Standard Operating Procedure for Regulatory File Transfer Between Systems or Vendors
| Department | Regulatory Affairs |
| SOP No. | RA/2026/776 |
| Supersedes | NA |
| Page No. | 1 of X |
| Issue Date | 17/04/2026 |
| Effective Date | 17/04/2026 |
| Review Date | 17/04/2028 |
Purpose
This Standard Operating Procedure (SOP) provides clear instructions and controls for the secure, accurate, and compliant transfer of regulatory files between internal systems or external vendors. It aims to ensure data integrity, confidentiality, and traceability during electronic or physical file transfers, supporting regulatory compliance and quality assurance objectives in pharmaceutical operations.
Scope
This SOP applies to all regulatory files including dossiers, submissions, supporting documents, and controlled records that require transfer between company regulatory systems or third-party vendors. It encompasses electronic and physical file transfers across any regulated functional area involved in regulatory affairs. Transfers outside regulatory documentation and files, such as manufacturing batch records or laboratory data, are excluded.
Responsibilities
The following roles have defined responsibilities under this SOP:
- Regulatory Affairs Personnel: Initiate and coordinate regulatory file transfers, ensure completeness and accuracy of files before transfer.
- Quality Assurance (QA): Review and approve transfer requests, monitor compliance, and review audit trails.
- Information Technology (IT) Support: Facilitate secure data transfer systems, maintain transfer logs, and provide technical support.
- Vendor or Receiving Party: Acknowledge receipt, verify file integrity, and notify sender of successful transfer or discrepancies.
- Document Control Staff: Archive transfer records and ensure document version control.
Accountability
The Head of Regulatory Affairs is accountable for the implementation, compliance, timely review, effectiveness monitoring, and escalation related to this SOP. This role ensures alignment with regulatory requirements, manages periodic training, and facilitates continuous improvement of the file transfer process.
Procedure
1. Preparation and Prerequisites:
Prior to initiating a regulatory file transfer, confirm that all documents are the approved controlled versions and complete as per applicable project or submission requirements. Verify transfer recipient details and confirm security and confidentiality agreements are in place if external vendors are involved.
2. Transfer Request and Authorization:
Complete a Transfer Request Form specifying file description, format, recipient, transfer method, and date. Obtain necessary approvals from QA and authorized Regulatory Affairs management before proceeding.
3. Security and Compliance Checks:
Ensure compliance with data protection policies. For electronic transfers, use encrypted communication channels such as secure FTP or validated Electronic Document Management Systems (EDMS). For physical media, use tamper-evident packaging with tracking. Confirm that the transfer method preserves data integrity and confidentiality throughout the process.
4. Execution of Transfer:
Initiate the transfer according to the authorized method. Maintain a transfer log detailing file names, sizes, transfer start and end times, and identifiers for transferred files. For physical transfers, track courier information and delivery status.
5. Receipt and Verification:
The recipient must confirm receipt within the agreed timeframe, verify file integrity and completeness against the transfer list, and document any variances or issues. Acknowledgement should be formally communicated back to the sender.
6. Handling Deviations and Incidents:
Report any discrepancies, data loss, or unauthorized access incidents immediately to QA and Regulatory Management. Follow established deviation or CAPA procedures to investigate and resolve issues.
7. Documentation and Record Retention:
Maintain records of transfer requests, approvals, logs, acknowledgements, and any incident reports as per internal policies. Store these records securely with controlled access to support traceability audits and regulatory inspections.
8. Closure:
Once receipt and verification are confirmed, close the transfer request and update the document control system accordingly. Conduct periodic reviews of file transfer activities during quality reviews or audits to ensure ongoing compliance and identify improvement opportunities.
Abbreviations
QA: Quality Assurance
EDMS: Electronic Document Management System
CAPA: Corrective and Preventive Action
GMP: Good Manufacturing Practice
FTP: File Transfer Protocol
Documents
The following documents are essential for the regulatory file transfer process:
- Regulatory File Transfer Request Form (Annexure-1)
- Regulatory File Transfer Log (Annexure-2)
- Transfer Acknowledgement Receipt (Annexure-3)
References
– ICH Q10 Pharmaceutical Quality System
– FDA 21 CFR Part 11 – Electronic Records; Electronic Signatures
– Annex 11 of EU GMP Guidelines – Computerized Systems
– EMA Guidelines on Archiving and Record Keeping
– Internal Company Data Integrity & Security Policies
Version
1.0
Approval
| Prepared By | |
| Checked By | |
| Approved By |
Annexures
Annexure-1: Regulatory File Transfer Request Form
| Form Title: | Regulatory File Transfer Request Form |
| Purpose: | To formally request and authorize the transfer of regulatory files between systems or vendors. |
| Field | Description / Example |
|---|---|
| Request ID | RTF-2026-0325 |
| Date of Request | 15/04/2026 |
| Requestor Department | Regulatory Affairs |
| File Description | Drug Submission Dossier – Module 3 |
| File Format | PDF / XML |
| Originating System | Regulatory Document Management System (RDMS) |
| Receiving System/Vendor | External Regulatory Services Vendor – Vendor Code 1452 |
| Transfer Method | Secure FTP (SFTP) |
| Requested Transfer Date | 17/04/2026 |
| Reason for Transfer | Submission to regulatory authority |
| Approvals |
QA Approval: ___________________ Regulatory Head Approval: ___________________ |
| Additional Comments | Ensure file encryption prior to transfer. |
Annexure-2: Regulatory File Transfer Log
| Form Title: | Regulatory File Transfer Log |
| Purpose: | To record detailed information of each file transfer activity for tracking and audit purposes. |
| Transfer ID | File Name | File Size (MB) | Transfer Method | Transfer Start Time | Transfer End Time | Status | Remarks |
|---|---|---|---|---|---|---|---|
| RTF-2026-0325-01 | Module3_Dossier_v5.pdf | 15.2 | SFTP | 17/04/2026 09:15 | 17/04/2026 09:22 | Success | Verified by Vendor on receipt |
| RTF-2026-0325-02 | Annexures_Module3.xml | 3.7 | SFTP | 17/04/2026 09:23 | 17/04/2026 09:27 | Success | No issues found |
Annexure-3: Transfer Acknowledgement Receipt
| Form Title: | Transfer Acknowledgement Receipt |
| Purpose: | To formally acknowledge receipt and verification of transferred regulatory files by the receiving party. |
| Transfer Request ID | Received By | Receiving Department/Organization | Receipt Date and Time | Files Verified | Verification Status | Comments | Signature |
|---|---|---|---|---|---|---|---|
| RTF-2026-0325 | Vendor QA Lead | External Regulatory Services Vendor | 17/04/2026 10:00 | Module3_Dossier_v5.pdf, Annexures_Module3.xml | Complete and Intact | No discrepancies observed | _____________________ |
Revision History
| Revision Date | Revision No. | Revision Details | Reason for Revision | Approved By |
| 17/04/2026 | 1.0 | Initial issue | New SOP creation |