We’re So Far Out of Compliance, Let’s Not Make it Any Worse

"We're so far out of compliance. Let's not make it any worse." What would you do if you heard that statement made by a director-level quality professional? Would it matter if the statement was made within a major pharmaceutical company two years after the organization agreed to a consent decree with the FDA? Believe it or not, this declaration of non-accountability was repeated so often by members of the sites quality organization that it became a much-repeated joke within the entire manufacturing facility. Perhaps the initial statement was said out of stress and frustration at the mind-boggling number of changes that needed to take place within quality assurance and compliance systems. But when its repeated often enough to become a standard joke or to excuse noncompliance with meeting consent decree commitment dates, then you know theres a deep-seated problem within the ranks of leadership. The implications of this startling lack of accountability and failure in leadership were numerous and symptomatic of a compliance culture in deep denial of basic regulatory and quality assurance obligations. The FDA ultimately agreed with the deep-seated nature of problems by documenting 40+ observations in 483 inspection findings over a 2-year period after the consent decree was initially announced. Think this was (is) the only example of a consent decree site with compliance and operational problems? Think again. I recently became aware of two individuals who were terminated within the last six months at FDA consent decree sites for raising issues to senior compliance managers and third-party consultants regarding progress against commitment dates. For those of you unfamiliar with consent decrees (and lets hope you will never have this career opportunity), a commitment date is a deadline established between the company and FDA for implementing improvements conforming to CGMP regulatory requirements. In recent years, FDA has delegated some of their oversight responsibilities to third-party consulting firms who are required to verify that quality assurance and compliance systems have been successfully implemented, are operating within new and improved standards, and can withstand the pressure of daily operations to sustain GMP compliance. The third-party firm documents these results in excruciating detail and provides verification reports to FDA compliance officials. In theory, the FDA can choose to inspect consent decree sites at a moments notice to ensure this oversight system is working, but in reality defers responsibility to the third-party consultants. It is at this point where the oversight system seems to be breaking down, according to the two internal whistleblowers who claim they lost their jobs for questioning integrity of the consent decree verification process. In the rush to meet consent decree commitment dates and avoid fines of $15,000 per day for each violation, these compliance project managers said their companies refused to investigate concerns related to the accuracy and integrity of verification audit results being submitted to third-party consultants who then forwarded this information to FDA consent decree compliance officials. Concerned with falsifying GMP documents and contributing to fraudulent business practices, these individuals blew the whistle, only to suffer retaliation and ultimately, dismissal. Weve seen big consent decree fines recently and rumor has it that a major player and FDA currently are in negotiations over another whopper. But is the process of improving, verifying, and sustaining GMP compliance per consent decree requirements in fact a sham? If these statements and incidents keep surfacing, then consent decrees will become another cynical joke like the statement were so far out of compliance, lets not make it any worse.