As part of my ongoing monitoring, I track various channels on the EU Safety Gate across sectors like cosmetics, nicotine products, electronics, PPE and toys. Recently, I noticed an upsurge in fragrance notifications involving major global fashion houses.
Household names.
Premium brands.
€1bn+ businesses.
Their products had been flagged for non-compliance following ingredient reclassification or restriction changes.
That made me realise something important.
Non-compliance at this level is not only about ignorance.
Sometimes it is.
But more often, it is about systems.
And it exposes a dangerous myth in regulated markets.
Regulation Is Not Static. But It Is Not an Ambush Either.
There is a narrative in business that regulators suddenly “change the rules” overnight and companies get caught out.
That is rarely the reality.
Regulations do evolve. Ingredients are reviewed by governing bodies. Scientific opinions shift. Risk profiles are reassessed. Thresholds are tightened. Labelling language is updated. Interpretations change. Guidance is refined.
However, those changes are typically signposted.
In most cases, businesses have between six and twenty-four months between the formal adoption of a change and its enforcement date. Sometimes longer.
There are consultation phases.
There are publication stages.
There are transition windows.
There are sell-through periods.
The runway is not as short as people like to claim.
While regulations are not completely static, they do not usually move without warning. There is time to reformulate. There is time to relabel. There is time to manage stock. What is required is the ability to build those transitions into your systems.
If a product ends up listed on Safety Gate following a reclassification that was announced well in advance, the issue is not simply surprise.
It is lag.
Compliance Drift Happens Quietly
Most businesses treat compliance as a milestone.
A formulation is signed off.
A technical file is completed.
A declaration is issued.
The product is placed on the market.
Then attention moves elsewhere.
Meanwhile, the regulatory environment continues to evolve.
Even when the core regulation remains stable, its annexes, ingredient restrictions, classification frameworks and enforcement priorities shift incrementally.
If you are not actively monitoring those movements and mapping them against your live portfolio, your products begin to drift.
They were compliant when placed on the market.
They are no longer compliant today.
That drift is rarely dramatic. It is administrative. Incremental. Easy to ignore.
Until it is not.
Large organisations drift because of complexity and internal silos. Smaller organisations drift because they assume nothing significant will change.
The outcome is identical.
Public listing.
Corrective action.
Reputational damage.
This Is an Agile Systems Failure
The first pillar of the ARC methodology is Agile Systems.
An agile compliance system is not reactive. It does not depend on someone occasionally checking a website. It does not rely on a supplier mentioning an update in passing.
It is structured.
It means:
• Registering for appropriate competent authority notifications
• Monitoring regulatory amendments and classification updates
• Tracking ingredient exposure across your SKU portfolio
• Building transition timelines into your product lifecycle
• Assigning clear internal ownership for regulatory change
• Linking regulatory intelligence directly to formulation and packaging data
Regulations do not change overnight.
But they do change.
If your system is static, you will always be playing catch-up.
An agile system does three things well:
- It captures change early
- It translates that change into portfolio impact
- It triggers operational response before enforcement deadlines arrive
Without that loop, you are not managing compliance.
You are hoping.
Risk-Based Thinking Should Have Flagged This
This also touches the second ARC pillar: Risk-Based Approach.
Not all ingredients carry equal regulatory exposure. Not all product categories attract equal scrutiny. Not all scientific debates are low risk.
A risk-based organisation asks difficult questions early:
Which of our ingredients are under review?
Which have emerging toxicological or political sensitivity?
Where do we have high-volume products dependent on a single restricted component?
How long would reformulation realistically take?
What inventory exposure exists across distributors?
If those questions are not embedded into quarterly review cycles, you are not managing foreseeable risk.
You are reacting to enforcement.
The Safety Gate notifications we are seeing are not random accidents.
They are foreseeable regulatory impacts that were not converted into operational change fast enough.
Budget Does Not Protect You
This is the uncomfortable part.
If €1bn+ fragrance brands with global regulatory teams can miss reformulation windows, then budget alone is not the protective factor.
Compliance failure is rarely about a lack of money.
It is about architecture.
You can have consultants.
You can have labs.
You can have legal review.
You can have technical files stacked high.
If regulatory intelligence does not flow directly into product decisions, nothing moves.
Meanwhile, a smaller brand with fewer resources but a tightly integrated monitoring and response system can pivot faster.
Agility beats size.
Every time.
The Strategic Lesson
Small brands often say they do not have the resources to keep up.
The recent fragrance listings suggest a different conclusion.
The real question is not whether you can afford compliance.
The real question is whether you have built compliance as live infrastructure.
Do you have:
• A structured monitoring process
• A live link between regulatory updates and formulation data
• A transition calendar aligned to enforcement dates
• Clear accountability for change management
• Systems that scale as your portfolio grows
If not, you are not fully compliant.
You are temporarily ahead of enforcement.
Regulatory change is not an ambush.
It is a gradual shift.
Those with agile systems see it coming and build transitions into their operations.
Those without them appear on public databases.
EU Safety Gate is not a blacklist for small, underfunded brands.
It is a mirror held up to the entire market.
The recent fragrance cases prove one thing.
Compliance is not about how big you are.
It is about how quickly your systems move when the ground shifts.