Latest News

Professionals focus on management systems and processes to ensure the safety, quality, reliability and integrity of the products they manufacture. This involves identifying foreseeable hazards and introducing controls to minimise their occurrence. There is, however, an increasing need to consider threats that arise from the intentional introduction of undesirable materials in the raw materials, process or product. Such threats can extend beyond the product and process to the business and its operation.

 

Food defence aims to introduce measures to protect a business from such malicious events. This article will focus on the threats and the measures to identify and manage the intentional adulteration and contamination of food.

 

What is food defence?

 

Food defence is defined in a number of ways, including: 

• “The effort to protect food from acts of intentional adulteration or tampering” (US Food and Drug Administration (FDA)).
• “Procedures adopted to assure the security of food and drink and their supply chains from malicious and ideologically motivated attack leading to contamination or supply disruption” (PAS 96:2017 Guide to protecting and defending food and drink from deliberate attack).
  “Procedures adopted to ensure the safety of raw materials and products from malicious contamination or theft” (BRCGS Global Standard Food Safety (Issue 9)).

 

In addition to products and processes, food defence can encompass measures to protect against cybercrime. Recent events affecting UK grocery retailers have demonstrated the huge impact that breaches can have on businesses both in terms of financial and reputational damage.

What are the threats?

 

The threats that a food defence programme protects against can be broadly split into three areas; fraud, sabotage and terrorism. The hazards associated with these threats include chemical, microbiological, physical, allergens and radio nuclear.

 

Fraud

Food fraud, often referred to as economically motivated adulteration (EMA), is the intentional omission, removal or substitution of a valuable ingredient or part of a food. It can also include the addition of a substance to make it appear better or of greater value (USFDA).

 

It is often economically motivated but, in some cases, may be criminally motivated. Some good summaries on food fraud and food crime can be found in texts from the European Commission and the UK Food Standards Agency. There are introductory videos on the topic from the FAO and the EU Food Science Hub.

 

As the motivation for food fraud is usually economic gain, the perpetrator’s success is predicated on their continued ability to escape detection. Their modus operandi is to do things that do not expose their criminal actions and, in so doing, gain financial benefit for the continued sale of products that are otherwise not as described. An example would be the major scandal in the UK where horsemeat was used illegally in beef and beef-containing products resulting in widespread public recalls and financial loss. Although not ostensibly a safety risk, food fraud has caused illness – for example with the adulteration of milk with melamine in China that resulted in kidney and urinary tract effects in an estimated 300,000 Chinese children and six deaths. The melamine was added to increase the apparent protein content of milk that had been diluted to increase its volume.

 

Sabotage and Terrorism

In contrast to those committing food fraud, those committing sabotage or terrorism generally want others to be aware of their actions to fulfil their mission. The motivation for sabotage is principally to cause disruption in a business or supply chain to gain some form of retribution. Terrorism is usually carried out for ideological purposes and maximum exposure is sought by those perpetrating such criminal activity. The intention for terrorism is to cause widespread and large-scale harm to a business and their customers. Threats from sabotage and terrorism may be used to extort money or to demand some other action from the business.

 

History is littered with examples of sabotage and terrorism. Food was often cited in Roman times as the vehicle through which poisonous substances were used to remove a rival or seek retribution. More recently, an extreme religious group in the USA deliberately contaminated food in salad bars and restaurants with Salmonella Typhimurium. Cultures of the organism were grown in a clandestine laboratory and the outbreak affected over 751 people. The motivation was said to be an attempt to influence an upcoming election by incapacitating members of the local population.

 

In 2018, a widespread national recall was prompted in Australia when sewing needles were found in strawberries. A small number of reports in a defined region prompted the initial recall and it is believed that copycat events then led to over 200 reported instances across the country. The motivation has not been identified.

 

In 2020, a farmer was convicted for an attempted extortion event at a large multinational retailer. He had threatened to contaminate jars of baby food with Salmonella spp., knives and white powder and demanded a payment of £1.4m. He carried out the threat by contaminating jars of baby food with pieces of metal and placing them back on the shelves of the supermarket. The jars were subsequently purchased by unsuspecting customers. When he was arrested, the police found images of his actions on his laptop.

 

A man was convicted in 2023 following sabotage in the production of dips and salad dressings with pieces of plastic glove, plastic bags and ring pulls destined for restaurants in the UK. He was a factory worker and was able to gain access to the products post packing. The visible presence of the contaminants in the finished product indicated that he was seeking to sabotage the business and cause reputational or financial damage rather than harm the consumer.

 

A disgruntled customer seeking retribution for poor service at a retail store in Hong Kong contaminated soft drinks with urine which were then drunk by customers.

 

These examples highlight the challenges the industry faces in ensuring an entirely secure supply chain. Many more examples of malicious contamination of food are contained in an excellent review of food defence by the Institute of food science and technology.

 

Identifying threats and vulnerabilities

 

The traditional way of managing food safety in the industry has been through the adoption of a food safety management programme underpinned by the principals of hazard analysis and critical control point (HACCP).

 

HACCP is designed to identify safety hazards within food manufacture together with the controls to ensure such hazards are eliminated or reduced to an acceptable level. A HACCP plan includes monitoring to ensure the critical controls are effective and ongoing verification to ensure the plan remains valid.

 

A food defence plan is similar to HACCP insofar as it is a systematic assessment of the threats and vulnerabilities from fraud, sabotage and terrorism but threats from intentional contamination result in differences to the methodology. A food defence plan must consider threats and vulnerabilities throughout the food supply chain and requires a multidisciplinary team with expertise beyond that traditionally required for HACCP.  The principles of developing a food defence plan usually encompass the following steps:

 

• Form a team to develop the plan with the requisite multidisciplinary skills, training and knowledge.
• Describe the entire supply chain involved in each stage of manufacture including raw materials, production, distribution, storage, and sale plus any associated services.
• Identify potential threats at each stage.
• Assess the vulnerability to attack at each stage.
• Determine the potential impact of an attack.
• Prioritise the threats and vulnerabilities.
• Identify and implement controls to mitigate the risks.
• Implement measures to monitor the controls with associated corrective action plans and verification procedures.
• Review the ongoing validity of the food defence plan, considering any changes to the supply chain, new threats and vulnerabilities.

 

Two key elements of a food defence plan are the threat assessment and the vulnerability assessment and tools have been developed to support the systematic assessment of these elements, namely threat assessment critical control point (TACCP) and vulnerability assessment critical control point (VACCP). Recent approaches tend to combine these into a single assessment when developing a food defence plan.

 

It goes without saying that the development of a food defence plan requires a degree of expertise in applying the principles and it is important that individuals involved in this are suitably trained. However, all individuals involved in food manufacturing should receive training as they are key to the effective implementation the mitigation strategies and monitoring the food defence plan.

 

Training courses and online tools to assist in food defence, food fraud and food crime are available including extensive material published by the USDA (Food defence tools, training and resources) and individual business such as BRCGS (Vulnerability Assessment, HACCP, Risk Assessment, validation and verification). The FDA has a useful food defence awareness for frontline employees programme designed for the food industry including a training video to bring the importance of food defence and their role to life.

 

There is extensive material available online regarding food defence with some of the best being available via the US FDA who introduced a requirement for specified businesses to implement mitigation strategies to protect food against intentional adulteration in a food defence plan as part of the Food Safety Modernization Act. The full FDA Food Defence Strategy and toolkit is available online and this includes an excellent food defence mitigation strategies database.

 

Other helpful resources on food defence are available from:

• the Institute for Food Science and Technology (IFST)
• the PAS 96 Standard from the BSI
• a free online booklet from Campden BRI on how to defend your business against the threat of food fraud and malicious attacks
• the UK FSA Guidance for Businesses on Food Crime and online Food Fraud Resilience Self-Assessment Tool
• the Food Standards Scotland Food Crime Risk Profiling Tool that can be used to help understand the businesses’ risk from food crime and measures that can be put in place to reduce them.

 

 

The role of voluntary third-party certification schemes

 

Voluntary third-party assurance programmes have, for some time, required food businesses seeking certification to have a food defence plan. The latest GFSI Benchmarking Requirements require certification programmes to include specified requirements for food defence in order to be benchmarked and recognised. This includes requirements for a documented food defence plan including a food defence threat assessment procedure supported with appropriate knowledge and expertise and with regular review.

 

Recognised programmes such as the BRCGS Global Standard Food Safety have specific clauses that require businesses to develop and manage an effective food defence plan. BRCGS specifies that “Systems shall protect products, premises and brands from malicious actions while under the control of the site” with specific clauses on undertaking a risk (threat) assessment, implementing control measures and monitoring, review and training.  

 

Summary

 

Food defence is about protecting your business and its customers from intentional acts intended to defraud, cause significant disruption or, at worst, cause harm. Like any food safety management programme, it is not possible to completely eliminate risks and threats but by the application of a systematic approach it is possible to reduce the risk and ensure your business and products are protected, as reasonably as possible, from being a victim of this type of criminal activity.

  

	Author Alec Kyriakides Independent Food Safety Consultant