159 Complaints Split to Dodge the Trend, Shared Logins on Critical Systems, No Contractor Audits: Lessons from Alvotech's FDA 483
Alvotech received 159 complaints for the same product — then split them across categories so none individually breached the control limit. When FDA inspectors combined them, the trend was clear. No CAPA was raised until the day before the inspection closed. Meanwhile, drug substance lots were processed before QC release, critical contractors had never been audited, and staff shared logins on process control systems.
In July 2025, FDA inspectors completed an inspection at Alvotech HF’s biosimilar drug substance and drug product manufacturing facility at Saemundargata 15-19, Reykjavik, Iceland. What they documented was not a single procedural gap. It was a facility where every layer of quality oversight had broken down simultaneously.
The quality unit received 159 product complaints for the same product. Rather than investigating the trend, the complaints were split across sub-categories — each staying safely under its own control limit. When inspectors combined them, the upper control limit was breached. Drug substance lots were being processed into drug product before QC had completed testing and document reviews. Critical service contractors responsible for HVAC qualification and cleanroom cleaning had never received a GMP audit. And the electronic systems underpinning manufacturing relied on shared logins, with audit trails that were never reviewed.
Three FDA 483 observations. Three different domains of quality failure — complaint management, batch release controls, and pharmaceutical data integrity — all converging at the same facility.
159 complaints for the same product since January 2025. Split across categories so none individually triggered the control limit. Combined, the trend was obvious. No CAPA was raised until July 3 — the day before the inspection closed.
What the FDA Found
Three observations spanning complaint trending, quality unit oversight, contractor qualification, and electronic data integrity.
Finding 1: 159 product complaints trend-gamed by category splitting. Since January 2025, Alvotech received 159 complaints for the same product. Similar complaints were categorised under separate headings and trended independently — with no scientific justification for the separation. Individually, none breached the upper control limit. Combined, the UCL was exceeded. No trend evaluation occurred before June 23, 2025. No CAPA was raised until July 3. No supplier investigation had been opened as of inspection closeout.
Finding 2: Drug substance processed before QC release; failed PPQ re-runs without closing deviations; no quality agreement with sponsor. Per Alvotech’s own SOP, drug substances could be processed — including formulation and filling — without obtaining unprocessed bulk virus testing results and without completing all document reviews. Additional process performance qualification (PPQ) runs were initiated before deviations from previous failed PPQ batches were closed. A quality agreement between Alvotech and the product sponsor was not in place at the start of the inspection.
Finding 3: Shared logins, unreviewed audit trails, DeltaV server crash. Staff used shared usernames and passwords to access data acquisition systems for critical process equipment. Audit trails were enabled but never reviewed during QA data review. Only final printouts were reviewed — never verified against original electronic records. During a power outage in January 2024, the TruBio DeltaV system server was severely impacted, with consequences for manufacturing data acquisition.
159
Complaints Split Across Categories
159 product complaints since January 2025 were separated into sub-categories so none individually exceeded the control limit — combined, the trend clearly breached the UCL
0
Contractor GMP Audits
Critical service providers for HVAC qualification, HEPA filter testing, and cleanroom cleaning had never received an on-site GMP audit
5 yrs
Without Quality Agreement
A contractor approved for Grade C and D area cleaning in September 2020 did not have a quality agreement in place until June 2025
Why This Keeps Happening
Every finding traces back to a control that existed on paper but was not enforced by the system architecture.
Four structural failures enabled the Alvotech findings. Each represents a gap between what CGMP compliance requires and what the quality system actually enforces.
Complaint trending logic controlled by the team responsible for the trend.
The 159 complaints were categorised by the quality unit into sub-categories, each trended independently. The team monitoring complaint trends also controlled how those trends were calculated. A system that enforces aggregate trending across related categories — regardless of how individual complaints are tagged — would have surfaced this signal months earlier.
Batch release gates are procedural, not system-enforced.
Alvotech's own SOP permitted drug substance to be processed before all testing was complete. When batch release gates are defined in SOPs rather than enforced by the manufacturing system, the default state is 'proceed.' An architecture that blocks batch progression until all prerequisites are met eliminates this gap.
Contractor qualification exists in contracts, not in practice.
Critical service providers had never been audited. A cleaning contractor operated for five years without a quality agreement. When contractor qualification depends on a team remembering to schedule audits, the default state is 'not done.' A system that tracks qualification status and blocks work orders when qualification lapses makes the gap visible before an inspector finds it.
Electronic records exist without the controls that make them trustworthy.
Shared logins mean no individual accountability. Unreviewed audit trails mean changes go undetected. Reviewing only printouts means modifications between data acquisition and printing are invisible. Together, these gaps create a system that provides a false sense of 21 CFR Part 11 compliance.
The system did not fail to collect complaints — 159 were received and logged. The system failed to surface the signal because the categorisation logic was controlled by the same team responsible for acting on the trend.
Manual Oversight vs. System-Enforced Controls
How architectural differences determine whether quality signals are surfaced or suppressed
Each comparison addresses a specific finding documented at Alvotech. The system-enforced approach changes the architecture so that complaint trends cannot be diluted, batches cannot advance without release, and electronic records cannot exist without verified provenance.
Complaint Trend Detection
Complaints are categorised by quality personnel into sub-categories, each trended independently. At Alvotech, 159 complaints were split so that none individually exceeded the control limit. No aggregate view was generated until FDA inspectors combined them. The system collected complaints but architecturally suppressed the signal.
Complaints are trended at both the category and aggregate product level simultaneously. When the aggregate trend exceeds the UCL — regardless of how sub-categories perform — the system triggers an automatic escalation. At Cipla, LeucineOS surfaces cross-site quality signals across 30 facilities that manual categorisation would dilute.
Batch Release Controls
The SOP states drug substance must be released before processing. But the system allows processing to begin without verifying release status. At Alvotech, drug substance was formulated before bulk virus testing results were available. PPQ runs were initiated before prior deviations were closed. The SOP existed; the system did not enforce it.
The manufacturing execution system prevents batch progression until all prerequisites are met: test results received, document reviews complete, deviations closed. No override without an audit-trailed exception. At Valent BioSciences, this architecture reduced batch review from 20 days to 1 day — by ensuring every step completes in real time.
Electronic Data Integrity
Staff share credentials for critical process equipment. Audit trails are enabled but never reviewed. QA reviews only printouts, never verifying them against original electronic records. At Alvotech, no data entry could be attributed to a specific individual, and no discrepancy between electronic and printed data would be caught.
Every user has a unique, non-transferable login. Audit trail review is a mandatory workflow step — the review cannot complete until the reviewer has signed off on the audit trail. All reviews reference original electronic records. At Piramal, this 21 CFR Part 11 compliance architecture operates across 10+ facilities in 3 regulatory jurisdictions.
What a Modern System Must Do
Three capabilities that prevent complaint signal suppression, batch release bypass, and unverified electronic records
The Alvotech findings are not about missing procedures. Every procedure existed. The failures occurred because the system architecture allowed each one to be circumvented without detection.
Aggregate Quality Signal Detection
Complaint and deviation trends calculated at multiple levels simultaneously — by category, product, site, and cross-site. Aggregate trends that exceed control limits trigger automatic escalation regardless of sub-category performance. At Cipla, cross-site signal detection across 30 facilities identifies patterns no single site would see in isolation.
Enforced Batch Release Gates
Every manufacturing step has system-enforced prerequisites that prevent progression until conditions are met: test results received, document reviews complete, deviations closed. PPQ runs cannot initiate until prior deviations are resolved. At Valent BioSciences, 2,700 hours saved annually through real-time prerequisite verification.
21 CFR Part 11 Compliance by Design
Unique user credentials, mandatory audit trail review, and electronic-first data verification enforced by system architecture. Shared logins are technically impossible. Audit trail sign-off is a required workflow step. At Piramal, 100% Part 11 compliance across 10+ facilities — because the controls are in the system, not the procedure manual.
100%
Part 11 Compliance
Piramal achieved 100% 21 CFR Part 11 compliance across 10+ facilities in 3 regulatory jurisdictions — unique credentials, immutable audit trails, system-enforced review
20→1
Days for Batch Review
Valent BioSciences reduced batch review from 20 days to 1 day through system-enforced release gates ensuring every prerequisite completes in real time
2,500+
Concurrent Users
Cipla operates LeucineOS across 30 facilities with 2,500+ concurrent users — cross-site quality signal detection that surfaces aggregate trends individual sites would miss
From Gap to Prevention
Three phases to eliminate the architectural conditions that enabled every finding at Alvotech
The objective is not to add more reviewers. The Alvotech findings were enabled by an architecture where every control was defined in a procedure but not enforced by the system.
Phase 1: Assess — Map every control that depends on human compliance rather than system enforcement.
For complaint trending: does the system calculate aggregate trends across categories automatically? For batch release: can a batch advance before all prerequisites are met? For contractor qualification: does the system track qualification status and trigger GMP audits? For electronic records: are unique logins enforced, are audit trail reviews mandatory workflow steps? Every Alvotech finding traces to a control that existed in writing but was not enforced.
Phase 2: Implement — Deploy system-enforced controls across all four domains.
Configure aggregate complaint trending with automatic escalation. Implement batch release gates that block processing until prerequisites are verified. Deploy contractor qualification tracking with automated audit scheduling. Enforce unique credentials and mandatory audit trail review workflows. Each control must make the corresponding finding structurally impossible.
Phase 3: Validate — Prove the system catches suppressed signals, blocks unreleased batches, and rejects unverified data.
Attempt to categorise complaints in a way that suppresses an aggregate trend — verify the system surfaces it. Attempt to advance a batch with pending test results — verify the system blocks it. Attempt to complete a data review without accessing the audit trail — verify the system requires it. When an inspector asks how you prevent these failures, the answer should be a system demonstration.
Alvotech’s quality unit did not lack procedures. Every procedure existed. The FDA 483 was issued because the system architecture allowed every procedure to be circumvented — complaints re-categorised to suppress signals, batches processed before release, contractors operating without GMP audits for five years, and electronic records reviewed as printouts without verification.
The Alvotech FDA 483 observations are distinctive because they document three independent failure modes — complaint management, manufacturing controls, and data integrity — all operating simultaneously. The complaint trending finding is particularly instructive: the system collected 159 complaints, categorised them, and trended each category. At every step, the procedure was followed. The failure was in the architecture of the procedure itself.
For quality leaders at biosimilar and biologic manufacturers — particularly those managing complex supply chains with contract service providers — the Alvotech case is a direct challenge to examine their own quality architecture. Not whether the procedures exist, but whether the system enforces them. When 159 complaints arrive for the same product, does the system surface the aggregate trend automatically? When a batch is ready for the next step, does the system verify all prerequisites? When a contractor performs critical qualification work, does the system confirm their qualification is current?
If the answer to any of these questions is “the procedure says it should happen,” the Alvotech findings describe the structural gap between what procedures describe and what systems enforce — a gap that exists wherever quality controls depend on human compliance rather than architectural enforcement.
Related Articles
Three Facilities, Three FDA Actions, Five Architectural Gaps: How AI Agents Address Cipla's Regulatory Exposure
Between 2023 and 2026, three Cipla facilities — Pithampur, Raigad, and Pharmathen Greece — received FDA enforcement actions documenting the same five systemic failures: complaint investigation, CAPA effectiveness, electronic data review, contamination control, and QC oversight. LeucineOS AI agents map directly to each gap.
35% OOS Invalidations, Zero Scientific Justification: Lessons from Aurobindo Pharma's FDA 483
A February 2026 FDA 483 at Aurobindo Pharma's Unit-III found 35% of OOS invalidations in the QC Chemistry lab — with 57% blamed on analyst error and 18% on equipment, none supported by adequate scientific justification. Batches shipped to the US after unresolved Grade A maintenance interventions.
Equipment Swapped, Cleaning Not Revalidated, OOS Dissolved Away: Lessons from Dr. Reddy's FDA 483
A December 2025 FDA 483 at Dr. Reddy's FTO-SEZ facility in Srikakulam found cleaning validation not performed after equipment replacement, OOS dissolution results invalidated despite contradictory evidence, and process qualification gaps — all traceable to a single uncontrolled equipment change eighteen months earlier.
Newsletter
Stay ahead in the Industry
Regulatory updates, pharma quality insights, and AI in manufacturing — written for quality leaders, not marketers.
Please use your official work email. Personal email addresses (Gmail, Yahoo, etc.) will not receive the newsletter. No spam. Unsubscribe anytime.
Ready to see what an AI-native quality platform looks like? Leucine unifies quality management, regulatory compliance, and production operations into one intelligent system.
