APIs from Legitimate and Reliable Sources
Counterfeit and sub-standard APIs are increasingly present. Not only are they a fact of non-compliance but also they form a serious and increasing risk for patient safety. Various initiatives have been taken such as the founding of the FDA Counterfeit Drug Task Force, the European Commission’s current “Public consultation in preparation of a legal proposal to combat counterfeit medicines for human use” and the WHO Program “IMPACT” (International Medical Products Anti-Counterfeiting Taskforce).
API =Active pharmaceutical ingredient (synonym: drug substance)
Counterfeit API =Active pharmaceutical ingredient for which source and/or quality are falsely represented on the label, on the certificate of analysis or otherwise
Rogue API =API that is counterfeit or severely, deliberately non-compliant.
This writeup focuses on the interaction between the API manufacturer and the medicinal product manufacturer and provides possible measures that may be taken by both partners in order to ensure only non-rogue APIs are used in the manufacture of medicinal products. The proposed measures are considered as elements out of a whole puzzle. A risk-based approach should be applied to determine the necessity and value of the individual proposals, alone or in combination. The document does not address in detail the vendor qualification process as it is taken for granted that APIs are only purchased from suppliers that have been thorough checked
API manufacturer= Active pharmaceutical ingredient manufacturer
Medicinal product manufacturer= formulation manufacturer
A supply chain is actually a complex and dynamicsupply and demand network. A supply chain is a system of organizations, people, activities, information, and resources involved in moving a product or service from supplier to customer.
2. Supply Chain:
Agents, Brokers, Distributors, Repackers, Relabelers As a general principle, the shorter the supply chain, the more secure it will be. This is reflected in the EU GMP Guidelines, Part 1 (5.26) specifying that starting materials (APIs, excipients) should be purchased, where possible, directly from the producer.
In addition to the length of the supply chain, any changes on the original container – e.g. by repackaging, relabeling – should be considered as an additional risk for alteration and should therefore, whenever possible, be avoided.
There is no doubt that the entire supply chain needs to be assessed from a quality perspective, covered by an effective supplier qualification program and the same principles as described in the following sections for the direct supply form API manufacturer to drug product manufacturer should be applied. This already starts at the point of selecting the contractor for transportation of the API (see also ICH Q7, 10.23).
3. On Site Visits / Audits
A thorough knowledge of the supplier is a key element. Therefore, a close and stable relationship between the manufacturer of the API and the drug product manufacturer should be achieved by using various means of contact. A regular exchange between 3/8 sourcing- and purchasing people and the supplier contributes to strengthening this relationship, especially if the contact also includes regular visits on site. Site visits should not be restricted to the manufacturing site alone; intermediaries in the supply chain should be covered as well. It should be ensured that representatives of the purchasing department have a good GMP- and regulatory awareness and technical understanding so that these visits are as beneficial as possible, also in relation to compliance.
Audits=Auditing refers to a systematic and independent examination of books, accounts, documents and vouchers of an organization to ascertain how far the statements present a true and fair view of the concern.
An audit is considered the most effective way of verifying concrete and compliant manufacturing incl. distribution of APIs. However, apart from the fact that an audit is very time-consuming it only provides a snapshot of the situation and there is no 100% guarantee that evidence for any occurring counterfeiting activities may be identified. Nonetheless, there are various elements in a quality audit that may increase that probability and that respectively may confirm the reliability of the manufacturer.
Counterfeiting activities= To counterfeit means to imitate something. Counterfeit products are fake replicas of the real product. Counterfeit products are often produced with the intent to take advantage of the superior value of the imitated product
Whenever possible, the audit should be executed when an actual production campaign is ongoing.
Requests for changing the agenda at short notice during the audit, e.g. revisiting areas on another time or day, may be a useful approach to confirm the consistency of operations on site.
The walk-through in the warehouse supports the verification of the materials management capability with respect to claimed annual production of the API and storage capacity.
Checking for the presence of intermediates or APIs in the warehouse that have been purchased and could be subject for relabeling or of APIs intended to undergo a reprocessing may lead to the identification of different sources of materials than claimed. The list of approved vendors should also be reviewed for this purpose.
The review of the materials management system and material movements (booking in/out) of concerned API starting materials, intermediates and the final API is another possible source of information in the warehouse. However, confidentiality with respect to other customers’ names needs to be respected.
Production=the action of making or manufacturing from components or raw materials, or the process of being so manufactured.
The walk-through in production should cover the verification of the necessary equipment and necessary utilities by cross-checking with the production instruction and/or process flow chart.
Document Review=Document review (also known as doc review) is the process whereby each party to a case sorts through and analyzes the documents and data they possess (and later the documents and data supplied by their opponents through discovery) to determine which are sensitive or otherwise relevant to the case
3.2.4 Document Review
The review of master production instructions as well as analytical methods and specifications for raw materials, intermediates and the API as well as of executed documents/raw data and cross-checks with the regulatory document (e.g. DMF, CMC section, CEP dossier) is an important element in verifying regulatory compliance.
One can also verify the availability of production records and/or analytical raw data as well as retained samples (where applicable) of raw material, intermediates and API batches for specific batches that were either identified from the review of the stock cards/materials management system, product quality review or from supplied batches.
The timely and sequential correlation of equipment use logbooks in production and QC laboratory, production batch records (incl. electronic raw data), cleaning records and analytical raw data (incl. date/time on equipment printouts such as balances, chromatographic systems etc.) is a good indicator for on site production.
The review of the documentation related to seals (specifications – testing/approval according to specifications – reconciliation documentation – authorized persons identified and documented…) may be added.
A spot wise review of analytical raw data from stability studies (not only the summary table) as well as of the logbook of the stability chambers (e.g. date of sample in/out) and the check for physical availability of the stability samples should be included.
The adequate involvement of the drug product manufacturer in case of changes that can impact the quality and/or regulatory compliance of the API may be verified by the reviewing the history of changes and individual change request cases related to the production and testing of the API (incl. intermediates, raw materials),
4. Supporting Documentation
The availability of certain documents that are regularly available and up-dated, where applicable, may be considered as one efficient element in the continuous supplier monitoring process.
Inspections=Inspections are usually non-destructive. Inspections may be a visual inspection or involve sensing technologies such as ultrasonic testing, accomplished with a direct physical presence or remotely such as a remote visual inspection, and manually or automatically
Inspection history As part of the initial evaluation of a potential API supplier the GMP inspection history, with respect to inspecting regulatory body, inspection date, inspected areas (as far as this information is / is made available) and the inspection results should be reviewed. A regular up-date of the inspection history as part of the supplier monitoring and requalification process should be performed. On the other hand, as these inspections are not mandatory for APIs e.g. used in medicinal products for the EU, the non-availability of an inspection history may not lead to the conclusion that this API supplier is less reliable. 5/8
GMP=Good manufacturing practices (GMP) are the practices required in order to conform to the guidelines recommended by agencies that control authorization and licensing for manufacture and sale of food, drug products, and active pharmaceutical products. These guidelines provide minimum requirements that a pharmaceutical or a food product manufacturer must meet to assure that the products are of high quality and do not pose any risk to the consumer or public.
4.2 GMP certificates
GMP certificates of the API manufacturer, where available (see 4.1), should be provided, ideally as authentic copies.
Certificate of Analysis=A Certificate of Analysis is a document issued by Quality Assurance that confirms that a regulated product meets its product specification. They commonly contain the actual results obtained from testing performed as part of quality control of an individual batch of a product.
4.3 Certificate of Analysis
A thorough review of Certificate of Analysis, against regulatory documents (e.g. DMF, CMC section, CEP dossier) and in-house specification respectively, and with respect to GMP compliance (ICH Q7, 11.14) should be performed as part of incoming release testing of APIs. Suppliers involved in counterfeiting could apply improper documentation practices. In case of agents, brokers etc. being involved in the supply chain it is recommended to insist on a certificate of analysis issued by the original manufacturer of the API (see also 2.). Where a new certificate of analysis is prepared by agent, broker, distributor, there should be a reference to the name and address of the original manufacturer and a copy of the original batch Certificate should be attached, as specifically required by ICH Q7 11.43, 44
4.4 Certificate of Compliance,
Compliance Commitment A certificate of compliance issued by the API manufacturer, either as a separate document or as part of the certificate of analysis, which certifies that a specific batch has been manufactured according to ICH Q7 GMP requirements and in line with the applicable Registration Documents can provide additional assurance related to the awareness of the manufacturer on the quality and regulatory expectations of the customers.
4.5 On-going stability program
A GMP compliant manufacturer has an on-going stability program for its APIs (ICH Q7, 11.5). At least one batch of the API manufactured per year is added to the stability program and tested at least annually. A regular up-date of the program provided by the API manufacturer, not necessarily including stability data, gives additional assurance for actual and compliant systems.
4.6 Product Quality Review
The major objective of the Product Quality Review (ICH Q7, 2.5) is to evaluate the compliance status of the manufacture (process, packaging, labelling and tests) and to identify areas of improvement based on the evaluation of key data. It includes a review of critical in-process controls and critical API test results, of batches that failed to meet specification, of changes carried out, of the stability monitoring program, of quality-related returns/complaints/recalls and of the adequacy of corrective actions. Due to the comprehensive information included, the Product Quality Review provides a good overview of the manufacture of a certain API.
The document should be reviewed during an audit or as a minimum an approved executive summary should be made available by the API manufacturer.
4.7 Quality Agreement
The quality agreement as a tool to clearly define the GMP responsibilities strengthens the awareness of liabilities of both partners. The extent and level of detail of the agreement may vary and can depend on the material supplied, e.g. generic API versus exclusively synthesized API, but it should at least address – name of the product – mutually agreed specification (if not covered by supply agreement) – manufacturing site – applicable cGMP standards, e.g. ICH Q7 – compliance with the DMF or with other registration documentation – GMP audits related to the API (e.g. 3rd party auditing) – documents to be provided by the manufacturer, e.g. certificate of analysis, certificate of compliance, inclusion of copies of respective master documents may be addressed – arrangements for transportation and transport packaging (see 5.), e.g. description and degree of tampering proof seal to be used, inclusion of a copy of the master drum label may be considered – deviation handling – handling of and response to complaints – change management: involvement of the customer with respect to notification and approval – list of approved signatories may be included
labeling, tamper-proof sealing If the API manufacturer provides examples/templates of master labels, which he uses to label the containers, this supports the drug product manufacturer in identifying any manipulation on the material on its way from the manufacturer to the recipient.
The use of tamper-resistant packaging closure by the manufacturer provides additional assurance that the material was not adulterated on its way from the manufacturer to the drug product manufacturer. A manufacturer-specific design of the seal is recommended to be used; the use of unique seals may be considered. The communication of the type of seal, by the manufacturer to the user, completes the information chain.
Material Inspection = Critical appraisal involving examination, measurement, testing, gauging, and comparison of materials or items. An inspection determines if the material or item is in proper quantity and condition, and if it conforms to the applicable or specified requirements. Inspection is generally divided into three categories: (1) Receiving inspection, (2) In-process inspection, and (3) Final inspection. In quality control (which is guided by the principle that “Quality cannot be inspected into a product”) the role of inspection is to verify and validate the variance data; it does not involve separating the good from the bad.
Sampling= Sampling is the process of selecting units (e.g., people, organizations) from a population of interest so that by studying the sample we may fairly generalize our results back to the population from which they were chosen.
6. Material Inspection, Sampling, Analysis, Impurity Profile
At the point of receipt the first relevant action is to carefully perform the visual inspection of all the containers of the API. Attention shall be paid to the integrity and type of the sealing as well as to the special attributes added by the manufacturer (see above 4.7, 5.) such as label design, seal number and design.
The applied sampling regime related to the number of containers sampled, number of samples taken per container, analysis of individual and/or pooled samples as well as the extent of analysis, varying from identity test to full analysis may influence the probability of identifying counterfeiting, provided it may be identified by analytical means.
A risk-based approach, considering the qualification status of the supplier, may be chosen to define the extent of sampling and testing, considering the requirements for drug product manufacturers (e.g. Annex 8 to EU GMP Guidelines). 7/8 The impurity profile is normally dependent on the production process and origin of the API. The comparison of the impurity profile of a current batch with either previous batches or data provided by the manufacturer (e.g. as part of the regulatory submission) may help in order to identify changes related to modifications in the production process and may indicate whether the API might originate from a different manufacturer than the supposed one.
It is recommended to check the current (im)purity profile and compare it with former quality in regular intervals, at least once a year
I , Dr A.M.Crasto is writing this blog to share the knowledge/views, after reading Scientific Journals/Articles/News Articles/Wikipedia. My views/comments are based on the results /conclusions by the authors(researchers). I do mention either the link or reference of the article(s) in my blog and hope those interested can read for details. I am briefly summarising the remarks or conclusions of the authors (researchers). If one believe that their intellectual property right /copyright is infringed by any content on this blog, please contact or leave message at below email address firstname.lastname@example.org. It will be removed ASAP
We are often asked about the acceptance of third GMP audits at API manufacturers. The background for this is that more and more organisations offer such audits. Now, the question is what do you have to pay attention to?
We are often asked about the acceptance of third GMP audits at API manufacturers. The background for this is that more and more organisations offer such audits. Now, the question is what do you have to pay attention to?
It is essential to clarify who gave the order: has the audit been initiated from another pharmaceutical company? From the auditor himself/ herself or the organisation behind? Or from the API manufacturer?
Audits (and their reports) which have been initiated by the API manufacturers or their traders have to be viewed in a critical light. Also audits performed by the auditor – i.e. the audit organisation requires closer examination and analysis. Especially possible conflicts of interest have to be clarified.
At best, a contract audit is requested by one or several medicinal product manufacturers who buy themselves a product from the API manufacturer. If the API manufacturer is the customer, then the independence of the auditor has to be clearly demonstrated. In such a case, it is absolutely necessary to obtain a confirmation from the auditor in writing.
Acceptance, Accreditation and “Conflict of Interest”: what should you keep in mind?
A medicinal product manufacturer can basically perform an audit himself or let it perform by a so-called Third Party. Commonly, the medicinal product manufacturer assigns a consultant who has experience in the performance of audits. Yet, – here again – a few elements should be considered because the external auditor will be acting for the pharmaceutical company as if he were an own employee. The important thing here is to choose an auditor who knows the processes which have to be audited. If for example a biopharmaceutical API i.e. the manufacturer has to be audited, the auditor should have relevant experiences in biopharmaceutical processes. The auditor should also confirm that he/ she hasn’t been acting as a consultant in the area to be audited for at least the last 2 years. This should help to avoid eventual conflicts of interest. For this, a documented confirmation is helpful but often forgotten. The qualification of the GMP auditor is an essential aspect. You should require a CV of the auditor (education, work experience, audit history and audit trainings) and qualify him/ her. The execution by an accredited body doesn’t play any role. Accreditation is of no significance in pharmaceutical law.
Purchasing audit reports later:
More and more audit reports are available for purchase. In principle there is no objection to the purchase of an audit report. However, the same rules apply as those concerning the initiation of an audit. In any case, the auditors must be independent. This must also be confirmed in writing. You should check whether the audited products are the products which are also relevant for your supplier qualification. The audit of another product is quite unhelpful. The audit report should contain concrete information about the product-specific processes and procedures. This is the only way for the customer to decide on the basis of the available information whether the supplier can be suitably qualified.
Important: an audit report is only a part of the supplier qualification!
Audit reports are the main focus of interest. However, it is often forgotten that audit reports are only a part of the supplier qualification but a central one. Audit reports contain a description of the GMP situation on the audit day(s). The real assessment of the results is done by the customer – for example by a quality unit or the Qualified Person. Beside the audit report, further data should be consulted like the experiences with the supplier and the assessment of the products delivered. How valuable is an audit report with a good GMP rating when repeated deviations from the specifications are observed in the course of withdrawal of samples? The assessment of further information like for example inspection reports of the FDA which are generally accessible through the Freedom of Information Act, or EDQM’s database with the list of CEPs of API manufacturers which have been withdrawn because of GMP deficiencies. All these data should flow into a risk analysis to be used to qualify (or not) a supplier.
///////External GMP, Audit Reports, API manufacturers
As new API regulations are set in July for those outside the EU, the European Medicines Agency (EMA) has unveiled what its inspectors expect to see from API manufacturer or supplier audit reports from inside the region.