Compliance
MolTrace supports regulated scientific workflows by preserving evidence, enforcing human review, maintaining audit trails, and aligning documentation with applicable quality and regulatory expectations.
Coverage areas
Section titled “Coverage areas”| Area | MolTrace documentation must cover |
|---|---|
| ICH Q3A(R2) | Organic impurities in new drug substances, including reporting, identification, and qualification context. |
| ICH Q3B(R2) | Degradation products in new drug products. |
| ICH Q3C | Residual solvent classes and permitted daily exposure context. |
| ICH Q3D | Elemental impurity risk assessment support. |
| ICH M7(R2) | Mutagenic impurity assessment support and expert review requirements. |
| ICH Q2(R2) and Q14 | Analytical validation and analytical procedure development context. |
Guideline values, jurisdiction notes, and nitrosamine language must be verified from official FDA, EMA, PMDA, Health Canada, and ICH sources before publication.
GxP and electronic records
Section titled “GxP and electronic records”MolTrace supports GxP-style workflows through evidence preservation, human review, export sign-off, audit trails, and role-based controls. Customers remain responsible for validating MolTrace within their own quality system and SOPs.
For 21 CFR Part 11 and EU Annex 11 support, document:
- Unique user identity and access controls.
- Time-stamped audit trails.
- Electronic signature meaning, signer, timestamp, and linked record.
- Record retention and retrieval.
- Backup and recovery procedures, with a target recovery history of at least 35 days when contracted.
- IQ/OQ support materials for enterprise validation packages.
Human review
Section titled “Human review”AI-supported interpretations, threshold assessments, and optimization recommendations must remain reviewable by qualified users before export or submission use.
AI governance
Section titled “AI governance”Regulatory Intelligence outputs may influence customer submission work, so MolTrace should document human-in-the-loop review, explainability, model versioning, performance monitoring, and change control. Any EU AI Act classification or conformity claim requires legal and regulatory review before publication.
Data protection
Section titled “Data protection”The compliance package should include the DPA, subprocessors list, SCCs where needed, retention policy, security policy, and EU data-residency option in AWS eu-west-1.
Compliance package
Section titled “Compliance package”Customer-facing compliance requests should route to compliance@moltrace.com. The package should include security controls, DPA, subprocessors, incident response overview, audit-log behavior, validation support, and current certification status.
Legal review gate
Section titled “Legal review gate”This page is live as a compliance posture location, but final claims, certification statements, and jurisdiction-specific commitments must be approved before paid onboarding.