Consulting Agreement for Pharmaceuticals

The unique risks of pharmaceutical consulting

Four risks define pharma consulting. First, the Anti-Kickback Statute (42 USC 1320a-7b(b)) and the False Claims Act (31 USC 3729). Compensation to HCPs and other "referral sources" that is not at fair market value and not memorialized in a signed written agreement creates per se exposure. The OIG personal services safe harbor at 42 CFR 1001.952(d) requires: written agreement of at least 1 year, compensation set in advance and consistent with FMV, services that are reasonable and necessary for legitimate business purposes, and aggregate compensation reflective of services actually performed. Miss the safe harbor and the company faces FCA treble damages plus per-claim penalties ($13,946–$27,894 per claim in 2024).

Second, the Physician Payments Sunshine Act (42 USC 1320a-7h, codified in 42 CFR Part 403 Subpart I, with reporting at openpaymentsdata.cms.gov). Any covered "transfer of value" to a covered recipient (physician, teaching hospital, and as of January 1, 2022 also PAs, NPs, CRNAs, CNSs, and certified nurse midwives) must be reported annually with the consultant's name, NPI, address, payment amount, and nature (consulting fee, travel, honoraria, etc.). The Open Payments database is publicly searchable. The contract has to commit the consultant to provide reportable data and acknowledge the reporting obligation.

Third, off-label promotion. A consultant in medical affairs or commercial who drafts unbranded disease awareness content that crosses into off-label promotion creates direct FDA enforcement risk (21 USC 331(d), 352(f)) and DOJ FCA exposure under Caronia / Amarin / Pacira-era law. Even unbranded materials and HCP communications need rigorous medical-legal-regulatory (MLR) review. The contract should require MLR review of all consultant-authored external materials and prohibit consultant communications with HCPs about off-label uses outside specific FDA-permitted exceptions (e.g., scientific exchange, Caronia free-speech protections, the 2023 FDA guidance on communications about scientific information about unapproved uses).

Fourth, data integrity. FDA's data integrity expectations under 21 CFR Part 11 and ALCOA+ (Attributable, Legible, Contemporaneous, Original, Accurate + Complete, Consistent, Enduring, Available) have driven dozens of Warning Letters and Import Alerts on India and China manufacturers in 2023-2025. A consultant supporting CMC, validation, or quality cannot just "advise"; they have to operate within Part 11 audit trails and ALCOA+ documentation discipline. EMA Annex 11 imposes similar requirements in the EU.

Industry-specific clauses to include

• OIG Personal Services Safe Harbor Compliance (42 CFR 1001.952(d)): Signed written agreement of at least 1 year; compensation set in advance and documented at FMV (with reference to MGMA, SullivanCotter, or ECG benchmark for HCPs); services reasonable and necessary; aggregate compensation reflective of actual services; activity schedule attached as exhibit identifying specific services.
• FMV Documentation Recital: Recitation that the fee was set without regard to the volume or value of referrals or business generated; FMV methodology documented in an exhibit with reference to an external benchmark; payment is not contingent on a particular outcome, prescription, formulary placement, or referral.
• Sunshine Act Reporting Cooperation (42 USC 1320a-7h): If the consultant is a covered recipient under 42 CFR 403.902, the consultant acknowledges that payments will be reported on Open Payments; the consultant provides NPI, license information, address, and reviews the company's annual report prior to the dispute resolution window (typically the 45-day pre-publication review period).
• Anti-Kickback Statute / False Claims Act Acknowledgement: Consultant warrants no remuneration to any HCP or government program participant in exchange for referral, recommendation, or purchase of any company product; acknowledges 42 USC 1320a-7b(b) and 31 USC 3729-3733; immediate notification of any inquiry by OIG, DOJ, or state Medicaid Fraud Control Unit.
• OIG & SAM Exclusion Screening: Consultant warrants neither it nor any subcontractor appears on the OIG LEIE (List of Excluded Individuals/Entities) or GSA SAM exclusions list; rescreens monthly; immediate termination right on listing.
• Off-Label Promotion Restriction: Consultant does not make off-label statements about company products in any external communication; all consultant-authored external materials subject to company's Medical Legal Regulatory (MLR) review; HCP interactions limited to on-label scope unless covered by FDA scientific exchange exception per FDA's 2018 and 2023 guidance documents on communications regarding unapproved uses.
• cGMP / Data Integrity (21 CFR Part 11 / Annex 11): If consultant produces records that will support FDA submissions or be subject to inspection, the records meet ALCOA+ principles, 21 CFR Part 11 electronic records and signatures requirements (or EU Annex 11), and the company's SOPs; all working papers preserved per the company's record retention policy.
• Pharmacovigilance & AE Reporting: Consultant immediately reports (within 24 hours) any spontaneous adverse event, product quality complaint, or safety signal that comes to their attention, to the company's safety mailbox or designated PV team; this is operational, not optional, and supports the company's 7- and 15-day FDA MedWatch obligations under 21 CFR 314.80.
• HIPAA BAA if PHI in Scope: Where the consultant accesses PHI (patient registries, RWE/RWD studies, investigator-initiated studies), a HIPAA BAA per 45 CFR 164.504(e) signed alongside.
• FCPA / Anti-Bribery (Foreign HCPs): For ex-US engagement, consultant complies with FCPA (15 USC 78dd-1 et seq.), UK Bribery Act 2010, and applicable foreign anti-corruption laws; HCPs in many countries (Italy, France, Germany, China, Brazil) are "foreign officials" given national health systems; no facilitation payments.
• Publication & Authorship: Publications meet ICMJE authorship criteria; ghost-writing prohibited; company has prior review right for publications referencing the product or unpublished data; honors GPP3 (Good Publication Practice 3) standards.
• Sunshine Act / Insurance: Professional Liability $5M+; Clinical Trial / Medical Errors & Omissions $5M+ for clinical work; Cyber Liability $5M+ for any patient data handling.
• DSCSA Compliance (if supply-chain consulting): If consultant touches distribution, the consultant supports enhanced drug distribution security requirements effective November 27, 2024 (post-stabilization-period) including unit-level traceability, verification, and saleable returns under 21 USC 360eee-1 and -2.

Common mistakes in pharma consulting agreements

• Paying an HCP consultant more than FMV. $5,000 to "review materials" for a 30-minute call is FMV-indefensible. Use published comp benchmarks (SullivanCotter, MGMA, ECG, Open Payments aggregate data) and document the FMV calculation in an exhibit.
• Skipping Sunshine Act reporting cooperation language. CMS Open Payments reports are made by the manufacturer based on the manufacturer's records. The consultant has to provide accurate information and review the pre-publication report or the manufacturer fails its 42 CFR 403 obligation.
• Letting a consultant draft external HCP communications without MLR review. Recent FDA Warning Letters and DOJ FCA settlements (Bayer 2024, Endo 2024, Allergan 2023) have all targeted unreviewed HCP-facing content. MLR has to be on the critical path.
• No OIG exclusion screening. An excluded individual cannot receive any payment from a federal health care program directly or indirectly. Hiring an excluded consultant is itself a violation; monthly rescreening is the OIG standard.
• Vague "regulatory consulting" scope. A "regulatory consultant" who ends up authoring sections of an NDA or BLA is functionally an agent of the sponsor and needs to be inside the company's GxP quality system, not outside it.
• Forgetting Part 11 audit trails for working papers. If the consultant's spreadsheet or analysis becomes part of an FDA inspection record, ALCOA+ and Part 11 apply. Excel files without audit trail capability are problematic.
• No FCPA review for ex-US engagement. HCPs employed by national health systems (most of Europe, much of Asia and Latin America) are "foreign officials" under FCPA. Honoraria, gifts, and travel paid to them face FCPA scrutiny.
• Ignoring the OIG's 2020 / 2021 / 2024 special fraud alerts. The OIG's November 2020 SFA on speaker programs and the OIG's ongoing scrutiny of advisory boards put structural pressure on these engagements. The contract should track the SFA's guardrails: legitimate need, FMV cap, prohibitions on alcohol, restrictions on venue, attendance limits.

Regulatory landscape

FDA regulatory framework: FD&C Act (21 USC 301 et seq.); IND/IDE process (21 CFR 312 for drugs, 812 for devices); NDA/BLA (21 CFR 314, 600, 601); cGMP for drugs (21 CFR 210, 211), biologics (600, 610), combination products (4); 21 CFR Part 11 electronic records and electronic signatures; Bioresearch Monitoring (BIMO) inspection program under 21 CFR 312 (sponsors), 50 (informed consent), 56 (IRBs), 812 (investigators); pharmacovigilance and post-marketing reporting at 21 CFR 314.80 (drugs), 600.80 (biologics); DSCSA (Drug Supply Chain Security Act) at 21 USC 360eee with full unit-level traceability requirements effective November 27, 2024 after the FDA's October 2023 stabilization period extension.

Fraud and abuse: Anti-Kickback Statute (42 USC 1320a-7b(b)) and safe harbors at 42 CFR 1001.952 including personal services (d), investment interests (a), and discounts (h); False Claims Act (31 USC 3729-3733) with qui tam relator provisions; Civil Monetary Penalties Law (42 USC 1320a-7a); Physician Self-Referral / Stark Law (42 USC 1395nn) and exceptions at 42 CFR 411.357; Federal health care program exclusion authority (42 USC 1320a-7); OIG Compliance Program Guidance for Pharmaceutical Manufacturers (2003) and Special Fraud Alerts including the November 2020 SFA on speaker programs.

Transparency: Physician Payments Sunshine Act (42 USC 1320a-7h), codified at 42 CFR Part 403 Subpart I, with reporting to CMS Open Payments database (covered recipients expanded January 1, 2022 to include PAs, NPs, CRNAs, CNSs, certified nurse midwives); state pharmaceutical marketing transparency laws (DC, MN, MA, VT, NV require additional disclosures); EFPIA Code of Practice for EU-based reporting; AdvaMed Code of Ethics for device manufacturers.

EU and international: EMA EU Clinical Trials Regulation (EU 536/2014, in force January 31, 2022); EU Good Manufacturing Practice (EudraLex Volume 4) and Annex 11 for computerised systems; EU Good Vigilance Practice (EMA GVP) Modules I-XVI; EU Good Distribution Practice (2013/C 343/01); EU Falsified Medicines Directive (2011/62/EU) and Delegated Regulation 2016/161 on safety features; UK MHRA post-Brexit framework; ICH guidelines including Q7 (API GMP), Q8 (Pharmaceutical Development), Q9 (Quality Risk Management), Q10 (Pharmaceutical Quality System), Q11 (API Development), Q12 (Lifecycle Management); GxP framework (GCP, GLP, GMP, GDP, GVP).

Privacy: HIPAA (45 CFR Parts 160, 162, 164) for PHI; GDPR (Regulation 2016/679) for EU personal data including 2023 EU-US Data Privacy Framework; state biometric and health privacy laws (Washington My Health My Data Act effective March 31, 2024; California CMIA; Texas HB 300); 42 CFR Part 2 for substance use disorder records. Real-world data and AI: FDA RWE guidance documents (2018, 2021, 2023); FDA's 2024 final guidance on Real-World Evidence; FDA AI/ML in medical device draft guidance (2024).

Sample fee structure

US pharma consulting fee benchmarks for 2025–2026 (HCP fees require FMV documentation under personal services safe harbor):

• Regulatory affairs consultant (former FDA): $300–$600/hour; full NDA/BLA Module preparation $80,000–$500,000 per module; full submission consulting $400,000–$3M+.
• Medical writing (regulatory documents, manuscripts): $150–$350/hour; CSR (clinical study report) $40,000–$200,000; full publication strategy $200,000–$800,000/year for a single product.
• CMC / quality consultant: $300–$600/hour; full QbD program $300,000–$1.5M; FDA Warning Letter remediation $500,000–$10M+.
• Pharmacovigilance lead / safety physician: $200–$400/hour; full PV system stand-up $250,000–$1.5M; PSMF authorship $40,000–$120,000.
• Clinical operations / CRO oversight: $200–$400/hour; full clinical operations build $500,000–$5M.
• Market access / payer strategy: $300–$600/hour; full launch market access strategy $400,000–$2M.
• Medical Science Liaison (MSL) team build: $250–$500/hour for consulting; MSL FTE $200,000–$350,000 fully loaded.
• HCP advisory board member: $250–$500/hour, typically capped at $5,000–$15,000 per meeting day (must be at FMV per personal services safe harbor; document benchmarking).
• KOL speaker honoraria: $1,500–$5,000 per speaking engagement (must be reported under Sunshine Act; capped per OIG SFA 2020 expectations on speaker programs).
• Compliance / FCPA consultant: $400–$800/hour; full anti-corruption program build $300,000–$1.5M; FCPA monitorship support $5M+.
• Health Economics & Outcomes Research (HEOR): $250–$500/hour; full economic model $150,000–$600,000; budget impact model $60,000–$250,000.

HCP compensation: documented FMV with reference to MGMA, SullivanCotter, ECG, or Open Payments aggregate benchmarks. Internal FMV methodology should be documented in a separate FMV document referenced by the agreement. Fees that vary based on prescribing volume, formulary placement, or referrals fail the personal services safe harbor.

How to draft this in Word with LexDraft

Open the LexDraft add-in inside Word and start from the consulting agreement template, then insert the OIG personal services safe harbor recitals, FMV documentation, Sunshine Act reporting cooperation, OIG/SAM exclusion screening, off-label promotion restriction, MLR review requirement, and pharmacovigilance/AE reporting language from the clause library. Where the consultant accesses PHI for RWE/RWD work, layer in a HIPAA BAA per 45 CFR 164.504(e). For pre-engagement KOL identification or HEOR discussion, the NDA template covers pre-engagement confidentiality. The broader templates library covers structuring across HCP advisory, regulatory affairs, and commercial workstreams. Comparing drafting tools? See LexDraft vs Spellbook.

Frequently asked questions