Key findings: What works to prevent food fraud

Introduction

A range of academic literature, government publications, and stakeholders have defined food fraud and offered guidance on prevention and mitigation strategies (Appendix 3). It is clear from the literature that a lack of understanding of fraud and what types of fraud may occur has left the food industry vulnerable (Spink et al., 2019a). Therefore, prevention and mitigation strategies can be generalised and not specific to a particular food product, or supply chain (Appendix 8). Prevention strategies are expensive to implement and their ability to actually prevent a threat, which may or may not occur, is difficult to measure. In addition, the balance between adopting prevention strategies and detection strategies is difficult to position especially whether these sit under the responsibility of the regulator or the industry. Manning and Kowalska (2021) identify some critical challenges in this area such as the need to harmonise food fraud and food crime definitions at the European Union (EU) and international level, the need for convergence of private and regulatory approaches to food crime and food fraud classification and seeking opportunities to improve the effectiveness and efficiency of systems of verification and of governance systems. This integration is essential to combat food fraud and facilitate consumer trust in food and the integrity of food supply chains.

Multiple types of food fraud have been characterised in the literature (Spink et al., 2016a; 2016b; 2017), as has the advent of the use of threat analysis critical control point (TACCP), vulnerability analysis critical control point (VACCP), food fraud initial screening (FFIS) (Spink et al., 2016a); food fraud vulnerability assessment (FFVA) (Spink et al., 2019; van Ruth et al., 2017; 2020); food fraud prevention plans (FFPPs) (Spink et al., 2019) and the SSAFE food fraud diagnostic tool (van Ruth et al., 2017; 2020). The use of FFVA within food integrity culture assessment tools has very recently been proposed by Alrobaish et al. (2021; 2022a; 2022b; 2023). However, there are challenges for food business operators (FBOs) with regards to having sufficient resources to develop multiple prevention plans and with interoperability between plans especially at the micro and small business level.

Understanding food fraud as being ‘enterprise-related’ re-organises prevention approaches to better understand situations, contexts, and structures that create pressure, drive, or ‘make rational’ the decisions by perpetrators to engage in fraud. Whilst guidance such as PAS 96 (BSI, 2017) provides a typology of the food criminal, the characterisation of the food fraudster is less well defined and less well disseminated to FBOs. This is in part due to the wide range of types of fraud and crime that would need to be addressed for a vulnerability assessment to be seen as exhaustive (see Appendix 3). The lack of an internationally accepted definition of food fraud, and more widely food crime, and food defence, is a barrier to defining the food fraudster as well. The fraudster can be characterised in terms of the increasing sophistication of their activities from recreational, occasional, occupational, through to professional, or in terms of their role in the criminal activity (Williams, 2001; Spink et al., 2013; Manning et al., 2016). Whilst macro-level factors frame their activities, fraudsters are motivated by micro-level factors such as their location, business, or activities they are involved in, working and business relationships, specific and shifts in cost drivers, and the level of economic gain that can be derived from acting illegally (Moyer et al., 2017). Setting illegal food operations aside, where the intention from the start of operation is not to comply with the law, Moyer et al. (2017) argue that most food fraudsters are occupational criminals, conducting their activities within FBOs in legitimate food supply chains.

In this sense, we must understand food fraud as ‘situated action.’ The concept, originally coined by Lucy Suchman (1987), has been notably applied in the related criminological area of organisational crime by Vaughan (1996; 1998; 2007) who states: ‘fundamental sociological understanding is that interaction takes place in socially organised settings. Rather than isolating action from its circumstances, the task… is to uncover the relationship between the individual act and the social context’ (Vaughan, 1998). We must therefore consider how specific situations, including the material and social circumstances and conditions, shape offending behaviour and how to subsequently intervene with these facilitative situations. By analysing situated actions, theories of situational prevention can be integrated within the framing of food fraud as enterprise crime. Guardianship (where a guardian is a person or an object that is effective in deterring criminal offenses) and hurdles (a combination of multiple preventative measures) are two aspects that are focused on in this report.
In terms of ‘what works’, situational crime prevention (SCP) theory (focusing on the settings where crime occurs, rather than on those committing specific criminal acts) has been used in the development of food fraud prevention tools to support the exploration of the circumstances of crime and in particular the availability of opportunities to commit crime using the principles of routine activity theory (Cohen and Felson, 1979; Spink et al., 2016; Lord et al., 2017; Spink et al., 2019). Thus, rather than focusing on the causes of crime or inherent criminal motivations and propensities, the theory focuses on practical, situation relevant ways of reducing opportunities for crime or minimising their harms should they occur. Lord et al. (2017) suggest that prevention measures can focus on five specific areas, which we have reframed below in the context of food supply chains: 

1. Increase the effort (for example, make it harder to adulterate food products or to hide frauds behind legitimate business practices by increasing transparency. Examples of industry practice include developing supply chain procurement protocols that increase supplier visibility; implementing security practices such as driver controls on company sites; fob or fingerprint entry to high-risk areas of the factory; improving facility design and enclosing areas of the factory or the production line where adulteration could take place).
2. Increase the risks (for example, increase routine surveillance of the business environment or ‘offending locations’, or the likelihood of being detected such as buyers and consumers. Implement security audits on the premises, install CCTV). 
3. Reduce the rewards (for example, separate products within the business or confiscate profits gained. Increase the penalties associated with food fraud, such as supplier delisting or potential prosecution).
4. Reduce the temptations (for example, reduce temptations to commit fraud by ensuring legitimate business is profitable or neutralising organisational/market pressures. Examples include developing long term relationships with suppliers and developing communication channels to discuss external, market, and business pressures).
5. Remove the excuses (for example, introduce more prescriptive rules or educate offenders to harms caused. Develop awareness training within the organisation so that the harm associated with food fraud can be effectively communicated).

The Food Safety Act 1990, and associated legislation has led to the adoption of preventive strategies to reduce food safety incidents. EU Regulation (EC) 852/2004 required all FBOs to “put in place, implement and maintain a permanent procedure or procedures based on HACCP (hazard analysis critical control point) principles.” The HACCP approach within the internationally agreed General Principles of Food Hygiene (Codex, 2020) has been successfully adopted globally as a food safety prevention tool. In the literature review and the interviews, it was highlighted that food fraud prevention approaches need to be fundamentally different to food safety prevention approaches on the basis that HACCP is designed to address unintentional actions and known knowns and unknown knowns in terms of existing food safety hazards. Alternatively, food fraud arises due to intentional furtive acts, i.e., known unknowns and unknown unknowns so prevention approaches may need to be different.

Whilst it is the government’s responsibility to set clear legal requirements for prevention strategies to reduce food fraud, it is also the responsibility of the industry to embed appropriate strategies to prevent, detect, and mitigate food fraud risk(s) (Spink and Moyer, 2011). Thus, the food industry is ultimately responsible for the quality and safety of its products and for food fraud mitigation activities and prevention (Wisniewski and Buschulte, 2019). Prevention and detection strategies aim to control, and where possible eliminate, food fraud. Prevention strategies assume that the root cause of an event can be eliminated or at least significantly reduced to stop a fraudulent activity taking place (Moyer et al., 2017; Spink et al., 2017; 2019a). Mitigation strategies assume food fraud events will occur, and can be detected, and focus on trying to eliminate or reduce the negative consequences that could result (Spink et al., 2017; 2019a). 

In the wake of the Elliot Report in 2014, the UK Food and Drink Federation (FDF) produced a guide for food and drink manufacturing businesses to protect their business from food fraud (FDF, 2014). This guide is designed to support businesses to identify, prioritise and manage upstream supply chains (from the business back through to all tiers of suppliers). Upstream thinking has been an emergent theme in our study as an essential prevention strategy for businesses to reduce food fraud and will be explored more in subsequent section. Businesses such as Nestlé also have produced guidance on food fraud prevention (Nestlé, 2016) again with a strong focus on supply chain management through upstream thinking and highlighting the need for vulnerability assessment to inform mitigation strategies as a key preventive process. However, access to such guidance for micro and small businesses is difficult and requires individuals to have knowledge about food fraud, the means for its prevention and mitigation and how these can be adopted within their business. The FSA Food Fraud Resilience Self-Assessment Tool launched in 2021 (FSA, 2022) has been developed to guide businesses to identify food fraud risk and the steps that can be taken to mitigate that risk.

The term Food Control Management System (FCMS) refers to the overall control of the FBO’s processes i.e., encompassing food safety, nature, substance and quality, food authenticity and food integrity, compliance with statutory compositional standards, traceability, food fraud, food defence and management activities including validation, monitoring, and verification. The FCMS constitute the FBO’s default means of preventing food fraud. Effective multiple verification of the FCMS is logically a significant enabler of preventing food fraud. Verification is most frequently implemented through auditing which has been perceived as a crucial component in ensuring compliance with regulatory and market standards and maintaining third party certification. Auditing is also perceived as a means to assure traceability systems are effective and provide transparency that FCMS are adopted, implemented, and effective. Audits rely upon as independent, objective assessments of an FBO’s FCMS, including the level of adherence within the day-to-day operations and assessment of the FBO’s food safety culture (how everyone (owners, managers, employees) thinks and acts in their daily job to make sure the food they make, serve, or retail is safe). This has been extended to include food integrity culture in recent research (Alrobaish et al., 2021; 2022a; 2022b; 2023).
Types of FBO verification includes internal FBO verification (1st party), supplier-customer (2nd party) and 3rd party private standards certification (for example, BRC/ISO22000) and Official Controls, i.e., statutory State delivered verification, primarily delivered in the UK by border controls, local authorities, and the FSA. Notwithstanding the effort and considerable expense that has gone into auditing to date, existing public and private auditing processes alone are not sufficient in themselves to prevent fraud. Instead, audits need to be part of a triangulation of verification or a wider verification ecosystem. For example, auditing activities failed to prevent the horsemeat or ethylene oxide incidents in Europe. Earlier work at State and Federal level in the US tended to show an inconclusive relationship between inspections and audits and the prevention of foodborne illness outbreaks (Irwin et al., 1989; Cruz et al., 2001; Petran et al., 2012). Furthermore, inspection and audits alone may be too infrequent to verify vulnerabilities effectively (Kaplan, 1978) and illicit behaviour is unlikely during an inspection or audit. Concerns over the practice of auditing and fraud prevention are not confined to the food sector with a range of concerns emergent in the banking sector, for example. Auditing is confounded by conspiracies (Dai and Handley-Schachier, 2015), or auditors may be looking primarily for compliance and not consider detecting and reporting fraud as being within their remit (Chong, 2013), or contractual arrangements between auditors and auditee organisation prohibit or mediate the open disclosure of fraudulent activities (Mansor et al., 2020). This was a point highlighted in the interviews with regard to third party certification in the food supply chain.

The following sections combine the findings from our literature review, further iterative evidence reviews, exploration of industry and policy evidence, and the interviews. The evidence has been triangulated (compared) based on the level of agreement found between academic, industry, and policy sources, and the interviews. This report has sought to highlight the key findings on ‘what works’ from a limited evidence base and in what is a very complex and intricate subject. Where particular concepts are considered in the findings and the study team consider that further background information is required, this is included in the Appendices.

We have summarised ‘what works’ in terms of food fraud prevention strategies from different countries, in the food industry and different sectors. Due to the complex nature of the contributory factors that can lead to food fraud, there is no single silver bullet solution and no sole guardian who can eliminate fraud or deliver effective food fraud prevention strategies. The examples provided here are not designed to be exhaustive. They do demonstrate that for effective food fraud prevention to occur there is a need for a high level of interoperability between public and private (industry) food fraud prevention approaches, what is described in the report as a verification ecosystem.

Food fraud prevention strategies and initiatives implemented in the UK and other countries

In this section, regulatory response in developing food fraud prevention strategies at an international level are first considered, followed by those at the state level and then the  industry response. These examples are not exhaustive and are presented to demonstrate the strategies being considered.
United Nations Guidelines for Consumer Protection

Globally, domestic legal strategies for countering food fraud may rely on the guidance provided by the United Nations Guidelines for Consumer Protection (UNGCP, 2016), which established a set of international consumer law principles (Benöhr, 2020). For a domestic national regulator, two general principles can be delineated from the UNGCP framework, that are applicable to developing national food fraud prevention plans (FFPPs): 

• Facilitating best practice by food businesses. Governments should encourage food businesses to adopt best or good practices by providing criteria and guidance on how to avoid food fraud to protect consumers. Whilst these best practices may initially be voluntary, once implemented and proven to be successful, they could be considered for policy formation/revision. 
• Empowering enforcement agencies to investigate and share information. Governments should empower enforcement agencies to investigate fraud by coordinating the investigations and enforcement activities with the enforcement agencies of the other UN Member States (Guideline 83), by making use of existing international networks and entering into appropriate bilateral and multilateral arrangements and other initiatives to implement these guidelines (Guideline 85). The UNGCP also calls for the UN Member States to provide their consumer protection enforcement agencies with the authority to investigate, pursue, obtain, and where appropriate, share relevant information and evidence with other enforcement agencies (Guideline 88).
•  

United States (US) National Security Memorandum on Strengthening the Security and Resilience of US Food and Agriculture

Recently (November 10, 2022) the US government published a National Security Memorandum on Strengthening the Security and Resilience of US Food and Agriculture (US, 2022) as a critical national infrastructure. The Memorandum requires the determination of relevant risks and the completion of vulnerability assessments for the food and agriculture sector at Secretary of State and Agency level. These assessments need to be reviewed when there are emergent, credible, and actionable threats or events, including the need for alternative production or processing steps in food supply chains. Comprehensive regulatory risk assessment (encompassing threat and vulnerability assessment), prioritisation of the risks of most significance, the development of a strategy and action plan, identification of capabilities and a cost/benefit plan will then be submitted to the President. 

US Food Safety Modernisation Act (FSMA) Final Rule on Foreign Supplier Verification Programmes (FSVP) for Importers of Food for Humans and Animals
The US FSMA Final Rule on Foreign Supplier Verification Programmes (FSVP) for Importers of Food for Humans and Animals (FDA, 2016) requires FBO importers to perform risk-based foreign supplier verification activities to verify that:

The food is produced in a manner that provides the same level of public health protection as section 418 (concerning hazard analysis and risk-based preventive controls) or 419 (concerning standards for the safe production and harvesting of certain fruits and vegetables that are raw agricultural commodities of the Federal Food Drug and Cosmetic Act or FDandC Act (21 U.S.C 350g and 350h), if applicable.

• The food is not adulterated under section 402 of the FDandC Act (21 U.S.C 342); and
• The human food is not misbranded under section 403(w) of the FDandC Act (21 U.S.C. 343(w)) (concerning food allergen labelling).

Whilst FSVP is primarily focused on food safety, it also addresses aspects of food fraud such as adulteration and misbranding. Supplier verification, undertaken by FBOs is what the Elliot Review (2014) described as upstream prevention, and is a key aspect of a national food fraud prevention strategy (FFPS) that informs a national FFPP. This theme is developed later in this report.

In the Australian context, a regulatory pluralism framework is proposed coupling existing regulatory controls, non-destructive sampling, and innovative technology to enhance and strengthen Australia’s regulatory response to fraud (Lindley et al., 2012). Regulatory pluralism is also a theme explored in the next example.

Joint Nordic Threat Assessment for Food Fraud

The Joint Nordic Threat Assessment for Food Fraud was initiated after the 2013 horsemeat incident in Europe (Nordic Council of Ministers, 2022). The NFCU were contributors to the assessment approach developed. In early 2018, joint threats from criminal activity in the Nordic food production chain was considered by four countries: Norway, Denmark, Iceland, and Sweden. In 2019, Norway, Sweden and Denmark carried out national level threat assessments with the priority areas: raw materials of animal origin (tax and customs evasion, smuggling, theft, substitution, and unlawful production and processes); fish and seafood; declaration of Nordic origin, and declaration of organic production. The threat assessment considered opportunities, motivation, supervisory measures, and impact using a risk matrix approach. The use of a risk matrix approach mirrors the approach of the SSAFE food fraud vulnerability assessments, albeit that the individual steps undertaken in the assessment process vary slightly (see Appendix 8 for a more detailed cross comparison). Interestingly, the Joint Nordic Threat Assessment for Food Fraud used a scoring process of high, moderate, low, and unknown, recognising that there are knowledge gaps in the understanding of food fraud (and food defence) threats, which is different to other threat and vulnerability assessments (Appendix 8) as the unknown category was not found in any other of the vulnerability assessments or threat assessments highlighted in this study. Two financial parameters were also assessed, reputational loss and financial loss, and two social parameters: food safety and consumer confidence. 

The following aspects of supply chain level and FBO level FFPPs and the countermeasures that could be adopted to reduce national vulnerability were considered: 

• Defining and operationalising high moral and ethical standards,
• Screening of potential employees,
• Supportive whistleblowing schemes,
• Auditing of suppliers and supplier requirements,
• Social supervision and transparency in the supply chain/value chain, and
• Knowledge development through guidance/advice for the prevention of fraud in the supply chain/value chain.

At regulator level the following were considered:

• Specific national policies to combat food crime, and
• Government initiatives and enforcement of legislation.

The report is clear that the focus should be on threat assessment rather than risk assessment. We would echo that sentiment.
Exemplar quotes from the interviews that align with the need for this strategic development and capability building within the FSA, Defra, and the NFCU are presented in Appendix 6.  Increasing public awareness, inter-agency cooperation, strict enforcement of fraud regulations, and establishing a surveillance and fraud alert system are all essential at regulator level for effective fraud prevention (Braden, 2014).

The UK Legislative and Official Controls Context for Food Fraud Prevention

Prior to 1995, UK Food Safety law tended to address mainly infrastructure requirements of food premises. As identified in several seminal works (Bryan, 1978; Bryan, 1988; Bryan, 1992; Roberts, 1982; Gould et al., 2013), such basic hygiene and sanitary requirements were found to have little bearing on the actual causes of foodborne illness, as they do not capture system level failures. This position has parallels with the prevention of food fraud. The position on food safety changed with the advent of Regulation (4) 3 of the Food Safety (General Food Hygiene) Regulations 1995 which codified for the first time into UK law requirements for HACCP, a preventative approach, requiring FBOs to identify, control and manage the food hazards associated with their business. (The HACCP requirements were re-stated and extended in 2006 by Regulation (EC)852/2004). Combined with the Food Safety Act 1990 this provides a statutory driver for Local Authorities to engage with inspections what became known as Official Controls placing great emphasis on Regulation 4 (3) i.e., verifying the measures for the prevention of foodborne illness. This was augmented by guidance and education programmes aimed at FBOs and delivered by Local Authorities. In retrospect the requirement for HACCP to support prevention of food safety incidents, and the associated guidance and education programmes has been highly transformative for the sector. The Food Law Code of Practice compliance data verifies the success of this programme. There has never been in UK Food Law an analogue for food fraud in addition to the HACCP requirements, i.e., there is nothing that requires an FBO to proactively identify, control, and manage their vulnerabilities to food fraud and consequently there is nothing for Official Controls to enforce, no incentives and sanctions to drive a similar preventive strategy at FBO level. 

In response to this context and following recurring criticisms of UK Official Controls from the EU Veterinary Mission, Food Standards Scotland (FSS) in partnership with the Scottish Food Enforcement Liaison Committee (SFELC) embarked upon research into the methods and techniques of auditing. In summary the findings showed there was a tendency to: 

1. Verify compliance with the FCMS as written down which frequently related to the requirements of an external standard potentially not appropriate (contextually apposite) or bespoke to the FBO. There was little evidence of challenging the appropriateness and effectiveness of the FCMS in the first place (validation) and related to this was a lack of verification of the suitability of the FCMS to the specific operating circumstances of the FBO, with HACCP plans and FFVAs frequently being generic.
2. Following paper-trails and single sources of evidence increases the risk of being ‘fooled’ by fraudulent paperwork and other purported ‘evidence’.

Related to this is a tendency of inspectors and auditors to rely upon the completion of pre-prepared forms which had not been validated in light of the specific operating contexts of the FBO. The lack of triangulation (comparison with other sources) of objective evidence means that there is the potential for food safety and food fraud risk to exist, even proliferate.

Considering ‘what works,’ in response SFELC developed Official Control Verification (OCV) which has been accepted by the Scottish Government (SFELC, 2019). OCV is a radical departure from conventional auditing. A crucial difference is the core principle of OCV being to challenge and verify every aspect of a FCMS, placing particular emphasis on its effectiveness and appropriateness in the first place and to explicitly apply scientific methodology to its verification. This approach uses both validation and verification steps. The FCMS’s implementation is also challenged by cross referencing multiple corroborating sources of objective evidence (triangulation). This evidence needs to provide a rigorous evidence base that the FCMS is both appropriate and effective. The range of verification activities and the diversity of evidence assessed (food safety documentation, process documentation, financial documents, etc.) is what is referred to in this report as a verification of an economic, social, and cultural ecosystem. 
OCV underwent a process of validation within FSS including its science team and then further evaluation with stakeholders including the Scottish Government, the food manufacturing sector and within Official Controls (Improve International, 2018). It was piloted by several Scottish LAs. OCV has been developed further as guidance by the SEAFISH Industry Authority in partnership with the Royal Environmental Health Institute of Scotland (REHIS) and an accredited training course aimed at the verification of food authenticity and integrity including fraud.

The following case study provides an example of the use of collaboration in practice in addressing a food fraud incident.

Operation Tacana – an operational case study 

Operation Tacana successfully tackled a major food fraud incident associated with the illegal fishing and export of large quantities of Razor clams (a common burrowing bivalve mollusc found in sandy intertidal and subtidal areas of the Inner Hebrides that have a street-value in Hong Kong and China greater than class A drugs). The illegality in this case had three dimensions: fishing outside waters classified by FSS for food safety, and in relation to ecological based laws requiring sustainable methods of fishing, and falsification of Shellfish Registration documents attesting the safe ‘locus of capture’ such that the shellfish may legally enter the human food supply chain, i.e., through an establishment approved under Regulation (EC) 852/2004.

Lessons learned that were critical to the success of the operation were the use of systems level innovative thinking, agility in taking action, the use of multi-agency collaboration coordinating their combined powers, and the passage in real time of meaningful ‘locus of capture’ intelligence from Marine Scotland to the EH Departments. This meant that fishing boats could be boarded and lorries searched at Oban, and there was education of Sheriffs and local politicians regarding the gravity of the issues. Policing perspectives were eschewed in favour of contextually specific knowledge of the food sector and agile action with standardised police digital intelligence reporting systems being bypassed for being cumbersome and delaying the transfer of critical intelligence in critical real time.

First generation food fraud vulnerability assessment and prevention tools in the food industry

Global Food Safety Initiative 

Following the horsemeat incident, the Global Food Safety Initiative (GFSI) issued a position document in July 2014 on Mitigating the Public Health Risk of Food Fraud (GFSI, 2014). The document stated two approaches should be followed to mitigate food fraud. Firstly, the guidance recommended businesses should carry out a FFVA which involves gathering information at various points in the supply chain and then undertaking an evaluation to identify and prioritise significant food fraud vulnerabilities. Secondly, the document suggested the determination and implementation of appropriate control measures that are identified in a documented control plan (see Appendix 8). One example of the approaches used is the SSAFE tool promoted by the GFSI (GFSI, 2019) as a preventive measure. However, this tool requires a pre-requisite level of knowledge and the capability within the FBO to determine its actual vulnerability to fraud. Also, the illicit activities determined as food fraud by the GFSI (2019) do not align with the scope of activities as described by the NFCU. Sector initiatives have driven the adoption of FFVA at FBO level as a pre-condition to supply. Where FBOs are required for market access into retail and food service supply chains to comply with GFSI benchmarked standards there is a clear requirement to complete a FFVA and develop a food fraud prevention strategy. This is not the case for the majority of MSMEs operating outside these retail and food service supply chains and there is little guidance to support their development of food fraud prevention plans via FFVA and associated FCMS. 

The lack of guidance for MSMEs especially with regards to criminal theory means that individuals developing FFVA find it difficult in their analysis to ‘think like a criminal.’ In the interviews the development of FFPS and FFVA was discussed, and the responses were analysed using the construct of the fraud diamond. The elements of the fraud diamond: incentive, opportunity, rationalisation, and capability (see Wolfe and Hermanson, 2004), and other terms used in the Nordic study were used to consider the interview narratives. Other terms emerged from the interviews when ‘thinking like a criminal’ in developing preventive strategies and FFPPs. These were: consequences (especially a perceived lack of consequences); deterrence (ease of committing fraud); incentive (influenced by competition and economic gain); intention; motivation; opportunities; pressure (power/powerless and social pressure); and rationalisation (see Appendix 6 with exemplar quotes and Appendix 7). These findings align with some of the work proposed by Spink et al. (2019) when considering food fraud prevention strategies.
One option for SMEs is to develop hazard analysis critical control point food defence plans (HACCP-DP) so food safety hazards and food fraud and food defence threats are drawn together in the same document (Wiśniewska, 2015; Manning, 2019). This approach uses the established seven principles and twelve steps of HACCP as building blocks with three further steps to build the food defence element: 

Step 1 – determine critical defence points (CDPs) in the process. 
Step 2 – define food defence mitigation and control systems including countermeasures.
Step 3 – implement test, assess, and maintain defence mitigation activities (Wiśniewska, 2015; Manning, 2019).
Further research could pilot such approaches with SMEs to develop guidance for FBOs and regulators.

Chain of custody, mass balance analysis, and guardianship

The chain of custody (CoC) system is: “the list of all organisations (supply chain) that take ownership or control of a product during production, processing, shipping and retail (physically and/or administratively)” (ISEAL Alliance, 2016). The CoC system can either be prescribed by regulation, market standards, or developed as part of a supplier assurance programme by an individual organisation. A CoC system can be a key element of a FFPS underpinning the FFPPs at FBO or supply chain level. Appendix 9 Box 1 includes the elements of a CoC system. 

Independent mass balance analysis is already a pre-requisite utilised during the verification processes in multiple food supply third party certification schemes such as organic food certification, and the British Retail Consortium (BRC) Global Standard. Mass balance analysis, especially digital real-time mass balance analysis increases transparency through transaction data including the types and quantities of products sourced, from where and for what purpose. Public or state verification of such data would give insights into potential anomalies in the CoC for a food product. Regulators and FBOs can increase the level of deterrence by increasing the effort required by perpetrators to commit food fraud, introducing additional requirements for supply chain transparency, for example, adoption of mass balance analysis using financial and production data. One example is the Innovate funded The Digital Sandwich project that uses blockchain-based technology. 
Guardians, and in particular guardianship, is a crucial component of deterrence. Guardians monitor and protect food, consumers, FBOs, supply chains, and nations against illegal activity (Cohen and Felson, 1979). Guardianship requires collaboration of multiple actors to create an inter-organisational guardianship network with regulators and enforcement bodies have a specific role in the overarching regulatory protection applied where FBOs are unable to protect themselves or have insufficient information or empowerment to make decisions on their own behalf (Kowalska and Manning, 2022). Effective guardianship (regulations, enforcement, and surveillance systems) by regulators, FBOs and food supply chains can prevent food fraud (Qian et al., 2020; Kowalska and Manning, 2022). In our opinion improving guardianship networks is essential to improving food fraud prevention.

Capable guardianship has been considered in Australia with regard to financial fraud (Lindley et al., 2012) and is a key requirement within national, supply chain level, and FBO level FFPPs in Australia. Within the banking sector and with computer systems technology the guardianship role has been a key focus, as part of a wider verification ecosystem, for example, two step verification of identity when using banking phone apps or logging into computer systems. Ellis et al. (2016) argue that “future sensor/detection platforms and technologies, along with future predictive computational methods could together take on the capable guardian role and assist in significantly reducing the areas of vulnerability to fraud within food supply chains.” We would echo that statement.
The next section considers strategies and initiatives have been implemented to prevent and tackle commodity-based fraud in other industries.

Fraud prevention initiatives and strategies from other sectors

We identified publications from other sectors including finance, pharmaceuticals, automobile, technology, and waste management sectors which use systems and processes relevant to the NFCU’s work. Publication summarised in this section also focused on workplace fraud and frauds in goods and services chains in general. The following were highlighted as ‘what works’ or ‘may work’ in fraud prevention, although comprehensive objective evidence of effectiveness is to date lacking.

Finance sector  

• Good governance practices. Dianita (2021) suggest the implementation of good governance practices/system coupled with effective monitoring of all operational activities embeds fraud prevention.
• Standards and guidance documents. Availability of clear guidance standards focused on approach, mitigation and responsibility must include strategies that are not based on detection alone (DeZoort and Harrison, 2018).  
• Information sharing is essential to prevent fraud (Burke et al., 2022).
• Education. Repeated exposure to guidance on fraud and fraudulent activities (Burke et al., 2022); and workplace-based ethics training (Suh and Shim, 2020) needs to be adopted. The responsibility to raise concerns or whistle blow needs to be reinforced, although this may be difficult in toxic or corrupt environments (Suh and Shim, 2020)

Pharmaceutical sector

The development of FFPPs at multiple levels is reliant on existing systems within FBOs and wider food supply chains such as traceability, transparency, and product integrity. Sources of evidence in our review that focused on preventing drug counterfeiting in the pharmaceutical sector indicate that digital solutions using different technologies and techniques are being adopted in this sector to reduce the potential for counterfeit and falsified drugs as well as to ensure more transparency, traceability, and efficiency in the pharmaceutical supply chain. In terms of ‘what works’ internationally recognised pharmacovigilance guidance and standards, the International Council for Harmonisation Guideline E2E on Pharmacovigilance Planning (ICH, 2004) is being adopted for medicinal products to deliver robustness, transparency, and public health (EC, 2019). Pharmacovigilance is ‘the science and activities relating to the detection, assessment, understanding and prevention of adverse effects or any other medicine/vaccine related problem’ (WHO, 2023). EC Directive 2001/83/EC requires inter-Member State pharmacovigilance systems where each Member State is required to establish a pharmacovigilance system to collect information for surveillance and evaluation of medicinal products of particular interest in terms of preventing dietary supplement fraud (Manning et al., 2022). We recommend that this is an example worthy of further investigation to explore how such systems are implemented and opportunities for learning in terms of food fraud prevention.

Other effective strategies noted were:

• Multi-level interventions. Market surveillance, supply chain monitoring, and effective collaboration among all the stakeholders with tracking and measuring performance of interventions to gauge effectiveness is essential (Fadlallah et al., 2017). Unannounced audits are an intervention of value (Zhang et al., 2019). Increasing public awareness, stakeholder cooperation, strict enforcement of fraud regulations, surveillance and establishment of a fraud alert system should be integrated into an intervention system (Deisingh, 2005). There is a need for a combination of both counter and preventive measures such as strong internal control system, periodic auditing, and strong organisation structure for fraud prevention to work effectively (Jalil, 2018; Afiah et al., 2019; Anindya and Adhariani, 2019; Andreatta and Favarin, 2020) and the application of a multi-system approach of e-procurement, whistleblowing, and strong internal control (Primastiwi et al., 2021). However, there is no one-fits all approach in fraud prevention. 
• Traceability, transparency, and information sharing. International and national cooperation, reporting structures and consistent sharing of information is essential to increase transparency (Cockburn et al., 2005). Use of barcoding systems on primary packaging for vaccines has been recommended by UNICEF to address counterfeiting  Implementing e-systems for full traceability to the individual, allows validation and authentication of all vaccine uses in programmes with the associated safety benefits would prevent fraud (Jarrett et al., 2020). Blockchain enabled Internet of Things (IoT) solutions for smart pharmaceutical traceability systems have also been proposed (Margret et al., 2021).   
• Awareness creation and education. El-Dahiyat et al. (2021) propose awareness creation and education campaigns about the negative consequences of fraud with all actors. In other sectors social campaigns on fraud were highlighted as a prevention measure (Kowalski, 2018). Senior management should create awareness and understanding of an anti-corruption culture in all elements of the organisation (Jalil, 2018).

Other sectors  

• Elimination of fraud enablers. DuHadway et al. (2022) suggest that there is a need to build supply chain integrity and transparency to identify and eliminate weak points and gaps within the supply chain that can serve as fraud enablers. One option is to integrate technologies such as blockchain and smart contract so fraud can be more effectively prevented (Chen et al., 2022). The use of data mining and machine learning technologies to monitor the movement of products along the supply chain can aid tracking and monitoring of any unauthorised itinerary and its movements (Camossi et al., 2012).
• Coordinating effort. Farrand et al. (2019) highlight the need for transnational support, effective cooperation among the stakeholders, and strict enforcement of extant laws for effective fraud prevention.
• Embedding a situational crime prevention framework for designing and testing interventions can be effective for preventing food fraud especially through enhancing rule setting, reducing anonymity, extending guardianship and formal surveillance, and facilitating compliance (Prenzler, 2020).

The next section considers the third research question: what conditions need to be in place to enable successful fraud prevention strategies?