Consequences of Non-Compliance

In a video interview with Pharma Commerce, Joe Lipari, direct of product management for Systech, dives into how the Drug Supply Chain Security Act (DSCSA), signed into law by President Obama in 2013, has actually been in development for nearly two decades, with earlier state-level efforts like California’s e-Pedigree push. Initially, the full implementation deadline was set for Nov. 27, 2023, marking the completion of serialization and traceability across the pharmaceutical supply chain. However, due to industry readiness issues, the FDA introduced a “stabilization period” to allow for testing and system adjustments. The stabilization period, meant to iron out bugs, turned into a series of delays, and the implementation date has been pushed back multiple times.

In October 2023, the FDA announced another delay, introducing a phased approach to DSCSA compliance. Manufacturers now have until May 2025 to meet requirements, wholesale distributors until August 2025, and mid-to-large dispensers until November 2025. Small dispensers, defined as those with 25 or fewer employees (including pharmacists and pharmacy technicians), have an extended deadline of November 2026. This phased approach allows different parts of the supply chain to comply gradually, but the full implementation will not be realized until at least 2026.

The FDA’s latest exemption allows eligible trading partners that have either completed or documented efforts to complete data exchange connections to be given some leeway in enforcement. This continues the trend of delays and phased compliance, highlighting ongoing challenges in fully implementing the DSCSA across the industry.

Lipari also explains the penalty for non-compliance, the likelihood that these deadlines put forth by the FDA will be met, and more.

A transcript of Lipari’s conversation with PC can be found below.

PC: What is the penalty for stakeholders who don’t comply with the DSCSA?

Lipari: The FDA does take action against supply chain trade partners. There’re implications of non-conformance to disciplinary action. There’re warning letters—they publicly post those warning letters on websites, so there's some negative press that comes along with that for the trade partner. You could have products that could quarantine. You could have seizures. You could have court-ordered injunctions; civil, criminal penalties if it got really far down the line. There’s sort of a full range of disciplinary actions that the FDA can take.

DSCSA doesn't change that. It just adds a few others to this list. The questionaround the industry is, because it's an enforcement discretion saying the law went into law, the law is the law, and the dates in the law are the dates in the law. We're choosing not to enforce some of the requirements on the specific dates. There's always that notion of, will the FDA make an example out of somebody? It hasn't happened.

Is it an option on the table? Sure. But in reality, I think you know the language that you have successfully completed, you have made documented [efforts]. It's really tough to enforce that. I think the general sort of feeling in the industry is that this is just a broad exemption. Here's some new dates, and take it for what it's worth.