Do minor complaints need to be reported to FDA?

No. MoCRA requires reporting of serious adverse events to FDA within the required timeline. However, companies should still document non-serious complaints as part of a compliant complaint-handling and post-market safety process.

Understanding MoCRA: Serious Adverse Event Reporting for Cosmetic Companies

Q: What triggers SAE reporting under MoCRA?

A serious adverse event (SAE) must be reported when the outcome meets MoCRA seriousness criteria such as hospitalization, a life-threatening experience, significant disfigurement, infection, persistent or significant disability, congenital anomaly, or death.

Q: What is the difference between SAE and SUE?

SAE is the US term under MoCRA for a Serious Adverse Event reported to FDA. SUE is the EU term under Regulation (EC) No 1223/2009 for a Serious Undesirable Effect reported to EU competent authorities. Definitions and reporting mechanisms differ by jurisdiction.

Q: How long must cosmetic companies retain SAE records?

Under MoCRA, serious adverse event records and related documentation must generally be retained for 6 years (or 3 years for certain qualifying small businesses).

Q: Does MoCRA apply to small cosmetic brands?

Yes. MoCRA applies broadly to cosmetic products marketed in the United States. Some small business exemptions may apply to certain requirements, but serious adverse event reporting obligations still generally apply.

Axentra compliance
Feb 14
4 min read

Updated: Mar 16

Introduction to MoCRA

Cosmetic companies marketing products in the United States are now navigating the most significant regulatory reform in decades: the Modernization of Cosmetics Regulation Act (MoCRA). This law introduces structured serious adverse event (SAE) reporting, documented safety substantiation, facility registration, and enforceable oversight.

At the same time, companies marketing in the European Union must comply with EU Regulation (EC) No 1223/2009. This regulation requires reporting of Serious Undesirable Effects (SUEs) and maintaining detailed Product Information Files (PIFs).

This guide explains:

What qualifies as a serious adverse event under MoCRA
How the 15-business-day FDA reporting deadline works
The difference between SAE (US) and SUE (EU) reporting
What systems cosmetic companies must implement
How post-market surveillance fits into a complete cosmetic compliance strategy

What Is Cosmetovigilance?

Cosmetovigilance is the structured monitoring, assessment, and regulatory reporting of adverse events associated with cosmetic products after they are placed on the market. It includes:

Consumer complaint intake
Medical seriousness assessment
Regulatory submission to authorities
Follow-up documentation
Trend analysis and risk mitigation

Under MoCRA, cosmetovigilance is no longer optional best practice — it is enforceable federal law.

What Is a Serious Adverse Event Under MoCRA?

Under the FD&C Act (as amended by MoCRA, Section 605), a Serious Adverse Event (SAE) includes outcomes such as:

Death
Life-threatening experience
Inpatient hospitalization
Persistent or significant disability
Congenital anomaly
Infection
Significant disfigurement

Cosmetic companies must have documented internal criteria to evaluate seriousness. Failure to correctly classify events can result in late reporting — a regulatory risk.

How Many Days Do Companies Have to Report an SAE to the FDA?

Cosmetic companies must report a Serious Adverse Event to the FDA within 15 business days of receiving the report. Additionally:

Follow-up information must be submitted within one year
A copy of the product label must accompany the submission
Records must be retained for six years (three years for certain small businesses)

This deadline creates operational pressure for companies without structured intake systems.

Who Is Responsible for SAE Reporting Under MoCRA?

The Responsible Person (the manufacturer, packer, or distributor listed on the label) is legally responsible for:

Receiving adverse event reports
Determining seriousness
Submitting SAE reports to the FDA
Maintaining documentation

This responsibility cannot be outsourced in name — only in operational support.

How Does EU SUE Reporting Differ from US SAE Reporting?

Under EU Regulation 1223/2009, companies must report Serious Undesirable Effects (SUEs) to competent authorities. Key differences include:

Comparison of US MoCRA SAE reporting and EU SUE reporting requirements

Companies marketing globally must harmonize documentation systems to satisfy both regimes.

Why Cosmetic Companies Are Struggling With MoCRA SAE Compliance

Common gaps include:

No centralized complaint intake channel
No seriousness triage SOP
Lack of documented causality assessment
No tracking system for the 15-day deadline
Inconsistent product identification
No trending analysis procedure

Many cosmetic brands historically handled complaints informally. MoCRA now requires structured documentation capable of withstanding FDA inspection.

How Does Post-Market Surveillance Connect to Safety Substantiation?

MoCRA requires companies to maintain adequate safety substantiation demonstrating that products are safe under labeled conditions of use. Adverse event trends may challenge substantiation assumptions. If recurring reports suggest irritation, infection, or misuse:

Formula review may be necessary
Label warnings may require updates
Manufacturing controls may need reassessment

Post-market surveillance is therefore part of regulatory defensibility — not merely reporting.

The Role of Cosmetic GMP in Post-Market Compliance

MoCRA directs the FDA to establish cosmetic GMP regulations. Complaint handling systems are traditionally part of GMP frameworks and include:

Written complaint procedures
Investigation documentation
CAPA tracking
Batch traceability

Companies should align cosmetovigilance systems with quality management systems in anticipation of future inspections.

Cosmetic adverse event reporting workflow under MoCRA

What Systems Should Cosmetic Companies Implement in 2026?

A compliant cosmetovigilance framework should include:

Defined intake channels (email, webform, phone protocol)
Written SAE seriousness criteria
Internal reporting escalation timelines
Medical review documentation
Regulatory submission tracking
Label archiving procedures
Record retention system (six years)
Periodic trend analysis

These elements reduce regulatory risk and improve inspection readiness.

Why MoCRA Compliance Is Now a Competitive Issue

Retailers, distributors, and international partners increasingly request evidence of:

SAE reporting procedures
Safety substantiation documentation
GMP alignment
Audit-ready compliance systems

Companies with structured systems demonstrate maturity and lower risk exposure.

Frequently Asked Questions (FAQ)

What triggers SAE reporting under MoCRA?

An event must meet statutory seriousness criteria such as hospitalization, life-threatening reaction, significant disfigurement, or infection.

Do minor complaints need to be reported to the FDA?

No. Only Serious Adverse Events must be reported within 15 business days. However, all complaints should be documented.

What is the difference between SAE and SUE?

SAE refers to US Serious Adverse Events under MoCRA. SUE refers to EU Serious Undesirable Effects under Regulation 1223/2009. Reporting mechanisms and timelines differ.

How long must cosmetic companies retain SAE records?

Six years (three years for certain small businesses).

Does MoCRA apply to small cosmetic brands?

Yes. Some exemptions apply, but SAE reporting obligations still apply broadly.

Strategic Compliance Perspective

MoCRA has fundamentally changed FDA cosmetic oversight. Combined with EU reporting obligations, cosmetic companies must treat post-market surveillance as a core regulatory function. Structured cosmetovigilance systems now support:

Regulatory defensibility
Consumer protection
Brand reputation
Audit readiness
Market expansion

For companies seeking structured implementation guidance, explore our comprehensive MoCRA compliance support services here: 👉 MoCRA Cosmetics Compliance