Guest Column | July 18, 2018

Verification Of Serialized Drug Product — 60 Million Reasons Why Manufacturers Need To Act Now

By David Colombo, director, Life Science Advisory, KPMG

The Drug Supply Chain Security Act (DSCSA) will soon deliver another big impact to both pharmaceutical manufacturers/marketing authorization holders (MAHs) and distributors, with requirements for serialized product verification to comply with the next phase of requirements coming into effect Nov. 27, 2019.  To date, the DSCSA has had far-reaching implications in the manufacturing, packaging, and distribution of pharmaceuticals in the United States and will continue to have an effect until the law’s mandates fully go into effect by Nov. 27, 2023. DSCSA compliance has demanded a great deal of time, management attention, and money from the industry.

Understandably, much of the attention surrounding the DSCSA has been focused on the physical encoding of product with unique serial numbers and managing the serialization data for each batch/lot of finished product.  From a statutory perspective, this is the product identification requirement listed under section 582(b)(2)(A), which went into effect on Nov. 27, 2017.  The fundamental change in approach from every saleable unit being marked identically with a lot number and expiration date to every saleable unit additionally containing a unique serial number has been significant and revolutionary.  This was evident when the FDA issued a communication stating it would defer enforcement by one year (to Nov. 27, 2018).  Pharmaceutical manufacturers/marketing authorization holders (MAHs) and the contract manufacturing organizations (CMOs) supplying them have been challenged to implement new or enhanced packaging-line hardware and software to mark and inspect serialization codes, along with enterprise-level solutions to store and manage the information. Depending on the business model and markets supplied, the exchange of serialization information with suppliers, trading partners, and government agencies also requires functionality that needed to be developed, qualified, and implemented.

Now that one of the most significant challenges for manufacturers is about to be achieved, the attention of industry shifts to distributors and the next significant requirement of the DSCSA, which goes into effect Nov. 27, 2019, known as the “Saleable Returns” requirement defined in section 582(c)(4)(D) of the DSCSA.  

Why the concern now, since different forms of verification have been required since 2017?  

Why does the following table presented by the Healthcare Distribution Alliance (HDA), which provides a comprehensive view of all sections of the DSCSA requiring some form of product verification, identify only one of the nine sections of DSCSA with an impact level of “High”?

It all comes down to volume, scale, and speed.  Section 582(c)(4)(D) is expected to result in over 60 million verification requests per year generated by distributors to the manufacturer/MAH responsible for responding.  The other verification request requirements are triggered more by exception than rule.  To date, anecdotal information indicates that some manufacturers have yet to receive a verification request caused by either suspect/illegitimate product investigations or ad-hoc requests from authorized trading partners.  This will certainly not be the situation for saleable returns verification requests, as indicated in Figure 1.

Figure 1 (illustration courtesy of Healthcare Distribution Alliance [HDA])

The other verification use cases driven by 582(b) and 582(c) also don’t require the degree of integration that saleable return verification processing will demand.  There are over 500 manufacturers that must act as the “responder” to verification requests submitted by authorized trading partners, whether a direct or indirect customer.  Over 150 distributors will need to have the ability to send verification requests to those ~500 manufacturers.  At this scale, it is not practical to create the approximately 50,000 direct peer-to-peer connections.  There is also a critical expectation from distributors that the response to verification requests should be sub-second in order to minimize impacts to the receiving process, space, and material flow.

Because of the scale and magnitude of the impact that the DSCSA saleable returns requirement has on distributors (verification “requestors”) and manufacturers (verification “responders”), HDA launched an industry-wide effort, including serialization solution providers, to approach this problem collectively and in a collaborative manner in early 2017.  This project became known as the Verification Router Service (VRS)

VRS is an ecosystem of interoperable solutions used to manage the acceptance, formatting, and delivery of requests and responses in order to support DSCSA verification requirements.

Figure 2 (Illustration courtesy of Healthcare Distribution Alliance [HDA])

How Will VRS Work?

Figure 3 (Illustration courtesy of Healthcare Distribution Alliance [HDA])

At the core of the VRS is the concept of a look-up directory, which is referenced each time a verification request is created in order to determine where to route the request, i.e., who is the manufacturer responsible for providing a response for the product and what is the address/location where the product identifier (PI) data is stored?   The PI is comprised of four data elements: the GTIN (global trade item number), the serial number, the expiration date, and the lot number.  If all four pieces of data scanned from the Datamatrix code are valid entries in the manufacturer’s (responder’s) database, a positive response is received.

Since April 2017, HDA has conducted over 40 meetings and workshops with industry members and solutions providers.  These efforts have resulted in the following documents being created, reviewed, and approved by industry and solutions provider participants:

Call To Action For Manufacturers

Though the 2019 Saleable Returns Requirement is for distributors, the impact and call to action is equal, if not greater, for manufacturers/marketing authorization holders (MAHs).  If you are a manufacturer/MAH responsible for responding to verification requests, you should know the answers to the following questions:

  • Does your serial number repository solution have the ability to accept verification requests from external sources?
  • Does your serial number repository solution have the ability to generate a response to the verification requests and provide it to the requesting system?
  • Are there any products within your portfolio that should not have a response generated for saleable returns, due to contractual terms or other factors?
  • Do you have co-licensing arrangements with other manufacturers/MAHs?  If so, are responsibilities for responding to requests clearly documented?
  • What information/alerts would you expect to have visibility to as part of ongoing oversight, e.g., a serialized product that has been returned more than once or twice; verification requests from an unexpected trading partner?
  • Are you planning to provide serial number information to your customers with each shipment even though it is not required by the DSCSA until November 2023? This may alleviate the need for your trading partners to direct their query to you if you have already provided the information upon shipment.

Manufacturers that are unable to respond to verification requests will likely face the consequences of product being returned for destruction, as it will not be able to be returned to saleable inventory and resold.  The resulting increase in product packaging and distribution could become a significant cost factor for manufacturers and may also negatively impact customer service levels.

For additional information about the Verification Router Service efforts that HDA is coordinating across distributors, manufacturers, and solutions providers, contact Justine Freisleben, senior director of industry relations at HDA (

About The Author:

Dave Colombo is a director within KPMG’s Life Sciences Advisory Practice, with over 25 years of experience supporting supply chain execution processes at a large global pharmaceutical company. Prior to joining KPMG, he spent six years dedicated to product coding, serialization, and traceability implementing solutions in Turkey, China, S. Korea, EU, and the U.S. You can reach him at or connect with him via LinkedIn.

The views expressed in this article are my own.