Manufacturer Reporting: What Companies Must Do to Meet Safety Obligations

When a medical device fails, a children’s toy breaks, or a car part malfunctions, the public expects safety - but that safety doesn’t happen by accident. It’s built into the system through manufacturer reporting. Companies that make products sold in the U.S. don’t just need to follow safety standards - they’re legally required to report problems before they cause more harm. This isn’t optional. It’s not a suggestion. It’s the law.

Why Manufacturer Reporting Exists

Think of manufacturer reporting as an early warning system. Governments don’t wait for dozens of injuries to pile up before acting. They want to know about potential dangers as soon as a company becomes aware of them. The goal is simple: stop problems before they spread.

In the U.S., three main agencies run these systems:

• FDA - for medical devices, over-the-counter drugs, and some health-related products.
• CPSC - for everything else: toys, appliances, electronics, furniture.
• NHTSA - for cars, trucks, tires, and auto parts.

Each has its own rules, but they all work the same way: if you make it, you report it - and you report it fast.

FDA’s Medical Device Reporting (MDR) System

If you manufacture a pacemaker, an insulin pump, or even a simple blood pressure cuff, you’re under the FDA’s MDR rules. These are the strictest in the country.

Here’s what you must do:

1. Report any death or serious injury linked to your device within 30 days of becoming aware.
2. If a malfunction could cause death or injury if it happened again, report it within 5 working days.
3. Keep detailed records of every report, investigation, and internal review.
4. Submit reports electronically through the FDA’s Electronic Submission Gateway.

The FDA gets about 1.2 million reports every year. That’s not because every device fails - it’s because even a small glitch, like a battery that drains too fast in a glucose monitor, must be reported if it could lead to harm.

Companies must also have written procedures for handling complaints. Every employee who might hear about a problem - a customer service rep, a field technician, a quality inspector - must know how to pass it up. The FDA defines “becoming aware” as when information reaches anyone who could reasonably be expected to report it. That’s broad. And it’s enforced.

Failure to report can mean fines up to $252,756 per violation. In 2023, over 30% of medical device companies received FDA warning letters for missing deadlines or incomplete investigations.

CPSC’s 24-Hour Rule for Consumer Products

The Consumer Product Safety Commission doesn’t wait 30 days. If you make a toaster, a stroller, or a smartwatch, and you learn it could seriously injure someone - you have 24 hours to report it.

You don’t need proof that someone got hurt. You don’t need a lawsuit. You don’t need a recall. You just need to know:

• Your product has a defect that creates a substantial risk of injury.
• Your product doesn’t meet a safety standard.
• Your product could cause death or serious harm.

That’s it. The clock starts the moment someone in your company - even a warehouse worker - learns this. No delays. No internal reviews. No “let’s wait and see.”

The CPSC received over 14,000 reports in 2023. Electronics made up 34% of them. Children’s products? 28%. That’s why companies like Walmart and Target now require their suppliers to prove they have CPSC reporting systems in place before they’ll even stock their items.

But here’s the catch: many companies miss the 24-hour window. A 2022 CPSC report found that 37% of initial reports were so incomplete they needed follow-up. That’s because companies often try to investigate first - but the law doesn’t allow that. You report first. Investigate later.

What About Cars and Tires?

NHTSA’s Early Warning Reporting system works differently. Instead of individual reports, manufacturers submit data quarterly. But the thresholds are sharp:

• Tire makers must report if they get info on 5+ deaths, 10+ injuries, or 10+ property damage claims tied to one tire model.
• Automakers report crash data, injury rates, and warranty claims for every vehicle line.

It’s not about one bad car. It’s about patterns. If 15 people report the same brake issue across different states, NHTSA sees it - and may launch a recall before anyone else does.

How Much Does This Cost?

This isn’t paperwork you slap together on a Friday afternoon. It’s a full-time operation.

For small medical device companies (under 50 employees), compliance costs an average of $50,000 a year - and up to 18.7% of their entire quality department budget. Larger companies spend over $750,000 on quality management systems alone.

One quality manager told a forum: “We spend 1,200 hours a year just on MDR reports. That’s six full-time people.”

And it’s getting worse. The FDA’s new rules on electronic reporting require IT teams to handle complex data formats. The system needs to talk to your complaint logs, your service records, your manufacturing data - all in real time.

What’s Changing in 2024-2026?

The rules aren’t frozen. They’re evolving.

• Voluntary Malfunction Summary Reporting - The FDA now lets companies group similar device malfunctions into one report. Medtronic cut its individual reports by 63% using this. It’s a relief - but only for certain devices.
• Unique Device Identification (UDI) - Starting in 2026, every medical device must have a barcode or RFID tag. That means when a report comes in, the FDA can instantly trace it to the exact batch, factory, and even the surgeon who used it.
• AI in Reporting - Companies like Philips are using machine learning to scan service logs and predict which issues are reportable. Their MDR prep time dropped from 8 hours to 3.5 hours per report.
• CPSC Modernization - The CPSC is spending $25 million to make its reporting portal faster. By 2026, they aim to cut review time from 17 days to 10.

What Happens If You Don’t Report?

You might think, “We’re a small company. No one will notice.” That’s a dangerous assumption.

The FDA and CPSC don’t need complaints from customers to find you. They monitor:

• Hospital incident reports
• Insurance claims
• Online reviews
• Whistleblower tips

If you’re not reporting, they’ll find out. And when they do, you’ll face:

• Fines (up to $252,756 per violation)
• Product seizures
• Public warning letters
• Loss of FDA clearance or CPSC certification
• Lawsuits from injured customers

One company in Ohio lost its entire FDA registration after missing three reports. It took them 11 months to get it back.

What Should Your Company Do Now?

If you make anything sold in the U.S., here’s your checklist:

• Identify which agency governs your product. Medical? FDA. Toy? CPSC. Tire? NHTSA.
• Train every employee. Customer service, sales, tech support - anyone who talks to users needs to know what to report.
• Create a written procedure. Document how you receive, review, and escalate safety issues. The FDA requires this. The CPSC expects it.
• Use software. Don’t rely on spreadsheets. There are affordable platforms built for small manufacturers that automate reporting, track deadlines, and generate FDA/CPSC-ready forms.
• Review reports monthly. Don’t wait for an audit. Look for patterns. One broken component? Maybe a one-off. Ten? That’s a problem.

Final Thought: Reporting Isn’t a Burden - It’s a Shield

Most companies see reporting as a cost. A hassle. A red tape trap.

But the best manufacturers see it differently. They use it to find hidden flaws before customers do. They use it to fix problems before they become recalls. They use it to build trust.

In 2024, the companies that survive aren’t the ones with the cheapest products. They’re the ones who prove they care about safety - not just when the law forces them to, but because it’s who they are.