GFSI Direction on Food Fraud and Vulnerability Assessment (VACCP)

In February 2014 the Global Food Safety Initiative (GFSI) presented their direction for including Food Fraud in their Food Safety Management System.  They have adopted a holistic Food Fraud scope and have shifted their focus from risks to vulnerabilities.  As I’ve mentioned before, as an industry we’re fortunate that there’s so much coordination so early in the process.  Collaborating to define the terms and the focus on prevention has been a key effort. GFSI has played a central role in the process.

Food Fraud Think Tank

In July 2012 the GFSI Board of Directors requested that a Food Fraud Think Tank (FFTT) be created to review the topic and explore if or how Food Fraud could be incorporated in the GFSI Guidance Document. The group was originally called “economic adulteration” but broadened the scope to all types of Fraud. The active members of the FFTT were Danone, Eurofins, Inscatech, Michigan State University, Royal Ahold, and Wal-Mart. The VACCP concept was first presented publicly in our group presentation at the GFSI Annual Conference in Barcelona in March 2013. We presented to the GFSI board several times and the final direction was presented at the GFSI conference in February 2014. Now that the GFSI Board is including Food Fraud in the GFSI Guidance Document the work has been passed to the GFSI Technical Working Groups – specifically to the Technical Working Group Food Fraud Subgroup.

Defining Food Fraud

GFSI has defined their Food Fraud scope to cover a wide range of incidents.  This includes adulteration (specifically dilution, substitution, concealment, unapproved enhancements), mislabeling, gray market (including diversion, parallel trade, etc.), smuggling, theft, and counterfeiting.  Throughout their work there is an emphasis on public health dangers or  vulnerabilities.  Each type of incident could  lead to a public health threat.

The GFSI definition is:  “Food Fraud: A collective term encompassing the deliberate and intentional substitution, addition, tampering or misrepresentation of food, food ingredients or food packaging, labeling, product information or false or misleading statements made about a product for economic gain that could impact consumer health. (Reference: Spink, J. & Moyer, DC (2011) Journal of Food Science, 76(9), 157-163.)”

vaccp-3Clearly the most common and dangerous public health threat is from adulteration, but all types of Food Fraud include vulnerability.  While the horsemeat adulteration did not result in a public health incident, it could have… and we would have had no way to trace the dangerous products.  Even stolen genuine goods pose a public health vulnerability  since we lose sight of the product as it moves through the supply chain. The product could have spoiled from mishandling, or that lack of transparency would provide a fraud opportunity  for other types of actions.

Vulnerability Assessment and Critical Control Point System (VACCP)

GFSI has defined the Food Safety Management Umbrella to include HACCP (hazard/ Food Safety), TACCP (threat/ Food Defense) and VACCP (vulnerability/ Food Fraud).  These are defined as three separate pillars that will need to be addressed individually.  There is efficiency in building on the very familiar HACCP concepts since it is widely accepted and implemented (The HACCP abbreviation stands for Hazard Analysis and Critical Control Point system).

The shift in focus from risk to vulnerability is due to the nature of Food Fraud.  A risk – following ‘ISO 31000 Risk Management’ and as is applied in ‘food safety risk assessments’ – is something that has occurred frequently before, will occur again, and there is enough data to conduct a statistical assessment. A vulnerability is more a state of being that could lead to an incident.  The GFSI definition is: “Food Fraud Vulnerability: Susceptibility or exposure to a Food Fraud risk, which is regarded as a gap or deficiency that could place consumer health at risk if not addressed.”  VACCP is applying the HACCP-type system specifically to the unique attributes of a Food Fraud incident.


The TACCP [they combined food defense and food fraud so they did not have a VACCP concept] concept was introduced and implemented in the British Standards institute’s Public Available Standard 96 Food Defence  (PAS 96) (–Drink/PAS-962010/).  The document scope states “The main generic threats are malicious contamination with toxic materials, sabotage of the supply chain and misuse of food and drink materials for terrorist or criminal purposes. A successful attack could disrupt business and undermine brands, and could lead to illness and death.”

Food Fraud Vulnerability Assessment

Through other reports, such as those by the US Government Accountability Office (GAO) and US Congressional Research Service (CRS), it has been emphasized that preventing Food Fraud is fundamentally different from combating Food Safety or Food Defense incidents.  For example, in the GAO report  on Economically Motivated Adulteration of Food (, an FDA official stated that FDA “does not have the range of expertise… with a background in intelligence gathering or law enforcement.”

“Food Fraud Vulnerability Assessment: The standard shall require that the organization [company, manufacturing plant, food processing operation, warehouse, etc.] have a documented Food Fraud Vulnerability Assessment in place to identify and address Food Fraud vulnerabilities.” (Ref: GFSI FFTT)

There are many organizations — such as GFSI — that are taking Food Fraud prevention very seriously.  The GFSI direction may be one of the most significant because they are global, connected with many governments around the world, and connect through their current networked food safety and food quality products and services.  For example, Food Safety third-party audits are already being conducted around the world… and adding Food Fraud components would be an incremental step.  Actually, most of the Food Fraud intelligence-gathering is already being conducted in Food Quality, Food Defense, or Food Safety audits.  Food Fraud prevention is integrated with all aspects of Food Safety management.  Before you start developing your own Food Fraud countermeasures make sure to review what’s already being done – or is done – in the marketplace.  We will keep following the trends and presenting them to you.  JWS.

Global Food Safety Initiative (GFSI ) (  If you are not familiar with GFSI, they are an association of food companies.  Their mission is to harmonize, strengthen, and improve the global food safety management system. The GFSI direction creates common global industry standards for managing the food safety-related practices.  Specifically, GFSI states their expectation for what should be in a food safety standard (they publish this in the GFSI Guidance Document).  There are companies or organizations that create the actual food safety standards (they receive approval that they are “GFSI Compliant”).  To complete the cycle there is a third set of organizations (third-party auditors) that certify a food company is certified to that GFSI Compliance Food Safety Standard.  GFSI is very influential since so many companies follow, develop, refine, and specify this common system – I was told that the combined revenue of the GFSI members (that is members, not all companies that follow the GFSI system) is equivalent to the Gross Domestic Product of France!


This was previously posted at:

Scroll to Top