Auditor NDA/CDA [GxP / QC / QA]
Here's a problem that is gettíng bigger and bigger: I believe CROs, especially the very large ones, are increasingly asking auditors to sign CDAs/NDAs, which open up for lawsuits against the auditor.
When faced with it, I am flat out refusing it, noting that:
- I do not feel I am entirely independently if I need to handle the Sponsor's GCP-interest while at the same time have to worry about a lawsuit against me (and no, sponsors do not generally offer legal protection if this should happen).
- I am always working under a CDA with the sponsor anyway, and this is in part to protect the auditee.
- Precedent, especially with FDA inspectors, seems to suggest that regulators do not acknowledge auditor independence if there is an existing written agreement of any type between auditor and CRO (but granted, it isn't a matter they often look too rigorously into).
Some CROs have denied me access due to absence of a CDA.
This is becoming an increasingly big issue these years. I feel I can do absolutely nothing. With this post I wish to create awareness, and I'd be happy to hear other people's experience and/or opinions pro and con.
In three cases the NDA/CDA a CRO asked me to sign was so strict that my legal advisor told me I would technically be in breach of the confidentiality if I shared my audit report with the sponsor. We need to get rid of all this rubbish. CRO's please stop asking auditors to sign CDAs. Now.
Pass or fail!