This article is written to meet the following sections of the Standards:

BRCGS Food Safety Issue 85.4.1 – 5.4.4 Product authenticity, chains of custody
4.2.1 – 4.2.3 Site security and product defence
BRCGS Packaging Issue 63.8 Product authenticity, chains of custody
4.4 Site security and product defence
BRCGS Agents & Brokers Issue 34.8 Product authenticity
4.3.1 Product security/ food defence
BRCGS Storage & Distribution Issue 43.5.3 Product fraud risk management
4.2.1, 4.2.2 Site security and product defence
5.2.1, 5.2.2 Vehicle security
10.3.3 Product fraud risk management
FSSC 22000 Version 5.12.5.4 Food fraud mitigation
2.5.3 Food defense
IFS Food Version 74.20 Food fraud
6 Food defence plan
SQF Edition 92.7.1 Food defense plan
2.7.2 Food fraud

What is food defence?

The topic of food defence or product defence is relatively new to the food industry. This has resulted in a great deal of confusion, conflicting definitions, and a naively structured and poorly thought through process.

Even the term ‘food defence’ varies depending on where it’s used. At Techni-K we use the term product defence, as this includes food, packaging, processing and storage and distribution of the product.

For some reason, the term ‘product defence’ has replaced product security and so has been indirectly linked to TACCP and threat assessments. When in fact, product defence is a holistic term used to describe threats which the product needs to be defended from. The scope of product defence includes fraud, sabotage, and terrorism. The threats of fraud, sabotage, and terrorism are all carried out deliberately, it’s the motivation behind each one that differs.

What is fraud?

The subject of fraud is still relatively new and so, it’s fair to say a variety of definitions of what it means exist.

BRCGS Food Safety defines fraud as:

“Fraudulent and intentional substitution, dilution or addition to a product or raw material, or misrepresentation of the product or material, for the purpose of financial gain, by increasing the apparent value of the product or reducing the cost of its production.”

BRCGS Storage & Distribution defines fraud as:

“Fraudulent and intentional substitution of a product or misrepresentation of the product for financial gain, by increasing the apparent value of the product.”

SQF use the Michigan State University definition:

“The deliberate and intentional substitution, addition, tampering, or misrepresentation of food, food ingredients, feed, or food packaging and/or labelling, product information; or false or misleading statements made about a product for economic gain.”

IFS define fraud as:

“The intentional substitution, mislabelling, adulteration or counterfeiting of food, raw materials or packaging materials placed upon the market for economic gain.”

FSSC 22000 use the GFSI definition:

“The deliberate and intentional substitution, addition, tampering or misrepresentation of food, food ingredients, food packaging, labelling, product information or false or misleading statements made about a product for economic gain that could impact consumer health.”

The definitions

All these definitions are fairly similar, although the FSSC (GFSI) definition is interesting – as it refers to consumer health specifically. When fraud doesn’t always mean the food is unsafe, it may just mean it’s not of the specified quality.

The key points to pick out from these definitions, is that fraud is:

  • Carried out on purpose.
  • Driven by financial gain.

 

Our definition of product fraud

Fraud is applicable to food products, packaging, the process and movement that the product undergoes, so ‘product fraud’ is a better term to use. So our definition of product fraud is:

“A dishonest and deceptive act which is carried out for financial gain.”

How does fraud apply to packaging?

If you’re a packaging site you’re probably wondering how you’re meant to do a vulnerability assessment for packaging. If you keep in mind the key points from the definitions above; that fraud is carried out on purpose for financial gain, you should be able to start thinking about how that would apply to your product.

The other key point to know, is that the source of all fraud is a claim. Fraud is pretending a product is something that it’s not. This means that if your packaging has a claim, this makes it more valuable, so it’s vulnerable to fraud. It also means that if you print branded packaging, this has a claim and therefore makes it vulnerable to theft.

If you don’t produce branded packaging, the packaging doesn’t make any claims and there aren’t any known or plausible threats for your packaging – then you may not be able to identify any threats. Which is completely fine, just make sure you document this and how you came to that conclusion.

How does fraud apply to storage and distribution?

If you’re a storage and distribution site, you’re probably thinking ‘we don’t even make product, so how’s this going to apply to us?’ And to some extent you’re right – especially if you don’t trade products, you only store and transport your customers products.

This means, that theft is the only type of fraud that you’re vulnerable to. You must therefore consider this in your threat and vulnerability assessment.Fraud and theft

The link between fraud and theft isn’t an obvious one – so let’s explain.

If branded packaging was stolen, it could be used to pack substandard product into it. This can be then sold as the ‘real thing’, which is fraud.

If branded product was stolen, it could then be sold on the grey market. The grey market is the sale of a product by illegal routes, which is fraud.

Sabotage and terrorism

Your product defence assessment also needs to consider sabotage and terrorism as well as fraud if these types of vulnerable threats apply to your site.

Sabotage

This is the deliberate destruction, damage or disruption of materials, products, or processes – to harm the business’ reputation.

Terrorism

A deliberate act to cause widescale harm and terror.

The standards

Although the way the standards are written and the terminology they use all varies, there are two main themes to the requirements.

Vulnerability assessment

A vulnerability assessment is required which identifies possible threats from fraud and then mitigates these using protection measures.

Threat assessment

A threat assessment is required which identifies possible threats from malicious contamination and then mitigates these using protection measures.

The problem

Having a vulnerability assessment and a separate threat assessment poses a problem. It means that before you’ve even started, you’re at risk of looking for threats and vulnerabilities separately – Here’s why.

Threat: A threat is a deliberate act to cause harm or loss.

Vulnerability: This is how exposed you are to that threat having an impact.

What this means, is that you can’t have a threat assessment without considering vulnerability and you can’t have a vulnerability assessment without including threats. It would be like trying to do a HACCP study and assessing only severity and not likelihood, or the other way around.

What this means is that you must have a combined threat AND vulnerability assessment.

What the standards really mean

Although they’re probably not aware of it, what the standards are trying to say is that the scope of each assessment is different. The ‘vulnerability assessment’ considers fraud and the ‘threat assessment’ considers sabotage and terrorism – although they do confuse this further on in the requirements.

Confusing terms

The terms that are used for product defence also add confusion, as they don’t make any sense.

VACCP: stands for vulnerability assessment and critical control point.

TACCP: stands for threat assessment and critical control point.

We’ve already said that you can’t have a vulnerability assessment without threats, and a threat assessment without vulnerability – so separating them into VACCP and TACCP doesn’t make any sense. But now, you’ve got the added complication that you’re using the term CCP (critical control point). Let’s be clear – there are no CCPs in product defence. The only reason that the terms VACCP and TACCP have been used, is to make them fit with HACCP. In our view, they make no sense and shouldn’t be used.

If you really want an acronym to use, then use TAVA (threat and vulnerability assessment).

Want to be a product defence ninja?

This article is an overview of the subject of product defence. If you’re looking to gain in-depth knowledge on this subject, we’d recommend you purchase our eLearning course.

Product defence

Understanding product defence

This course explains the terms used in product defence, so that you can understand the requirements and apply them confidently.

It explains how fraud, sabotage and terrorism sit under the heading of product defence, so that you understand the product defence scope for when you need to manage, create, or maintain the plan.

Buy the Understanding product defence mini training now

Have your say…

Share your thoughts…

Your email address will not be published.