Stop, thief! – pharmaceutical shipment security14 April 2014
Thwarting cargo thieves is not straightforward; although recent years have seen major security improvements, the total number of cargo losses surged in 2013. Charles Forsaith, chairman of the Pharmaceutical Cargo Security Coalition, explores the problem, and explains what pharmaceutical companies can do to protect their shipments in storage and transit.
Cargo thievery, a little-known and little-understood form of criminal enterprise, has for many years targeted consumer shipments all over the world - in transit and in storage. Industries such as electronics, tobacco, cosmetics/personal care, metals and - the focus of this article - pharmaceuticals, have all been targeted by these thieves.
Make no mistake: organised criminal enterprises are commonly involved in this type of illicit activity. One frequently used example of this is the sophisticated burglary in 2010 of a pharmaceutical warehouse located in Connecticut, US. In that incident, a gang of men travelled to the north-east US from south Florida, arriving dressed in military-style fatigues, didn't go through a door or window but ascended the outside wall of the warehouse, cut a hole in the roof, and ultimately made off with approximately $80-million-worth of cancer, psychiatric and blood-thinning drugs in a double-stacked 53ft trailer.
Further investigation revealed that these same men were also responsible for several other, similar burglaries of pharmaceutical warehouses in Massachusetts, Mississippi and Virginia - as well as countless thefts of lorries hauling a wide variety of pharma products.
It was the Connecticut incident that really put into focus just how sophisticated these groups were getting. Prior to that, a number of industry-support organisations had begun to monitor how serious the theft problem was becoming. One of these organisations, the Pharmaceutical Cargo Security Coalition (PCSC), was in the process of collecting detailed statistics about these illicit acts and had started to disseminate intelligence to those in the industry (as well as those supporting it) to try to get a better handle on ways to combat any theft attempts.
What happened in Connecticut and another, totally independent, event - in which a temperature-controlled product was stolen, stored in a non-controlled-temperature environment and subsequently reintroduced into a legitimate supply chain, causing an adverse medical event - eventually drove the FDA to issue a letter to pharmaceutical manufacturers, wholesalers and retailers. That letter expressed the US Government's concerns over the growing frequency of cargo and warehouse theft, the threat these activities posed to patient safety, and the need for manufacturers and others in the supply chain to take proactive, preventative measures to protect their products.
Over an extended period, many different aspects of these high-stakes crimes were analysed. One of the surprising things learned was just how soft the penalties for them were. The comparison most often used was the incarceration potential and associated fines for the theft of, say, a trailer-load of hardware (hammers, nails, paint) against the theft of a trailer of highly sensitive, consumable, medicinal goods. What was ultimately found was that the penalties were no different. Not only that; those sentences were woefully small and were of no significant deterrent to the criminals targeting our industry.
Another issue that came into focus was the overall value of a loss involving pharma products. After a cargo theft, particularly one that would involve an environmentally controlled pharma product, government regulatory authorities began requesting that all similar products - already legitimately dispersed within the supply chain - be recalled until the stolen material was recovered. The rationale of this was that it would be virtually impossible to determine which product containers had been properly maintained and which had not - potentially offering products for sale that were ineffective or, in the worst-case scenario, toxic.
A million-dollar shipment loss, then, had a force multiplier of:
1. replacement cost - not only for what was originally lost but also for all that was recalled
2. potential loss of competitive advantage over other distributors
3. potential loss of customer confidence
4. increased insurance premiums.
Who is targeting us?
In building proactive cargo security and anti-theft programmes, the first step is to understand how criminals work. A colleague of mine, Brad Elrod from Pfizer, has always pointed out that criminals aren't restricted by corporate or governmental processes, and are frustratingly quick to adapt to changing preventative strategies.
Through PCSC analysis of theft data, which also included input from the Transported Asset Protection Association (TAPA) and various risk-management contractor databases (FreightWatch International, SC-ISAC, BSI and CargoNet) - together with several debriefings of criminals who had been caught and were willing to cooperate - a profile of what these thieves were thinking, and how and why they acted, began to develop.
We learned that many of these criminal events involved detailed surveillance efforts (not by the 'good guys' but by the 'bad guys') to understand distribution behaviour - as well as what protective security infrastructure already existed. Informants told us about what they looked for in a moving target (lone driver, unidentifiable trailer, refrigerated truck, weak locks and/or seals, visible GPS devices and patterned, repetitive driver behaviour). In a fixed target, such as a warehouse, the thieves were looking for the absence of guards, surveillance cameras, gates/fences, exterior lighting and so on.
This type of analysis proved invaluable as our industry moved to strengthen defences against this illicit activity.
Cargo theft trends vary, depending on where in the world goods are being moved or stored, as well as through which medium (ground/air/sea). In the US, large-scale thefts (FTL or full trailer-loads and warehouse burglaries) are typically nonviolent in nature and rarely involve face-to-face confrontations between criminal and victim. Smaller, 'last-mile courier' incidents, however, do typically involve violence of some kind, as they most often occur at final points of delivery to pharmacies and medical institutions.
In other parts of the world, such as Europe and Latin America, cargo theft appears to be more prevalent and almost always involves some sort of violence - no matter the size of the shipping conveyance. In Latin America, drivers are often kidnapped at gunpoint and later released, but in isolated locations. To complicate matters, in many of those countries, government officials (sometimes the police) are complicit in the crime. In Europe, criminals have been known to disguise themselves as police officers - adding a false sense of legitimacy to a vehicle stop or road detour - until they can jump on the driver and heist the shipment.
Amazingly, in some areas of Europe, thefts have been made while the delivery vehicle is still moving on the highway, with thieves pulling right up the rear of the lorry, climbing out onto the hood of their own vehicle, forcing open the cargo doors, and handing back shipping cases to others in their trailing car.
Collectively, all these techniques have required pharmaceutical distributors to break away from traditional practices to develop a unique, superior solution to a difficult problem. As a result, one of the primary defence theories that has been developed is a 'layered approach' to cargo security. Simply put, more than one defence mechanism must be deployed to ensure the greatest possibility of defending (and, in the worst-case scenario, recovering) shipments that may be targeted for theft.
Using a large-scale FTL shipment for an example, multiple defence 'layers' are employed. They could include all or some of the following: the use of dual drivers so that the shipment is much less likely to be left unattended at a stop; a heavy dose of tracking technology - independently on the cab and on the trailer, as well as secreted within a shipment itself; reinforced locks/seals on trailer doors; the use of electronic security devices to protect truck ignition systems; cabs and trailers coloured and marked distinctly enough to make concealment difficult; route variation choices so that repetitive behaviour is minimised; and shipment pick-ups with full tanks of fuel to minimise the number of stops, to name a few.
Other techniques include identifying areas of high risk to cargo theft and instructing ground drivers/air and ocean shippers to avoid them. Sending smaller shipments so that each shipment is less valuable and less desirable to potential thieves is also frequently considered.
Protecting a fixed target like a warehouse could be done by adding guards, cameras and sophisticated access-control devices, requesting additional patrols by local law enforcement authorities, improving existing lighting (exterior and interior), or adding gates and/or fences to segregate sensitive areas.
Formulating a plan
To effectively minimise illicit supply chain disruptions requires a detailed and organised set of protocols - essentially, a documented plan - to include a list of programme guidelines and operating procedures relating to your supply chain security initiatives. The plan should include contractual security requirements with all your supportive vendors (such as freight companies and logistics providers). Having a documented programme helps to define your objectives and make them accountable, to internal employees as well as your external supply chain partners.
There are many such plans that exist within the supply chain discipline. Groups like ASIS International and TAPA have worldwide standards for the protection of stored and in-transit assets. More specific to the pharmaceutical industry are groups like Rx-360, which has published a number of free white papers relating to procedures enhancing the security of your supply chain; the Pharmaceutical Security Institute; the National Biopharmaceutical Security Council; and the PCSC - all of which frequently sponsor meetings and seminars to support discussion on how to strengthen supply chains.
In the US, there are also a number of governmental supply chain security programmes that should be of interest to all in the pharmaceutical industry: the Customs-Trade Partnership Against Terrorism (C-TPAT) programme, the TSA Certified Cargo Screening Program and the FDA's recently enacted Secure Supply Chain Pilot Program available to those who move or store pharmaceutical goods.
It's not just prescription medications that are the target of these thieves. Quite the contrary: more industry thefts involve over-the-counter (OTC) drugs and consumer goods - to include things like infant formula - principally because they are easier to illicitly reintroduce into a supply chain. In general, consumers don't think twice about buying things like brand-name OTC products at high-volume discount stores, over the internet or at fleamarkets, as long as the packaging (or pictures of the packaging) appears to be authentic and intact. Few stop to think about why the price might be so low. If they did, they might also realise that the product might not have been handled in a manner designed to preserve quality or ingredient integrity.
One of the most important initiatives that has been put into action as a result of all of the analysis conducted is a process strongly endorsed by the PCSC. It begins with a risk assessment, in which all potential threats are identified and quantified. Once that is accomplished, strategies are developed and implemented in response. The results are monitored and strategies are refined, as what works and what doesn't is identified and adjusted.
The most important part of all this is that it is 'circular'. You don't just do it once and rest assured that it will solve all of your issues. From experience in law enforcement and the military, I have learned that those who desire to take advantage of and/or disrupt your supply chain are not static entities. When one method of disruption won't work, unethical and/or criminal groups will quickly move on to another. As stewards of patient safety and security, we, as an industry, must always be prepared to defend against such efforts.
And if those illicit efforts are predictable - which they should be, if a credible and validated supply chain security programme is used - then it only stands to reason that they are preventable.