Agencies and the ABPI code of practice

Rina Newton on Agencies and the ABPI code of practice

Rina Newton shares her top tips for ensuring agencies comply with the ABPI Code of Practice.

Agencies are engaged by pharmaceutical companies because the expertise they offer may not be available in-house or because there is insufficient resource or time for in-house creation and development. However, engaging agencies brings specific requirements under the ABPI Code of Practice (the Code) that can only be reviewed through a thorough understanding of Prescription Medicines Code of Practice Authority (PMCPA) case rulings. These are often lengthy and difficult to interpret. This article summarises the key requirements of which agencies, and those that engage them, should be mindful.

“When there is a Code breach, the pharmaceutical company will always be held responsible”

What does the Code say?

Contract staff (representatives, signatories etc) must be ‘fully conversant with the Code and the relevant laws and regulations.’ Although ‘fully conversant’ is poorly defined, the principle has been reinforced in several cases, including:

  • In 2003, a Lilly contract sales representative heard a quiz on a local radio show asking: ‘Which year was Viagra launched?’. She called and had a conversation with the presenter off-air (which was subsequently broadcast) about the benefits of Lilly’s medicine, Cialis. Lilly admitted responsibility for the representative and for, therefore, breaching the Code by promoting Cialis to the public.

What do PMCPA case rulings suggest?

Cases that involve agencies (which remain unnamed) often state that it is ‘an established principle that pharmaceutical companies are responsible for work undertaken by third parties on their behalf.’ This principle, however, was not actually written into the Code until 2019 (Principle 11). Whilst the types of agencies engaged by industry are very diverse, it is clear that Principle 11 applies to them all.

There are cases where the agency was to ‘blame’ and the pharmaceutical company was held responsible, including:

  • Janssen admitted breaching the Code because its media buying agency and journal publisher used out-of-date prescribing information in an advertisement. This happened despite Janssen informing them of the correct version to use.
  • Grunenthal was found in breach for one of its products being promoted to the public, when an internal product training video was posted on YouTube. This was done by an actor who was subcontracted by the agency that created the video.
  • Cephalon was found in breach because the recruitment agency it engaged to recruit a final medical signatory, failed to check whether the medical practitioner was registered (which meant its materials were not certified).

There are also cases where pharmaceutical companies themselves failed to apply due diligence or adequate oversight of agencies, including:

  • Astellas engaged a creative agency which employed nurses to operate a patient support helpline. Astellas failed to keep the nurses updated with product changes because of poor oversight, so were found in breach of the Code.
  • Celgene breached the Code because of serious compliance failings, which included representatives engaging third parties informally without written agreements.
  • Gedeon Richter’s events agency sent tweets that promoted its medicine to the public, but the company did not have a contract or brief which set out responsibilities.

Key learning points and top tips

When there is a Code breach, the pharmaceutical company will always be held responsible because it is liable for the acts and omissions of agencies – even if the issues were caused by subcontractors, the agency acted ‘contrary to instructions’ or the pharmaceutical company was ‘badly let down’.

Top tips for working with agencies

Initial request for proposal

  • Agency staff should know how the Code applies in relation to the project(s). For example, there are immense benefits in discussing promotional campaigns when both sides have a good understanding of Clause 7 (claims, artwork).
  • If the agency has been involved with previous complaints, these should be discussed to understand learnings and steps to avoid similar breaches.
  • Agencies should provide evidence they have been trained on the Code.
  • Agencies should be aware of their clients’ undertakings to the PMCPA, as breaching these could lead to further sanctions.

Due diligence

  • In addition to the usual checks this should also inform how an agency ensures knowledge of the Code and ongoing training.
  • It should be clear that the partnership does not rely on only one side having good compliance knowledge.

Contracts & subcontractors

  • Although contracts should specify the project brief, key deliverables, timelines etc, they should clarify the compliance requirements for both. For example, company to provide agency with updated standard operating procedures and summary of product characteristics, agency to provide evidence of withdrawn material etc.
  • For some channels of communication, specific Code requirements should be described such as principles for telephone interviews with journalists or social media campaigns to the public.
  • Subcontractors should be aware of these contractual requirements too.


  • It is essential that agencies are fully briefed and trained from the outset, and that this is documented before the project starts.
    • New staff and/or project updates should be considered.
  • Agencies should be given core claims documents.
    • These will help avoid issues with inaccurate substantiation, thus saving time, money and effort.
  • Agencies should be familiar with company undertakings to the PMCPA.
    • An undertakings document can also save unnecessary time and money.
  • Although the initial pitch may have covered how initial Code training is completed and ongoing Code training is covered, the pharmaceutical company should regularly review how agencies are kept abreast of updates, by considering the following:
    • Include agencies in compliance discussions such as approval meetings.
    • Invite agencies to attend internal Code training and/or reviews of recent case rulings.
    • Use regular questionnaires to verify agency Code knowledge is maintained.
    • Internally assess contract staff involved in the approval of materials.
    • Check that agency staff are validated on their understanding of company SOPs.

Project planning

  • Cross-functional kick-off meetings help map out deliverables, set expectation around good documentation and any issues, and also serve to introduce key contacts.
  • Consider measuring KPIs throughout the project. This can help ensure regular compliance oversight.


  • Companies should have a good awareness of what agencies are doing. Oversight need not be reactive, and agencies are encouraged to proactively produce status reports, KPIs stats etc.
  • Regular oversight should be documented to provide an audit trail.
  • Debriefs after project completion are recommended so that both parties can understand what worked well and vice versa, so that future projects are optimised.

Working with agencies needn’t be a compliance concern as long as both sides agree and accept responsibility for compliance – from initial briefing and training, to good documentation and regular oversight.


Dr Rina Newton is Managing Director of CompliMed. Email