TACCP vs VACCP: What is the difference and how to prevent food fraud?

On our blog, we have already written in detail about the concept of Food Fraud, the history of counterfeiting and the latest trends. You can see more at:

FOOD FRAUD – FRAUDS RELATED TO FOOD NEW TRENDS

We have also covered Food Defence through KAT and the three-element methodology, which you can see in several texts on our blog.

However, in practice, we often encounter confusion when it comes time to implement the requirements of GFSI standards (IFS, BRCGS, FSSC 22000). The most common questions we receive from clients are: What exactly is the difference between the TACCP and VACCP methodology? and How can a vulnerability assessment for food fraud be practically carried out?

In this text, we clarify these concepts and provide concrete steps for protecting your supply chain.

Three pillars of food safety: HACCP, TACCP and VACCP

In order to understand the differences, we must look at the broader picture of the food safety management system. Modern product protection relies on three basic pillars, each of which addresses a different type of risk:

1. HACCP (Hazard Analysis Critical Control Point): Focuses on unintentional (accidental) food safety hazards. These are physical, chemical and biological hazards that arise due to errors in production, poor hygiene or natural factors.

2. TACCP (Threat Assessment Critical Control Point): Focuses on intentional threats with the aim of causing harm. This is the core of the Food Defence plan. The attackers’ motives are ideological, terrorist-related, sabotage-related or based on dissatisfaction (e.g. a dissatisfied employee who intentionally contaminates a product).

3. VACCP (Vulnerability Assessment Critical Control Point): Focuses on intentional fraud with the aim of obtaining economic gain. This is the core of Food Fraud prevention. Fraudsters do not want to harm the consumer (because that attracts attention), but instead want to earn money unnoticed through substitution, dilution or false declaration.

Why is VACCP important for your company?

All leading GFSI-recognised standards, including IFS Food (version 8), BRCGS Food (version 9) and FSSC 22000 (version 7), explicitly require the implementation of a vulnerability assessment for food fraud.

Food fraud has become a highly sophisticated global problem. As supply chains have become longer and more complex, new opportunities for economic fraud have opened up. It is no longer only about adding water to milk; today we are talking about false organic certificates, incorrect geographical origin and sophisticated chemical substitutions that are difficult for routine laboratory analyses to detect.

How to carry out a vulnerability assessment for food fraud (VACCP)?

Unlike a HACCP plan, where you have direct control over your production process, VACCP predominantly focuses on your supply chain and the raw materials you purchase.

Here is a practical five-step guide for carrying out a VACCP assessment:

Step 1: Forming a team and mapping raw materials

The first step is to form a multidisciplinary team that includes purchasing, quality and production. Then, create a complete list of all raw materials, ingredients and packaging that your company procures.

Step 2: Collecting information (History and trends)

For each raw material, investigate whether it has been subject to fraud in the past. Use databases such as RASFF (Rapid Alert System for Food and Feed) or reports from the EU Food Fraud Network. Also, monitor global economic trends – a sudden increase in the price of a particular raw material on the stock exchange (e.g. due to a poor harvest) drastically increases the risk that this raw material will be counterfeited.

Step 3: Assessment of vulnerability factors

For each raw material and supplier, the team must assess the following key factors:

• History of fraud: Is the raw material known for counterfeiting (e.g. honey, olive oil, spices)?

• Economic factors: Is the raw material very expensive and is the price currently fluctuating?

• Complexity of the supply chain: Do you purchase directly from the producer or through several intermediaries/brokers? The longer the chain, the higher the risk.

• Possibility of detection: How easy is it to detect fraud through routine analyses upon receipt?

• Trust in the supplier: What is the history of cooperation like, and does the supplier have a GFSI certificate?

Step 4: Risk matrix (Calculating vulnerability)

Based on the collected data, the likelihood that fraud will occur and the consequences (impact on consumer health and brand reputation) are assessed. By cross-referencing these two parameters in a risk matrix, you obtain the level of vulnerability (low, medium, high) for each raw material.

Step 5: Mitigation Plan

For raw materials assessed as highly vulnerable, you must define and implement mitigation measures. This is not just a theoretical document, but concrete actions in practice. Measures may include:

• Changing suppliers (switching to direct producers).

• Introducing specific laboratory analyses (e.g. DNA testing for meat species or NMR analyses for honey).

• Stricter requirements for supplier certification.

• Introducing tamper-evident (protective) seals on transport packaging.

The most common types of food fraud and how to prevent them

To illustrate why VACCP is necessary, we will list several of the most common types of fraud in the supply chain:

• Species substitution: Selling a cheaper type of fish under the name of a more expensive species.

Prevention: Regular DNA testing of samples and purchasing from verified, certified fisheries.

• Dilution and addition of mass: Adding syrup to honey or ground twigs and starch to spices.

Prevention: Detailed raw material specifications, supplier audits and advanced analytical methods.

• False geographical or organic origin: Selling conventional products at a higher price as “organic.”

Prevention: Strict verification of the traceability and authenticity of certificates in official registers (mass review of documentation).

While HACCP ensures that your processes do not contaminate food, and TACCP protects your facility from malicious attackers, VACCP is your shield against economic fraud in the supply chain.

The implementation of a strong VACCP plan is not only a standard requirement that you must fulfil because of an audit. It is a key tool for protecting your brand reputation, the financial stability of your company and, ultimately, the trust of your consumers.

If you need assistance in preparing VACCP and TACCP studies, or in preparing for the transition to new versions of GFSI standards, the AS Consulting team is at your disposal!