Tag: 483

From PAI to Warning Letter – Lessons from Sanofi

Through the skilled work of a very helpful FOIA officer at the FDA I have been reviewing the 2020 483 and EIR for the pre-approval inspection at the Sanofi Framingham, MA site that recently received a Warning Letter:

Click to access foia-2025-1030-genzyme-corp.-framingham-ma-fei-1220423-eir-dtd-9-4-20_redacted-1.pdf

Click to access foia-2025-1030-genzyme-corp.-framingham-ma-fei-1220423-fda-483-dtd-9-4-20_redacted-1.pdf

The 2020 pre-approval inspection (PAI) of Sanofi’s facility in Framingham, MA, uncovered critical deviations that exposed systemic weaknesses in contamination controls, equipment maintenance, and quality oversight. These deficiencies, documented in FDA Form 483 (FEI 1220423), violated 21 CFR 211 regulations and FDA Compliance Program 7346.832 requirements for PAIs. The facility’s failure to address these issues and to make systeatic changes over time (and perhaps backslide, but that is conjecture) contributed to subsequent regulatory actions, including a 2022 Form 483 and the 2024 FDA warning letter citing persistent CGMP violations. This analysis traces the 2020 findings to their regulatory origins, examines their operational consequences, and identifies lessons for PAI preparedness in high-risk API manufacturing.

Regulatory Foundations of Pre-Approval Inspections

The FDA’s PAI program operates under Compliance Program 7346.832, which mandates rigorous evaluation of facilities named in NDAs, ANDAs, or BLAs. Three pillars govern these inspections:

  1. Commercial Manufacturing Readiness: PAIs assess whether facilities can reliably execute commercial-scale processes while maintaining CGMP compliance. This includes verification of validated equipment cleaning procedures, environmental monitoring systems, and preventive maintenance programs. The FDA prioritizes sites handling novel APIs, narrow therapeutic index drugs, or first-time applications—criteria met by Sanofi’s production of drug substances.
  2. Application Conformance: Inspectors cross-validate submission data against actual operations, focusing on batch records, process parameters, and analytical methods. Discrepancies between filed documentation and observed practices constitute major compliance risks, particularly for facilities like Sanofi that utilize complex biologics manufacturing processes.
  3. Data Integrity Assurance
    Per 21 CFR 211.194, PAIs include forensic reviews of raw data, equipment logs, and stability studies. The 2020 inspection identified multiple QC laboratory lapses at Sanofi that undermined data reliability—a red flag under FDA’s heightened focus on data governance in PAIs.

Facility Maintenance Deficiencies

Sterilization Equipment Contamination
On September 2, 2020, FDA investigators documented (b)(4) residue on FB-2880-001 sterilization equipment and its transport cart—critical infrastructure for bioreactor probe sterilization. The absence of cleaning procedures or routine inspections violated 21 CFR 211.67(a), which mandates written equipment maintenance protocols. This lapse created cross-contamination risks for (b)(4) drug substances, directly contradicting the application’s sterility claims.

The unvalidated cleaning process for those chambers further breached 21 CFR 211.63, requiring equipment design that prevents adulteration. Historical data from 2008–2009 FDA inspections revealed similar sterilization issues at Allston facility, suggesting systemic quality control failures which suggests that these issues never were really dealt with systematically across all sites under the consent decree.

Environmental Control Breakdowns
The August 26, 2020 finding of unsecured pre-filters in Downflow Booth —a critical area for raw material weighing—exposed multiple CGMP violations:

  • 21 CFR 211.46(b): Failure to maintain HEPA filter integrity in controlled environments
  • FDA Aseptic Processing Guidance: Loose filters compromise ISO 5 unidirectional airflow
  • 21 CFR 211.42(c): Inadequate facility design for preventing material contamination

Ceiling diffuser screens in Suite CNC space with unsecured fasteners exacerbated particulate contamination risks. The cumulative effect violated PAI Objective 1 by demonstrating poor facility control—a key factor in the 2024 warning letter’s citation of “unsuitable equipment for microbiologically controlled environments”.

Quality Control Laboratory Failures

Analytical Balance Non-Compliance
The QC microbiology laboratory’s use of an unqualified balance breached multiple standards:

  • 21 CFR 211.68(a): Lack of calibration for automated equipment
  • USP <41> Guidelines: Failure to establish minimum weigh limits
  • FDA Data Integrity Guidance (2018): Unguaranteed accuracy of microbiological test results

This deficiency directly impacted the reliability of bioburden testing data submitted in the application, contravening PAI Objective 3’s data authenticity requirements.

Delayed Logbook Reviews
Three QC logbooks exceeded the review window specified in the site’s procedure:

  1. Temperature logs for water baths
  2. Dry state storage checklists

The delays violated 21 CFR 211.188(b)(11), which requires contemporaneous review of batch records. More critically, they reflected inadequate quality unit oversight—a recurring theme in Sanofi’s 2024 warning letter citing “lackluster quality control”.

And if they found 3 logbooks, chances are there were many more in an equal state.

Leak Investigations – A Leading Indicator

there are two pages in the EIR around leak deviation investigations, including the infamous bags, and in hindsight, I think this is an incredibly important inflection point from improvement that was missed.

Leaks in Single-Use Manufacturing: A Critical Challenge in Bioprocessing

The inspector took the time to evaluate quite a few deviations and overall control strategy for leaks and gave Sanofi a clean-bill of health. So we have to wonder if there was not enough problems to go deep enough to see a trend or if a sense of complacency allowed Sanofi to lower their guard around this critical aspect of single use, functionally closed systems.

2022 Follow-Up Inspection: Escalating Compliance Failures

Click to access foia-2025-1030-genzyme-corp.-framingham-ma-fei-1220423-fda-483-dtd-7-25-22_redacted-2.pdf

Click to access foia-2025-1030-genzyme-corp.-framingham-ma-fei-1220423-eir-dtd-7-25-22_redacted-1.pdf

The FDA’s July 2022 reinspection of Sanofi’s Framingham facility revealed persistent deficiencies despite corrective actions taken after the 2020 PAI. The inspection, conducted under Compliance Program 7356.002M, identified critical gaps in data governance and facility maintenance, resulting in a 2-item Form FDA 483 and an Official Action Indicated (OAI) classification – a significant escalation from the 2020 Voluntary Action Indicated (VAI) status.

Computerized System Control Failures

The FDA identified systemic weaknesses in data integrity controls for testers used to validate filter integrity during drug substance manufacturing. These testers generated electronic logs documenting failed and canceled tests that were never reviewed or documented in manufacturing records. For example:

  • On June 9, 2022, a filter underwent three consecutive tests for clarification operations: two failures and one cancellation due to operator error (audible “hissing” during testing). Only the final passing result was recorded in logbooks.
  • Between 2020–2022, operators canceled 14% of tests across testers without documented justification, violating 21 CFR 211.68(b) requirements for automated equipment review.

The firm had improperly classified these testers as “legacy electronic equipment,” bypassing mandatory audit trail reviews under their site procedure. I am not even sure what legacy electronic equipment means, but this failure contravened FDA’s Data Integrity Guidance (2018), which requires full traceability of GxP decisions.

Facility Degradation Risks

Multiple infrastructure deficiencies demonstrated declining maintenance standards:

Grade-A Area Compromises

  • Biological Safety Cabinet: Rust particles and brown residue contaminated interior surfaces used for drug substance handling in April 20223. The material was later identified as iron oxide from deteriorating cabinet components.
  • HVAC System Leaks: A pH probe in the water system leaked into grade-D areas, with standing water observed near active bioreactors3.

Structural Integrity Issues

  • Chipped epoxy floors in grade-C rooms created particulate generation risks during cell culture operations.
  • Improperly sloped flooring allowed pooling of rinse water adjacent to purification equipment.

These conditions violated 21 CFR 211.42(c), requiring facilities to prevent contamination through proper design, and demonstrated backsliding from 2020 corrective actions targeting environmental controls.

Regulatory Reckoning

These cultural failures crystallized in FDA’s 2024 citation of “systemic indifference to quality stewardship”. While some technological upgrades provided tactical fixes, the delayed recognition of cultural rot as root cause transformed manageable equipment issues into existential compliance threats—a cautionary tale for pharmaceutical manufacturers navigating dual challenges of technological modernization and workforce transition.

Conclusion: A Compliance Crisis Decade

The Sanofi case (2020–2024) exemplifies the consequences of treating PAIs as checklist exercises rather than opportunities for quality system maturation. The facility’s progression from 483 observations to OAI status and finally warning letter underscores three critical lessons:

  1. Proactive Data Governance: Holitisic data overnance and data integrity, including audit trail reviews that encompass all GxP systems – legacy or modern.
  2. Infrastructure Investment: Episodic maintenance cannot replace lifecycle-based asset management programs.
  3. Cultural Transformation: Quality metrics must drive executive incentives to prevent recurrent failures.

Manufacturers must adopt holistic systems integrating advanced analytics, robust knowledge management, and cultural accountability to avoid a costly regulatory debacle.

PAI Readiness Best Practices

Pre-Inspection Preparation

  1. Gap Analysis Against CPGM 7346.832
    Facilities should conduct mock inspections evaluating:
    • Conformance between batch records and application data
    • Completeness of method validation protocols
    • Environmental monitoring trend reports
  2. Data Integrity Audits
    Forensic reviews of electronic records (e.g., HPLC chromatograms, equipment logs) using FDA’s “ALCOA+” criteria—ensuring data is Attributable, Legible, Contemporaneous, Original, and Accurate.
  3. Facility Hardening
    Preventive maintenance programs for critical utilities:
    • Steam-in-place systems
    • HVAC airflow balances
    • Water for injection loops

Post-Approval Vigilance

The Sanofi case underscores the need for ongoing compliance monitoring post-PAI:

  • Quality Metrics Tracking: FDA-required metrics like lot rejection rates and CAPA effectiveness
  • Regulatory Intelligence: Monitoring emerging focus areas through FDA warning letters and guidance updates
  • Process Robustness Studies: Continued process verification per 21 CFR 211.110(a)

2024 FDA 483 Data

The FDA has published the 2024 Inspectional Observation Data Sets. I don’t think there are any surprise that on what the inspection observations data for fiscal year 2024 shows and what key GMP inspection themes emerge for drug manufacturers:

Quality Systems and Documentation

Inadequate Procedures and Documentation

  • Failure to establish or follow written procedures for various operations, including quality control, production, and process controls.
  • Lack of complete documentation for investigations, batch records, and laboratory testing.

Quality Control Unit Deficiencies

  • Inadequate responsibilities and authority of the quality control unit.
  • Failure to approve or reject components, products, procedures, or specifications.

Manufacturing and Process Controls

Equipment and Facility Issues

  • Inadequate design, maintenance, or cleaning of manufacturing equipment.
  • Deficiencies in facility maintenance, sanitation, and environmental controls.

Process Validation and Control

  • Lack of adequate process validation, especially for sterile drug products.
  • Insufficient control procedures to monitor and validate manufacturing processes.

Laboratory Controls

Inadequate Laboratory Practices

  • Failure to establish scientifically sound laboratory controls.
  • Deficiencies in test methods validation and stability testing programs.

Component Testing

  • Inadequate testing of drug components and reliance on supplier certificates without proper verification.

Sterile Drug Manufacturing

Aseptic Processing Deficiencies

  • Inadequate procedures and validation for sterile drug products.
  • Deficiencies in environmental monitoring and control systems for aseptic processing areas.

Training and Personnel

Inadequate Employee Training

  • Insufficient training of employees in GMP and specific job function.

Complaint Handling and Product Quality Reviews

Deficient Complaint Procedures

  • Inadequate procedures for handling product complaints.

Annual Product Quality Review

  • Failure to conduct adequate annual product quality reviews.

Equipment Related

Out of the 365 observations that mention equipment, 277 are from just 5 regulations. Let’s take a deeper look.

Reference Number Short Description Long Description Frequency
21 CFR 211.63 Equipment Design, Size and Location Equipment used in the manufacture, processing, packing or holding of drug products is not [of appropriate design] [of adequate size] [suitably located] to facilitate operations for its [intended use] [cleaning and maintenance]. Specifically, *** 85
21 CFR 211.67(a) Cleaning / Sanitizing / Maintenance Equipment and utensils are not [cleaned] [maintained] [sanitized] at appropriate intervals to prevent [malfunctions] [contamination] that would alter the safety, identity, strength, quality or purity of the drug product. Specifically, *** 76
21 CFR 211.67(b) Written procedures not established/followed Written procedures are not [established] [followed] for the cleaning and maintenance of equipment, including utensils, used in the manufacture, processing, packing or holding of a drug product. Specifically, *** 60
21 CFR 211.68(a) Calibration/Inspection/Checking not done Routine [calibration] [inspection] [checking] of [automatic] [mechanical] [electronic] equipment is not performed according to a written program designed to assure proper performance. Specifically, *** 30

Improper design and qualification, improper cleaning, improper calibration and inspections. Yes these take work, but these are all areas that effort can improve.

FDA 2021 483s – Bioresearch Monitoring

The FDA has released the 2021 483 data. With my mind being mostly preoccupied with bioresearch monitoring inspection preparation, let’s look at that data, focusing on the top 10.

CFR Reference in 2021# 483s 2021#  483s 2020# 483s 2019
21 CFR 312.609058127
FD-1572, protocol compliance8454119
Informed consent648
21 CFR 312.62(b)483060
Case history records- inadequate or inadequate483060
21 CFR 312.62(a)131117
Accountability records121116
Unused drug disposition (investigator)1#N/A1
21 CFR 50.27(a)937
Consent form not approved/signed/dated726
Copy of consent form not provided211
21 CFR 312.64(b)967
Safety reports967
21 CFR 312.668719
Initial and continuing review626
Unanticipated problems246
21 CFR 312.20(a)513
Failure to submit an IND513
21 CFR 58.130(a)423
Conduct: in accordance with protocol423
21 CFR 312.503716
General responsibilities of sponsors3414
21 CFR 50.20358
Consent not obtained, exceptions do not apply314
Comparison of 2021 Top 10 BIMO 483 categories with 2020 and 2019 data

Based on comparison of number of inspections per year, I am not sure we can really say there was much COVID impact in the data. COVID may have influenced observations, but all it really seemed to do is excaerbate already existing problems,

Key lesson in the data? The GCPs are struggling at accountability of documentation and decision making.

2020 483s on data integrity

Data integrity continued to be a focus of the FDA, though the reduced inspections definitely led to fewer 483s.

Reference NumberShort DescriptionLong Description2020 Frequency2019 Frequency2018 Frequency
21 CFR 211.194(a)Complete test data included in recordsLaboratory records do not include complete data derived from all tests, examinations and assay necessary to assure compliance with established specifications and standards.  Specifically, , ***153833
21 CFR 211.194(a)(4)Complete Test DataLaboratory records are deficient in that they do not include a complete record of all data obtained during testing.  Specifically, ***102428
21 CFR 211.68(b)Backup data not assured as exact and completeBackup data is not assured as [exact] [complete] [secure from alteration, erasure or loss] through keeping hard copy or alternate systems.  Specifically, ***6671
21 CFR 211.194(a)(4)Data secured in course of each testLaboratory records do not include a complete record of all data secured in the course of each test, including all [graphs] [charts] [spectra] from laboratory instrumentation, properly identified to show the [specific component] [drug product container] [closure] [in-process material] [lot tested] [drug product tested].  Specifically, ***4128
21 CFR 211.68(b)Written record not kept of program and validation dataA written record of the program along with appropriate validation data has not been maintained in situations where backup data is eliminated by computerization or other automated processes.  Specifically, ***1671
483s related to data integrity

2020 FDA 483s around change

The yearly database of 483s has been updated by the FDA. Lots will be written on themes as we end the year, so I decided to give a few of my immediate observations.

I find that over time what I focus in on changes, as my jobs evolve and change, and the interests I have shift. However, some things never change, so let us talk change.

Reference NumberShort DescriptionLong Description2020 Frequency2019 Frequency2018 Frequency
21 CFR 211.100(a)Changes to Procedures Not Reviewed, ApprovedChanges to written procedures are  not [drafted, reviewed and approved by the appropriate organizational unit] [reviewed and approved by the quality control unit].  Specifically, ***8139
21 CFR 211.160(a)Lab controls established, including changesThe establishment of [specifications] [standards] [sampling plans] [test procedures] [laboratory control mechanisms] including any changes thereto, are not [drafted by the appropriate organizational unit] [reviewed and approved by the quality control unit].  Specifically, ***41817
21 CFR 212.20(c)Adverse effects of changes madeYou did not demonstrate that any change does not adversely affect the [identity] [strength] [quality] [purity] of your PET drug. Specifically,***111
483s related to changes

I think its fair to say the decreases as a result of the pandemic and the reduced inspections.

Over on the device side of things we see:

Reference NumberShort DescriptionLong DescriptionFrequency
21 CFR 820.30(i)Design changes – Lack of or Inadequate ProceduresProcedures for design change have not been [adequately] established.  Specifically,***26
21 CFR 820.40(b)Document change records, maintained.Records of changes to documents were not [adequately] maintained.  Specifically, ***6
21 CFR 820.70(b)Production and Process Change Procedures, lack of or Inad.Procedures for changes to a [specification] [method] [process] [procedure] have not been [adequately] established.  Specifically, *** 5
21 CFR 820.75(c)Process changes – review, evaluation and revalidationA validated process was not [reviewed and evaluated] [revalidated] when changes or process deviations occurred. Specifically, ***5
21 CFR 820.40(b)Change records, contentRecords of changes did not include [a description of the change] [identification of the affected documents] [the signature of the approving official(s)] [the approval date] [when the change became effective].  Specifically, ***



3
21 CFR 820.50(b)Supplier notification of changesThere is no agreement with [suppliers] [contractors] [consultants] to notify you of changes in the product or service.  Specifically, ***3
21 CFR 820.75(c)Documentation – review in response to changes or deviationsThere is no documentation of the [review and evaluation of a process] [revalidation of a process] performed in response to changes or process deviations.  Specifically, ***1
Device 473s around change

I’m a firm believer that pharma should always pay attention to the medical device side for 483s. A lot of us are combination products now (or will be) and there is always good trends to be aware of.

My key takeaways:

  1. Think change management and not just change control and document control
  2. Computer change controls need to be holistic and system orientated
  3. Have a process that ensures changes are appropriately reviewed and approved
  4. Risk based and evaluate validation
  5. A robust supplier management program is critical, plan for change

Here’s a more detailed checklist to help you evaluate your change system.