Risk management

The risk management framework to address and assess risks

At Lundbeck our risk management processes ensure close monitoring, systematic risk assessment, and the ability to identify, manage and report internal and external risks in a changing environment.

Risk management governance structure

Lundbeck is exposed to risks throughout the value chain, from the initial stages of developing innovative pharmaceuticals in our in-house facilities to the proven pharmaceuticals reaching the patients.

Our risk management processes are continually updated and adapted to match internal and external requirements, where risks related to trends, global economic developments, geopolitics and long-term forecasts are assessed as part of Lundbeck’s long-term strategic planning. With this understanding of the wider context and an accurate and complete overview of Lundbeck’s activities and resources, Executive Management has a clear basis for decision-making on our overall risk exposure and mitigating actions.

The Board of Directors has the overall responsibility for ensuring that Lundbeck has implemented necessary procedures for risk management.

The oversight of compliance within the established enterprise risk management framework is delegated to the Audit Committee.

Risk management framework

In Lundbeck, enterprise risk management is considered an integral part of doing business, which is reflected in the risk management process.

The process starts in the decentralised teams within each Executive Management area. The teams have detailed and extensive knowledge of the risks within their areas of responsibility. They systematically identify, quantify, respond to and monitor risks. They are ideally placed to mitigate our risk exposure in the first instance.

Each area shares the risks with the central Risk Office when there are material updates, and at least on a semi-annual basis. The central Risk Office provides the risk framework and conducts interviews with management, risk contributors, and risk responsible individuals.

This represents an integral part in the alignment of risks reported to the Risk Office.

In cooperation with each Executive Management area, the Risk Office assesses the likelihood of an event occurring and the potential impact on the Group in terms of financial loss. The key risk overview is presented to Executive Management for their assessment and approval before it is reported to the Audit Committee and approved by the Board of Directors.

The corporate risk register kept by the Risk Office provides a consolidated overview of Lundbeck’s risk exposure by detailing each risk, risk category, and type. The risk descriptions provide details on the event, its current status, the status of the response, and the likelihood and potential impact.

Our reporting process defines six risk categories:

Research and Development
Market, Commercial, and Strategy
Supply, Quality, and Product Safety
IT security
Legal and Compliance
Finance

Lundbeck has developed a concise process covering day-to-day risk identification, monitoring, mitigation, and reporting within each Executive Management area, all the way to the final reporting to Executive Management. This process enables Executive Management to control Lundbeck’s risk appetite when deciding strategy and practice, and when making day-to-day decisions.

Key risks

Risk Area	Description	Potential Consequences	Mitigating Actions
Research and development	Exposure to delays of regulatory approval or failure in the development of new and innovative medicines. Increased regulatory requirements for clinical trials. Data requirements from production of non-clinical and clinical studies.	Delays or failure of new products could impact patients who cannot benefit from these products and decrease earnings expectations for Lundbeck and its shareholders. Delay in regulatory approval may impact the patient’s drug access. Issues with data integrity could lead to delays in studies and production – ultimately leading to withdrawals and failure to gain approval.	Clinical trials are run and evaluated throughout the research and development phase. Ongoing evaluation of the product pipeline, regulatory requirements, and product benefit. Robust quality management system is in place to ensure consistent quality, data integrity, and the compliance of clinical trials and clinical safety activities
Market , commercial and strategy	Price pressure, new legislation, regulation of reimbursement and healthcare reforms in key markets, etc. Market dynamic change derived from COVID-19 or ongoing war between Russia and Ukraine.	Market restrictions could impact patients’ access to Lundbeck products. Changes in market conditions and healthcare reforms could affect the pricing landscape as well as rebates and discounts. These changes could decrease earnings for Lundbeck and its shareholders.	Understanding the price development in main markets. Working with healthcare authorities around the world to document the value of our pharmaceuticals. Monitor political developments and requirements.
Supply, quality and product safety	Disruption of production or supply or unpredictable demand and stock-out. Loss of licenses to manufacture or sell pharmaceuticals. Defects in product quality or safety.	Product shortage, not giving patients needed access to the pharmaceuticals they require.	Systems, policies, and procedures are in place to ensure product supply, quality, and safety. Dual sourcing strategy and high level of safety stock of key products. Robust pharmacovigilance system.
IT security	Cyber attacks and cyber fraud. System down-time.	Disruption or compromise of IT security could affect all parts of Lundbeck’s operations and product supply to patients. Data loss.	IT policies and procedures are in place to safeguard systems and data. Cyber defenses are tested on a regular basis. Annual testing of IT disaster recovery plan.
Legal and compliance	Loss, expiration or infringement of intellectual property rights. Non-compliance with laws, industry standards, regulations, and our Code of Conduct. Exposure to legal claims or investigations.	Loss, expiration, infringement, or invalidation of intellectual property rights could decrease earnings for Lundbeck and its shareholders. Non-compliance with laws, industry standards, regulations, or our Code of Conduct could affect our ‘license to operate’, result in litigations or investigations, expose Lundbeck to significant fines, and impact our reputation and earnings for Lundbeck and its shareholders.	Policies and processes are in place to safeguard intellectual property rights. The Code of Conduct Compliance Program and global organisation are pivotal in sustaining our compliance culture. The Code of Conduct Compliance Program includes global activities and ensures continuous monitoring of compliance with laws and industry standards and annual training to all employees. Third parties are committed to observe our legal and ethical standards in mutually binding agreements and are subject to monitoring. Global Compliance Hotline and investigation procedure.
Financial	Fluctuations in exchange rates incl. impact from currency devaluations.	Lundbeck’s cash flow and earnings could be impacted in cases of fluctuations in key currencies.	Treasury policy. Monitoring the financial exposure and hedging a significant part of Lundbeck’s currency risk up to 18 months in advance.