Organic Fraud Prevention Plan Guidance for Handlers and Processors

According to the Strengthening Organic Enforcement (SOE) regulation update §205.201(a)(3), all organic operations are now required to establish monitoring practices and procedures to prevent fraud in the organic industry (these procedures are often referred to as Fraud Prevention Plans or “FPPs”). The NOP states Fraud Prevention Plans are required for every operation, and they must be tailored to be appropriate for each operation. All entities are also asked to have awareness of how to report fraud to the NOP.

As a result of the new regulations, OneCert has added new sections to the Organic System Plans (OSP’s) for Handlers. We have developed this guidance to help you complete these OSP updates and better understand the new requirements.

Definitions & Key Terms:

Organic Fraud: Deceptive representation, sale, or labeling of nonorganic agricultural products or ingredients as “100 percent organic,” “organic,” or “made with organic (specified ingredients or food group(s)).” [§205.2]

Fraud Opportunities: One third of the “fraud triangle.” Circumstances that allow fraud to occur.

Fraud Triangle: A model for identifying high risks of fraud highlighting three factors that lead to fraud: motivation, opportunity, and rationalization. See Annex for example and resources.

Vulnerability Assessment: A process of reviewing and assessing various factors, which create vulnerabilities to fraud in a supply chain (i.e. weak points where fraud has greater chances to occur)

Organic Fraud Prevention Plan Questions from OneCert Handling OSP’s:

a) Describe how you have evaluated fraud opportunities within your supply chain:

(You may also attach your Vulnerability Assessment or provide information on industry tools in use, such as the Organic Trade Association’s (OTA’s) Fraud Prevention tool).

Your Organic Control Points (OCP’s) must also identify the high-risk points in your supply chain where organic fraud or mistakes resulting in the loss of organic status are most likely to occur. The OCP’s must also establish preventative actions and mitigation measures for each, as applicable.

GUIDANCE: If you are already using the Organic Trade Association (OTA) Fraud Prevention Tool, or are certified to another program, such as Food Fraud or Food Safety, you may already have a vulnerability assessment! Check it to make sure it identifies risks and the measures taken to address risks to organic products. If it does, you may simply refer to the existing assessment in your response and attach a copy.

If you do not already have an assessment, start here:

  • Ask: “How would a criminal behave?”
  • Do a self assessment: Ask yourself where fraud is most likely to occur or where organic representation mistakes are most likely to happen within your operation. Describe these risks in your response.
  • Evaluate your suppliers: Ask yourself where fraud or organic representation mistakes are most likely to happen within those operations. Describe these risks in your response.

Common risk factors to consider in your vulnerability assessment:

  • Geographic (imports, high reports of fraud in the region, high corruption levels)
  • Economic (scarcity, reports of fraud for certain ingredient, market trends, sudden changes in volume/availability)
  • Agronomic (production challenges, common fumigation/treatments, changes in yields)
  • Direct Suppliers (OID/cert verification, import certificates, supplier relationships, approval programs, auditing of suppliers, track record)
    • Supply Chains (Complex, multiple borders/imports, transparency of supply chain, uncertified entities, may be helpful to MAP out the supply chains! See Annex, at the end of this document for an example Supply Chain Map.)
    • Internal/Company Level (Past fraud incidents, Other certifications, Codes of Conduct, Whistleblowing guidelines, Fraud reporting procedures, etc.)

Once you have determined the areas of risk, you need to describe the measures you are taking to prevent and mitigate these factors in your Organic Control Points (OCP’s). 

b) Who (name of staff person or team) is responsible for overseeing fraud prevention?

GUIDANCE: 

  • Identify the person or team responsible.
  • To ensure your fraud prevention plans encompass vulnerabilities from all parts of an operation, consider establishing a team that includes individuals from a variety of departments (e.g. Quality Assurance, Accounting, Receiving, Purchasing, Marketing, Management, HR, etc.).

c) Describe how you monitor your supply chain (both up and downstream) for fraud?

For complex supply chains, a map or flowchart of your supply chain may be necessary and requested by OneCert. Be sure to include suppliers and steps that happen off-site (e.g. co-packers, storage), points where records are generated, and indicate where the product changes ownership.

GUIDANCE: 

  • Describe any actions you currently take or plan to take in order to oversee your suppliers and any other parts of your supply chain.
  • For example: Auditing of suppliers, supplier facility visits, monitoring news/social media/websites of buyers and suppliers.
  • Mapping the supply chain is recommended for operations with multiple supply chains or complex supply chains (e.g. intermediaries, imports, long supply chains, etc.)
  • In your mapping note not only the physical movement of the product, but also map the ownership of the product as it flows through the supply chain. 

d) Describe how you verify your organic suppliers, importers, contracted co-packers, private brand label owners, storage facilities and any other certified operations you work with remain certified. Include the frequency you check supplier certificates/OID and how you document the process.

The frequency should be appropriate for the risk associated with your type of operation. For example, if you receive few shipments of high value or volume, then verification should happen with each shipment. Be prepared to demonstrate your system at inspection.

GUIDANCE: 

  • Per the Supplier List instructions, OneCert expects suppliers to be verified and certificate or OID dates updated at least once every year at renewal at minimum, but this should be determined according to risk. Depending upon the number of suppliers you use and the risk in your operation, you may need to verify monthly or with every purchase.
  • Describe how you verify Suppliers are certified. (e.g. Do you obtain a copy of each organic certificate and the certified products list? Do you use the Organic Integrity Database (OID) or myOID? )
  • Describe the frequency Suppliers are verified. (e.g. Do you check the certificate prior to each organic purchase? Do you review all suppliers once a year?)

e) Describe how you verify the organic status of ingredients and/or products prior to purchase, and upon receipt:

GUIDANCE: As you develop your response, consider:

  • You may already have existing receiving procedures or SOP’s that satisfy this question, or that could be added to to create a full response. In these cases, you may refer to other documents in your answer and submit them as attachments.
  • How are new suppliers vetted? 
  • How do you make sure that there were no errors or damage during shipping? 
  • How do you know that what is received is organic? (e.g. do you cross check invoices and product packaging?)
  • What do you do with products that arrive in damaged containers or packaging, or that cannot be verified as organic?

f) What are your mechanisms for reporting credible evidence of organic fraud? Select all that apply:

  • Report to OneCert
  • Report to the operation’s Certifying Agent
  • Report to USDA/NOP
  • Report to California Department of Food and Agriculture (CDFA) or other State Program (if applicable)
  • Other (describe):     

GUIDANCE: 

How strictly will OneCert evaluate compliance to these new Fraud Prevention requirements?

This year, our priority is to help all clients make a meaningful start. This means we want to see that you have made an attempt to answer the new OSP questions. OneCert will communicate with you at each step of your certification cycle to help avoid potential compliance issues:

  • At Initial Review, we will communicate with you if these OSP questions are incomplete and encourage you to make updates using our above guidance. 
  • Inspectors are being trained to discuss the new questions with you when they are conducting inspections. They will identify and collect updates to the OSP where appropriate. 
  • After inspection, we will only issue Minor Issues or Notices of Noncompliance if the new OSP questions have not been completed. We may provide reminders for future improvements. 
  • 2025 and beyond: We expect fraud prevention plans will be an area for continuous improvement for the next couple of years. OneCert will communicate during renewal if there are additional updates or risks that should be addressed in your OSP.

Trainings and Resources:

Example Supply Chain Map:

The Fraud Triangle, from National Whistleblower Center: