copy the linklink copied!3. Regulatory inspections and market surveillance


This chapter provides an overview of the different regulatory inspections used to supervise, promote and enforce compliance with NOMs. These include market surveillance activities (control of consumer products on the market), as well as a range of other inspection types and fields such as medicines safety, food safety, occupational safety and health, inter alia. The chapter gives an overview of the resources and approaches that regulatory authorities use to plan and conduct inspections and enforcement activities.


copy the linklink copied!Introduction

Regulatory inspections are the key instrument for the government to control compliance with regulations and enforce them. Market surveillance involves checking products or services directly, either at the retail stage or, in some cases, at import or wholesale stage. Other types of inspections look at compliance during the production stage – to ensure safety for workers, neighbours, the environment, and to achieve effective food safety throughout the food chain. At times, regulatory authorities can also verify the work of CABs – usually this would happen if a certified product has been found to be non-compliant by market surveillance inspectors.

In Mexico, as a general rule the government authority in charge of a NOM is also responsible for its supervision, including developing an inspections programme. Both the Federal Law on Metrology and Standardisation (Ley Federal sobre Metrología y Normalización, LFMN) and the Federal Law of Administrative Procedure (Ley Federal de Procedimiento Administrativo, LFPA), which define the requirements for inspection visits, regulate the inspections of compliance with NOMs. However, the level and types of sanctions are often set in sectoral laws.1

Mexico has had some successes in building trust, particularly in export markets for agricultural products, automotive products and others. Yet, in the domestic market trust in government institutions and in product compliance remains a challenge. In interviews conducted as part of this review, PROFECO reported to have found that roughly 20% of products sold in Mexico were not compliant with technical regulations, while industry representatives reported that it could be as high as 50% in certain product areas.

This chapter provides an overview of regulatory inspection practices (including market surveillance) for some regulatory fields in Mexico, looking at a few key sectors and at some of the main challenges.

copy the linklink copied!Overview of regulatory inspections in Mexico

The LFPA and the LFMN are the two central laws that govern the post-market inspection and enforcement of technical, safety and consumer market regulations in Mexico.

To supervise the correct implementation of conformity assessment, the LFMN allows sectoral regulators or authorised parties to perform inspection visits (“visitas de verificación”) targeting:

  • Accreditation entities to verify their compliance with the LFMN, the RLFMN and NOMs (Art. 71); and

  • Conformity assessment bodies to verify their compliance with NOMs (Art. 91) and specifically that CABs are implementing their functions with due diligence and without fraud.

The LFMN likewise empowers (under Art. 94) sectoral regulators to perform:

  • Legal metrology inspections (verification of measuring instruments);

  • Market surveillance activities (control of conformity of consumer products and services on the market) – including verifying the composition and content of products through sampling and laboratory testing; and

  • Facilities – which may cover a very broad range of safety and technical controls.

The LFMN also establishes that when two sectoral regulators have powers to inspect a single NOM, as a result of shared responsibility, then they must co-ordinate with each other. Still, the law does not specify how they must co-ordinate and it is somewhat unclear whether this co-ordination actually takes place and how frequently.

In practice, discussions with competent authorities and stakeholders showed that the use of different terms (“inspection”, “verification”, “supervision”, “monitoring”, among others) is not necessarily consistent domestically or with the terminology used for instance by APEC for conformity assessment procedures (APEC, 2000[1]) or by the European Union for market surveillance inspections (PROSAFE, 2008[2]). This may create confusion as to the exact definition and application of each term, and as to the activities that correspond to a regulatory function (using this review’s terminology: “regulatory inspections”) or to a delegated function that can be exercised by accredited and authorised third-parties (“conformity assessment”, which can include a variety of methods including on-site visits).

The LFMN also refers to how inspectors should collect and manage samples and the actions they may take in case of inaccurate labelling.

The LFPA sets specific requirements that must be observed by inspectors. It grants administrative authorities the powers to check compliance with laws and regulations. They may carry out verification visits in which the verified party is provided with a written order issued by the competent authority that specifies the place or area to be checked, the purpose of the visit, and the scope and the laws upon which it draws, among others. At the beginning of each visit, inspectors must present an ID badge with photo, issued by the competent authority, confirming authorisation to perform this function as well as the express order. Other articles in the LFPA also refer to the specific procedures to be followed during the visit.

Article 70 of the LFPA sets out the administrative sanctions that may apply, which range from a warning, through fines and arrest for 36 hours, to temporary or permanent closure. In cases of repeated non-compliance, fines may be doubled. The LFPA also provides the administrative procedures for appeal of a sanction. Giving advice or other support for compliance is not specifically foreseen by the law.

Still, each sectoral regulator has its own strategy or framework for implementing inspections and enforcement activities, beyond the legal frameworks provided by the LFMN and LFPA. The use of fines and warnings varies substantially between different government authorities. In addition, most government authorities provide some form of guidance or checklists for implementing applicable regulations. A number of sectoral regulators frequently use warnings to encourage compliance with regulations among non-compliant firms.

copy the linklink copied!Regulatory inspections in practice: examples from specific regulatory domains and economic sectors

It would be impossible to describe inspection practices for every ministry or agency in Mexico that is responsible for some of the 702 NOMs currently in force. Even grouping NOMs by economic sectors covered or regulatory domain (food safety, environment, technical safety, inter alia), international experience suggests there can be dozens of different bodies, if not more. Rather, this section highlights some practices from key sectors and domains that were assessed through interviews with stakeholders and desk-research. Specifically, it highlights the case of PROFECO, which has a special role in the application of Mexico’s technical and market regulations and in its overall NQI, as well as two special regime programmes under the Energy Regulatory Commission (Comisión Reguladora de Energía, CRE) and the Federal Commission for the Protection of Sanitary Risks (Comisión Federal para la Protección contra Riesgos Sanitarios, COFEPRIS), and an example from the Ministry of Labour and Social Protection (Secretaría de Trabajo y Protección Social, STPS).

For certain regulators, rather than the LFMN, their own sectoral law gives them inspections and market surveillance powers. Although the agencies are themselves regulated under laws separate from the LFMN, when they enforce NOMs or their own technical, safety etc. regulations, they must follow the administrative rules for inspections and enforcement found in the LFPA. This is for instance the case for COFEPRIS, the federal agency that deals with the importation of medical devices and advertising permits for medical products, described below.

Furthermore, some administrative authorities are empowered under sectoral laws to issue instruments similar to technical regulations but not subject to the LFMN. This is for instance the case of the Federal Law on Plant Health that allows SAGARPA to regulate phyto-sanitary issues through a number of instruments similar to technical regulations, effectively a system distinct from that of the LFMN.

Regulatory enforcement and inspections by PROFECO

PROFECO has a special role in Mexico as the main inspectorate responsible for consumer protection. Its mandate covers a broad range of areas, including product safety, labelling, consumer contracts, and in some cases work safety equipment and energy efficiency. In total, PROFECO has responsibility for 163 NOMs pertaining to five ministries: Ministry of Economy (109 NOMs), Ministry of Tourism2 (7 NOMs), Secretary of Energy (26 NOMs), Ministry of Labour and Social Security (8 NOMs) and Ministry of Health (16 NOMs).

The Federal Consumer Protection Law (Ley Federal de Protección del Consumidor, LFPC) gives PROFECO the authority to supervise and verify compliance with the provisions set forth in the law and, within the scope of its jurisdiction, the observance of the LFMN, as well as the Mexican Official Standards (NOMs) and other applicable provisions and, if applicable, to establish the criteria to verify their observance.

In addition to these functions, PROFECO conducts some information activities to promote the awareness and exercise of consumer rights. In interviews, Mexican businesses suggested that PROFECO inspections tended to focus more on prices and “quality” (a concept that is often difficult to describe, and that – in good practice – is mostly not covered in technical regulations, except insofar as it relates to truthful consumer information) rather than on product safety.

PROFECO has approximately 350 inspectors for the 163 NOMs under its jurisdiction. In practice, the agency mostly focuses proactive inspections on only three NOMs (covering gasoline, scales and weights), and on labelling. For other NOMs, inspections are conducted only or mostly based on complaints. This means that PROFECO is, in practice, mostly conducting legal metrology and consumer protection / consumer information inspections. Moreover, in these areas (gasoline, scales/weights), third parties may be accredited by EMA to perform conformity assessment, but PROFECO also performs fee-based conformity assessment services. This may create a conflict of interest within PROFECO which acts both as conformity assessment provider and as regulatory power conducting market surveillance. It is also likely to bias competition in favour of PROFECO against third party CAPs. Fraud in conformity assessment (which was reported by PROFECO to be a problem) would be better addressed by a robust programme of second-tier supervision (regulatory inspections), not by PROFECO providing competing paid-for services.

Fines for breaking NOMs under the purview of PROFECO may reach up to MXN 5.4 million (about EUR 250 000) in cases when one fact or omission has resulted in several infringements of the LFPC.

PROFECO faces a challenging compliance environment in consumer markets. Mexico has a large shadow economy. A number of interlocutors during interviews with the OECD also mentioned that price is the key concern of most consumers in Mexico. Income per capita in Mexico is among the lowest in the OECD. Turkey has a similar issue, but benefits from its close trading relationship with the EU (Box 3.1). Industry groups reported that Mexican consumers are extremely cost-conscious, so they may be less likely to be ready to pay a premium for products that meet high technical standards, and more willing to take the chance to buy cheaper non-conforming products. PROFECO and the Ministry of Economy have nevertheless attempted to inform Mexican consumers about technical standards. For instance, PROFECO produces the General Coordination of Education and Dissemination programme, which promotes the awareness and exercise of consumer rights and better purchasing decisions.

copy the linklink copied!
Box 3.1. Market Surveillance challenges in lower-income markets in Turkey

Turkey is another OECD member where limited household income, particularly in some parts of the country, mean many consumers will buy lower-cost products regardless of safety or reliability considerations. The domestic market in Turkey is also regionally very different – modern and sophisticated in Istanbul and south-western coastal regions, far poorer in the eastern part of the country. Challenges have been compounded by devaluation and the refugee influx.

Since the 1995 Customs Union between Turkey and the EU, Turkey has gradually transformed its technical regulations system to approximate the EU model and legislation. This means the country has moved away from a system previously based on very widespread mandatory certification ex ante and strict import controls to a regime relying more on producer/importer declaration, third-party conformity assessment etc., and more open to international trade. This means that the importance of market surveillance is also far higher.

Creating additional challenges, not unlike in Mexico, different institutions are in charge of checking compliance of products at import stage (the Ministry of Economy in Turkey) and in-country – and, on the internal market, several institutions are in charge of different types of goods (10 ministries in Turkey), while co-ordination and information sharing are still insufficiently developed.

The Ministry of Science, Industry and Technology, which is in charge of market surveillance for electrical and gas appliances, has been facing an uphill struggle in improving compliance levels on the market. In fact, the gradual reinforcement of its activities has led to higher levels of detected non-compliance, because there are more inspectors and checks. As indicated in discussions with its management and specialists, low-income consumers (particularly in eastern Turkey) are simply unable to pay more for the goods they need – so, if the Ministry becomes more effective at removing non-compliant goods from the market, new informal operators simply take the place of previous ones and import new non-compliant (but cheap) goods. By contrast, Istanbul shoppers primarily buy from formal stores, and are far more likely to prefer reliable, reputable brands and products, because they have enough disposable income to afford them.

This situation shows the importance of gradually developing differentiated, segmented regulatory delivery approaches. Whereas “classical” market surveillance, with risk-based inspections and a combination of information and enforcement, is appropriate for the higher-income regions, and can lead gradually to improved compliance and safety levels, it is less applicable to poorer areas. There, by contrast, imposing sanctions and confiscation of non-compliant goods does not drive them sustainably out of the market (they are quickly replaced by new shipments, because demand persists), but may further impoverish local consumers by increasing costs for traders, and thus prices. In this case, reinforcing education and information campaigns, and supporting industry to set-up a voluntary compliance scheme to allow customers to more easily recognise reliable traders and goods, may help gradually develop the market.

Source: Turkey 2017 Annual Market Surveillance Programme,; Technical Barriers to Trade: The case of Turkey and the European Union by Sübidey Togan,; notes from meetings with Market Surveillance officials in Turkey.

PROFECO reports having an annual programme focused on complaints and key holidays when many consumers and businesses are buying and selling many goods. For example, PROFECO has tested the quality of fabrics during holidays. This practice may create costs for businesses as they face higher pressures during busier times of the year. Managing inspection processes is more difficult and costly for businesses during such times, particularly if inspections are frequent and repeated. In many countries, this has been found to generate opportunities for corruption, as hard-pressed businesses try and get the inspectors away as fast as possible.

In addition, such an approach is not risk-based. It targets a type of product (fabrics) that creates generally little hazard, and on which there typically are very few substantive requirements. It is likely that such a focus is linked to the ease in finding minor (formal) non-compliances, rather than on a data-driven approach (as it is unlikely that major harm for consumers is recorded). In addition to the heavy burden on businesses and probable higher costs for consumers, this approach is prone to result in an inefficient allocation of resources. A similar problem of excessive controls following minor consumer complaints, for goods on which no substantive technical regulations exist, was found by the OECD in Lithuania, and likewise produced increased burdens and decreased efficiency.

It means the inspectorate wastes around half of its already scarce resources on conflicts of a purely private nature, where there is no safety issue involved and no reason for the state to act. The lack of good statistics on product safety and injuries or deaths caused by unsafe products in Lithuania means that the negative impact of this misallocation of resources is difficult to estimate, but the serious situation with fire safety (see above) suggests that it may in fact be significant (OECD, 2015[3]).

In total, PROFECO tested 10.1 million products in 2018 and found that around 20% or nearly 2 million did not comply with Mexican NOMs (PROFECO, 2018[4]). PROFECO also manages more than 100 000 complaints a year and reports that over 80% are resolved in favour of the consumer. This does not mean that these complaints were actually grounded, or that they corresponded to significant issues from a risk-based perspective (see Box 3.2 on Ukraine’s experience). Rather, complaints have been consistently found to be a poor basis for planning inspections. While they may be cost-efficient (obviating the need to collect and analyse data to plan interventions), they inherently mean that the inspection comes “too late”. In addition, a complained-based inspection system may often be misled by consumer bias, as propensity to complain may be driven by many factors unrelated to the gravity of the issue, or by ill-intentioned complaints made by competitors of a given business (Blanc, 2018, pp. 84-86[5]).

copy the linklink copied!
Box 3.2. Formal vs. substantial non-conformities in Ukraine

High levels of identified cases of non-compliance does not always mean that substantial regulations, particularly relating to safety, are violated. It may simply mean that there are some “paperwork” issues, particularly in countries with a procedurally complex system. In its 2008 report on Technical Regulations in Ukraine, the World Bank Group noted the following:

  • According to data obtained in the course of inspections conducted by the State Standardisation Committee in the first half of 2007, between 44% and 72% of goods were found to be non-compliant with the appropriate regulations. Yet only between 4% and 14% (depending on the type of goods) the cases of industrial goods were due to nonconformity with standards. All other violations were of formal norms. Inspections of food products did not reveal any nonconformity at all, the only exception being fat and oil products. The lion’s share of all documented cases of non-compliance were due to a lack of appropriate documentation (29-62%) and/or product information (20-62%).

Source: Derzhstandart press releases of 13 March 2007; 1 June 2007; 4 May 2007; and Technical Regulations in Ukraine 2008, World Bank Group.

Effectively, PROFECO’s market surveillance and inspections are either complaint-based or random. While random inspections suffer from less bias than complaint-based ones, they are inefficient, spreading resources and burdens equally without regard to the probability of violations or the potential harm. As such, they also offer no incentive for improvement, since businesses face the same chance of inspection regardless of their efforts to improve their practices. Box 3.3 presents an explanation of good risk-based inspection practices.

In the United Kingdom, market surveillance activities target products that create the highest risks for consumers. The Office for Product Safety and Standards (OPSS) was specifically created in January 2018 (through the merger of several previous structures covering metrology, regulatory delivery improvement, and some areas of market surveillance) to improve the system countrywide, through increased consistency between local authorities, better methods for risk management, increased consolidation of information, nationwide action on hazardous goods etc.

copy the linklink copied!
Box 3.3. Risk-based inspections – key concepts and approaches

Risk should be understood here as the combination of the likelihood of an adverse event (hazard, harm) occurring, and of the potential magnitude of the damage caused (itself combining number of people affected, and severity of the damage for each).

It is important that risk is not wrongly understood as only the probability of some violation or problem taking place – indeed, in some types of establishment, certain violations may be frequent (highly likely), but have very little (if any) adverse effects. On the other hand, risk is also not identical to the level of hazard, that is, the potential severity of the consequences only: if an event is very unlikely, even if potential consequences are dire, the overall risk level may not be considered extremely high.

An adequate understanding of risk is to define it, in line with best practice and research findings, as the product of “magnitude” (which itself is the combination of the severity of the effect and of the numbers potentially affected) and “likelihood”:

Risk level = Magnitude x Probability.

The term “risk assessment” in the regulatory sense means the assessment of:

  • Strategic risk: i.e. consideration of the purpose of the regulatory organisation, the key regulatory risks that the primary legislation and regulatory authority is designed to control, and definition of objectives to address those risks;

  • Operational risk: i.e. the design of risk-based interventions taking into account the concerns and priorities of citizens, the business environment – its mode of operation and incentives, and wider market conditions;

  • Risk assessment of individual businesses; and

  • Sanctioning according to risk: i.e. the use of risk-based sanctioning decisions as part of a proportionate response to non-compliance.

The term “risk-based targeting” refers to:

  • The selection of the most appropriate intervention to drive better regulatory outcomes, which may be education, provision of information, inspections, among others.

  • The allocation of resources to various interventions;

  • The criteria against which businesses are targeted for those interventions.

Risk assessment in the context of this document refers to the various schemes used to assess the level of risk associated with a particular business, activity, premises or product, which feed into (and in some cases determine) the nature of the subsequent regulatory response and its priority.

Risk assessments (or risk “ratings”) of businesses should ideally be based not only on what is found at the time of an inspection or other intervention, but should also take account of other relevant, available intelligence to inform the judgement about regulatory responses. Risk assessment is therefore key to better regulation and plays a crucial part in all of its principles: accountability, transparency, proportionality, targeting and consistency.

Source: World Bank Group (2013), Introducing a risk-based approach to regulate businesses; and UK Better Regulation Delivery Office, (2012), Proposals for Developing a Common Approach to Risk Assessment.

PROFECO’s remit covers a large number of sectors and areas of consumer protection, particularly because it includes not only consumer product safety but also metrology and general consumer protection provisions. PROFECO is also responsible for a number of NOMs related to tourism, for example the NOMs related to dive instructors and tour operators and the hygiene of resorts. As a next step in assessing the system for technical, safety and market regulations in Mexico, a benchmarking of PROFECO’s functions against international good practices could be undertaken – which would also involve benchmarking the reach of technical regulations in Mexico in terms of sectors and products to determine which ones do (or do not) fit with a risk-based approach.

Finally, PROFECO has been affected at different points in time by inspector corruption cases as well as political interference in inspection activities. Several times, PROFECO has fired many inspectors at once. To try to address this, in 2015, PROFECO introduced a Code of Conduct to avoid conflicts of interest, but it is unclear at this stage how effective this has been.

International experience suggests that the lack of a risk-based approach, emphasis on formal requirements, excessive use of complaints-based inspections, and increased inspection activities during holidays, inter alia, are all factors that tend to increase corruption. Doing “less, but better”, and ensuring staff are well-qualified and adequately compensated are important steps toward a more professional and ethical inspectorate.

Moreover, technical regulations of non-food products typically feature highly specific and well-developed requirements and specifications (which many stakeholders report as among the best examples internationally, e.g. for safety of electrical devices). By contrast, their regulatory inspections rest with PROFECO, a non-specialised body, with a very broad mandate and a professional profile that is primarily on ‘law enforcement’ rather than technical.

Regulatory enforcement and inspections by the CRE

Mexico’s Energy Regulatory Commission (CRE) is in charge of regulating significant parts of the hydrocarbon market in Mexico, including mid-stream and downstream markets, as well as the entire electricity value chain. Although primarily an economic regulator, the CRE is responsible for supervising compliance of numerous NOMs. The CRE is responsible for the following NOMs:

  • NOM-001-SECRE-2010 - Specifications of natural gas;

  • NOM-014-CRE-2016 - Specifications of the quality of petrochemicals; and

  • NOM-016-CRE-2016 - Specifications of the quality of petroleum products.

The mission of the CRE is to regulate and supervise in a reliable and co-ordinated manner the activities of the energy sector to promote productive investment and its efficient and sustainable performance for the benefit of Mexico. Its stated aim is to create a system of independent and specialised regulators, capable of guaranteeing a safe, reliable, competitive and sustainable energy sector.

The CRE has adopted an official policy document for inspections based on the OECD Best Practice Principles on Regulatory Enforcement and Inspections. The policy is specifically designed to target inspections on businesses most likely to be in non-compliance and which create the most significant risks. Inspections from the CRE are based on:

  • The availability of human and financial resources;

  • The degree of fulfilment of obligations by the permit holders;

  • The number of complaints that the permit holders have;

  • The number of operational emergencies and fortuitous cases or force majeure in the systems permissible; and

  • Other factors, for example, market and systemic conditions.

In general, as noted above, excessive reliance on complaints to target inspections results in a purely responsive, non-risk-based approach. To the extent that the number and types of complaints are used only to improve the risk-based targeting, and provided that targeting is based on other elements (for instance, characteristics of the operation and findings from previous inspections), this could prove to be good practice. Further information would be needed to assess the CRE’s approach in this respect.

The CRE’s inspection policy aims to selectively target firms most likely to be in non-compliance, but not necessarily to target NOMs or parts of NOMs of greatest risk to society. Again, to what extent CRE effectively does this, or whether for now its risk-based targeting is really primarily compliance-based, would have to be further ascertained through additional research.

Unlike other technical inspections authorities, the CRE has created three-tiered system of inspection levels (reduced, normal, and rigorous) based on the risk of the non-compliance profile of business and market conditions for inspections that it performs on certain regulations but not on NOMs. This is a model that could be further imitated and replicated.

The CRE also has an explicit policy to encourage compliance by duty-holders, rather than a strong focus on sanctions. The fourteenth paragraph of the policy document asserts that to encourage voluntary compliance, it is necessary that regulated businesses know:

  • The regulations and the obligations to which the permitted activities are subject;

  • What the consequences are for not complying with the regulation and with permit obligations, as well as the types of sanctions which can apply.

The CRE has also adopted a new Code of Conduct of the Energy Regulatory Commission, aligned with the Code of Ethics of Servants of the Federal Government, to promote an environment of responsibility, commitment and respect for the labour and human rights of the personnel of CRE (Box 3.4).

copy the linklink copied!
Box 3.4. The eleven values of the CRE Employee Code of Conduct
  1. 1. Competition. Knowledge, skills and experience that people develop to understand and execute their daily tasks.

  2. 2. Commitment. Responsibility to meet the objectives set in a timely manner.

  3. 3. Empathy. Understand the position and circumstances of the general public, of regulated subjects and collaborators.

  4. 4. Teamwork. Collaboration of all members of the Commission, based on fluid and effective communication at all levels and in all directions.

  5. 5. Excellence. Result of constant work and with high quality standards in the individual and collective.

  6. 6. Integrity and Honesty. Act in accordance with the law and the public interest, with ethics and transparency.

  7. 7. Pragmatism. Practicality in carrying out the daily activities of the Commission, with the purpose of achieving agile and effective work.

  8. 8. Respect. Guarantee violence-free spaces where freedom of expression is guaranteed and diversity and tolerance towards others are promoted.

  9. 9. Creativity. Constant generation of new ideas for problem-solving and ongoing improvement.

  10. 10. Determination. Take responsibility proactively, with courage and perseverance.

  11. 11. Responsiveness. Make decisions and communicate risks in a timely manner, in order to anticipate problems and generate effective solutions.

Source: CRE (2018), Code of conduct of the energy regulatory commission, 14 December.

Regulatory enforcement and inspections by COFEPRIS

COFEPRIS is a decentralised, regulatory body of the Mexican government that supervises health and health-related issues, broadly defined. It is responsible for the market supervision and inspections across several sectors with an important health impact, including the safe manufacture and distribution of drugs and medical devices, medical care (hospitals, clinics), and a number of aspects of food safety. Its authority was granted under the General Health Law.

The General Health Law gives COFEPRIS the power to perform inspections that are part of a CAP itself or by a third party. The General Health Law also grants COFEPRIS powers to oversee the work of third parties that may report on the efficacy of drugs and medical products, as well as labs.

Regarding food, COFEPRIS has a competence that is shared with SENASICA (under the Ministry of Agriculture, and responsible for primary production but also for a part of transformation / processing) and with State-level authorities (responsible for most inspections of food processing, trade and service) – with the latter acting along guidelines and plans issued or validated by COFEPRIS.

Based on current findings, COFEPRIS appears to largely base its inspections on random selection or based on complaints, within broadly defined sector-level priorities. For example, COFEPRIS was reported to randomly inspect food products at point of sale to verify compliance with current food labelling regulations, and samples food products to guarantee that such products are safe for human consumption (USDA - Foreign Agriculture Service, 2018[6]). If this is a monitoring activity (aiming at establishing average levels of compliance) random selection may be appropriate, but if it is an inspections activity (leading potentially to enforcement measures) random selection is inefficient.

COFEPRIS can make two types of visits: a verification visit or health promotion visit. A verification visit is an inspection of regulatory nature to an establishment to verify compliance with the legal and regulatory requirements. A health promotion visit aims to promote better practices through counselling and training, good practice guides or brochures to inform the owner of a health facility how to act in accordance with current legislation (Tiol-Carrillo, 2017[7]). COFEPRIS did not report the use of specific risk-based methods for planning inspections (except for pharmaceutical production inspections), although the Commission for Evidence and Risk Management (CEMAR) within COFEPRIS does identify and evaluate health risks arising from drugs and medical devices.

In terms of the selection of inspection targets, interviews suggested that this was done on the basis of a rough sectoral analysis (which types of objects or sub-sectors appear to generate the most problems), with some level of consideration for the track-record of establishments (mostly in the sense of prioritising inspections toward those with previously recorded problems). Selection may be more targeted for health-care establishments, particularly major ones (which are smaller in number), and less so for food establishments (mostly controlled by State authorities on behalf of or in co-ordination with COFEPRIS).

While there appears to be a general understanding of a broad, high-level risk-based approach (selecting priority sectors, paying attention to track record), there do not seem to be any specific methods, tools (criteria, scoring methods etc.), processes or systems to target inspections in a systematically risk-based manner. Moreover, there seems to be a high level of reliance on “reactive” inspections, i.e. on inspection visits following complaints. These have generally been found to be less effective at improving outcomes, particularly if there is insufficient management of complaints to screen them and decide on a proportional response based on the specifics (reliability, issues raised, first instance or repeated cases, etc.).

Good Manufacturing Practices Inspections (Pharmaceuticals)

As the pharmaceuticals regulator, COFEPRIS performs Good Manufacturing Practices inspections and certification for medical drugs. An inspection is required prior to submission for approval. A verification visit by COFEPRIS is required to verify manufacturing processes for registration and manufacturing changes of biological, blood and biotech products. In addition, COFEPRIS inspectors perform verification for the new registration or renewal of a drug produced in a country that cannot prove high a level of sanitary surveillance. COFEPRIS, however, recognises the verifications from health authorities that are members of the Pharmaceutical Inspection Convention and Pharmaceutical Inspection Co-operation Scheme (PIC/S). As noted in the 2018 OECD Competition Assessment of Mexico, COFEPRIS does not recognise the GMP of some the largest suppliers, India and China – but this is in line with international good practices, as the European Union similarly treats producers from these countries with scrutiny.

Self-Management Program in Health and Safety at Work (PASST) by the Ministry of Labour and Social Protection (STPS)

The Ministry of Labour and Social Welfare is responsible for labour policy in Mexico. It carries out many inspection activities to ensure that workplaces comply with their obligations to maintain good general working conditions, to protect the health and safety of workers and to ensure that business are properly training employees.

The Ministry of Labour and Social Protection has a Self-Management Program in Health and Safety at Work (PASST). The programme allows businesses to assess their own compliance for all 38 relevant NOMs for workplace safety. The three objectives of the programme are to:

  • Promote schemes for self-assessment of compliance with regulations, with co-responsibility of employers and workers.

  • Induce continuous improvement in the prevention of accidents and occupational diseases.

  • Decrease occupational accidents and diseases.

The programme also includes a computer-based tool for the identification of the relevant NOMs in health and safety at work. While both of these (programme overall, and computer tool) are potentially very useful and in line with international good practice, their effectiveness may be jeopardised by the regulatory structure – i.e. emphasising compliance with separate NOMs rather than a comprehensive management of occupational health and safety risks in the establishment. Benchmarking of practices and outcomes in different countries has shown that a regulatory approach that focuses on comprehensive risk management rather than on “box-ticking” on a number of separate precise rules is both less burdensome and considerably more effective. Research showed that the United Kingdom achieved better occupational safety and health outcomes than France and even Germany with 3 to 5 times less frequent inspections, thanks to more risk-based inspections and a more comprehensive approach to risk-management (Blanc, 2018[5])

The Health and Safety Executive (HSE), responsible for OSH in the United Kingdom, has developed an enforcement policy that is based on risk-focus and risk-proportionality, both to target inspections, conduct verifications “on site” and decide on potential measures post-inspection (Box 3.5). These play a role in the UK having one of the lowest rates of workplace fatalities in the EU and globally. Only 10 workers die per million economically active population per year compared to an average of 38 in EU-27, EFTA/EEA, candidate and pre-accession countries. (WHO, 2019[8]) Other countries have developed similar sets of principles and approaches – a good example in another field (food safety) is that of the Danish Veterinary and Food Administration (Box 3.5).

copy the linklink copied!
Box 3.5. Principles of inspections and enforcement

UK Health and Safety Executive Enforcement Policy

The HSE applies the following principles to its enforcement activities:

  • Proportionality in applying the law and securing compliance;

  • Targeting of enforcement action;

  • Consistency of approach;

  • Transparency about how HSE operates and what businesses, workers and the public can expect; and

  • Accountability for its actions.

These principles apply both to enforcement in particular cases and to the management of enforcement activities as a whole. They are not applied in isolation, but are informed by an understanding of the business environment. They allow for effective enforcement without stifling economic growth, by requiring inspectors to be proportionate in their decision-making and mindful in keeping the burden on business productivity to a minimum.

The HSE adopts a proportionate approach to enforcing the law across different industries and sectors, recognising the importance of supporting businesses to comply and grow. In its dealings with duty holders, it seeks to ensure that enforcement action is proportionate to the health and safety risks and to the seriousness of any breach of the law. This includes any actual or potential harm arising from any breach, and the economic impact of the action taken. The HSE expects that duty holders, in turn, will adopt a sensible and proportionate approach to managing health and safety, focussing on significant risks i.e. those with the potential to cause real harm. Applying the principle of proportionality means that inspectors should take particular account of how far duty holders have fallen short of what the law requires and the extent of the risks created.

The HSE uses a risk-based approach when deciding which duty holders to proactively inspect, taking into account factors such as size, type of activities, industry sector, and the associated death, injury and ill-health rates. The HSE also uses proportionate and outcome-based criteria when deciding which incidents, diseases and dangerous occurrences have to be investigated. This means that the HSE targets inspection and investigation resources primarily on those activities, industries and sectors giving rise to the most serious risks, where and when the hazards are least well-controlled, or where competence to manage health and safety is in doubt. Low risk activities will not, in general, be subject to enforcement unless actual harm has occurred.

Source: Health and Safety Executive (2015), Enforcement Policy Statement, pp. 2-4, (accessed 10 September 2019).

Danish Veterinary and Food Administration

Inspections in the Danish Veterinary and Food Administration follow certain key principles for official control of products:

Control must be preventive

An important element in the control process is the provision of information to establishments and primary producers to ensure that they understand the reasoning behind the regulations and are motivated to follow them.

Analytical control

Analytical control ought to be a verification of whether the establishment or primary producer can manage the handling of foodstuffs or primary production.

Need-oriented inspection

Inspections should be both need-oriented and regular. It should also be dynamic, and most intensively applied where the need is greatest. Once a problem has been solved, the inspection effort should be moved elsewhere. The results of the inspection and the new knowledge acquired from, for example, surveillance and charting studies, should be used to keep the control process goal-oriented and to improve regulations.

Seek the source of the problem

Inspections should seek out the source of the problem. The inspection efforts should be concentrated as close as possible to the relevant links from which problems are emanating in the chain from "stable to table". If problems are discovered further down the chain, the responsible party should be contacted with regard to carrying out an inspection of the establishment or primary producer concerned, which is where the problem should be solved.


The control process should avail of whatever sanctions are necessary to ensure that the regulations are observed. On the one hand, the reaction should not be more radical than necessary, while on the other hand, sanctions must have sufficient impact to ensure that the regulations are respected. If the establishment or primary producer concerned fails to comply with the control authority's sanctions, the sanctions should be escalated.

Uniform effects

The effects of inspections must be uniform, both geographically and within the various branches of the food industry. This means, for example, that import and production must be subject to the same requirements, and that regulations must be uniformly enforced throughout the entire country.

Document its own reliability

The inspection process must be able to document its own reliability and effectiveness, and must be made available to the public. Inspection results must be visible at places where consumers purchase foodstuffs, and on the Internet, so as to make it easier for consumers to evaluate the establishments involved and the official control process.

Source: Danish Food and Veterinary Authority, Inspection Principles (October 2015) – available at:

copy the linklink copied!Regulatory inspections and market surveillance in practice: major challenges

This section identifies the most significant challenges facing Mexico’s regulatory inspections of NOMs against the OECD Best Practice Principles on Regulatory Inspections and Enforcement. Practices for risk management, information sharing, among others, vary significantly between different ministries and federal agencies. Despite this variation, however, there are some general trends in the challenges facing inspections and enforcement of technical, safety and market regulations in Mexico.


  • Related Best Practice Principles: Professionalism; Selectivity; Risk Focus and Proportionality

Market surveillance and inspections require sufficient expertly-trained inspectors that understand the NOMs and nature of the regulated businesses. In addition, inspectorates must target resources to regulation or portions of a technical regulations that present real risks to citizens. The Mexican government faces a particular challenge in using government resources effectively. Mexico has the lowest government spending per capita in the OECD, so inspection resources should be very carefully targeted to those regulatory issues (NOMs) that have the greatest impact on citizens, and to the businesses, products, etc. that create/present the most risks.

Similar to the issue of a lack of CABs, in interviews, Mexican regulators mentioned that there may be some areas or NOMs that may be significantly under-inspected. For example, SENER focuses on inspections of large power plants and, though smaller power plants might pose a significant risk, SENER lacks the resources to monitor power plants below a certain size.

In other key areas, like consumer protection, market surveillance in Mexico sometimes focuses on the most easily “visible” regulations, rather than targeting resources to areas of the greatest risk to the public. For example, PROFECO has previously targeted clothing quality. As indicated above, this is quite far from good practice, in that it specifically directs most resources to the lowest-impact areas. In addition, experience suggests that (because of the low number of safety rules applying to clothing) such inspections can be quite market-distorting, with inspectors focusing on price or labelling issues in ways that can show clearly excessive use of discretion.

As briefly outlined above, PROFECO is responsible for a large number of NOMs, many of which have significant technical content (which, in many cases, appears to be of high quality). The staffing of PROFECO, however, does not correspond to this mandate. The institution has a strong “legal” profile, rather than a technical one. There do not appear to be specialised technical units or teams to deal with goods presenting a higher level of complexity or risk. The limited number of staff combined with the very large size of the market means that PROFECO would need to have a very strong risk-based approach so as to focus its limited resources on the most critical risks. However, this is currently not the case.

Many authors have pointed out, in this respect, that it may be necessary to pay an efficiency wage to inspectors – a wage set above market rates – to discourage corruption. If inspectors are paid more than fairly for the role, they are much less likely to accept bribes that may have legal or financial consequences. At the very least, inspectors should be paid at market rates and not less. Countries where inspectors are seriously underpaid are known for major corruption problems in inspections, which no official reform manages to curtail. Cuts in the size of the public service, both in wages and employment, will likely further reduce the number of inspectors and their pay. While fewer, better paid staff could be an adequate approach, cutting wages will almost certainly have adverse consequences on the quality of the staff who enforce the NOMs.

Targeting and responsive regulation

  • Related Best Practice Principles: Professionalism; Selectivity; Risk Focus and Proportionality

Inspections should be targeted towards those businesses, products, infractions that (can) have the gravest consequences for the health, safety, and well-being of citizens. Governments can ensure this by allowing inspectors to target specific areas for enforcement and to leave other areas up to market forces.

In Mexico, we also heard that inspectors are often obliged to check the entire contents of a given NOM during inspections. This may not be the best use of resources, because not all parts of a NOM create the same amount of risk to Mexican citizens. Inspections themselves should pass a cost-benefit analysis; the inspection system should improve the functioning of markets and reduce risks through enhanced compliance rates more than it costs businesses and governments to pay for inspections. As Blanc notes, there is a growing body of research on the harmful effects of bad (excessive, non-targeted, or arbitrary) regulation and inspections (Blanc, 2018[5]). It is, therefore critical that resources (both from the government and the costs of businesses compliance) are carefully targeted to high-risk regulations, products, establishments etc.

Targeting should also be part of an overall strategic framework of inspectorates. In Mexico, some inspectorates have started using the Matrix of Indicators for Results (MIR), which is reported to the Ministry of Finance and Public Credit through its application portal. SENER, for example, uses the MIR and reports on quality indicators and goals.

It is not sufficient to target inspections to the right parts of a technical regulation. Governments should be following the principles of responsive regulation or, as phrased by Baldwin and Black, governments must decide “when to punish; and when to persuade” (Baldwin and Black, 2007[9]). In the case of Mexico, we heard that, in part because of the structure of the FLPA and sectoral, inspectors often warn and then sanction. Essentially, businesses are told to “comply or else”. As (Hawkins, 2002[10]) showed, Britain’s HSE approach on the opposite emphasises the use of “law as a last resort” – i.e. co-operation and advice are the primary tools. As shown above, this co-operative and responsive approach has shown far superior outcomes.

Nevertheless, market surveillance authorities often produce some guidance, toolkits, or self-checklists to help promote compliance with NOMs. However, it is not clear if inspectors can offer advice on compliance, even after giving a warning – and it has not been assessed to what extent the existing guidance tools are convenient, clear, well-known etc. PROFECO reported that, among the different types of visits it could conduct, some were advisory and others led to enforcement measures but there does not seem to be as yet a clearly established system and methods for a compliance-promoting approach.

The new Law to Promote Citizens’ Trust could be used as a foundation to make inspections more focused on compliance-promotion, reducing inspections pressure on compliant businesses, make targeting more proportional to risk, among other potential uses. Article 11.IX, in particular, can be used as a basis for risk-proportional inspections and enforcement of those enterprises that opt to register under the Law.

Fractionalisation and co-ordination

  • Related Best Practice Principles: Co-ordination and Consolidation; Responsive Regulation; Information Integration

Co-ordination is a key aspect of inspections and enforcement. First, co-ordination helps reduce administrative costs for businesses, because they need to manage fewer inspections per year. Secondly, a co-ordinated framework for inspections and enforcement allows authorities to more effectively identify and target riskier businesses. For example, a business that is not compliant with a set of standards in occupational safety may be more likely to be non-compliant with environmental standards, or at the very least such non-compliance may be a “flag” for verification – whereas a business that has been found consistently and constantly compliant by others may be visited less frequently. Visits by other inspectorates can also contribute to updated information about the type of activities, their volume etc. – because there are typically many variations compared to the initial business registration data.

According to the LFMN, sectoral regulators are required to co-ordinate when there are overlapping NOMs and jurisdictions. However, it is currently unclear how this is enforced, even when they have overlapping duties, e.g. product labelling. Suboptimal inter-agency sharing of information may make it harder to target riskier CABs, businesses, and products and services.

In Mexico, inspection and surveillance are organised in reference to each NOM. Through interviews, very few inspectorates or agencies mentioned that they co-ordinate inspections when a business might be subject to multiple NOMs from different supporting agencies. Furthermore, interviewees did not mention any information or data-sharing practices. Even within individual agencies, such as SEMARNAT, there seemed to be minimal co-ordination between different units working on similar areas of technical regulation.

Each inspection creates a burden on businesses who must manage or support every inspection of their business. In many cases, they are subject to inspection from a number of different regulators. As a result, when they must manage many different inspections, they face high burdens, uncertainty and even contradictory requirements. A fragmented system also hampers information sharing, which makes it more difficult for regulators to identify high-risk businesses. Finally, multiple related inspections mean additional uncertainty for businesses in terms of which rules will be applied or how they will be interpreted, and this may act as a serious deterrent for investment and growth.

Whereas in the non-food products field PROFECO has very broad responsibilities (making co-ordination less of an issue), food safety supervision is divided between SENASICA, COFEPRIS and state-level authorities. While responsibilities in the food safety sphere may on paper be relatively clear, experience suggests that such divisions rarely function seamlessly in practice, and certain stages e.g. of processing could be subject to multiple competence. There did not appear to be a formalised co-ordination system for food safety inspections between SENASICA and COFEPRIS. A useful example of co-ordination could be that of the United Kingdom’s MSNetwork – or the guidelines adopted in Italy to foster co-ordination between inspectorates, which are then implemented at the regional level (Box 3.6).

copy the linklink copied!
Box 3.6. Inspections Co-ordination – UK and Italy examples

UK Market Surveillance Co-ordination through the MSNetwork

In the United Kingdom, market surveillance refers to the suite of activities carried out by regulators that protect consumers from unsafe and non-compliant goods, by ensuring effective interventions (regulatory inspections) with businesses before they place goods on the market, when in the supply chain and when corrective action is needed.

The Department for Business, Energy and Industrial Strategy (BEIS) has responsibility for the subject matter of most technical regulations. Responsibility for co-ordinating market surveillance activity in the UK is held by the Office for Product Safety and Standards (OPSS) that is part of BEIS. Market surveillance in the UK is carried out by a range of both national bodies and local authorities. To ensure effective co-ordination of activity, these authorities come together through a Market Surveillance Network (MSNetwork).

The MSNetwork meets four times a year, providing a forum to exchange information, share best practices and review joint programmes and projects that are undertaken alongside the forum’s meetings.

Current work programmes of the network are:

  • Preparation of the UK National Market Surveillance Programme;

  • User insights into the development of the UK Product Safety database;

  • Re-alignment of the Single Point of Contact between market surveillance authorities and HM Revenue and Customs to share data on imports to target checks on risky products and economic operators; and

  • Agreeing arrangements to pass cases between authorities.

Members of the MS Network include OPSS (consumer products, eco-design and environmental product regulation); Health and Safety Executive (products used in the workplace and pyrotechnics); Driver and Vehicle Standards Agency (automotive vehicles); Maritime and Coastguard Agency (products used in the maritime environment); Medicines and Healthcare Products Regulatory Agency (medical devices); and Office of Communications (communications equipment).

Source: UK Office for Product Safety and Standards.

Italy: National Guidelines for Inspections

Co-ordination of inspection activities

To reduce or eliminate disproportionate or unnecessary duplications, administrations should adopt co-ordination instruments between the different areas that exercise control activities. They should first identify the optimal level at which to conduct the co-ordination activity to obtain the best synergies between all actors.

The principle of co-ordination is then pursued through different instruments, such as:

  1. a) Annual control plans co-ordinated between different administrations;

  2. b) Shared databases between administrations that work in the same sector or in connected sectors;

  3. c) Agreements between administrations in charge of inspections to conduct, where possible, co-ordinated or planned inspections; and

  4. d) Harmonised documentation and forms that can be agreed jointly by all the administrations conducting inspections (e.g. official conclusions of inspections).

Source: Italy, Civil Service Department, Linee Guida in Materia di Controlli – adopted in 2013 by the Interregional Coordination Roundtable, Linee%20guida%20Controlli_24-01-2013.pdf .

Nevertheless, there are positive examples of co-ordination in Mexico. In 2018, ASEA, CRE and CNH created offices for co-ordination to assist stakeholders in processes requiring the intervention of more than one of the three regulators. Co-ordination between Mexico regulatory agencies in general was one key recommendation of the OECD report Driving Performance at Mexico’s ASEA, CNH and CRE, which advocated for the creation of an Energy Regulatory Group to catalyse information sharing and facilitate co-ordination among the different regulators (OECD, 2018[11]). The ERG was inaugurated in 2018 (Box 3.7).

copy the linklink copied!
Box 3.7. The Energy Regulators Group in Mexico: CRE, CNH and ASEA

The ERG is an institutional approach to improving co-ordination. It is a permanent forum for exchange and implementation of joint work, whose mission is to “regulate and supervise in a reliable and co-ordinated manner the activities of the energy sector, to encourage productive investment and its efficient and sustainable performance in Mexico”.

The group has also developed a Strategic Plan from 2018-2022, which lays out five key objectives to: facilitate the development of the energy sector; offer long-term regulatory certainty to the energy sector; meet the needs of the sector in a co-ordinated manner through systematic operations; promote cutting-edge financial and technical capacity permitting the operation of the system; and be recognised as a benchmark by society as well as national and international markets.

Source: OECD (2018), Impact Update: Driving Performance of Mexico’s Energy Regulators, OECD, Paris,

Generally, however, other ministries and regulators did not mention any explicit programs for information sharing or co-ordination between them and another agency. No inspections information-sharing platform, like Safety Gate in the EU or the Company Dossier system in the Netherlands (Blanc, 2012[12]), or like the “fascicolo d’impresa” in Lombardy3 (Italy), exists in Mexico.

To support SMEs, the authors of the 2019 Economic Survey of Mexico suggested that “greater co-ordination between tax and labour inspections would also help, for example, by obliging tax inspectors to report suspected breaches of labour regulations and establishing stronger co-ordination mechanisms.” (OECD, 2019[13]). Labour regulations include 36 NOMs, enforced by the STPS.

The UK’s Office for Product Safety and Standards was established precisely to try to overhaul a system seen as too fragmented and insufficiently effective in terms of inspections and enforcement. Improved co-ordination, efficiency and effectiveness can also be achieved by creating shared information management systems (Box 3.8).

copy the linklink copied!
Box 3.8. Shared information systems for inspections

Risk-based planning cannot be done without each agency having data on all objects under supervision, which is costly and difficult to update – while, at the same time, because many of the risk dimensions are correlated, and because a non-compliant business tends to be thus in several areas, inspectorates would be able to improve their risk analysis if they also had data from other inspectorates. In addition, many inspectorates (even in OECD countries) have been found not to have proper information systems in the sense of systems allowing them to plan their activities based on risk, and to record the inspections results – setting up a system for each of these separately, and “populating” each with data on all objects, is far more costly than setting up a joint system. All these points speak strongly for setting up, as much as possible, joint information systems shared by most or all inspectorates. The information system should be built on a database that includes the following data:

  • List of all business entities and of all establishments (not only all companies/businesses, but also all separate premises) in the country.

  • For each establishment, have data on a set of relevant parameters corresponding to different risk factors, some “general” risk parameters generally relevant to all or most types of inspections (e.g. size, volumes handled, type of technology or process, etc.), and other more specific ones grouped by risk dimensions (e.g. food safety, workplace safety etc.).

  • List all inspections and their results.

  • Automatically generate risk ratings for each business and establishment.

  • Automatically generate inspections selection and schedule.

  • Filter and analyse data reporting.

More advanced systems can also incorporate functions to plan activities inside the inspectorate and manage processes, have online checklists, etc.

Source: Abridged from OECD (2015), Regulatory Policy in Lithuania: Focusing on the Delivery Side, OECD Reviews of Regulatory Reform, Annex A, Paris,

Under the proposed update to the LFMN, the Integral System of Regulations and Conformity Assessment (SINEC) as the virtual interactive platform will integrate, monitor and evaluate all the activities of the actors that participate in the Mexican System of Technical Regulations and Conformity Assessment. This would make information of all CABs available to all regulators and could reduce the resources in monitoring CABs after accreditation.

Risk analysis and proportionality

  • Related Best Practice Principles: Evidence-based Enforcement; Risk Focus and Proportionality; Information Integration

Inspectors cannot monitor all businesses for violations at all times. It is absolutely critical that inspections are targeted at products and businesses that are most likely to create significant risks, both because they are more likely to be in violation and because these violations can create more serious hazards. This requires a system for government to make some appraisal about a business’s risk level before the inspector makes a visit. Targeting the most significant risks avoids misuse of both the inspectors’ and the businesses’ time through follow-up on complaints that may not have a real impact on the well-being of citizens.

Ideally, government bodies with inspection powers would use a risk-based framework to target inspections. Targeting practices at present appear rather far from this objective. Many government bodies and sectoral regulators report increasing inspections at key times of the year, e.g. increasing product market inspections during peak, holiday buying periods, which is very different from a risk-based approach (though it may be relevant in terms of the potential volume of violations). Other such as the Ministry of Energy (Secretaría de Energía or SENER), plan some inspections randomly among verified suppliers. Special inspections are scheduled for facilities for which breaches have been reported or sanctioned, which speaks to the “probability” aspect of risk-assessment, but not to the “potential magnitude of hazard”.

PROFECO did not mention explicit risk-based approaches; rather they increased sampling of goods during key times of the year. Often their inspections did not necessarily aim at taking dangerous products off the market, but rather focused on the quality of products, e.g. testing the material content of clothing textiles. It is not clear how this supported public welfare or was at least more relevant than other products. It is likewise unclear how PROFECO balances its role as body that promotes the “quality” of products (and how this is defined) versus its role to protect Mexican consumers from potential harms. In the UK, the Office for Product Safety and Standards (OPSS) prioritises inspections and market surveillance based on the potential hazards of non-compliance and the likelihood of non-compliance – other inspectorates, such as the Netherlands’ Inspectie SZW (Inspectorate for Social Issues and Labour) use an “intervention toolbox” to select the intervention instruments that are most appropriate not just to the risk level, but to the drivers and factors, and characteristics of the target groups (Box 3.9).

copy the linklink copied!
Box 3.9. The UK OPSS’s Risk-Based Approach and the Netherlands’ “Intervention Toolbox” (Inspectie SZW)

UK OPSS Risk Based Approach

In the UK OPSS, inspectors use a matrix to determine which areas should be the most closely monitored and inspected. Essentially, this risk-based targeting framework ensures that inspectors prioritise technical regulations that have both a high-risk of non-compliance and create a high level of hazard.

copy the linklink copied!
Figure 3.1. OPSS – Risk-based targeting: generic approach
Figure 3.1. OPSS – Risk-based targeting: generic approach

Source: Presentation by Graham Russell, CEO of the Office for Product Safety and Standards, 2018.

Netherlands’ “Intervention Toolbox”

In the Netherlands, the Inspectie SZW (Inspectorate for Social Affairs and Labour) uses the following approach to select the most suitable intervention instrument, and not do inspections and enforcement as a “one size fits all”:

  1. 1. Selecting the target group and/or specific risk. The Toolbox offers a set of choices, depending on current knowledge of the risk, the economic sector or the viewpoints of stakeholders. Each tool comes with additional information, explanations, and best practices;

  2. 2. Understanding the target groups and their motives to potentially engage in undeclared work. The Toolbox supports project managers and inspectors to understand the motives of the target group. What may explain noncompliance? Is there a lack of knowledge, or do groups consciously refuse to comply? Tools differ in terms of the number of target groups they address, the internal and external stakeholders involved, work style, time investment, degree of information required, and results;

  3. 3. The Toolbox can identify a selection of certain interventions based on the available information. For each target group, it offers information on the intervention and possible results it may generate;

  4. 4. The programme manager sets up a plan of action that includes a mix of suitable interventions. For example, the fast-food industry is at-risk of hiring cleaning companies that employ undocumented workers. An appropriate intervention would be not only to inspect companies in the three cleaning sectors, but also to speak with companies in the fast-food sector. The inspectorate may give fast-food companies the message that they should only do business with bona fide cleaning companies. This helps to increase compliance.

Source: December 2019 summary to the European Platform tackling undeclared work.

Most regulators had established annual plans for what to inspect, but it was not necessarily clear how priorities had been identified. Many regulators do not seem to adopt risk-based strategies. In part, most regulators limited data tracking to the number of inspections or administrative actions. However, both are relatively weak indicators of performance. First, the number of inspections is only related to the volume of work and does not allow the regulator to assess whether the work was effective (Blanc, 2018[5])). A focus on the number of violations is also imperfect.

As indicate above, while COFEPRIS appears to have a general understanding of what a risk-based approach could be, and to use some very broad, high-level risk-related priorities, it does not appear to use a formalised, systematised, establishment-level risk-based targeting approach. Discussions with SENASICA suggested that, in addition to an understanding of risk-based approaches overall, at least some departments of the agency were using a more formalised, developed risk-based approach for targeting of inspections. These departments report to target establishments for inspections considering not only the sector overall, but specific sub-sectors and activities, size of operations, track record, among others. For instance, regulatory inspections of TIF establishments are carried out by SENASICA staff according to a schedule, following complaints or special requests by supervisors tasked with overseeing these facilities on a regular basis. Further research would be needed to assess these issues, but they may constitute a good basis to inspire further work in other departments, institutions and regulatory fields.

The number of violations could remain the same, but the risks those violations present may be changing. In addition, a higher number of violations found might mean that a) inspections are more effective; b) compliance is significantly lower; or c) inspectors are simply finding minor or less risky violations. Full compliance may also not be a socially acceptable goal, because the costs to comply with and enforce parts of a NOM may exceed the benefits.

Many regulators indicated that when they inspect compliance with NOMs, they check the entire NOM and not necessarily those parts of the NOM with the greatest risk to the health, safety and well-being of citizens. The EU on the other hand operates on a risk management basis for market surveillance and makes a determination if a product is indeed dangerous before taking action.

Inspector Training and Codes of Conduct

  • Related Best Practice Principles: Professionalism, Transparency

According to the Best Practice Principles on Regulatory Enforcement and Inspections, inspectors should be trained and managed to ensure professionalism, integrity, consistency and transparency. Nearly all the inspectorates interviewed mentioned training for inspectors in the area of technical expertise of the NOMs. Civil servants in Mexico are also subject to the Code of Ethics and related Integrity Rules of the government. However, few inspectorates mentioned specific training or a code of ethics (other than CRE detailed above). A strong example to follow for further development of professional skills and competences would be the UK’s (Box 3.10).

The surveillance of NOMs often requires significant training and education in a specific field. For example, SENER hires mostly engineers as inspectors. ASEA has also introduced a programme to keep new hires with special expertise. However, Mexico in general does not have an overarching HR policy for inspectors. Despite Codes of Conduct, it is not clear if inspectors also receive training in the non-technical aspects of the job.

As indicated above, wage levels may be a significant obstacle to attracting and retaining adequately qualified staff, and to motivating ethical behaviour. This problem may worsen if wages are lowered.

copy the linklink copied!
Box 3.10. UK Core Regulatory Competencies and the Regulatory Compliance Officer Apprenticeship

Planning risk-based and effective regulatory interventions (including inspections) requires the officer to have specific competencies, knowledge and skills. Many training programmes for regulators focus solely on technical and legal knowledge. In the UK, a suite of competencies has been identified that are required for all regulatory delivery roles, based on the Core Regulatory Competency Framework for Regulators. These have been developed and refined over several years by the Office for Product Safety and Standards in consultation with local and national regulators, professional bodies (including the Chartered Trading Standards Institute) and businesses.

A training programme is now available; the Regulatory Compliance Officer Apprenticeship is a standard leading to entry routes across the entire spectrum of regulatory delivery roles in both the public and private sectors. Apprentices learn the core skills, knowledge and behaviours required to be an effective Regulatory Compliance Officer. These include:

  • Understanding the regulatory context in which they operate;

  • Assessing the regulatory risks in the context they are working in, using and analysing data and intelligence to conduct risk assessments;

  • Understanding the business environment and how the way that regulation is enforced can impact on business;

  • Working effectively with other organisations, such as partner regulators, business groups and representatives of citizens to deliver regulatory outcomes such as prosperity and protection;

  • Conducting audits, inspections, and checking compliance to assess performance against regulatory and other standards;

  • Supporting and promoting business compliance; providing expert advice, information and guidance to help businesses comply and support compliance;

  • Communicating effectively with business for example providing a range of mechanisms to engage with business in a way which best meets their needs;

  • Responding to non-compliance in a proportionate way;

  • Supporting those adversely impacted by non-compliance, including dealing with vulnerable victims;

  • Evaluating their own personal regulatory activities and reporting against personal regulatory objectives and departmental priorities.


Trust, fraud and corruption

  • Related Best Practice Principles: Transparent Governance; Compliance Promotion; Professionalism; Clear and Fair Process

Inspections and enforcement of technical regulations exist to create trust between market actors. Blanc (Blanc, 2018[5]) notes that trust in weights and measurements was one of the first uses of inspections to build trust between merchants and customers. (Monk, 2012[14]) points out that inspections support SMEs, because they allow new market entrants to be trusted in a market.

Illicit enforcement activities may threaten the credibility of the whole compliance system. Mexico scores the lowest out of any OECD country on the World Governance Indicator on control of corruption and rule of law (Worldwide Governance Indicators, 2018[15]). A number of scandals, including the corruption of inspectors of gas volume measurement and building inspectors, have rocked trust in the government in Mexico.

A number of sectoral regulators reported facing challenges with fake certificates. In addition, false import certificates are perceived as a serious problem by Mexican importers. For example, a number of importers avoided energy efficiency technical regulations for lightbulbs by falsely claiming that they bulbs were for personal use.

Weak rule of law will also hampers effectiveness of inspections in Mexico. If it is difficult or nearly impossible to effectively impose sanctions on businesses or individuals due to their social, political or economic connections, higher sanctions or more inspections will have little impact.

A report on a building collapse in Bangladesh highlighted how weak rule of law leads to less effective inspections.

“Indeed, inspectors had in fact responded to calls by workers that warned about the building being structurally unsafe, and ordered its closing, but their orders were simply disregarded by the owners. Thus, the disaster (and its causes) pointed to far more structural issues: weak rule of law (particularly for certain categories of powerful people), deep social inequality in terms of enforcement of legal rights, prevailing social norms among factory owners etc. Better targeted in sections and stronger powers for inspectors may be part of the solution, but they were (and are) far from certain to be sufficient.” (Blanc, 2018[5])

Cuts to inspector wages – particularly as drastically as suggested by current public administration salary reforms - could also increase the level of corruption in inspections. Low wages may encourage inspectors to accept bribed from regulates to avoid complaints or financial penalties. Researchers have demonstrated this effect both theoretically and empirically in emerging economies. For example, Besley and McLaren developed a model that suggests that tax inspectors should be paid above their reservation wage to reduce corruption (Besley and McLaren, 1993[16]). (Benito et al., 2018[17]) found significant links between corruption cases and the wages of local politicians in charge of approving building developments.

Addressing the corruption and abuse issues requires a number of steps, none of which can really work in isolation, and all of which will require time and sustained efforts to product results. They include:

  1. 1. Improvements in training and qualification

  2. 2. Introduction of proper risk-based approaches and phasing-out of inspections on “non-risky” issues

  3. 3. Improved co-ordination and consistency between inspections to avoid conflicting requirements

  4. 4. Stronger efforts at providing guidance and compliance support for businesses

  5. 5. Adequate budgeting and wages

  6. 6. Outcomes-focused performance measurement and regular review of inspectorates’ activities and results.

It is important to link the ethical rules for an agency to the purpose of its work – so that they are understood not as a possibly “burdensome” add-on, but as a core element of fulfilling the agency’s mission. The Canadian Food Inspection Agency’s ethical framework is a good example of this (Box 3.11).

copy the linklink copied!
Box 3.11. The Canadian Food Inspection Agency ethical framework for employees

The Canadian Food Inspection Agency (CFIA) is the largest science-based regulatory agency in Canada with over 6 000 employees across the country. The agency has developed an ethical framework for its employees that builds on a Statement of Values and includes Code of Conduct and a Conflict of Interest and Post-Employment Code.

The Code of Conduct defines conflict of interest and includes guidelines on gifts for CFIA employees. The Statement of Values reads:

"As employees of the Canadian Food Inspection Agency:

We value scientific rigour and professional and technical competence. These play a crucial role in our decision making. We do not manipulate science to achieve a desired outcome, but acknowledge that other factors must be taken into account in this decision making.

The reputation and credibility of the Agency are vital to our ability to deliver our mandate. As such, we behave, internally and externally, in a way that trust is preserved.

We are proud of the contributions we make to the quality of life of Canadians. We value dedication and responsiveness from all employees day to day and particularly during an emergency.

We value competent, qualified and motivated personnel, whose efforts drive the results of the Agency.

To develop effective policies and strategies, we value the perspectives of the stakeholders who are affected by our decisions.

We maintain our regulatory independence from all external stakeholders. We have the courage to make difficult and potentially unpopular decisions and recommendations, free from personal bias.

We are committed to our physical and psychological well-being."

This set of values helps scientific employees determine what should and should not be done as they fulfill their daily responsibilities. We expect that you and your employees will respect these values in business decisions or interactions that directly affect the CFIA.”

Source: CFIA website,

Compliance culture

  • Related Best Practice Principles: Compliance promotion

A successful compliance culture requires consumers to demand high quality products. However, if consumers do not demand compliant goods and services businesses have little incentive to abide with laws and regulations. This may be due to lack of information, but is often primarily due to the lack of disposable income. As a result, in some markets, there are too few CABs or they are absent entirely. The Ministry of Economy has recently launched a series of initiatives to raise public awareness of the Mexican standardisation system, including a website and social media pages. The situation for the enforcement of NOMs has improved in markets where export demand is growing.

It may be appropriate to review which NOMs have the most potential to be successfully implemented given their salience in terms of risks, the possibility of market growth etc. – and which ones may simply be unrealistic or excessively stringent in current conditions. The Netherlands have developed a tool called the “Intervention Compass”,4 which allows to analyse a given issue and assess to which extent the regulatory response can be realistic, appropriate, implementable etc. A similar approach could be taken to areas where compliance with NOMs is particularly low, to more precisely identify the root causes of such non-compliance, and take decisions accordingly.

In certain cases, a lack of understanding of the risks of certain unregulated activities can pose a grave risk to health and safety. Recently, scores of people were killed in a pipeline explosion as people went to gather gasoline from a leaking pipeline – but this stemmed from very basic theft and gross disregard for safety. It was not an issue of the operators not complying with NOMs, but of thieves destroying the infrastructure, with terrible results. NOMs are found throughout the gasoline supply chain, including the environmental impacts of pipelines, quality of gasoline, and the measurement at point-of-sale. Nevertheless, there is a very large market for illegally obtained gasoline. Stolen gasoline sells for a significant discount. Beyond the lower price, consumers may also be motivated by the fact that gasoline station measuring equipment is often found to be selling short litres, according to PROFECO. This shows how much an integrated analysis of the problem and potential responses is needed – because stricter enforcement of NOMs on legal, formal operators, will not eliminate hazards due to thieves (and might even make their market position stronger, because it might increase the cost of legal gasoline due to higher compliance costs). Properly reviewing and analysing the problem and the “intervention logic” are essential, rather than simply stating that “there is a problem, therefore we need more enforcement”.


[1] APEC (2000), APEC Information Notes on Good Practice for Technical Regulation, APEC,

[9] Baldwin, R. and J. Black (2007), “Really Responsive Regulation”, LSE Law and Society Working Papers, Vol. 15,

[17] Benito, B. et al. (2018), “Can salaries and re-election prevent political corruption? An empirical evidence”, Revista de Contabilidad, Vol. 21/1, pp. 19-27,

[16] Besley, T. and J. McLaren (1993), “Taxes and Bribery: The Role of Wage Incentives”, Economic Journal, Vol. 103/416.

[5] Blanc, F. (2018), From chasing violations to managing risks : origins, challenges and evolutions in regulatory inspections, Leiden University.

[12] Blanc, F. (2012), “Inspection reforms: Why, how, and wit hwhat results”, OECD.

[10] Hawkins, K. (2002), Law as Last Resort: Prosecution Decision-Making in a Regulatory Agency, Oxford University Press, Oxford,

[14] Monk, J. (2012), Reform of Regulatory Enforcement and Inspections in OECD countries, OECD Publishing, Paris,

[13] OECD (2019), “OECD Economic Surveys: Mexico”.

[11] OECD (2018), Driving Performance at Mexico’s ASEA, CNH and CRE.

[3] OECD (2015), Regulatory Policy in Lithuania: Focusing on the Delivery Side, OECD Reviews of Regulatory Reform, OECD Publishing, Paris,

[4] PROFECO (2018), Informe Anual,

[2] PROSAFE (2008), Best Practice Technique in Market Surveillance, PROSAFE, Brussels,

[7] Tiol-Carrillo, A. (2017), “COFEPRIS: audits of dental care clinics”, Revista Mexicana de Ortodoncia, Vol. Volume 5/4, pp. 198-200.

[6] USDA - Foreign Agriculture Service (2018), Food and Agricultural Import Regulations and Standards Report: Mexico, Report Number: MX8514.

[8] WHO (2019), Work-related mortality in the EU-27, EFTA/EEA, candidate and preaccession countries.

[15] Worldwide Governance Indicators (2018), Full dataset, http://Accessed from (accessed on  August 2019).


← 1. N.B. These features of the Mexican regulatory system match what is found in a large number of countries. They are simply noted for informational purposes.

← 2. In interviews, an interlocutor mentioned that the Ministry of Tourism only had one inspector itself.

← 3. See:

← 4. Available at

Metadata, Legal and Rights

This document, as well as any data and map included herein, are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. Extracts from publications may be subject to additional disclaimers, which are set out in the complete version of the publication, available at the link provided.

© OECD 2020

The use of this work, whether digital or print, is governed by the Terms and Conditions to be found at