Alvotech received 159 complaints for the same product — then split them across categories so none individually breached the control limit. When FDA inspectors combined them, the trend was clear. No CAPA was raised until the day before the inspection closed. Meanwhile, drug substance lots were processed before QC release, critical contractors had never been audited, and staff shared logins on process control systems.
In July 2025, FDA inspectors completed an inspection at Alvotech HF’s biosimilar drug substance and drug product manufacturing facility at Saemundargata 15-19, Reykjavik, Iceland. What they documented was not a single procedural gap. It was a facility where every layer of quality oversight had broken down simultaneously.
The quality unit received 159 product complaints for the same product. Rather than investigating the trend, the complaints were split across sub-categories — each staying safely under its own control limit. When inspectors combined them, the upper control limit was breached. Drug substance lots were being processed into drug product before QC had completed testing and document reviews. Critical service contractors responsible for HVAC qualification and cleanroom cleaning had never received a GMP audit. And the electronic systems underpinning manufacturing relied on shared logins, with audit trails that were never reviewed.
Three FDA 483 observations. Three different domains of quality failure — complaint management, batch release controls, and pharmaceutical data integrity — all converging at the same facility.
159 complaints for the same product since January 2025. Split across categories so none individually triggered the control limit. Combined, the trend was obvious. No CAPA was raised until July 3 — the day before the inspection closed.
Finding 1: 159 product complaints trend-gamed by category splitting. Since January 2025, Alvotech received 159 complaints for the same product. Similar complaints were categorised under separate headings and trended independently — with no scientific justification for the separation. Individually, none breached the upper control limit. Combined, the UCL was exceeded. No trend evaluation occurred before June 23, 2025. No CAPA was raised until July 3. No supplier investigation had been opened as of inspection closeout.
Finding 2: Drug substance processed before QC release; failed PPQ re-runs without closing deviations; no quality agreement with sponsor. Per Alvotech’s own SOP, drug substances could be processed — including formulation and filling — without obtaining unprocessed bulk virus testing results and without completing all document reviews. Additional process performance qualification (PPQ) runs were initiated before deviations from previous failed PPQ batches were closed. A quality agreement between Alvotech and the product sponsor was not in place at the start of the inspection.
Finding 3: Shared logins, unreviewed audit trails, DeltaV server crash. Staff used shared usernames and passwords to access data acquisition systems for critical process equipment. Audit trails were enabled but never reviewed during QA data review. Only final printouts were reviewed — never verified against original electronic records. During a power outage in January 2024, the TruBio DeltaV system server was severely impacted, with consequences for manufacturing data acquisition.
159
159 product complaints since January 2025 were separated into sub-categories so none individually exceeded the control limit — combined, the trend clearly breached the UCL
0
Critical service providers for HVAC qualification, HEPA filter testing, and cleanroom cleaning had never received an on-site GMP audit
5 yrs
A contractor approved for Grade C and D area cleaning in September 2020 did not have a quality agreement in place until June 2025
Four structural failures enabled the Alvotech findings. Each represents a gap between what CGMP compliance requires and what the quality system actually enforces.
The 159 complaints were categorised by the quality unit into sub-categories, each trended independently. The team monitoring complaint trends also controlled how those trends were calculated. A system that enforces aggregate trending across related categories — regardless of how individual complaints are tagged — would have surfaced this signal months earlier.
Alvotech's own SOP permitted drug substance to be processed before all testing was complete. When batch release gates are defined in SOPs rather than enforced by the manufacturing system, the default state is 'proceed.' An architecture that blocks batch progression until all prerequisites are met eliminates this gap.
Critical service providers had never been audited. A cleaning contractor operated for five years without a quality agreement. When contractor qualification depends on a team remembering to schedule audits, the default state is 'not done.' A system that tracks qualification status and blocks work orders when qualification lapses makes the gap visible before an inspector finds it.
Shared logins mean no individual accountability. Unreviewed audit trails mean changes go undetected. Reviewing only printouts means modifications between data acquisition and printing are invisible. Together, these gaps create a system that provides a false sense of 21 CFR Part 11 compliance.
The system did not fail to collect complaints — 159 were received and logged. The system failed to surface the signal because the categorisation logic was controlled by the same team responsible for acting on the trend.
Each comparison addresses a specific finding documented at Alvotech. The system-enforced approach changes the architecture so that complaint trends cannot be diluted, batches cannot advance without release, and electronic records cannot exist without verified provenance.
Complaints are categorised by quality personnel into sub-categories, each trended independently. At Alvotech, 159 complaints were split so that none individually exceeded the control limit. No aggregate view was generated until FDA inspectors combined them. The system collected complaints but architecturally suppressed the signal.
Complaints are trended at both the category and aggregate product level simultaneously. When the aggregate trend exceeds the UCL — regardless of how sub-categories perform — the system triggers an automatic escalation. At Cipla, LeucineOS surfaces cross-site quality signals across 30 facilities that manual categorisation would dilute.
The SOP states drug substance must be released before processing. But the system allows processing to begin without verifying release status. At Alvotech, drug substance was formulated before bulk virus testing results were available. PPQ runs were initiated before prior deviations were closed. The SOP existed; the system did not enforce it.
The manufacturing execution system prevents batch progression until all prerequisites are met: test results received, document reviews complete, deviations closed. No override without an audit-trailed exception. At Valent BioSciences, this architecture reduced batch review from 20 days to 1 day — by ensuring every step completes in real time.
Staff share credentials for critical process equipment. Audit trails are enabled but never reviewed. QA reviews only printouts, never verifying them against original electronic records. At Alvotech, no data entry could be attributed to a specific individual, and no discrepancy between electronic and printed data would be caught.
Every user has a unique, non-transferable login. Audit trail review is a mandatory workflow step — the review cannot complete until the reviewer has signed off on the audit trail. All reviews reference original electronic records. At Piramal, this 21 CFR Part 11 compliance architecture operates across 10+ facilities in 3 regulatory jurisdictions.
The Alvotech findings are not about missing procedures. Every procedure existed. The failures occurred because the system architecture allowed each one to be circumvented without detection.
Complaint and deviation trends calculated at multiple levels simultaneously — by category, product, site, and cross-site. Aggregate trends that exceed control limits trigger automatic escalation regardless of sub-category performance. At Cipla, cross-site signal detection across 30 facilities identifies patterns no single site would see in isolation.
Every manufacturing step has system-enforced prerequisites that prevent progression until conditions are met: test results received, document reviews complete, deviations closed. PPQ runs cannot initiate until prior deviations are resolved. At Valent BioSciences, 2,700 hours saved annually through real-time prerequisite verification.
Unique user credentials, mandatory audit trail review, and electronic-first data verification enforced by system architecture. Shared logins are technically impossible. Audit trail sign-off is a required workflow step. At Piramal, 100% Part 11 compliance across 10+ facilities — because the controls are in the system, not the procedure manual.
100%
Piramal achieved 100% 21 CFR Part 11 compliance across 10+ facilities in 3 regulatory jurisdictions — unique credentials, immutable audit trails, system-enforced review
20→1
Valent BioSciences reduced batch review from 20 days to 1 day through system-enforced release gates ensuring every prerequisite completes in real time
2,500+
Cipla operates LeucineOS across 30 facilities with 2,500+ concurrent users — cross-site quality signal detection that surfaces aggregate trends individual sites would miss
The objective is not to add more reviewers. The Alvotech findings were enabled by an architecture where every control was defined in a procedure but not enforced by the system.
For complaint trending: does the system calculate aggregate trends across categories automatically? For batch release: can a batch advance before all prerequisites are met? For contractor qualification: does the system track qualification status and trigger GMP audits? For electronic records: are unique logins enforced, are audit trail reviews mandatory workflow steps? Every Alvotech finding traces to a control that existed in writing but was not enforced.
Configure aggregate complaint trending with automatic escalation. Implement batch release gates that block processing until prerequisites are verified. Deploy contractor qualification tracking with automated audit scheduling. Enforce unique credentials and mandatory audit trail review workflows. Each control must make the corresponding finding structurally impossible.
Attempt to categorise complaints in a way that suppresses an aggregate trend — verify the system surfaces it. Attempt to advance a batch with pending test results — verify the system blocks it. Attempt to complete a data review without accessing the audit trail — verify the system requires it. When an inspector asks how you prevent these failures, the answer should be a system demonstration.
Alvotech’s quality unit did not lack procedures. Every procedure existed. The FDA 483 was issued because the system architecture allowed every procedure to be circumvented — complaints re-categorised to suppress signals, batches processed before release, contractors operating without GMP audits for five years, and electronic records reviewed as printouts without verification.
The Alvotech FDA 483 observations are distinctive because they document three independent failure modes — complaint management, manufacturing controls, and data integrity — all operating simultaneously. The complaint trending finding is particularly instructive: the system collected 159 complaints, categorised them, and trended each category. At every step, the procedure was followed. The failure was in the architecture of the procedure itself.
For quality leaders at biosimilar and biologic manufacturers — particularly those managing complex supply chains with contract service providers — the Alvotech case is a direct challenge to examine their own quality architecture. Not whether the procedures exist, but whether the system enforces them. When 159 complaints arrive for the same product, does the system surface the aggregate trend automatically? When a batch is ready for the next step, does the system verify all prerequisites? When a contractor performs critical qualification work, does the system confirm their qualification is current?
If the answer to any of these questions is “the procedure says it should happen,” the Alvotech findings describe the structural gap between what procedures describe and what systems enforce — a gap that exists wherever quality controls depend on human compliance rather than architectural enforcement.