You are here: Home / Archives for foodfraudadvisors

by

Frequently Asked Questions

Vulnerability Assessment Tool (BRC Packaging Materials) Frequently asked questions (FAQ)

Is this assessment tool suitable for businesses operating to management system standards other than BRC Packaging Materials?

This spreadsheet is especially designed to meet the requirements of BRC’s (British Retail Consortium) PACKAGING MATERIALS Issue 6, which requires that businesses assess their raw materials for vulnerability to economically motivated (fraudulent) substitution.

It is not recommended for businesses that need to meet the requirements of other management system standards.  It is not suitable for food defense or TACCP vulnerability assessments.  We recommend you purchase one of our other tools instead.

Is this assessment tool suitable for businesses that do not operate a food safety or quality management system?

If your business is not operating to a food safety or quality management standard and does not have supplier approval processes, purchasing specifications and robust systems for receiving materials then it is more vulnerable to accepting fraudulent material and this tool will underestimate the risk.

What about the Threat Assessment Tool?

The threat assessment tool is a bonus add-on for purchasers of the packaging vulnerability assessment tool, it is not sold separately.  Is is also designed to meet the requirements of BRC Packaging Issue 6.

What happens if I can’t complete all the questions?

If you have not answered all the questions the tool will estimate your material as being vulnerable (very likely to be affected by fraudulent substitution). However it is possible to supplement the calculated rating with your own estimate if desired. This means that if you already think that a particular raw material has a very low risk you may choose to simply enter your best estimates of likelihood instead of completing all the data fields. This will allow you to prioritise your time and focus on the most important raw materials first.  Note that if you do this the resulting assessment documents are unlikely to be acceptable to an auditor because they will not contain a complete explanation of how the risk assessment was performed.  To obtain a complete explanation, every question should be answered.

What if I disagree with the results?

The Vulnerability Assessment Tool calculates the vulnerability using information entered by the user.  Users are encouraged to also enter their own estimates.  The reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

Why is the Vulnerability Assessment Tool an Excel spreadsheet instead of specialised software?

The tool was created with Microsoft Excel because most of its intended users are familiar with excel and so can begin entering data as soon as they open the spreadsheet, with no special training.   Data can be copied, pasted and searched just as you would in any spreadsheet and results can be easily extracted for use in other documents. Blank and completed spreadsheets can and should be incorporated into a company’s controlled documents and record-keeping system and Microsoft Excel files are usually suitable for this purpose.

The tabular format of the data entry pages allows users to have a ‘whole picture’ visual understanding of the data that has been entered and the gaps that need to be filled.  Other types of software such as questionnaire-style assessments do not provide a visual overview and require information to be entered in a defined series of steps which can be frustrating. Within the tables of the Vulnerability Assessment Tool, colour-coding functions provide instant feedback about whether an answer affects vulnerability in a positive or negative way, which can be a valuable learning tool.

Why are some of the cells password protected?

Password protection has been applied to many of the cells in the spreadsheet.  There are a number of reasons for this, the most important of which is so that users do not accidentally ‘break’ the formulas which would be very easy to do if it was unlocked.

This means that users are not able to make changes to the wording of the questions or the automatically generated answers.

Can I copy the results into my own spreadsheet or other document?

Yes. The data can be copied, pasted, sorted and manipulated as in any spreadsheet. When copying from the tool use the excel function ‘paste special – values’, which will prevent pasting formulas that might return error values in a different document.

Do I have to purchase a new spreadsheet for each material group?

No, you may make as many copies of this spreadsheet as you need for ONE business in one manufacturing location.  You may not share it with other businesses or take it when you change jobs.  For complete terms and conditions click here.

Is there a telephone number I can call for help and support with the tool?

For support, please email support@foodfraudadvisors.com with your query, including your preferred contact details and geographical location (for time zone purposes). We will contact you by telephone or Skype or email an answer to you.

Can I have access to the formulas that generate the results?

If you disagree with the results the tool allows you to override them; the reported results are based on the user’s estimates if they have been entered; if not, calculated results are used.

If you think the methodology, including the risk calculations should be amended or you think there is an error in any formula please contact us. We want the Vulnerability Assessment Tool to be the best that it can and value your feedback.

Want to buy an unlocked version that is fully customisable?  Request a quote here.

My security settings will not allow me to run macros, is this a problem?

No problem; the Vulnerability Assessment Tool has been created without macros to keep things safe and secure and to prevent headaches with your internal IT systems.

Which version of Excel do I need to use the tool?

The Vulnerability Assessment Tool is compatible with Microsoft Excel 2004 onwards (file extensions .xlsx) and Microsoft Excel for Mac 2011 onwards.

Can I get a tax receipt?

Australian purchasers receive a tax invoice for GST purposes in their confirmation email.  Purchasers in other countries are not charged any tax but receive an itemised purchase receipt in their confirmation email.

by

Latest news in food fraud

US beef sellers behaving badly and new information about lead in turmeric

In September 2019, four men from the United States beef industry were accused of food fraud by authorities. The men were owners and executives at two unrelated companies; one a beef wholesale company in New York, the other a Texan supplier to the US government.

Why would any person perpetrate food fraud? It is alleged that the New York men were struggling to make a profit in their business, even going so far as to successfully audition for a business makeoever reality TV show. They are alleged to have systematically removed United States Department of Agriculture-approved meat quality labels from cuts of beef and replaced them with counterfeit labels of a higher grade, enabling them to sell the beef at a higher price.

The men in Texas, who plead guilty for their role in a scheme to illegally add cow hearts to ground beef and who admitted to hiding the cow hearts from government inspectors, were almost certainly doing it for the money. The courts have heard that they sold the more than $1m worth of the adulterated meat to the Federal Bureau of Prisons.

In both of these cases, the frauds resulted in customers receiving food that was not true to label, and those customers proceeded to unknowingly sell and serve it to un-suspecting consumers. In one case, the meat was mislabelled but not physically modified, in the other case, the meat itself was adulterated with unauthorised material. When food is adulterated or otherwise modified, processed or (re-)packed in a fraudulent manner, the result is a product that can present significant food safety risks to consumers.

Texan meat processors have pleaded guilty to adding beef heart to $1m of ground beef.

 

Food fraud perpetrators generally wish to avoid causing serious or obvious food safety issues; after all, they do not want to be caught.  As a result, not all food frauds result in food safety incidents.  In a terrifying exception to this rule, however, it was alleged that a group of at least five people who adulterated black pepper in Vietnam in 2018 were aware that the adulterants were toxic.  The weight of the pepper was fraudulently increased by the addition of home-dyed gravel and coffee bean skins.  The dye was made by breaking open batteries to extract black-coloured manganese dioxide powder.

Another example of a toxic adulterant and one that has caused widespread illness and suffering is the industrial chemical melamine.  Melamine, which contains nitrogen atoms, can be used to trick some protein test methods which calculate protein content of food based on nitrogen within the food.   Melamine adulteration can therefore be used to boost the apparent protein content of foods such as milk powder, that are priced according to their protein content. Three hundred thousand babies became ill after drinking milk adulterated with melamine in China in 2008.  Six babies died and tens of thousands of other infants, who are now teenagers, received irreversible kidney damage, condemning them to a life of renal dialysis and ongoing surgeries.

Melamine has also been used to fraudulently adulterate wheat products, meat products and animal feed.  In the United States, melamine adulteration of dog and cat food caused the deaths of up to 3600 pets in 2007.

One of the scariest food safety issues to arise in connection with food fraud in recent years affects a food product favoured by some wealthy western consumers for its health-giving properties.  Turmeric has been lauded as a wonder-food; with properties that are said to cure joint pain, reduce inflammation, improve mood, brain function and protect against heart disease.  But powdered turmeric also presents real food safety risks to consumers because a significant proportion of powdered turmeric traded worldwide contains unsafe levels of lead.  Lead is a potent neurotoxin that damages organs including the brain.  Research released in September 2019 confirmed that the lead in turmeric is added to the spice in the form of toxic lead chromate which has a beautiful, intense yellow colour, the exact colour favoured by turmeric traders and buyers as an indicator of freshness and quality.  Curry powder, cumin and cinnamon have also been affected.  Another 2019 study, which surveyed more than 1496 samples of 50 spices from 41 countries found that 50% of the spice samples had detectable lead, and more than 30% had lead concentrations greater than 2 ppm, a level 200 times higher than the recommended maximum lead content of candy in the USA.

While not all food fraud represents a risk to food safety, fraudsters who adulterate food to make extra money for themselves put consumers lives at risk.  Stay up to date with new food fraud incidents on our free, open-access food fraud database.

by

Authenticity testing – recommended frequency

Part 3 in our series about food fraud testing

Part 1: Food testing checklist

Part 2: How to design a food testing plan

Guidance on test frequencies:

When developing a food fraud testing plan, one of the biggest challenges is choosing the frequency of testing.  Food Fraud Advisors has developed these guidelines to use as a starting point.   They are not a definitive guide, always follow the advice of your analytical laboratory and specialists.

For any given material, the frequency of testing should be based on its susceptibility to food fraud.  Suggestions for five different types of materials (A, B, C, D) are described below. Test frequencies should be reviewed and adjusted on a regular basis. Frequencies can be decreased if results are consistently acceptable and increased if problems have occurred or if there are changes to the product or the supply chain.

Type A: a material known to be very susceptible to food fraud (eg. honey, white fish fillets) but for which no specific incidences have occurred within your supply chain and for which no intelligence related to your supply chain has been received.

Phase 1: test a sample from 5 out of 5 incoming batches from every supplier and/or geographical source. For agricultural materials, this sampling protocol should be repeated on a seasonal basis across the year. The aim is to build a picture of authenticity across the year for your suppliers. Progress to phase 2 if all the results from phase 1 have been satisfactory. If test results have revealed problems with authenticity, phase 1 should continue for the affected suppliers or places of origin. Suppliers with satisfactory results can progress to phase 2.

Phase 2: reduce the frequency of testing to one sample per 5 to 10 incoming batches, with the frequency based on your estimate of the ongoing risk. As in phase 1, materials with seasonal supply fluctuations should be tested over various seasons. Use the results from phase 2 to continue to add to the overall picture of authenticity for this material type within your supply chain. Continue until you have at least 10 results. Progress to phase 3 if all results are satisfactory.

Phase 3: is an ongoing maintenance phase. Aim to test one sample per 10 to 20 incoming batches as an ongoing protocol.

Type B: Material for which you have received specific intelligence related to authenticity that pertains to your supply chain.

Phase 1: focussing on the implicated products or ingredients, take samples from at least 5 incoming batches. If the material is non-homogenous – for example if it is in individual packages, or individual pieces rather than being a bulk liquid or powder – consider taking duplicate or triplicate samples from each incoming batch, if budget allows. If all of these samples ‘pass’ the tests, consider trying alternative test methods or test types. Move to phase 2 if all test results are satisfactory.

Phase 2: reduce the frequency of testing to one sample per 5 incoming batches. Continue this frequency of testing until your intelligence information and your test results are sufficient to suggest that the risks within your supply chain have passed. If the risk has abated, reduce the frequency to that of phase 3 for type A.

Type C: Moderately susceptible materials

Phase 1: test a sample from 1 of 5 to 10 incoming batches from every supplier and/or geographical source. For agricultural materials, this sampling protocol should be repeated on a seasonal basis across the year. The aim is to build a picture of authenticity across the year.  Continue until you have at least 5 results per supplier or geographical source. Progress to phase 2 if all the results from phase 1 have been satisfactory. If test results have revealed problems with authenticity, phase 1 should continue for the affected suppliers or places of origin. Suppliers with satisfactory results can progress to phase 2.

Phase 2: test one sample per 10 to 20 incoming batches with the frequency based on your estimate of risk. As in phase 1, materials with seasonal supply fluctuations should be tested over various seasons. Use the results from phase 2 to continue to add to the overall picture of authenticity for this material type. Continue until you have 5 results. Progress to phase 3 if all results are satisfactory.

Phase 3: If all results from phases 1 and 2 are satisfactory, the frequency of testing can be significantly reduced. One test per year per supplier should be adequate for most materials and suppliers.

Type D: Food products at risk of counterfeiting or suspected of being from illegitimate sources

A market surveillance sampling plan should be devised. Retail and/or wholesale sources in high risk markets should be targeted in addition to online marketplaces. Anonymous market ‘buyers’ could be engaged to obtain the samples. Buyers can be instructed to purchase a specific number of items per batch per outlet, or they can be instructed to inspect or photograph samples in situ. The amount of surveillance will depend on the brand owner’s tolerance of counterfeiting and the testing budget.  Products at high risk of counterfeiting are likely to need ongoing surveillance.  Food products that have been found to have entered marketplaces through theft, diversion or grey market channels can have their risk reduced by implementing controls within distribution chains.

Type E: low risk materials. If a food ingredient or product has been shown to be low risk in a food fraud vulnerability assessment then authenticity testing should not be required. If the material or supply chain has changed such that the material requires authenticity testing then its food fraud vulnerability should be re-classified to medium or high risk.

by

Learn the lingo; food fraud terms explained

Food fraud occurs when food or drink is sold in a way that deliberately misleads or deceives consumers or customers for financial gain (Food Fraud Advisors, 2015)

(other definitions)

Food fraud occurs in two different forms:

1. Fraudulent activity that does not involve tampering with the food itself:

This includes activity such as avoidance of taxes, duties and quota restrictions (fishing), fraudulent paperwork such as forged importation documents, misrepresentation of origin, changing best-before dates and counterfeiting of popular brands.

2. Adulteration of food for economic gain:

This is sometimes referred to as economically motivated adulteration or EMA.  In this phrase, the word ‘adulteration’ is used to encompass many types of tampering, such as adding unauthorised substances, substituting undeclared substances for genuine components of a food or diluting a food product with cheaper substances.

Food fraud is a type of food crime, with food crime including food fraud and other activities such as the use of food shipments to mask drug trafficking and money-laundering through the trading of food and food commodities.

food fraud,defense,safety,security

Food fraud and the risks it presents to the food industry is a separate subject to food safety, although fraud-affected food can be unsafe.  Food safety relates to unintentional contamination of food and the presence of naturally occurring contaminants.

Food defence (food defense) is a term that has come to be defined as the effort to prevent acts of adulteration that are intended to cause harm to a food business or to consumers, such as acts of terrorism or attempted extortion.

Food security, as defined by the World Health Organisation exists “when all people at all times have access to sufficient, safe, nutritious food to maintain a healthy and active life”.

Risk or vulnerability?  In the language of food fraud, the term risk is usually replaced with the term ‘vulnerability’, so food standards bodies are increasingly talking about vulnerability assessments rather than risk assessments.  ‘Vulnerability’ is used because food fraud ‘risks’ do not exactly fit with the accepted definition of risk as something that has occurred frequently, will occur again and for which there is enough data to make quantitative assessments.  Vulnerability is a better term for food fraud, due to the fact that the ‘risk’ of a specific fraudulent activity occurring cannot be quantitatively assessed.

Horizon scanning is another term that has been co-opted to the language of food fraud.  Horizon scanning is the act of looking for and analysing threats and opportunities that will emerge in the medium to long term.  It is used across many industries, including the financial and health care industries.  Within the food industry, horizon scanning refers to the act of collecting information about current trends in food production and predicted incidences that could increase the likelihood of food fraud for a particular food material.  For example, climate change is likely to affect coffee production which could drive up prices and increase fraudulent activity in that sector.  Click here for the complete low-down on horizon scanning.

TACCP: Threat Assessment Critical Control Point.  TACCP = prevention of malicious threats to food.

VACCP: Vulnerability Assessment Critical Control Point.  VACCP = food fraud prevention.  Learn more about TACCP and VACCP here.

Intentional Adulteration:  Although food fraud activities often involve the intentional adulteration of food with unauthorised substances, within the food safety industry, Intentional Adulteration has recently been given a more specific meaning.  And it is not related to food fraud at all.  It is related to food defense, and more specifically to activities intended to cause wide scale harm to consumers.  There is a rule within the USA’s Food Safety Modernization Act (FSMA), that addresses these activities.  It is known as the Intentional Adulteration rule.  According to the US FDA (2019), Intentional Adulteration is the deliberate contamination of food with a biological, chemical, radiological, or physical agent by an individual or group of individuals with the intent to cause wide scale public health harmHow to protect against intentional adulteration. 

by

Beyond vulnerability assessments

How to verify a food defense plan

The USA FSMA Intentional Adulteration Rule deadline is fast approaching, with implementation required by 26th July.  Food defense plans are our most requested service this month, and not just for companies in the United States.  Businesses that export to the US are also affected.

The Intentional Adulteration (IA) rule

The Intentional Adulteration (IA) rule requires food businesses to identify vulnerable parts of their food manufacturing processes, implement strategies to reduce the vulnerabilities and monitor and verify that those strategies are working.  As part of the verification processes, some experts are recommending that food businesses challenge their food defense system on a regular basis.  Food safety management system standards, including SQF Edition 8, also require that manufacturing facilities challenge their food defense system.  What exactly does it mean to ‘challenge’ a food defense system, and how is that different to monitoring and verification of the system?

Monitoring vs verification vs challenge testing

Monitoring, verification and challenge testing are different, but the terminology can be confusing when used with food defense plans.  Some commentators and trainers are using the three words almost interchangeably; however, the three words actually refer to different elements of a food defense plan.

Monitoring means, at its most basic level, to check that procedures are being followed and that processes are happening as they should.  The checking process must be documented.  So, the act of monitoring is documenting in real time the actions taken to follow a given procedure or the measured outputs of a specific process.

Within a food safety plan, an example of monitoring would be checking the internal temperature of three pies from each batch after a cooling step and recording the temperature on a form.  Within a food defense system, a mitigation strategy might be the implementation of a procedure to lock all external doors, or to leave all external doors locked.  For this procedure, the monitoring activity could be a once-per-shift process of checking and recording the lock/unlock status of each door.

Verification is the process of making sure that monitoring has been done properly.  When cooling pies, for example, verification could include a once-per-shift check by a supervisor or manager that the cooled pie temperatures are being recorded AND that appropriate action has been taken if the temperature has exceeded critical limits.  Verification also includes internal audits; the internal auditor checks that the managers have been signing off the monitoring records, that the records are complete and available for all shifts and that corrective actions have been properly recorded.

In our food defense example, verification could include a check of the door lock monitoring records by a manager or supervisor.  The manager would review the records to see that they were completed on time, at the correct frequency and that any deviations, such as a broken lock, have been identified and actioned correctly.  Verification of door lock status could also be included in a weekly plant walk-through by a manager.  Internal audits would check that all these activities were being done and recorded properly.

Challenge testing is real-world scenario testing of a system’s efficacy.  A challenge test aims to validate whether procedures are effective when implemented as expected, as well as highlighting any failures in implementation.  A challenge test is different to a verification process because it would usually test the implementation and effectiveness of many food defense mitigation strategies rather than focussing on one element such as door locks.

What is the weakest link in your food defense plan?

 

How to conduct a food defense challenge

  1. Decide on a challenge action. For example, a common food defense challenge test is a penetration test, in which an unauthorised person attempts to gain access to a sensitive area.
  2. Create a food defense challenge report. In the report document exactly what you plan to do in the challenge test.  Include what, when, how, who and next steps.

For example: A person unknown to staff (Ms Jane Doe, of Acme Services) will attempt to get from the main reception area into ingredient weighing area A.  She will be wearing a business suit covered by a lab coat.  Once there, she will remain for up to twenty minutes unless challenged by an employee.  She will then leave.

If the intruder is challenged, she will claim to be a new food safety consultant/pest control account manager/new human resources manager and attempt to remain in the area.

  1. Include written contingency plans in case of escalation, for example, what will be done if police are called.
  2. Get approval for the plan from senior management.
  3. In the report record the following:
    • Name of Senior manager who has signed off on this plan.
    • Names of people who have been informed of the challenge test
    • Names of people who will be working in the affected areas at the time of the challenge, have they been trained in food defense?
    • A description of what staff are supposed to do in this scenario; what procedures should be followed.
  4. Define and document the criteria for failure and success; what will happen if the food defense procedures are working 100% correctly; what will happen if the food defense procedures are working only partially; and finally, how might the scenario progress if there is a complete fail of procedures and systems?

For example, if the ‘intruder’ is able to remain in the ingredient weighing area for 20 minutes without being challenged by an employee this could be considered a complete fail of the food defense system.  If the intruder is challenged but can convince the employee to allow them to remain in the area unattended, this could be considered a partial fail; if the employee chooses to remain with the intruder to ‘keep an eye on them’ this could be considered a better outcome than leaving the intruder unattended.

  1. Run the challenge. Have a trusted staff member observe from a discreet distance.
  2. Describe in the report what happened.
  3. Convene a meeting of the food defense team and analyse the results of the challenge test.
  4. Perform root cause analyses and raise corrective action/s for any failures in the system.
  5. Close out corrective action/s
  6. Take action to prevent a scenario like this from reoccurring, based on the root cause analyses.

Learn more about food defense

Register your interest in learning more about food defense by entering your email address in the box below.

We will never supply your email address to anyone without your written permission. View our privacy policy.