The European Commission’s amendment to Implementing Regulation (EU) No 520/2012 — now reflected in Regulation (EU) 2025/1466 — marks a significant evolution in how pharmacovigilance must be structured, controlled, audited, and documented across the EU. Marketing authorisation holders (MAHs) now face clear, enforceable expectations about how their safety systems operate, the oversight of external providers, and what needs to be documented and reported.

These aren’t incremental changes — they redefine who is accountable for what in pharmacovigilance, with an emphasis on auditability, quality control, and demonstrable governance. If your current model relies on informal practices, disconnected documentation, or passive subcontractor relationships, you may not be prepared for the scrutiny that regulators now expect starting February 2026.

How pharmacovigilance services and pharmacovigilance consulting from Billev Pharma East help you meet these challenges

Understanding the regulation is one thing; operationalising it so that you can prove compliance during inspections and audits is another.

At Billev Pharma East, we help you interpret the regulatory requirements and translate them into efficient, defensible, and systematic approaches — not just checklists. Our integrated pharmacovigilance services and pharmacovigilance consulting support MAHs in bridging the gap between regulatory text and operational reality.

With our support, you can expect:

• A tailored gap analysis against Regulation (EU) 2025/1466 requirements.
• Development and optimisation of quality systems that are audit-ready and inspection-proof.
• Subcontractor governance frameworks that meet regulatory expectations and clarify roles and responsibilities.
• Documentation strategies that embed regulatory obligations into daily operations rather than reactive fixes.

We don’t just tell you what needs to be done — we help you put it into practice in a way that reduces risk, increases efficiency, and enhances regulatory confidence.

What the Regulation Actually Requires — Explained

Quality Systems Must Be Audited

The updated EU pharmacovigilance framework now clearly requires marketing authorisation holders to implement robust quality systems for the performance of pharmacovigilance activities under Article 8(1) of Implementing Regulation (EU) No 520/2012, as amended by Regulation (EU) 2025/1466. These systems must be subject to risk-based audits, planned and conducted at regular intervals, with the aim of verifying that all pharmacovigilance processes conform with documented policies, procedures and organisational controls. The strength of these audit programmes can determine how effectively your pharmacovigilance system meets regulatory expectations and withstands inspection scrutiny.

Rather than being optional or ad-hoc, these pharmacovigilance audits must be structured, independent and able to demonstrate effectiveness in how they assess compliance across the entire pharmacovigilance system — including how deviations are identified and resolved.

Subcontracted activities require clear oversight

A significant emphasis of the updated regulation is on how MAHs oversee third parties who perform pharmacovigilance tasks on their behalf, particularly in the context of pharmacovigilance outsourcing. Even when activities such as signal detection or safety reporting are delegated to external providers, the MAH remains fully accountable for ensuring that these outsourced tasks meet the same quality and regulatory compliance standards as internal processes, and that oversight mechanisms are in place to monitor performance and adherence to legal requirements.

The regulation explicitly states that subcontracted third parties must be audited by or on behalf of the MAH based on a risk assessment and may be inspected by competent authorities even if such obligations are not detailed in the subcontract. This means that any existing contract with external partners — whether for adverse drug reaction reporting, literature screening, signal detection, or other elements of pharmacovigilance — should explicitly include expectations for audit rights and inspection cooperation to ensure that all reporting obligations and quality standards are met consistently across internal and outsourced activities.

To operationalise this, contracts should include provisions such as clearly defined roles and responsibilities, obligations for exchanging safety data and methods for doing so, documented arrangements for third-party auditing and inspection, and explicit commitment from subcontractors to participate in audits and inspections as required. These contractual elements now form part of the compliance evidence that competent authorities will review.

Integrating these requirements with your pharmacovigilance services and pharmacovigilance consulting

Meeting these strengthened quality system and subcontractor oversight expectations often goes beyond updating a few SOPs or contract clauses — it requires a systematic approach to quality governance across teams, processes and documentation.

This is precisely where strategic pharmacovigilance services and expert pharmacovigilance consulting make a meaningful difference. Having structured systems that are audit-ready not only reduces regulatory risk, but also enables organisations to manage safety data, vendor relationships and quality evidence in a way that supports proactive compliance and inspection preparedness.

If your current pharmacovigilance infrastructure has not yet adapted to incorporate these audit expectations, now is the time to embed those requirements into your internal operations — and your oversight of any external partners — with a partner who understands how regulators will assess your systems.

Signal detection and use of EudraVigilance Data

Under the updated pharmacovigilance framework, marketing authorisation holders are expected to demonstrate that EudraVigilance data are actively integrated into their overall signal management processes. Rather than a passive reporting obligation, this means that MAHs must define in their procedures how they will monitor the data available in the EudraVigilance database and how those data will be used alongside other available sources as part of their broader pharmacovigilance services.

MAHs should implement signal monitoring activities that are proportionate to the risk profile of their products and aligned with their internal signal management approach, detailing at what steps EudraVigilance data will be used — for example during validation and evaluation stages of signal management.

This new expectation reflects the regulatory shift toward data-driven risk management, where the use of EudraVigilance outputs — such as aggregated case data and patterns of suspected adverse reactions — must be demonstrable, systematic, and audit-ready. Competent authorities will review how these data feed into your processes for identifying, assessing, and prioritising safety signals, rather than simply relying on isolated case reviews.

In practical terms, this means that pharmacovigilance consulting and enhanced pharmacovigilance service frameworks must ensure:

• EudraVigilance monitoring is formalised in your signal management SOPs.
• Your organisation can show how EudraVigilance outputs contribute to signal detection, validation, and assessment steps.
• Data from EudraVigilance are considered together with other safety intelligence to support risk-based decision making.

By embedding these expectations into your pharmacovigilance processes, you move beyond compliance as an administrative task toward a proactive, integrated safety oversight system — one that regulators will recognise as robust and demonstrable in real operations.

Literature referencing — DOI for ICSRs

Under the updated pharmacovigilance framework, when individual case safety reports (ICSRs) include information from the scientific literature, regulators now expect the use of the Digital Object Identifier (DOI) whenever one is available. A DOI is a unique, persistent identifier for digital content that enhances traceability and scientific rigour in safety reporting — aligning case reports with international standards for reliability and reproducibility.

For your pharmacovigilance system, this means ensuring that procedures for literature monitoring and case entry explicitly capture DOIs from publications and reference them in the case data. Incorporating DOI use into workflows not only improves the quality of your safety databases, but also strengthens your audit evidence and supports higher data integrity. Effective implementation of these expectations is often best achieved with strategic pharmacovigilance consulting and robust pharmacovigilance services that align literature referencing with regulatory and inspection readiness.

PSUR updates — Risk minimisation measures

Under the updated regulatory framework, Periodic Safety Update Reports (PSURs) must now clearly include not just safety data, but updates on the implementation of risk minimisation measures and the results of assessments of their effectiveness when relevant. This expectation aligns with the requirement that Section 16.5 of the PSUR (covering “Implementation of risk minimisation measures and their effectiveness”) reflects evidence-based results rather than general descriptions, directly supporting your benefit-risk assessment.

What regulators increasingly look for is demonstrable evidence — not only that risk minimisation actions were planned, but that they were actively implemented and evaluated for impact. This means documenting the outcomes of your risk minimisation strategies and how they influence your overall evaluation of the product’s safety profile, and reflecting these activities in your pharmacovigilance risk management plan, which outlines how risks are identified, characterised and reduced throughout the product lifecycle as required under EMA’s risk management framework.

Incorporating these requirements effectively into your pharmacovigilance system ensures that your PSURs are robust, and aligned with current PV requirements established by EMA and EU pharmacovigilance legislation. When preparing or reviewing PSUR content, targeted pharmacovigilance consulting can help you establish practical, defensible approaches for integrating this information into your reporting processes as part of a broader suite of pharmacovigilance services, ensuring compliance with both procedural obligations and quality expectations.

PSMF — Focused documentation

The updated regulation introduces a welcome adjustment to the Pharmacovigilance System Master File (PSMF) requirements. Rather than documenting every minor deviation from standard procedures, MAHs are now expected to record only major or critical deviations, their impact and how they are managed until resolved in the Pharmacovigilance System Master File. This change helps reduce unnecessary administrative burden while keeping the focus on issues that truly affect patient safety and compliance.

Effective implementation of this streamlined documentation approach is often best achieved with experienced pharmacovigilance consulting and robust pharmacovigilance services to help align your internal SOPs, risk assessments, and compliance evidence with the updated regulatory expectations.

PASS registration — digital mandate

Under current pharmacovigilance requirements, non-interventional Post-Authorisation Safety Studies (PASS) are not only important for long-term safety evaluation, but also for regulatory transparency and oversight. MAHs must register these non-interventional PASS in the EU electronic register of post-authorisation studies — now reflected in the HMA-EMA Catalogue of real-world studies — so that study protocols and summaries of final results are publicly available and traceable. This requirement promotes openness around safety evidence and ensures that regulators, healthcare professionals, and other stakeholders can review study commitments and outcomes efficiently.

For your pharmacovigilance system, this means establishing clear procedures for PASS registration, submission and ongoing maintenance in the register, including timely publication of study protocols and final report summaries. Effective alignment with these expectations ensures that your PASS activities contribute to regulatory transparency and are defensible under inspection. Strategic pharmacovigilance consulting and robust pharmacovigilance services can help integrate PASS registration into your safety governance framework so that it supports both compliance and operational excellence

What this means for your organisation

Taken together, these changes mean that MAHs must be prepared not just for routine reporting, but for demonstrable governance of their entire pharmacovigilance ecosystem — including quality systems, audits, vendors, data use, and documentation that stands up to scrutiny.

The new rules are designed to align practice with expectation so that patient safety oversight is transparent, auditable, and measurable.

Regulatory deadlines mean that full implementation is expected by 12 February 2026, so the window for preparation is limited.

Turning regulatory requirements into practical compliance

Meeting these requirements effectively often requires expert support — not just to interpret regulatory text, but to implement compliant, practical, and scalable processes.

With our pharmacovigilance services and pharmacovigilance consulting, we help you turn obligations into operational strengths:

• We help refine quality systems to meet audit expectations.
• We optimise subcontractor governance models.
• We support documentation strategies for PSURs, PSMF, and PASS.
• We prepare your organisation for robust EudraVigilance use and signal management processes.

This is how compliance becomes more than paperwork — it becomes part of your competitive advantage.

Ready to act?

The expectations laid out in Regulation (EU) 2025/1466 are clear — and the time to prepare is now.

If you’re unsure whether your current pharmacovigilance framework is ready for these changes, or if you want to bring your pharmacovigilance services up to tomorrow’s standard with confidence, Billev Pharma East is here to help you every step of the way. We also offer support in evaluating and overseeing your pharmacovigilance vendor relationships to ensure that any external partners align with regulatory expectations, quality standards, and inspection readiness, so you can focus on your core responsibilities with confidence.

Read also:

• EMA sets clearer expectations on EudraVigilance use in signal management
• How is a pharmacovigilance system master file structured according to EU regulatory requirements?
• How should companies monitor and update their systems to stay aligned with good pharmacovigilance practices?

Sources: 1 – European Union. (2025). Implementing Regulation (EU) 2025/1466 of 29 July 2025 amending Implementing Regulation (EU) No 520/2012 on pharmacovigilance activities, 2 – Van Bael & Bellis. (2025). European Commission Updates Rules on Pharmacovigilance Activities for Human Medicines, 3 – BioSlice Blog. (2025). Updates to the EU Pharmacovigilance Rules: Key Takeaways for Marketing Authorisation Holders.

Image credits:

In-article images: Designed by Freepik

In-article images: Designed by Freepik

Hero image: Designed by Freepik