IAF CertSearch Team Identifies 20,000 Fake or Fraudulent ISO QMS Certs

IAF CertSearch now mandatory for accredited certification bodies

As of 2023, more than 27,000 medical device QMS certificates have been issued worldwide, providing confidence in medical devices. From cardiac stents to simple dental tools used to correct teeth, the healthcare systems of the world have come to rely on ISO 13485 to provide critical support to world health.

On Feb. 13, 2023, 33 nations sent their medical device regulators to Riyadh, Saudi Arabia, to participate in the Global Harmonization Working Party. The GHWP is a nonprofit organization that studies and recommends ways to harmonize global medical device regulations. Two more countries joined recently, including the U.S. Food and Drug Administration (FDA) and Japan’s Pharmaceutical and Medical Device Authority (PMDA). The GHWP is now the largest association of medical device regulators in the world.

The IAF was asked to participate and provide an update on the IAF CertSearch database, a global database where users can search and validate the status of accredited certificates issued by a certification body that has itself been accredited by an IAF-recognized accreditation body. The IAF presentation was provided by Nigel Johnston, who developed the database.

…

Want to continue?

By logging in you agree to receive communication from Quality Digest. Privacy Policy.

Create a FREE account

Forgot My Password

Comments

Fake Iso certificates

The story of 3 Apr mentions IASCertSearch team identified 20000 fake certificates. How did it do that. Certainly not from those uploaded since Accredited CBs are uploading data and they would not upload such data. Pl clarify.

Answer

According to Nigel Johnston in an email to Quality Digest: "The IAF database only includes valid accredited certifications. However users often write to the IAF CertSearch support team to validate certifications they can't find in the IAF database, these can often be identified as counterfeit or fraudulent where an organisation claims to be certified when they no longer are. These inquiries from users and additional research is how the team has identified the amount of false claims in the market."

IAF CertSearch

Grant. Its ISO 22000:2019, not ISO 22001. "https://www.iso.org/standard/65464.html"

Even more?

If "fraudulent" also includes organizations claiming product design in their scopes and other inaccuracies (like having a 2015 compliant QMS when it hasn't changed since 2000), then the number is (much) higher...

Certsearch mandatory?

The author says -- twice -- that participation in IAF CertSearch is "mandatory for accredited certification bodies." But he offers no proof of this.

In order to make this "mandatory," one of two things would need to happen. First, the ISO CASCO committee would have to make participation in CertSearch a mandatory requirement under ISO 17011 and/or ISO 17021-1. This will not happen, since ISO cannot make participation in a third-party program a requirement in any of its standards.

That only leaves a contractual change to the IAF MRA. But that has NOT happened.

The IAF has floated a "model" whereby they will require its AB members to push down a requirement to participate in CertSearch to their CBs. However, the IAF lacks the legal authority to do so, and cannot inject itself into the contractual arrangements between third parties, so this could be challenged in court. Furthermore, the IAF has refused to enforce the "MD" and "ML" series documents that exist now, so there is no precedent for them to suddenly begin doing so. Finally, this doesn't address the fact that the ABs and CBs can simply refuse, forcing the IAF to either withdraw its CertSearch requirement or close up shop entirely. Since the CBs (especially BSI) have been the biggest critics against the idea of CertSearch, their refusal is a near guarantee.

Furthermore, the official IAF FAQ page on the Certsearch program indicates that this "mandatory" requirement can only be flowed down via an update to IAF ML4. (See https://iaf.nu/en/faq/ and scroll down to Q41.) IAF ML4 was updated in June of 2023, and no language at all was added regarding Certsearch.

So I invite Mr. Ramely to explain where he is getting this information from, and provide the source. Failing that, I urge the editors to correct the article and the tagline, as it appears to contain wholly false information.

IAF CertSearch is to be enforced under IAF MD28 by November 2024

IAF MD28 was published in October of 2023, making it mandatory that all Internationally Accredited Certificates be uploaded to IAF CertSearch. There was a 1 year transition period that has now completely run it course. IAF CertSearch actually now has slightly more than 2.5 million certificates in it than ISO itself can account for, which is why ISO and IAF are going to move to the 'counting' certs considered internationally credible, to the new database IAF CertSearch. So the new database actually has more cert in it now than ISO says exist, by just a little, but that is the strongest indicator that MD28 has succeeded in forcing all IAF backed certs into the database. This is no small thing, and I would invite anyone to read the Article regarding the ISO-Burg to understand just how massively complex the layers are beneath the surface of 'credible certs'.