The Indian pharmaceutical industry is currently undergoing many unprecedented changes. These range from emerging areas of science, new and improved drug variants and specialized services to evolving regulations and business models, making it one of the world’s most developed industries. Today, the sector ranks third in terms of volume and 13th in terms of value. In addition, the drugs manufactured here are being exported to more than 200 countries in the world, with US being a key and perhaps one of the largest markets.
To sustain and maintain this growth, the industry has augmented its spending on research and development (R&D), especially in specialty drugs and complex generics, in recent times. Over the past six years, R&D spending by top companies has almost doubled in comparison to sales, which demonstrates that companies today are laying increased emphasis on evidence gathering that will help in improving health-related outcomes. That said, the growth of Indian drug manufacturers has posed an additional risk in terms of inspections of manufacturing facilities run by global regulators [US Food and Drug Administration (US FDA) and UK Medicines and Health Regulatory Authority (UK MHRA)]. Early last year, drug regulators in the US and the European Union (EU) urged pharmaceutical companies to step up efforts for improving manufacturing standards for reliability of data if they wanted to continue maintaining dominance in the generic drugs industry. Companies are also looking at fine-tuning their security policies and implementing leading global practices to protect themselves from any potential cyber security risks.
Thus, pharmaceutical multinationals are under greater scrutiny across the value chain – from drug discovery to marketing the final product. They need to relook their focus on operating within the boundaries of compliance to avoid any possible scenarios of irregular practices on multiple fronts – bribery and corruption, testing and sampling, supply chain fraud, etc., which might cause major reputational and financial damage.
Compliance is becoming a necessity for most Indian multinational pharmaceutical industries due to a number of factors, as discussed below.
Continued scrutiny by global regulators
Monitoring of drug manufacturers by global regulators has been a prevalent feature in the industry. Furthermore, inspections on the pharmaceutical sector in India has intensified with time, bringing more companies under the regulatory lens. The US FDA and UK MHRA have highlighted non-compliance and alleged violation of Good Manufacturing Practices (GMP) as major reasons for this amplified scrutiny. Some of the possible implications of violating GMP include business loss, reputational damage, regulatory oversight, competitive disadvantage, diversion to remediation and increase in attrition rate.
Some of the common loopholes observed by regulators while inspecting manufacturing facilities are highlighted below.
Regulations under the Drug Supply Chain Security Act (DSCSA) by the FDA are expected to see greater implementation in the years to follow. As a result, companies may have to make additional investments to remain compliant. Tighter control mechanisms in supply chain management and improved vendor due-diligence may be instituted to sustain appropriate drug quality.
Raising the bar: improving anti-corruption standards in cross-border operations
While global enforcement authorities have been focusing on the dynamics involved in cross-border trade within this sector, India has also witnessed multiple instances of corrupt practices when conducting operations across geographical borders. For instance, it was found that multinational companies entering new markets often use third parties such as distributors since they do not have sufficient resources with language fluency, business networks or supply chains to sell directly. Thus, adequate regulatory focus by companies to institutionalize strict internal controls and compliance practices across their worldwide operations will help in battling corruption.
Persistent fraud concerns
Rising spends on compounded drugs or personalised speciality medications through hand-made bills created by retail pharmacy outlets have drawn the attention of federal investigators, who have raised concerns over possible fraudulent activities and overbilling. Last year, the Department of Justice (DOJ) reports indicated penalties being imposed for submission of false and fraudulent reimbursement generated as a result of illegal kickbacks and bribes. Such concerns pose immense dilemmas to the management, especially in terms of financial stability and brand reputation, demanding greater focus on robust compliance mechanisms and governance. Similarly, employee fraud in the areas of procurement, third party management, CAPEX and marketing spends has consistently shown an increasing trend.
Cyber security – a major concern
The FDA 21 CFR Part 11 is a key regulation for the pharmaceutical industry. It requires organizations to implement controls, electronic audit trails and systems validations. It establishes standard expectations for industrial security through reliable electronic documentation of the manufacturing process. Challenges around cyber security risks may increase as the sector moves toward automating systems at their facilities.
Today, insider threat is one of the biggest risks faced by the sector. Insider threat means an individual inside the company could share trade secrets, intellectual property or steal formula for producing a drug or leak sensitive information about the company to competitors.
Way forward for the pharmaceutical industry
Indian pharmaceutical companies will continue to see growth through acquisitions in the US, Europe and Japan and bring in specialized products to developed and emerging markets. With increased globalization and cross-border activities, the sector will have to take appropriate steps to mitigate risks and fuel compliance.
Going ahead, the focus on Current Good Manufacturing Practice (CGMP) guidelines and conducting proactive risk assessments will be instrumental for the industry to grow and maintain compliance. Going forward, companies should also identify and assess security risks and educate employees as well as senior management about cyber risks to mitigate security breaches. It would also augur well for pharmaceutical companies to conduct proactive fraud risk assessment to mitigate any threats, especially in high risk areas such as procurement, third party management, CAPEX and marketing spends.