CPG regulatory compliance covers a wider surface area than most brand operators realize when they launch their first product. The physical label is one piece. The website, the Amazon listing, the social posts, the influencer content, the manufacturing facility, the ingredient supply chain — all of it is within scope of federal regulatory oversight.
FDA and FTC don't audit every brand every year. But they do review warning letters, consumer complaints, and retailer reports. They monitor social media. They receive competitor complaints. And they issue recalls for brands they've never previously interacted with based on a single consumer complaint about an undeclared allergen.
Understanding the full compliance picture is the starting point for building a compliance program that covers the actual risk surface — not just the obvious one.
The Regulatory Agencies and What They Cover
Food and Drug Administration (FDA): FDA regulates food labeling, dietary supplement labeling, food safety, and manufacturing practices for most CPG food and supplement products. The key regulations:
21 CFR Part 101 — food labeling requirements, including Nutrition Facts panels, ingredient lists, nutrient content claims, health claims, and required disclosures
21 CFR Part 111 — current Good Manufacturing Practices for dietary supplements
21 CFR Part 117 — FSMA Preventive Controls for Human Food, covering food safety planning, hazard analysis, and supply chain verification
Federal Trade Commission (FTC): FTC regulates advertising for CPG products — including health claims, testimonials, influencer endorsements, and environmental claims — under its authority to prevent deceptive acts and practices. The key guidelines:
16 CFR Part 255 — Endorsement and Testimonial Guides (updated 2023), covering influencer disclosures and testimonial substantiation
FTC's Health Products Compliance Guidance — substantiation standards for health benefit claims in advertising
USDA: The U.S. Department of Agriculture regulates organic claims (7 CFR Part 205, the National Organic Program) and bioengineered food disclosures (7 CFR Part 66, the BE Disclosure Standard). FSIS (Food Safety and Inspection Service) has jurisdiction over meat, poultry, and egg products.
FDA Labeling Requirements: What Every CPG Label Needs
Every FDA-regulated packaged food label must include:
Principal Display Panel (PDP): Statement of identity (product name), net quantity of contents, and any required characterizing flavor statements. The PDP is the primary display surface that faces consumers at the point of sale.
Information Panel: Nutrition Facts panel, ingredient list with allergen declarations, and name and address of the manufacturer or distributor. These must appear as a group on the information panel, without intervening material.
Nutrition Facts Panel: Governed by 21 CFR 101.9 (food) and 21 CFR 101.36 (dietary supplements). The panel must list calories, macronutrients, and micronutrients in a specific format, with serving sizes based on the Reference Amount Customarily Consumed (RACC) for the product category.
Allergen Declaration: All nine major allergens — milk, eggs, fish, shellfish, tree nuts, wheat, peanuts, soy, sesame — must be declared when present in the product, including as sub-ingredients in compound ingredients and flavoring systems.
Nutrient Content Claims: Specific Thresholds, Not Approximations
Every nutrient content claim on a CPG label is regulated under 21 CFR Part 101. These are not general marketing terms — they have specific, quantitative definitions:
Claim | Threshold |
|---|---|
"High protein" / "excellent source" | ≥20% DV per serving |
"Good source of [nutrient]" | 10–19% DV per serving |
"Fat free" | <0.5g fat per serving |
"Low fat" | ≤3g fat per serving and per 50g |
"Low sodium" | ≤140mg per serving |
"Calorie free" | <5 calories per serving |
"Low calorie" | ≤40 calories per serving and per 50g |
"Sugar free" | <0.5g sugars per serving |
"Healthy" | Food group contribution + added sugars/sodium/sat fat limits (updated Feb 2025) |
Using a claim without meeting its threshold is a misbranding violation. Using a claim that doesn't meet its threshold but that "communicates the spirit" of the intended claim is still a violation.
Health Claims vs. Structure/Function Claims
The distinction between health claims and structure/function claims determines whether a claim needs FDA pre-authorization or just substantiation.
Authorized health claims characterize the relationship between a food substance and a disease or health condition and are specifically authorized by FDA based on petitioned evidence: "Diets low in sodium may reduce the risk of high blood pressure, a disease associated with many factors." Using an authorized health claim language requires the food to meet the qualifying criteria for the claim.
Structure/function claims describe the role of a nutrient or ingredient in normal body structure or function: "Calcium builds strong bones." "Fiber maintains digestive health." "Supports healthy immune function." These require substantiation but not FDA pre-authorization. On dietary supplements, they require the DSHEA disclaimer. On conventional food, the disclaimer is not required but the claim must be truthful, not misleading, and substantiated.
Disease claims — claims that a product prevents, treats, cures, or mitigates a disease — are prohibited on dietary supplements and on conventional food unless the food qualifies for an authorized health claim. Disease claims convert a product into an unapproved drug. This is the most common source of FDA warning letters to supplement brands.
FTC Rules: Advertising, Substantiation, and Influencers
FTC's regulatory authority covers all advertising for CPG products — including digital advertising, social media, influencer marketing, and email campaigns.
Substantiation: All health benefit claims in advertising must be supported by "competent and reliable scientific evidence" — typically interpreted to require at least two well-designed, double-blinded, placebo-controlled human clinical trials for efficacy claims. Mechanistic data and animal studies are generally insufficient on their own for FTC compliance.
Disclosures for paid endorsements: Any influencer, affiliate, or brand ambassador who has a material connection to the brand — cash payment, free product, affiliate commission, employment — must clearly and conspicuously disclose that connection in every post about the product. "#ad," "Paid partnership with," or "Sponsored" at the beginning of the caption or in the video itself (not buried in hashtags) meets the standard.
Testimonials with atypical results: If a testimonial presents results that are not typical for consumers of the product, the disclosure must say so clearly. "Results not typical" in fine print is not sufficient under current FTC guidance.
Allergen Labeling: The Highest-Stakes Compliance Area
Undeclared allergens cause more FDA food recalls than any other single factor — 34% of all recall events in 2024. The majority of those recalls resulted from process failures, not intentional mislabeling: a supplier reformulated a compound ingredient without notifying the brand, a sub-ingredient in a flavor system contained a sesame component no one had traced, a co-manufacturer shared equipment without adequate changeover controls.
The operational requirement: every ingredient in every product must be reviewed for all nine major allergens at the sub-ingredient level. A "natural flavors" declaration doesn't exempt a product from disclosing an allergen in the underlying flavor system. A compound ingredient listed by its trade name doesn't exempt a product from disclosing allergens in the compound's components.
Sesame is the most active current source of recall risk. Added to the allergen list in 2023, sesame is present in many flavor systems, spice blends, and ingredient complexes that were formulated when sesame didn't need to be traced. Any brand with products that have not been thoroughly reviewed for sesame at the sub-ingredient level has recall exposure.
Dietary Supplement-Specific Requirements
Dietary supplements have additional regulatory requirements beyond standard food labeling:
Supplement Facts panel: Required instead of Nutrition Facts panel, with specific format requirements for dietary ingredients, Daily Values, and the "†" notation for nutrients without established DVs — 21 CFR 101.36.
cGMP compliance: Dietary supplement manufacturers and distributors must comply with 21 CFR Part 111, covering identity testing of every ingredient lot, Master Manufacturing Records, batch production records, and finished product testing.
DSHEA disclaimer: Every structure/function claim on a supplement label or in advertising requires the exact disclaimer: "This statement has not been evaluated by the Food and Drug Administration. This product is not intended to diagnose, treat, cure, or prevent any disease."
Facility registration: Dietary supplement facilities must register with FDA under 21 CFR Part 1, Subpart H and renew registration biennially.
Building a Compliance Program That Scales
The compliance challenge for growing CPG brands isn't a lack of regulatory knowledge — it's that compliance processes built for a small catalog don't scale to a large one. A regulatory consultant who manually reviews labels can keep up with 5 products. They can't keep up with 50, across all claims channels, while monitoring a social media presence.
The brands that scale compliance effectively have a few things in common:
Claims are reviewed at the brief stage, before they're designed into label files
Formulation changes trigger compliance reviews automatically
Every claim has a documented regulatory basis and review history
Marketing copy, website content, and influencer content are monitored with the same rigor as the physical label
The compliance record is in a system, not in email threads
Compliance at Scale Requires Systems, Not Just Expertise
Regulatory expertise is necessary. It's not sufficient for a brand with a growing catalog, active marketing, and influencer programs. Truli's AI compliance platform automates the regulatory checks that manual processes can't keep up with — label audits against current FDA regulations, marketing copy scans against FDA and FTC rules, social monitoring for disease claims and disclosure failures, and a Claims Hub that maintains every claim's regulatory history. Book a demo to see how Truli approaches CPG regulatory compliance at scale.
