SafetyChain

Supplier Management: Strengthening Relationships & Meeting FSMA Requirements

Sam Davidson
Director of Food Safety

Despite supplier management and preventive control guidelines, the FDA continues to identify significant gaps in how manufacturers handle their suppliers. These issues can undermine FDA FSMA compliance rules, such as Foreign Supplier Verification Programs and Preventive Controls for Human and Animal Food. 

Given the ongoing compliance challenges flagged by the FDA, this article doesn’t introduce new ideas but revisits core principles of supplier management. Sam Davidson, Director of Food Safety at The Acheson Group, explores the FDA’s observations on supplier management, the risks associated with poor oversight, and how manufacturers can build better supplier relationships to ensure compliance. 

By addressing common weak points—like incomplete documentation and inconsistent supplier verification—manufacturers can strengthen their supply chain, safeguard their Preventive Control Plans (PCPs), and ensure long-term compliance with FSMA standards.

What the FDA is Still Seeing: Persistent Issues in Supplier Management

Even though the guidelines for supplier management are well known, the FDA continues to find several recurring issues that manufacturers have yet to resolve. The following gaps are regularly highlighted in FDA inspections:

  1. Incomplete or Inaccurate Supplier Lists
    It might seem basic, but failing to keep an up-to-date, comprehensive list of suppliers remains one of the most common compliance pitfalls. Supplier lists are often missing key details or, worse, some suppliers are not listed at all. Without an accurate supplier roster and tracking ingredient origins, verifying compliance becomes impossible. This can lead to non-compliance with FSMA’s supplier verification rules​.

  2. Weak Supplier Approval Programs
    Many manufacturers still lack a structured, documented process for supplier approval and re-approval. FSMA mandates that manufacturers verify their suppliers, especially those providing high-risk ingredients, are capable of controlling potential hazards. A vague or non-existent approval process leaves too much room for risk, increasing the chance of non-compliant ingredients entering production​​.

  3. Missing or Incomplete Certificates of Analysis (COAs)
    COAs are the backbone of ensuring that your ingredients meet safety and quality standards. Yet, many manufacturers don’t have consistent processes in place to verify that COAs are accurate and complete. Even worse, some rely entirely on supplier-provided COAs without performing any internal verification, which exposes them to serious risk​​.

  4. Inadequate Ingredient Hazard Analyses
    FSMA requires manufacturers to conduct a hazard analysis for every ingredient, assessing potential risks from the moment they enter the supply chain. Too often, these analyses are incomplete or poorly documented, making it difficult to build robust Preventive Control Plans (PCPs). This weak link directly undermines your compliance efforts​​.

The Ripple Effect: How Poor Supplier Management Impacts Your Preventive Control Plans

Supplier management isn’t just a compliance checkbox; it’s a critical pillar in your Preventive Control Plan (PCP). If you fail to manage your suppliers effectively, the entire foundation of your food safety system can be compromised.

  1. High-Risk Ingredients, High Stakes
    Suppliers providing high-risk ingredients (such as those prone to contamination) need to be held to the highest standards. Poor management or inadequate oversight of these suppliers could lead to serious food safety incidents. Your PCP is only as strong as the weakest link, and if you can’t trust your suppliers to handle hazards appropriately, your whole system is at risk​.

  2. Supplier Dependency: No Backup, Big Problem
    Relying on a single supplier—especially for critical or high-risk ingredients—magnifies your vulnerability. If that supplier faces a compliance issue or falls short on safety standards, your entire supply chain can grind to a halt. The FDA advises manufacturers to have contingency plans for such situations, particularly with high-risk suppliers​.

  3. Complexities of Brokered Supply Chains
    Brokers add a layer of complexity because they source ingredients from multiple suppliers, often with varying levels of compliance. The FDA stresses that each supplier in a broker’s network should be verified just as thoroughly as you would verify a direct supplier. This ensures that any compliance gaps in the brokered supply chain are identified and addressed early to prevent disruptions in your PCP​

  4. Smaller Suppliers, Larger Risks
    Small or niche suppliers, while valuable, may lack the infrastructure or expertise to maintain full FSMA compliance. Their limited capacity for robust documentation and hazard management can introduce risks to your PCP that you may not detect until it’s too late​​.​

How to Align Supplier Management with FSMA and PCP Requirements

To avoid falling into these common traps, manufacturers need to take a proactive, structured approach to supplier management, ensuring it aligns with FSMA rules and supports their Preventive Control Plans.

  1. Formalize Your Supplier Verification Program (SVP):
    FSMA’s Supplier Verification Program (SVP) requires manufacturers to assess their suppliers’ ability to manage food safety risks. This should include:

  2. Hazard Analysis: Conduct thorough hazard assessments for each supplier.

  3. Onsite Audits: Regularly audit your suppliers to ensure compliance.

  4. Continuous Monitoring: Implement an ongoing process for tracking supplier performance beyond initial approval​.

  5. Foreign Supplier Verification Program (FSVP) Compliance
    For manufacturers importing ingredients, FSMA’s Foreign Supplier Verification Program (FSVP) adds another layer of responsibility. Manufacturers must ensure that foreign suppliers meet U.S. food safety standards by conducting risk evaluations, verifying compliance, and maintaining meticulous records​.

  6. Maintain Complete Documentation
    You need more than just a supplier’s word. Maintain complete and up-to-date COAs, hazard analyses, and compliance documentation for every supplier. Relying solely on supplier-provided data isn’t enough; internal verification through testing or third-party audits is essential​​.

  7. Traffic Light Risk Management System
    A useful way to categorize suppliers is through a “traffic light” system:

  • Green: Low-risk suppliers with proven track records of compliance.

  • Yellow: Moderate-risk suppliers requiring more frequent review.

  • Red: High-risk suppliers or those on probationary status due to past compliance issues​.

Strengthening Supplier Relationships for Better Compliance

While compliance is critical, effective supplier management is also about building strong relationships that ensure long-term success for both parties. Here are some practical strategies:

  1. Proactive Communication
    Don’t wait for a problem to occur. Maintain regular, proactive communication with your suppliers to ensure they understand your expectations and compliance requirements. This helps preempt any potential issues before they escalate​.

  2. Supplier Training and Resources
    Smaller suppliers, in particular, may struggle with FSMA’s complex requirements. Offering guidance, training, or resources can help them meet your standards. Building a collaborative relationship with your suppliers strengthens their ability to comply, which in turn protects your supply chain​.

  3. Collaborative Problem-Solving
    When compliance issues arise, work with your suppliers to identify the root causes and develop solutions together. Treating them as partners, rather than just vendors, fosters trust and mutual accountability​.

Practical Steps to Improve Supplier Management and FSMA Compliance

To ensure your supplier management practices align with FSMA and strengthen your PCP, consider these actionable steps:

  1. Audit Regularly
    Regularly audit your suppliers to verify compliance and assess potential risks. This keeps you informed of any changes in their performance that could affect your operations​​.

  2. Utilize Digital Tools
    Use digital platforms to centralize supplier documentation, performance data, and audits. Real-time tracking ensures you can quickly identify and respond to compliance issues​.

  3. Develop a Backup Plan for High-Risk Suppliers
    Don’t put all your eggs in one basket. Develop contingency plans for high-risk suppliers to ensure you’re not left scrambling if they fail to meet FSMA standards​.

FSMA Compliance and GFSI Certification

While GFSI certification isn’t a federal requirement like FSMA, it’s worth mentioning as it plays a crucial role in doing business with large retailers such as Costco, Albertsons, and Whole Foods. By aligning your FSMA preparedness with GFSI compliance standards (e.g. SQF, BRC, FSSC 22000, IFS), you will see an increase in time and cost savings across each plant, and your GFSI certification will open doors for new business.

Beyond new business opportunities, following GFSI standards provides internal benefits by reducing redundancies, streamlining processes, and freeing up valuable time and resources. However, one of the biggest challenges for GFSI-certified companies is maintaining supplier compliance, which requires continuous oversight and proactive management.

To ensure that all suppliers adhere to these high standards, manufacturers need a robust supplier management system that tracks compliance, identifies non-conformances, implements corrective actions, and monitors performance over time. This risk-based approach to supplier management is vital for maintaining the integrity of the supply chain and ensuring all products meet GFSI requirements.

Revisiting the Basics for Stronger Compliance

Manufacturers can’t afford to neglect thorough supplier management. By addressing common pitfalls—such as incomplete documentation, inconsistent verification, and inadequate hazard analyses—you can protect your Preventive Control Plans and ensure long-term success. Strengthen your supplier relationships, audit regularly, and never assume that compliance is a given—make it a collaborative, ongoing effort.

FSMA webinar series