As the regulatory environment gets more and more stringent for regulated industries such as medical devices, pharmaceutical, and life sciences, we hear of even leading brands being penalized on various counts – deceptive marketing, violation of books, records and internal accounting controls, off-label or unapproved promotion of medical products, Controlled Substances Act violation, consumer protection violation and so on.
In the pharmaceutical industry alone, total penalties from compliance-related violations have crossed over US $50 billion since 2000. The numbers are not too far behind in other regulated industries as well.
According to a report by research firm Ponemon Institute and security company GlobalScape, the annual cost of non-compliance in a single company was anywhere between $2.2 million and $39.2 million and has increased by 45% since 2011. The cost of compliance, on the other hand, had increased by 43% and was an average of $5.5 million.
But as more companies, migrate from legacy systems to modern, cloud-based compliance management tools and technologies, the average cost of compliance will come down. A next-generation, cloud-based platform like ComplianceQuest, for example, offers the breadth and depth of features, while also ensuring scalability, flexibility, and cost-effectiveness.
Consequences of Non-Compliance
Fines are not the only cost of non-compliance. FDA, for instance, may take recourse to any of the following actions based on the severity of the non-compliance:
- Send warning letters specifying the violations and seeking a response on the corrective action that would be taken.
- An adulterated and/or misbranded product may be seized to remove it from being sold in the market.
- Seeking injunctions from a court to prevent individuals and/or corporations from violating or causing violations of the Act.
- In case of violation of Section 301 of the Act. fines and/or imprisonment of up to one year may be imposed. The period could go up to three years in case of a second violation or intention to defraud or mislead.
In a recent guidance, the FDA declared penalties of up to $10,000 per violation for flouters of the ClinicalTrials.gov reporting requirements or those submitting false or misleading information to the database, in which case there would be civil injunction and/or criminal prosecution as well. An additional $10,000 would be levied till the violation is corrected. Violators’ notices of non-compliance will be posted on the FDA website as well as CT.gov.
These actions can prove costly with market erosion, damage to reputation, and loss of customer trust, which are hard to win back. Litigation and compensations are additional costs that businesses will have to pay, which can severely drain financial resources.
The Cost of Compliance
Compliance may seem like a cost center. It involves a range of systems and processes to be put in place to ensure high-levels of compliance:
- First is creating a system where the company can keep track of the various regulations and make the necessary changes to systems and processes as per the requirements. Different countries have different regulations and you will have to know the applicable rules in the countries you operate in. For instance, in the medical device industry, if your market is restricted to the U.S., you will have to be familiar with Title 21 Code of Federal Regulations (CFR) Part 820. ISO 13485 is a global standard, relevant for medical device companies operating across the world. Additionally, you’ll have to adhere to Medical Device Reporting (MDR) in the EU, Health Canada in Canada and so on.
- Data is critical today with analytics and reporting, but it is also sacrosanct. General Data Protection Regulation (EU) 2016/679 (GDPR) and a number of regulations in the US require every business to put in place systems that ensure data protection that needs to be complied with.
- Every business needs to develop internal policies that act as the building blocks for meeting regulatory requirements, give its compliance efforts a direction, and establish systems and processes to achieve these goals.
- Document control and management is a natural extension of compliance requirements since businesses need to maintain their latest documents in an easily accessible manner, update them as and when required, and submit them to regulatory authorities as documentary evidence.
- Inspections, audits, and assessments are an important way of ensuring a business is on track with compliance and mid-course correction if not.
- The training of the employees becomes essential to ensure the objectives are met and all the functions are compliant and get the appropriate certifications
However, over the years, a well-implemented compliance management system results in benefits such as:
- Improved process efficiency, leading to higher productivity, lower cycle time, lower failures, etc.
- Lower deviations, the consequent rejections, and cost of reworks.
- Increased customer satisfaction leading to improved reputation, market share, and revenues
With every different aspect of a business being governed by rules and regulations, compliance can become challenging if done manually. Software such as the Enterprise-wide Quality Management Solution from ComplianceQuest is built on the scalable and cloud-based Salesforce.com and aligns with all the major regulations that a business needs to comply with. It provides enterprise-wide visibility of processes and data. ComplianceQuest is designed to not only ensure aligning with the regulations but also enhance the quality of the products and services, improve risk management. The ComplianceQuest QHSE (EQMS + EHS) also serves as a single source of truth for all key regulatory, compliance, quality, safety, health, and environment management data. It serves not only as a system of record but as a system of collaboration, making it really easy for compliance leaders to work together to meet regulatory requirements.
To find out how to reduce your cost of non-compliance, contact us here. http://www.compliancequest.com/contact-us