers to build relationships. Not only does this increase your interest and presence with the supplier, but it also can provide further assurance of a supplier’s food fraud program and how they may manage their suppliers for vulnerabilities. Working together will build stronger programs and benefit both you and your supplier.

Additional Monitoring Actions
Mass Balance:
Mass balance reviews can be done at a micro or macro level. Localized factory mass balance could be completed to ensure material yields match records showing inputs and purchases. Mass balance can also be done at a broader level by looking at publicly available reports by country on imports, production, and transactions of types of food or ingredients.

Financial Health: Reviews of the financial health of a supplier can be done to determine whether there are any indicators pointing toward increased instances of food fraud. Partners in your purchasing or procurement area can assist in how to manage this type of monitoring.

Whom to Involve?
There is power in leveraging knowledge across functions (professional staff) in the organization. Bringing the knowledge together in a collective way helps you see the bigger picture when looking at risks and vulnerabilities, and determining what is on the horizon.

There are key partnerships that need to be formed when building the food fraud management system. These functions probably already exist in your organization. They have the knowledge and own the processes that can help detect food fraud and ensure relevant information is incorporated into the FFVA.

Food Safety/Quality: Identify a food safety or quality professional who has a working knowledge of food fraud. Supplier quality also will have a deeper knowledge of the quality health of the supply chain and most likely will serve as your “boots on the ground,” as they probably visit supplier facilities with some frequency.

Procurement/Purchasing: Engagement from this function will assist by having more in-depth knowledge of suppliers and information as to where materials are sourced. They also probably monitor market conditions, changes in pricing, or things that can impact pricing that can help with monitoring for conditions where a food fraud vulnerability could increase.

Security/Supply Chain Assurance: Security professionals in the organization have knowledge of incidents that may involve theft, counterfeiting, and product tampering. They may have additional knowledge of where incidents have occurred in the past or have knowledge of sensitive or confidential issues that may not be broadly communicated.

Trade Compliance: Members of the organization who handle imports and exports can provide insight to the team on any emerging issues with the transfer of goods across international borders including through free-trade zones. They probably have more exposure to import alerts, product detainments, and rejections that are occurring in real time. This knowledge will support any changing vulnerabilities for materials or commodities.

Regulatory Compliance: Regulatory professionals have a working knowledge of any existing or changing regulations in the markets where goods are being purchased from or sold. Additionally, their insight into changing regulations in global markets can provide awareness of any fraud vulnerabilities that may result from changing regulations.

This is not an all-inclusive list of the participants but would be a good start as you develop your program.

Food Fraud Program Management—A Maturity Model
“Rome wasn’t built in a day” holds true for the evolution of a mature food fraud management system. Evolving your food fraud program will take time as you will need to continue to self-educate, educate others, and build awareness and culture surrounding the food fraud management components.

To help you develop a strategy or road map for your food fraud management system, you need to have a clear picture of what a mature system could look like. A maturity model is a nice way to help with understanding where you are in the evolution of your program and where you need to go. The Food Fraud Management System Maturity Model (Figure 1) illustrates the stages of maturity in your program and lists high-level activities that define how mature your system may be.

When assessing the current state of your food fraud management system, you may find that there may be components of your program that fall into different stages, but how it all comes together defines the true maturity of your food fraud management system.

Initial Stage
At this stage, the struggle for most companies is to determine how to meet basic requirements for addressing food fraud from either their customers or from certification requirements. The management component may likely be disparate and may fall solely on the shoulders of one subject-matter expert in the organization. Meeting basic requirements such as conducting the FFVA can be difficult where knowledge doesn’t exist in the organization. Determining what format or approach to the FFVA is one hurdle, but so is determining what input information is available so that the evaluation is thorough. At this point in the evolution of your program, there is most likely a rough idea of all its moving parts, but a comprehensive strategy probably has not been developed. When it comes to selecting mitigating actions for areas with high vulnerability, it’s likely that you’ll rely solely on testing for screening and monitoring, but with hesitation about whether it is the right method, best approach, or frequent enough to reduce the vulnerability.

Defined Stage
When reaching the defined stage, you’ve probably completed the FFVA as well as made some updates where needed. The information streams needed for a more comprehensive evaluation have become clearer, and it is now starting to take shape by partnering with other functions that can assist with providing this information. Food fraud management and knowledge will extend beyond just a sole practitioner and will probably start embedding itself at least in the quality function and potentially some additional partnering functions such as procurement and trade compliance partners. A food fraud strategy will be developed at this point. The strategy will enable your organization to move further into the maturity continuum and plan for the tools and resources needed to further develop the program. At this point, there are still many gaps in the program to address; examples may include the time to implement a mitigating action after identifying the vulnerability, understanding the right testing to deploy (e.g., targeted versus nontargeted), and fully embedded practices in support functions to monitor for food fraud.

Repeatable Stage
As the food fraud management program has progressed to the repeatable stage, the information inputs to the FFVA have been clearly defined. Additional tools and resources have probably been adopted and utilized, such as horizon-scan software or another type of software that enables organized and faster pooling of publicly available data. Other lagging indicators that may have been incorporated into the FFVA include results from supplier audits, testing results, and customer complaint data. Leading indicators will be identified for potential fraud opportunity and will be reviewed to determine whether there is an increased vulnerability. These indicators may be reviews of weather issues impacting crops, natural disasters and disruptive events occurring in a region where the raw material is sourced, or political instability and corruption occurring in areas where the raw material is purchased or transported through.

Selection of mitigating actions will be broadened to include actions beyond just testing. Increased engagement and presence with the supplier have been developed. Unannounced audits covering specifically food fraud for highly vulnerable source suppliers are another broadened mitigation strategy that may be deployed in this stage. Evaluation of testing methods for highly vulnerable raw materials will be an active component of the program to ensure the right type of testing is selected, if available.

Functions with critical roles in the food fraud management system will be fully integrated into the process with defined procedures and a working knowledge of food fraud, and will be active participants in the program at this point.

Managed Stage
As the food fraud program progresses to the managed stage, the work is focused more on the refinement of existing processes. At this point, a cross-functional surveillance program will be active, and the work will now be in managing the inputs as they come in and acting on them quickly and in real time. Vulnerabilities will be updated in real time as the assessment has now evolved into a dynamic process versus a static evaluation completed only once or a few times per year. Managing large amounts of data and information may require dedicated resources at this point so that the data can be quickly sorted, evaluated, and acted upon.

Managing the outputs of the FFVA should be streamlined. Deploying or increasing a mitigating action should be able to happen quickly. If an added test is determined to be necessary, resource approval should be quick and have equal weighting to other risks that arise in the organization. Unannounced audits or supplier visits for a highly vulnerable supplier should be able to be scheduled quickly with a fully developed audit protocol for the visiting agent.

Management of risks identified through the FFVA is still mostly done within the quality function, with significant risks being elevated in the organization only if there is a potential for recall or significant financial impact.

Optimized Stage
Reaching the optimized stage for the food fraud management system should be applauded. At this point in the maturity spectrum, “food fraud” should be an active term used and understood across the organization. Various levels of your organization, from the shop floor and up, will have an awareness of food fraud. All functions supporting the food fraud management system will have fully embedded the knowledge and processes into their roles.

The surveillance program will engage with a completely dynamic FFVA that can quickly evaluate and address any changes that need to be made. Mitigating actions can be quickly deployed at this point with minimal lag time.

Existing and emerging risks will be integrated into the organization through an established enterprise risk management (ERM) process. Top management will have a thorough understanding of food fraud and risks to the business and will be able to allocate resources where risks have elevated beyond the company’s risk tolerance.

Food Fraud Management System and Building a Food Safety Culture
Advancing a food fraud management program through the maturity scale will ultimately build a stronger culture of food safety in your organization when it comes to food safety risks relating to food fraud. As you progress, you will see non-quality functions take on ownership and accountability of components of your food fraud management program. Knowledge and education will enable them to engage and execute. Driving risk communication through a company-wide ERM program will drive support from top leadership.

When building a food safety culture around food fraud management practices, be sure to leverage existing company values and principles that are already embedded into your company culture. By leveraging these principles and integrating them into the activities needed to build a successful food fraud management system, your internal partners will understand their contributions to managing food fraud and will enable you to give customers and consumers the best possible product through the principles that are now embedded in your company culture.

In closing, remember that the development of a comprehensive food fraud management system will take time, effort, and support. Taking small steps and building a road map will help drive your food fraud management system to full maturity while reducing overall risk to your organization.  

Jill Hoffman is the Director of Global Food Safety and Quality Systems at McCormick & Co. Inc.

1. Wu, Y, et al. Chapter 15: “Food Fraud,” in Food Safety in China – Past, Present, and Future: Science, Technology, Management and Regulation, eds. Jen, Joseph, and Chen, Jun-shi (New York: Wiley & Sons, 2017).