Full enforcement of the Drug Supply Chain Security Act (DSCSA) began in November 2025. After years of phased requirements, extended deadlines and industry-wide preparation, manufacturers and distributors finally hit the milestone they'd been working toward. And by most accounts — according to this survey, conducted by Studio by Informa TechTarget and sponsored by Tecsys — they feel good about it.
A little too good, perhaps?
From the survey:
76% are "extremely" or "very" confident in the accuracy of their DSCSA implementation. Another 62% say they're satisfied with the operational efficiency of what they've put in place.
Those are strong numbers. But confidence does not equal operational performance. And the data tells a more complicated story underneath.
Compliant isn't the same as optimized
There's a difference between checking a compliance box and building a system that actually works under real-world pressure. As John Reichert, senior director of SCE solutions at Tecsys, put it: "There was a lot of panic to hit that milestone to be compliant. That was the goal — not necessarily to do it efficiently, but to just check that box."
The industry got there. But now the cracks are showing.
More than half of respondents (55%) report receiving data without a corresponding product at least sometimes. Nearly half (49%) have received product with incorrect data. These aren't edge cases — they're recurring operational disruptions, and they come with real costs: delayed shipments, manual research, product returns, strained supplier relationships, and in some cases, patients waiting on medication they can't get.
The real cost of "good enough"
Think of it like repeatedly repairing a roof. Each fix addresses the immediate issue, and the building remains usable. But over time, the cost of patching individual problems exceeds what it would have taken to replace the roof entirely.
That's exactly where many organizations find themselves with DSCSA compliance today.
The most common approach — receiving with the outermost serial in the warehouse management system (WMS) and relying on the DSCSA repository to validate the full inference — is used by 76% of respondents. It works, until it doesn't.
If the electronic data in the repository doesn't match the physical product, the WMS won't catch it. Exceptions slip through. Teams scramble to fix them downstream. The cost of each exception compounds.
Reichert describes a better architecture: one where serialized inference data lives directly within the WMS, rather than depending on a separate repository to fill in the gaps. When the WMS has the same level of granularity as the repository, it can validate and prevent exceptions locally — before they become operational problems.
The exception problem is getting harder to ignore
Most organizations have taken some steps to prepare for exceptions: 100% have developed SOPs, 85% have done exception-scenario planning, and 92% have built templates for documentation. That's a solid foundation.
But preparation and resolution are different things. When an exception actually hits, the default response for 93% of respondents is to reject the product and send it back. That might solve the immediate problem, but it doesn't fix the root cause — and it creates downstream strain that affects customers, costs, and in healthcare contexts, patient care.
Only 55% of organizations have adopted new tools or technologies to manage exceptions. That means nearly half are handling a growing, increasingly complex problem with the same systems and processes they started with.
Sunk costs are not a strategy
The survey found that 53% of organizations have been using their current WMS for more than five years, and only 15% plan to switch in the next five years. The reluctance is understandable — WMS transitions are significant undertakings, and if a system is "good enough," why disrupt it?
Because "good enough" has a price tag that's easy to miss when you're looking at it line by line — remember the leaky roof analogy? When you add up the labor cost of managing exceptions manually, the operational drag of dual-entry workflows, the downstream impact of returns and out-of-stocks, and the audit risk of serialized data living outside core warehouse workflows — the cost of staying put starts to look very different.
A WMS built specifically for DSCSA serialization doesn't just reduce exceptions. It streamlines receiving, eliminates redundant data entry, and gives operations teams the real-time visibility they need to move fast and stay accurate.
The question worth asking
The goal of DSCSA was never just to make organizations compliant on paper. It was to create a safer, more traceable pharmaceutical supply chain. As enforcement matures and complexity increases, the organizations that thrive won't be the ones who got across the finish line first — they'll be the ones who built systems designed to stay there.
The question isn't whether what you have is working. It's whether what it's costing you to keep it working is worth it.