FDA Warning Letters 10 min read

FDA Warning Letter Roundup: June 2026 - The Same Two Mistakes, Again

Every month, the FDA posts new Warning Letters to its public database. Every month, the same patterns show up.

This month's batch is no different. In the June 2026 round of Warning Letters, two manufacturers received formal enforcement notices for violations that trace back to the same root cause: a quality unit that wasn't doing its job, and incoming components that nobody actually tested.

Here's what happened, what it means, and what any manufacturer can take from it.


What Got Flagged This Month

Revlon Group Holdings, LLC, Oxford, NC

Revlon's Oxford facility manufactures OTC drug products and was issued a Warning Letter on June 2, 2026 following an FDA records review. The two core violations:

Violation 1: Failed component identity and conformity testing (21 CFR 211.84(d)(1) and (d)(2))

The facility was relying on supplier certificates of analysis rather than conducting its own testing on incoming raw material components. When FDA asked for records proving independent testing, the facility couldn't provide them. The COA from the supplier was being treated as sufficient, but under 21 CFR 211.84(d)(2), relying on a supplier's COA is only permissible if the manufacturer has validated the reliability of those supplier results through independent testing at appropriate intervals.

On top of that, the identity testing that was conducted didn't conform to the current USP testing method -- it was incomplete.

Violation 2: Quality unit failed to exercise its responsibilities (21 CFR 211.22)

The quality unit approved and released components for manufacturing use despite specifications that didn't meet USP standards. Microbiological specifications exceeded USP limits, COA reports listed results as "CONFORM" without quantitative values, and the QU signed off anyway.


PLZ Corp, Mississauga, Ontario, Canada

PLZ Corp manufactures OTC drug products at its Mississauga personal care facility and received a Warning Letter on the same date for nearly identical violations.

Violation 1: Failed component identity and conformity testing (21 CFR 211.84(d)(1) and (d)(2))

Same story. The facility was not independently testing incoming components for identity, purity, strength, and quality. When FDA requested records, PLZ Corp initially indicated no testing had been performed, then in follow-up correspondence claimed testing had been done, but the records they provided showed only that the supplier had done the testing, not the facility itself. The specifications used were also incomplete relative to current USP requirements.

Violation 2: Quality unit failed to exercise its responsibilities (21 CFR 211.22)

Again, the quality unit approved components with deficient specifications and did not ensure testing procedures were scientifically sound or aligned with current USP monographs.


The Pattern Worth Noting

Two different companies. Two different facilities. One in the United States, one in Canada. Both received Warning Letters on the same day, from the same FDA office, for the same two violations.

This is not a coincidence. It reflects a systemic problem in how many manufacturers handle incoming raw material testing, and it has been showing up in Warning Letters for years.

The failure mode looks like this:

A supplier sends a component with a certificate of analysis. The QA team files the COA. The component gets approved for use. Nobody at the facility actually tests it. The specifications on file haven't been compared to the current USP monograph in years. And the quality unit, which is responsible for catching all of this, signs off without flagging the gaps.

When FDA asks for records proving the facility independently verified the supplier's claims, there is nothing to show.


What FDA Is Actually Asking For

Reading both Warning Letters together, the FDA's required corrective actions paint a clear picture of what a compliant raw material program looks like:

Independent identity testing on every incoming component lot. A supplier's COA is a starting point, not a finish line. Manufacturers must independently verify at least identity for every lot, and must validate the reliability of supplier results through periodic independent testing of strength, purity, and quality.

Specifications that match current USP monographs. If a component is a USP article, your internal specifications need to reflect the current monograph, not the one from five years ago when you first wrote the SOP.

A quality unit that actually reviews what it's approving. The QU signing off on a COA that says "CONFORM" without a quantitative value, against specifications that don't meet USP standards, is not exercising its responsibility. The QU needs the authority, the time, and the systems to do the job.

Documentation that can be produced on request. In both cases, when FDA asked for records, the manufacturers either couldn't produce them or produced records that contradicted their own earlier statements. That's a documentation integrity problem, not just a testing problem.


What This Means for Supplement and CPG Manufacturers

These Warning Letters were issued to OTC drug manufacturers, not dietary supplement companies. But the violations map directly to the kinds of gaps that show up in supplement facility inspections under 21 CFR Part 111.

The requirement to test incoming raw materials for identity before use is not new, and it is not optional. The expectation that your quality unit functions as a real check on the manufacturing process, not a rubber stamp, is not new either.

The manufacturers in these Warning Letters likely had documentation. They had SOPs, they had COAs on file, they had a quality unit that was signing things. What they didn't have was a system that made it impossible to skip the critical steps, or that surfaced gaps in specifications before an investigator asked about them.


The Questions to Ask About Your Own Operation

If you manufacture in a GMP environment, these Warning Letters are worth reading with your own facility in mind:

When did you last compare your component specifications to the current USP monograph? If the answer is "I'm not sure," that's the answer FDA will find too.

Can you produce independent identity testing records for every incoming lot in the last 12 months? Not supplier COAs -- your own testing records.

Has your quality unit ever rejected a component specification for being incomplete? If the QU has never pushed back on a specification, it may not be reviewing them carefully enough.

If FDA requested your records today, what would they find? The question isn't whether you're compliant. It's whether your documentation can prove it.


The Takeaway

Warning Letters are public. The FDA posts them so the industry can learn from them. The fact that the same violations appear month after month suggests that most manufacturers are reading these letters as someone else's problem.

They're not. The component testing failures in both of these letters are exactly the kind of gaps that are invisible during normal operations and catastrophic during an inspection.

If your quality system depends on spreadsheets, paper COA binders, and a QU that's stretched too thin to dig into specifications, the risk is real, and the pattern in this month's letters is telling you so.


How BatchBuddy Addresses This

The two violations in this month's letters (incomplete incoming component testing and a quality unit signing off on deficient specifications) are structural gaps that BatchBuddy is built to close.

On the incoming testing side: Every lot received in BatchBuddy requires a COA review workflow before the ingredient is released for production. The system enforces that a QA signature is attached to each release -- not a checkbox, a cryptographic electronic signature with a timestamp and chain hash under 21 CFR Part 11. If you never tested independently, there's no release record. The gap is visible before an investigator asks.

On the quality unit side: Batch Buddy's QC layer surfaces specification gaps at the point of review, not after the batch is already running. When a COA comes in with a "CONFORM" result and no quantitative value, the reviewer is prompted -- the system doesn't just accept a text field. Every QU decision creates an immutable audit trail entry that can be exported and produced on request.

The manufacturers in these Warning Letters didn't have a documentation problem. They had a systems problem. The documentation failure was the symptom.

BatchBuddy publishes a monthly FDA Warning Letter Roundup to help manufacturers and QA professionals stay current on enforcement trends. See how BatchBuddy's COA tracking and QU documentation tools work →

Part of our 21 CFR Part 111 Requirements: The Complete Guide hub.

Last reviewed: 2026-06-16 · Reviewed quarterly for regulatory accuracy

Back to Resources