Since its inception, the U.S. Consumer Product Safety Commission (CPSC) has encouraged companies to implement active product safety management programs. Since 2010, however, the CPSC has made this a bit more official. Requirements for the establishment of safety compliance programs have appeared in a final rule of factors to be considered for civil penalties, in a number of consent decrees and settlement agreements for civil penalties, in letters from the CPSC where they decided not to seek civil penalties, and finally in a proposed interpretive rule.
This article will examine the CPSC’s previous guidance on safety programs, describe the new requirements and proposed rules and discuss what they might mean for product manufacturers.
Prior Guidance on Safety Programs
The CPSC first published the Handbook for Manufacturing Safer Consumer Products in the 1970s, shortly after the agency was created. The last edition of this handbook came out in 2006 and discusses product safety policies, organization, and training as well as all aspects of design, manufacturing, quality, corrective actions, etc. In other words, it discusses safety procedures that it believes are appropriate for any company making consumer products in all aspects of design, production, sales, and post-sale.
At the beginning of the handbook, it says:
“Manufacturers must assure the safety of consumer products. This is achieved through the design, production and distribution of the products they manufacture. It is best accomplished by a comprehensive systems approach to product safety, which includes every step from the creation of a product design to the ultimate use of the product by the consumer. The basic concepts for a comprehensive systems approach for the design, production and distribution of consumer products are discussed in this Handbook.”
In addition, the CPSC’s Recall Handbook, in existence for many years but updated in March 2012, has had sections on the appointment of a Recall Coordinator, development of a company recall policy and plan, and extensive suggestions for the creation and retention of records to support a recall.
The safety processes advocated in these handbooks are just suggestions and not legal requirements. In addition, they are similar to those procedures employed by companies who have a well-functioning safety effort. So, there is nothing particularly onerous here that a company shouldn’t already be doing.
New Requirements for Safety Compliance Programs
Recently, however, new requirements for safety compliance programs have been inserted by the CPSC into various documents.
Factors to Consider for Civil Penalties
First, on March 31, 2010, the CPSC published in the Federal Register a final rule of factors that its staff is expected to consider when deciding whether to seek civil penalties. The rule (16 CFR §1119.4(b)(1)) clearly states that product safety programs are one of the factors to be considered by the staff in assessing civil penalties:
“The Commission may consider, when a safety/compliance program and/or system as established is relevant to a violation, whether a person had at the time of the violation a reasonable and effective program or system for collecting and analyzing information related to safety issues. Examples of such information would include incident reports, lawsuits, warranty claims, and safety-related issues related to repairs or returns. The Commission may also consider whether a person conducted adequate and relevant premarket and production testing of the product at issue; had a program in place for continued compliance with all relevant mandatory and voluntary safety standards; and other factors as the Commission deems appropriate. The burden to present clear, reliable, relevant, and sufficient evidence of such program, system, or testing rests on the person seeking consideration of this factor.”
In addition, the Commissioners released a statement dated March 10, 2010 concerning these new factors that said in part:
“The safety/compliance program factor takes into account the extent to which a person (including an importer of goods) has sound, effective programs/systems in place to ensure that the products he makes, sells or distributes are safe. Having effective safety programs dramatically lessens the likelihood that a person will have to worry about the application of this civil penalty rule. Any good program will make sure that there is continuing compliance with all relevant mandatory and voluntary safety standards. This is not the same as saying if one’s product meets all mandatory and voluntary standards that the Commission will not seek a civil penalty in appropriate cases. The Commission expects companies to follow all mandatory and voluntary safety standards as a matter of course.”
Daiso Consent Decree
At the same time that the new civil penalty factors were being finalized, the establishment of a product safety management program was included for the first time in a consent decree for civil penalties. In a March 4, 2010 agreement, Daiso Holding, a U.S. subsidiary of a Japanese company, agreed to pay a little more than $2 million in fines for violating various laws and regulations concerning the sale of toys and children’s products.
The consent decree required Daiso to hire a product safety coordinator approved by the CPSC to do, in part, the following:
- Create a comprehensive product safety program
- Conduct a product audit to determine which of Defendants’ merchandise requires testing and certification of compliance with the FHSA, the CPSA, and any other Act enforced by the CPSC
- Establish and implement an effective and reasonable product safety testing program in compliance with the FHSA, the CPSA, and any other Act enforced by the CPSC
- Create guidance manuals for managers and employees on how to comply with product safety requirements
- Establish procedures to conduct product recalls
- Establish systems to investigate all reports of consumer incidents, property damage, injuries, warranty claims, insurance claims and court complaints regarding products under the jurisdiction of the CPSC that Defendants imported into the United States
The consent decree contains many more specific requirements, and also includes the following monitoring requirements:
“At the end of the first year of the monitoring period and at the end of any 180-day extension of the monitoring period under this paragraph, the Coordinator shall provide a written report to the Office of Compliance. If the Coordinator certifies Defendants are in compliance as described in this paragraph, the monitoring period will end. If the Coordinator cannot certify that Defendants meet each of the compliance requirements listed below, the monitoring period shall continue for an additional 180 days, at the end of which the Coordinator shall provide an updated written report to the Office of Compliance.”
Daiso retained an independent consultant to certify compliance, and the CPSC sent its staff to Daiso facilities to audit compliance. Daiso passed and the monitoring was ultimately discontinued.
Safety Requirements in Civil Penalty Settlement Agreements
The CPSC did nothing further to impose safety requirements until they were inserted into civil penalty settlement agreements starting in February 2013. In the first such agreement, Kolcraft agreed to pay a $400,000 civil penalty. In addition, they agreed to the following language:
“Kolcraft shall maintain and enforce a system of internal controls and procedures designed to ensure that: (i) information required to be disclosed by Kolcraft to the Commission is recorded, processed and reported in accordance with applicable law; (ii) all reporting made to the Commission is timely, truthful, complete and accurate; and (iii) prompt disclosure is made to Kolcraft’s management of any significant deficiencies or material weaknesses in the design or operation of such internal controls that are reasonably likely to adversely affect in any material respect Kolcraft’s ability to record, process and report to the Commission in accordance with applicable law.
“Upon request of Staff, Kolcraft shall provide written documentation of such improvements, processes, and controls, including, but not limited to, the effective dates of such improvements, processes, and controls. Kolcraft shall cooperate fully and truthfully with Staff and shall make available all information, materials, and personnel deemed necessary by Staff to evaluate Kolcraft’s compliance with the terms of the Agreement.
“Kolcraft shall implement and maintain a compliance program designed to ensure compliance with the safety statutes and regulations enforced by the CPSC that, at a minimum, contains the following elements (i) written standards and policies; (ii) a mechanism for confidential employee reporting of compliance-related questions or concerns to either a compliance officer or to another senior manager with authority to act as necessary; (iii) effective communication of company compliance-related policies and procedures to all employees through training programs or otherwise; (iv) senior manager responsibility for compliance; (v) board oversight of compliance (if applicable); and (vi) retention of all compliance-related records for at least five (5) years and availability of such records to CPSC upon request.”
Then, Chairman Tenenbaum and Commissioner Adler issued a joint statement in connection with this agreement, stating their concern that Kolcraft had had a dozen recalls since 1989 and that some further action was required. They said:
“The failure of a company to have an effective means of detecting and addressing serious or continuous safety issues with its products is contrary to the expectations of consumers and is unacceptable to this Commission. While we certainly understand that even the most responsible companies can make mistakes, the failure of a company to have in place an effective compliance program and internal controls is irresponsible. Thus, going forward, we expect those 2companies that lack an effective compliance program and internal controls to voluntarily adopt them. If not, we will insist that they do so.”
The Commissioners also made it clear in their statement that having an adequate safety program does not let a company off the hook for failing to report a safety problem in a timely manner.
Then, in May 2013, Williams-Sonoma agreed to pay $987,500 in civil penalties for failing to report a safety problem to the CPSC in a timely manner. The three paragraphs from the Kolcraft opinion quoted above were also inserted in the Williams-Sonoma agreement. In addition, Commissioner Nord submitted a statement on the Williams-Sonoma agreement that questioned the piecemeal creation of a mandate for such programs through enforcement. Commissioner Adler responded to Commissioner Nord’s concern and signaled his views on the future use of such safety requirements. He said, in part:
“Far from viewing this settlement as punishment, I view it as the Commission and the company mutually agreeing to a set of reasonable measures designed to lead to safer products and fewer recalls in the future. Indeed, I suspect that the reason that companies agree to such language is their sense that any conscientious, responsible firm should follow such procedures in their approach to compliance. And to the extent that their past practices might have fallen short of these goals, they are eager to demonstrate that their future approach will be one of strict adherence to such provisions…
“…The fact that the Commission has sought similar language in the two settlements says little at this point about whether there has been a shift in agency policy in the future. Even if it did, there is nothing improper about implementing the policy in individual case settlements. That said, I do not rule out asking for such clauses in future non-civil penalty settlement agreements nor do I rule out future expansions of the Commission’s voluntary recall policies.”
Since May 2013, every settlement agreement for civil penalties has had some compliance requirements. Based on this history, it is virtually certain that future settlement agreements will also contain some type of requirement for the establishment of more robust safety compliance programs. However, it is still an open question as to how compliance will be audited and monitored, and when the CPSC will require that additional processes and procedures be established. In addition, it is unknown what the CPSC would do if a firm failed to fully comply with these requirements.
Or, let’s say the firm complies and then is charged again with late reporting. Will their new safety programs reduce the likelihood of penalties or reduce the amount of penalties? This is a concept that has already been adopted by the Department of Justice in connection with the Federal Sentencing Guidelines for Organizations. The establishment of a compliance program is taken into account when deciding whether to defer prosecution or the amount of penalties to seek.
Safety Requirements in Other Agreements
As signaled by then Commissioner Adler in his statement above, even if the CPSC decides not to seek civil penalties, it might ask companies to set up more robust programs. In September 2013, I received a letter from the CPSC saying that a decision not to proceed with a civil penalty would be conditional upon the firm agreeing to take a variety of corrective measures similar to those in the above settlement agreements.
I have heard from other lawyers that they have also seen such requests in letters of this type. However, one recent letter used the word “encourage” rather than “required” concerning such programs. And some of these letters make it clear that the manufacturer still has a duty to report new information, and that they can again be subject to civil penalties for late reporting or for failing to report.
Safety Requirements in Corrective Action Plans
The last CPSC action concerning compliance programs is contained in a Notice of Proposed Rulemaking published in the November 21, 2013 Federal Register. This rule deals with voluntary recall notices, but also allows the CPSC to mandate compliance programs as part of corrective action plans (CAPs). The requirements for safety programs are the same as those in the civil penalty settlement agreements described above.
This proposed interpretative rule also provides that the corrective action, including an agreement to establish a safety program, is legally binding. Therefore, if this rule is approved, the CPSC would be able to legally enforce the compliance program if a company fails to comply.
It is unclear how the CPSC will be able to evaluate the procedures and controls of the manufacturer or product seller and determine whether they are insufficient or ineffectual. Who will do it? When will they have time to do it? What is the basis of their determination? Will the recall be postponed until this analysis is done?
The comment period for this Notice of Proposed Rulemaking ended in February 2014. As of this writing, we are waiting to see what the CPSC Commissioners and staff decide to do.
It is certainly possible for a company that has a robust safety program to fail to notify the CPSC of certain potentially reportable information because it does not believe that there is a product defect or substantial product hazard. Indeed, reasonable minds may differ in such matters. However, the open question is whether the CPSC is justified in imposing new procedures on a manufacturer that may already have sufficient safety programs in place. It will be interesting to see whether, going forward, companies that have good safety programs are able to keep these provisions out of future agreements, and whether such programs will enable them to escape all civil penalties or negotiate lower civil penalties.
In the meantime, product manufacturers should consider all of these requirements and evaluate their own programs. They should also consider the new ISO standard (ISO 10377) that sets forth some “best practices” in safety management, as well as other studies and reports on what is an effective product safety management program. (See articles in www.productliabilityprevention.com discussing the new ISO standard and other product safety management best practices.)
Most companies don’t do a good enough job in monitoring product safety issues and incidents, especially when they are selling their products globally. Therefore, it would be prudent for every company to pull their safety program out of the file cabinet and review it with a fresh eye.
The responsible course of action is to be proactive about complying with these requirements before a safety problem arises. Dealing with such issues after the fact only increases the risk of their becoming a much bigger problem, both for your products and for your company.
Kenneth Ross is a former partner and now Of Counsel in the Minneapolis, Minnesota office of Bowman and Brooke LLP, where he provides legal advice to manufacturers and other product sellers in all areas of product safety, regulatory compliance and product liability prevention, including safety management, recalls and dealing with the CPSC. He can be reached at 952-933-1195 or firstname.lastname@example.org. Other articles by Mr. Ross can be accessed at www.productliabilityprevention.com.