The Robot Made Me Do It: Why the FDA’s First AI-Related Warning Letter is a Wake-Up Call for Industry
[中譯] 機器人逼我這麼做的：為什麼FDA第一封與AI相關的警告信是業界的警鐘

1. Introduction: The Compliance Ghost in the Machine
[中譯] 1. 簡介：機器中的合規幽靈

In the pursuit of operational excellence, the pharmaceutical industry has reached a crossroads where the temptation to automate everything—including regulatory accountability—threatens to erode the very foundation of Corporate Quality Integrity. A landmark Warning Letter issued on April 2, 2026, to Purolea Cosmetics Lab (FEI 3011669383) serves as the industry’s first "AI-related" shot across the bow. This enforcement action highlights a dangerous shift: the attempt to offload the core responsibilities of a Quality Unit to an artificial intelligence agent. For strategists and compliance officers, this case forces a critical examination of a central question: Can an AI agent be held responsible for a manufacturing shutdown, or is the "ghost in the machine" merely a mask for a systemic lack of human oversight?
[中譯] 在追求卓越營運的過程中，製藥產業已經來到了一個十字路口，將一切自動化的誘惑（包括法規究責）正威脅著侵蝕企業品質誠信的基礎。2026年4月2日對 Purolea Cosmetics Lab (FEI 3011669383) 發出的指標性警告信，是業界第一發「AI相關」的警告砲火。此執法行動突顯了一個危險的轉變：試圖將品質單位的核心責任推卸給人工智慧代理。對於策略專家與合規主管而言，此案例迫使他們嚴格審視一個核心問題：AI代理可以為製造停工負責嗎？還是「機器中的幽靈」只不過是系統性缺乏人類監督的遮羞布？

2. The "Human-in-the-Loop" Mandate
[中譯] 2. 「人員介入 (Human-in-the-Loop)」的強制要求

The FDA’s critique of Purolea centers on a fundamental misunderstanding of the Quality Control Unit (QCU). Under 21 CFR 211.3(15), the QCU is defined as "any person or organizational element designated by the firm to be responsible for the duties relating to quality control." The strategist must note that this definition implies human agency. Purolea utilized AI agents to generate drug product specifications, procedures, and master production records without substantive human intervention. This is a direct violation of 21 CFR 211.22(c), which mandates that the QCU approve or reject all procedures or specifications impacting the identity, strength, quality, and purity of the drug product. The FDA’s stance is uncompromising: AI is a tool for document creation, not a substitute for professional verification. "Any output or recommendations from an AI agent must be reviewed and cleared by an authorized human representative of your firm's Quality Unit in accordance with section 501(a)(2)(B) of the FD&C Act."
[中譯] FDA 對 Purolea 的批評，主要針對其對 品質管制單位 (QCU) 的根本誤解。根據 21 CFR 211.3(15) ，QCU 的定義為「由公司指定負責品質管制相關職責之任何人或組織單位」。策略專家必須注意，這個定義暗示了人類的代理權。Purolea 利用 AI 代理來產生藥品規格、程序和製造主批紀錄，而沒有實質的人員介入。這直接違反了 21 CFR 211.22(c) ，該條文強制要求 QCU 必須核准或拒絕所有影響藥品本質、強度、品質和純度的程序或規格。FDA 的立場毫不妥協：AI 是文件製作的工具，不能取代專業的驗證。「來自 AI 代理的任何輸出或建議，都必須由貴公司品質單位經授權之人類代表，依照 FD&C 法案第 501(a)(2)(B) 節的規定進行審查與放行。」

3. When Automation Leads to Regulatory "Illiteracy"
[中譯] 3. 當自動化導致法規「文盲」

The Purolea inspection revealed a profound failure of Quality Culture. When investigators noted a total lack of process validation prior to distribution—a violation of 21 CFR 211.100 —the firm’s justification was that they were unaware of the requirement because their AI agent "never told them" it was necessary. From a strategic perspective, this is not just an AI failure; it is a failure of Personnel Qualifications (21 CFR 211.25). This regulatory "illiteracy" demonstrates that AI cannot function in a vacuum. A robust Quality Systems Approach requires that personnel have the education and training to identify when an automated tool has missed a fundamental CGMP requirement. Blind trust in AI creates a false sense of security that leaves massive gaps in legal and safety obligations, proving that technology without a "human-in-the-loop" is a liability.
[中譯] Purolea 的稽核揭露了 品質文化 的嚴重失敗。當調查員注意到經銷前完全缺乏製程確效（違反 21 CFR 211.100 ）時，該公司的辯解是他們不知道有這項要求，因為他們的 AI 代理「從未告訴他們」這是必要的。從策略角度來看，這不僅是 AI 的失敗，更是 人員資格 (21 CFR 211.25) 的失敗。這種法規上的「文盲」證明了 AI 無法在真空中運作。一個穩健的 品質系統方法 要求人員具備足夠的教育和培訓，以識別自動化工具何時遺漏了基本的 CGMP 要求。對 AI 的盲目信任會產生虛假的安全感，在法律和安全義務中留下巨大的漏洞，這證明了沒有「人員介入」的技術是一種負債。

4. Digital Perfection vs. Physical Reality
[中譯] 4. 數位完美 vs. 實體現實

There is a chilling irony in a firm utilizing sophisticated AI for "perfect" digital documentation while presiding over a facility found to be adulterated under section 501(a)(2)(A) due to insanitary conditions. The Form FDA 483 observations at Purolea describe a facility in physical decay, highlighting that digital SOPs are worthless if the manufacturing environment is neglected. The inspection findings included:
[中譯] 一家公司利用複雜的 AI 來產生「完美」的數位文件，同時其廠房卻因不衛生的條件被判定為 根據第 501(a)(2)(A) 節構成攙偽 ，這是一個令人不寒而慄的諷刺。Purolea 的 FDA 483 表格觀察結果描述了一個實體衰退的廠房，突顯出如果忽視製造環境，數位化 SOP 就毫無價值。 稽核發現包括：

• The presence of insects, filth, and leaves within the manufacturing space.
  [中譯] 製造空間內存在昆蟲、污垢和樹葉。
• Pervasive clutter and debris in several critical areas.
  [中譯] 幾個關鍵區域普遍存在雜物和碎屑。
• A docking bay door that, when opened, exposed the internal manufacturing environment directly to outside contaminants.
  [中譯] 一個裝卸區門在打開時，會將內部製造環境直接暴露於外部污染物中。

While the firm focused on the digital architecture of compliance, the physical reality was one of systemic neglect. In the eyes of the regulator, an AI-generated record cannot sanitize a facility that lacks basic environmental control.
[中譯] 當該公司專注於合規的數位架構時，實體現實卻是系統性的疏忽。在監管機構眼中，AI 生成的紀錄無法為缺乏基本環境控制的廠房進行消毒。

5. The Homeopathy "Get Out of Jail Free" Myth
[中譯] 5. 順勢療法的「免死金牌」迷思

Purolea’s strategy relied on the misconception that labeling products "homeopathic" shielded them from the rigors of the FD&C Act. The FDA clarified that homeopathic drugs are subject to the same statutory requirements as any other drug. This case is particularly high-stakes because the products in question were marketed for "serious and/or life-threatening conditions." The following were identified as unapproved new drugs under section 505(a):
[中譯] Purolea 的策略依賴於一種誤解，即將產品標示為「順勢療法」即可免受 FD&C 法案的嚴格限制。FDA 澄清，順勢療法藥物與其他任何藥物受制於相同的法定要求。這個案例的風險極高，因為有問題的產品是針對「嚴重及/或危及生命的疾病」進行行銷的。以下產品被認定為 第 505(a) 節 下的未經核准新藥：

• Dermveda Extra Strength Shingles Relief
  [中譯] Dermveda 加強型帶狀皰疹舒緩
• Dermveda Extra Strength Ultra Genital Herpes Relief
  [中譯] Dermveda 特效加強型生殖器皰疹舒緩

By marketing unapproved treatments for such high-risk pathologies, the firm bypassed the essential safety and efficacy evaluations required to protect public health, further compounding their compliance failures.
[中譯] 藉由行銷針對此類高風險病理的未經核准療法，該公司繞過了保護公眾健康所需的重要安全與療效評估，進一步加劇了他們的合規缺失。

6. The Lethal Stakes of Testing Shortcuts
[中譯] 6. 測試捷徑的致命風險

The breakdown of laboratory controls under Subpart I of 21 CFR 211 represents the most acute safety risk in this case. The firm failed to verify the identity of each component (21 CFR 211.84(d)(1)) and relied on supplier Certificates of Analysis (COA) without establishing reliability through "appropriate validation of the supplier's test results at appropriate intervals" (21 CFR 211.84(d)(2)). Critical testing failures included:
[中譯] 21 CFR 211 Subpart I 下的實驗室管制崩潰，代表了此案中最嚴重的安全風險。該公司未能驗證每個組件的 身分(21 CFR 211.84(d)(1))，並依賴供應商的 檢驗證明 (COA) ，而沒有透過「在適當時間間隔對供應商測試結果進行適當確效」來建立可靠性 (21 CFR 211.84(d)(2))。 關鍵的測試缺失包括：

7. Conclusion: The Future of the AI-Augmented Quality Unit
[中譯] 7. 結論：AI擴增品質單位的未來

The Purolea case is a definitive warning: AI is meant to augment expertise, not replace it. The FDA’s prescription for recovery involves more than just a software update; it requires the engagement of qualified consultants (21 CFR 211.34) and a comprehensive six-system audit of the entire operation. As we look toward an AI-integrated future, we must remember that the ultimate responsibility for drug quality is non-delegable. Innovation must be balanced with the "human-in-the-loop" requirement to ensure that technology serves as a bridge to excellence rather than a shortcut to an injunction. As stated in the "Owner's Responsibilities" section of the Warning Letter: "You are responsible for the quality of your drugs... You are required to ensure that drugs are made in accordance with section 501(a)(2)(B) of the FD&C Act to ensure safety, identity, strength, quality, and purity."
[中譯] Purolea 的案例是一個明確的警告：AI 是用來擴增專業知識的，而不是用來取代它的。FDA 開出的恢復處方不僅僅是軟體更新；它需要聘請 合格的顧問 (21 CFR 211.34) ，並對整個營運進行全面的 六大系統稽核 。當我們放眼 AI 整合的未來時，我們必須記住，藥品品質的最終責任是不可授權委託的。創新必須與「人員介入」的要求取得平衡，以確保技術成為通往卓越的橋樑，而不是導致禁制令的捷徑。正如警告信中「所有者的責任」部分所述：「您負責您藥品的品質... 您必須確保藥品的製造符合 FD&C 法案第 501(a)(2)(B) 節的規定，以確保安全性、身分、強度、品質和純度。」