Annual Financial Report

 

GlaxoSmithKline plc

(the 'Company')

 

Publication of Annual Report 2020

 

The Company has today published on its website www.annualreport.gsk.com   its Annual Report for the year ended 31 December 2020 ('Annual Report 2020').

 

A hard copy version of the Annual Report 2020 and the Notice of Annual General Meeting 2021 ('AGM Notice') will be sent to those shareholders who have elected to receive paper communications on or about 30 March 2021. The AGM Notice will be made available to shareholders who have not elected to receive paper communications on the same date.

 

In compliance with Listing Rule 9.6.1R of the UK Financial Conduct Authority ('FCA'), the Annual Report 2020 will be submitted to the UK Listing Authority and will shortly be available for inspection at the National Storage Mechanism (NSM) https://data.fca.org.uk/#/nsm/nationalstoragemechanism

 

The information included in the unaudited preliminary results announcement released on 3 February 2021, together with the information in the Appendices to this announcement which is extracted from the Annual Report 2020, constitute the materials required by the FCA's Disclosure Guidance and Transparency Rule 6.3.5R. This announcement is not a substitute for reading the Annual Report 2020 in full. Page and note references in the Appendices below refer to page and note references in the Annual Report 2020.

 

 

 

 

 

V A Whyte

Company Secretary

 

9 March 2021

 

Cautionary statement regarding forward-looking statements

GSK cautions investors that any forward-looking statements or projections made by GSK, including those made in this announcement, are subject to risks and uncertainties that may cause actual results to differ materially from those projected. Such factors include, but are not limited to, those set out in Appendix A of this announcement. GSK also refers investors to the cautionary statement on the inside back cover of the Annual Report 2020.

 

Brand names

Brand names appearing in italics throughout this announcement are trademarks either owned by and/or licensed to GlaxoSmithKline or associated companies. 

 

APPENDIX A

 

Principal risks and uncertainties

 

We outline below the principal risks and uncertainties relevant to GSK's business, financial condition and operations that may affect our performance and ability to achieve our objectives. These are the risks that we believe could cause our actual results to differ materially from expected and historical results.

 

In 2020 Board oversight was extended beyond the Audit & Risk Committee, to include more involvement from the Corporate Responsibility Committee and Science Committee. These committees considered GSK's risks and the strategies used to address them. In doing so they drew on annual business unit risk and assurance update reports, strategy papers for our most significant risks, and the Corporate Executive Team's (CET's) annual risk review.

 

During the year we further developed our risk management framework, moving from annual to quarterly upwards reporting for most of our principal risks. This has enabled the Risk Oversight and Compliance Council to oversee risk in a more dynamic way. We continued to evolve how we report new and emerging risks and external environmental insights. We also made reporting more data driven, with key risk indicators enabling more agile risk management strategies. In addition, risks and mitigations relating to COVID-19 were incorporated within our most significant risks, to complement the pandemic risks identified and managed by the Global Issues Management Team and reported to the CET.

 

We are required to comply with a broad range of laws and regulations which apply to the research and development, manufacturing, testing, approval, distribution, sales and marketing of pharmaceutical, vaccine and consumer healthcare products. These affect the cost of product development, the time required to reach the market and the likelihood of doing so successfully on an uninterrupted basis.

 

As rules and regulations change, government interpretation evolves, and our business activities develop, the nature of a particular risk may also alter. Changes to certain regulatory regimes may be substantial. Any alteration in, and failure to comply with, applicable laws and regulations could materially and adversely affect our financial results.

 

Similarly, our global business exposes us to litigation and government investigations, including but not limited to product liability litigation, patent and antitrust litigation and sales and marketing litigation. Litigation and government investigations, including related provisions we may make for unfavourable outcomes and increases in related costs such as insurance premiums, could also materially and adversely affect our financial results.

 

More detail on the status and various uncertainties in our significant unresolved disputes and potential litigation is set out in Note 46 'Legal proceedings'.

 

UK regulations require a discussion of the mitigation activities a company takes to address principal risks and uncertainties. Below is a description of each of our principal risks with a summary of the activities that we take to manage each risk across our businesses. They are not listed in order of significance.

 

Patient safety

 

Risk definition

Failure to appropriately collect, review, follow up, or report human safety information (HSI), including adverse events from all potential sources, and to act on any relevant findings in a timely manner.

 

Risk impact

Our ability to effectively collect, manage and analyse safety information associated with our products enables us to conduct robust safety signal detection activities. This, in turn, ensures we make decisions based on the most up-to-date risk/benefit profile of our products and take all appropriate measures to safeguard patients and consumers. If we do not effectively manage risks to our patient safety activities, the most serious repercussion could be harm to patients. This could also lead to reputational damage, product-related litigation, governmental investigation and regulatory action, including fines, penalties and even the loss of product marketing authorisation.

 

Context

Our licence to operate depends on our compliance with global pharmacovigilance requirements. We are fully accountable for safeguarding patients and complying with global regulations. However, we augment our pharmacovigilance capabilities by using third parties, and continue to seek innovative solutions (e.g., automation and machine learning) for improved patient safety management through more efficient, reliable and accurate data collection and interrogation.

 

We collect information on the safety and efficacy of our products in humans during clinical development and gain more comprehensive information on real-world use once our products are on the market. Safety information is not only obtained by our own ongoing safety surveillance activities; external parties also analyse publicly-available clinical trial results or other data. The variety of sources and the increasing volume of safety data in the setting of variable and complex global regulations present new and evolving challenges to how we conduct pharmacovigilance. For example, we must collect sensitive health information to develop robust product safety profiles while ensuring adherence to increasingly stringent global privacy regulations and remaining vigilant to the threat of cyberattacks.

 

As a result of the COVID-19 pandemic, GSK's Safety organisation and our third parties quickly and effectively adopted new ways of working which did not impact patient safety. However, the urgent need for effective treatment and prevention of COVID-19, and the political discourse around developing such treatment and prevention, increased regulatory, governmental and public scrutiny on how our industry ensures, through development and regulatory measures, the safety and efficacy of medicines and vaccines. This environment could undermine regulatory, governmental and public trust in medicines for treating COVID-19. This may, in turn, negatively influence healthcare decisions for other diseases, leading to reputational damage or product liability lawsuits.

 

Mitigating activities

Our Chief Medical Officer (CMO) is accountable for the Patient Safety enterprise risk and human safety matters, in collaboration with the Head of Global Safety and with support from business unit-specific CMOs. A cross-enterprise safety governance board oversees implementation of our control framework, including risk management. A Global Safety Board and subsidiary business unit-specific product safety boards ensure that human safety is addressed proactively throughout a product's lifecycle.

 

Our global policy on management of human safety information requires that all employees immediately report issues relating to the safety of our products. Our Third-Party Oversight framework ensures that third parties at risk of encountering human safety information are identified and trained appropriately.

 

Safety information for all products and from all sources is collected, processed, reported, analysed and followed up in compliance with global regulations. This information allows us to detect safety signals for our products and take timely action on information that changes a product's risk/benefit profile. Proposed actions are discussed with regulatory authorities and can include updating the prescribing information, communicating with healthcare providers, restricting product prescribing/availability to help assure safe use, and carrying out further clinical trials. In certain cases, it may be appropriate to stop clinical trials or to withdraw a product from the market.

 

In 2020 we embedded changes to our central and local safety departments, with increased support for core pharmacovigilance activities from third-party vendors. Our operating model was tested by the pandemic and, while areas for improvement were identified in terms of vendor flexibility and capacity, we adapted quickly and were at full operational capacity in the second half of the year with no impact on patient safety. We are implementing a new safety signal management tool, have leveraged automation where possible for case processing, and are preparing for the integration of the Pfizer Consumer Healthcare safety database. In 2021 we will further refine the global Pharmacovigilance organisation to deliver additional efficiencies, including a focus on advancing innovation and automation.

 

Product quality

 

Risk definition

Failure by GSK, its contractors or suppliers to ensure:

-  Appropriate controls and governance of quality in product development;

-  Compliance with good manufacturing practice or good distribution practice regulations in commercial or clinical trials manufacture and distribution activities;

-  Compliance with the terms of GSK product licences and supporting regulatory activities.

Risk impact

A failure to ensure product quality could have far reaching implications in patient and consumer safety, product launch delays, drug shortages and product recalls, as well as having regulatory, legal and financial consequences. These could materially and adversely affect GSK's reputation and financial results.

 

Context

The external environment for product quality remains challenging.

 

The European Medicines Agency (EMA) is about to implement two new sets of requirements. In May 2021, EMA regulations covering the licensing of medical devices will become effective. The new Annex 1 Guidance for the Manufacture of Sterile Medicinal Products is also due for release. GSK is preparing to implement both sets of requirements.

 

We are reviewing the manufacturing processes for all products to identify the risks for the presence of nitrosamine impurities, to comply with updated regulatory requirements. This work will continue through 2021. Where necessary we will mitigate any identified risks.

 

GSK is increasingly using new technology to enhance the manufacture and testing of our products, for example, we are continuing to deploy new electronic documentation systems and advanced laboratory information management tools. The threat of cyberattacks remains a key risk to the integrity of product quality data and its audit trail.

 

Significant changes are taking place in GSK as we implement our new organisational alignments and strategy. These changes are assessed by our quality organisations to make sure our quality procedures and governance can facilitate the strategy, while also ensuring that no unintended consequences increase our product quality risk.

 

Mitigating activities

An extensive global network of quality and compliance professionals, from site to senior management level, is aligned with each business unit to provide oversight and assist with the delivery of quality performance and operational compliance. Such management oversight is accomplished through a hierarchy of quality councils, an independent chief product quality officer and a global product quality office that oversee product quality risk across the company.

 

We have developed and implemented a single quality management system that defines the quality standards and systems for our businesses associated with pharmaceutical, vaccine and consumer healthcare products, and for clinical trial materials. This system has a broad scope and is applicable throughout the product lifecycle, from R&D to mature commercial supply. It is augmented by a consolidation of numerous regulatory requirements from markets across the world, which assures it meets external expectations for product quality in the markets we supply. Our system is based on the internationally-recognised principles from the ICH Q10 pharmaceutical quality system framework.

 

Our quality management system is routinely updated to ensure it keeps pace with the evolving external regulatory environment and new scientific understanding of our products and processes. As part of our drive to continually improve the operational deployment of our quality management system, we are making our policies and procedures simpler to understand and implement and adopting innovative tools to give a more user-friendly experience. Staff members are regularly trained in regulatory expectations and learnings from inspections and existing procedures to ensure continued maintenance of Current Good Manufacturing Practice standards.

 

We have implemented a risk-based approach to assessing and managing third party suppliers that provide materials used in our finished products. Contract manufacturers that make our products are expected to comply with GSK standards and are regularly audited to provide assurance that they do.

Product incident committee processes are in place to investigate product issues and make recommendations on remediation activities including, where necessary, the recall of products to protect patients and consumers. An established complaint process also ensures GSK responds appropriately to product quality issues raised by patients and customers.

 

Independent functions review and triage allegations of non-compliance or misconduct received through formal and informal 'Speak Up' channels. Global disciplinary and enforcement procedures apply to any breaches of our standards, and are initiated, as appropriate, following investigations.

 

We leverage key risk indicators to support risk management activities and provide GSK's Corporate Executive Team and Risk Oversight and Compliance Council with an integrated assessment of product quality performance.

 

Financial controls and reporting

 

Risk definition

Failure to comply with current tax laws or incurring significant losses due to treasury activities; failure to report accurate financial information in compliance with accounting standards and applicable legislation.

 

Risk impact

Non-compliance with existing or new financial reporting and disclosure requirements, or changes to the recognition of income and expenses, could expose GSK to litigation and regulatory action and could materially and adversely affect our financial results. In the current global pandemic, there can be significant changes at short notice. Failure to comply with changes in the substance or application of the laws governing transfer pricing, dividends, tax credits and intellectual property could also materially and adversely affect our financial results.

 

Inconsistent application of treasury policies, transactional or settlement errors, or counterparty defaults could lead to significant losses.

 

Context

We are required by the laws of various jurisdictions to publicly disclose our financial results and events that could materially affect the Group's financial results. Regulators routinely review the financial statements of listed companies for compliance with new, revised or existing accounting and regulatory requirements. We believe that we comply with the appropriate regulatory requirements concerning our financial statements and the disclosure of material information, including any transactions relating to business restructuring such as acquisitions and divestitures. However, should we be subject to an investigation into potential non-compliance with accounting and disclosure requirements, this could lead to restatements of previously-reported results and significant penalties.

 

Our Treasury group deals daily in high value transactions, mostly foreign exchange and cash management transactions. These transactions involve market volatility and counterparty risk.

 

The Group's effective tax rate reflects the locations of our activities and the value they generate, which determine the jurisdictions in which profits arise and the applicable tax rates. These may be higher or lower than the UK statutory rate and may reflect regimes that encourage innovation and investment in R&D by providing tax incentives which, if changed, could affect GSK's tax rate. In addition, the worldwide nature of our operations means that our cross-border supply routes, necessary to ensure supplies of medicines into numerous countries, can result in conflicting claims from tax authorities as to the profits to be taxed in individual countries. This can lead to double taxation, with profits taxed in more than one country. The complexity of tax regulations also means that we may occasionally disagree with tax authorities on the technical interpretation of a particular area of tax law. The tax charge included in our financial statements is our best estimate of tax liability pending any audits by tax authorities.

 

We expect there to be a continued focus on tax reform, driven by initiatives of the OECD and the EC to address the tax challenges arising from digitalisation of the economy. Together with domestic initiatives around the world, these may result in significant changes to established tax principles and an increase in tax authority disputes. Regardless of their merit or outcomes, these may be costly, divert management attention and adversely impact our reputation and relationship with key stakeholders.

 

Mitigating activities

Financial results are reviewed and approved by regional management, before being reviewed by GSK's Group Financial Controller and Chief Financial Officer (CFO). This allows our Financial Controller and CFO to assess the evolution of the business over time, and to evaluate its performance to plan. Significant judgements are reviewed and confirmed by senior management. Technical or organisational transformation, newly acquired activities and external risks, such as the COVID-19 pandemic, are integrated into risk assessments and appropriate controls and reviews are applied.

 

We maintain a control environment designed to identify material errors in financial reporting and disclosure. The design and operating effectiveness of key financial reporting controls are regularly reviewed by management and tested by external third parties. A minimum standard control set is in place for all finance locations, irrespective of size, which is reviewed by management and monitored independently. This provides us with the assurance that controls over key financial reporting and disclosure processes have operated effectively. Our Global Finance Risk Management and Controls Centre of Excellence provides extra support during significant transformations, such as system deployment or management/structural reorganisations. We also add operational resources to ensure processes and controls are maintained during such changes. We have introduced additional risk mitigation by amending the programme timelines of system upgrades to optimise delivery.

 

The Disclosure Committee, reporting to the Board, reviews GSK's quarterly results and annual report and, in consultation with its legal advisors, throughout the year determines whether it is necessary to disclose publicly information about the Group through stock exchange announcements. We keep up-to-date with the latest developments in financial reporting requirements by working with our external auditor and legal advisors.

 

The Treasury management group meets regularly to seek to ensure that liquidity, interest rate, counterparty, foreign currency transaction and foreign currency translation risks are all managed in line with the conservative approach detailed in the associated risk strategies and policies adopted by our Board.

 

Counterparty exposure is subject to defined limits approved by the Board for both credit rating and individual counterparties. A corporate compliance officer, operating independently of Treasury, oversees Treasury's role in managing counterparty risk in line with agreed policy. Further details on mitigation of Treasury risks can be found on pages 214 to 217, Note 43 'Financial instruments and related disclosures'.

 

GSK manages tax risk through robust internal policies, processes, training and compliance programmes. We seek to maintain open and constructive relationships with tax authorities worldwide. We monitor government debate on tax policy in our key jurisdictions so that we can understand and share an informed point of view regarding any potential future changes in tax law. Where relevant, we provide pragmatic and constructive business input to tax policy makers, either directly or through industry trade bodies. This includes advocating reform to support economic growth and job creation, as well as the needs of our patients and other key stakeholders. We submit significant tax decisions to our Tax Governance Board which meets quarterly and is made up of senior GSK Finance employees.

 

Our tax affairs are managed on a global basis by a team of tax professionals, led by the Global Head of Tax, who work closely with the business on a day-to-day basis. The Global Tax team is suitably qualified for the roles they perform, and we support their training needs so they can provide up to date technical advice in line with their responsibilities.

 

We submit tax returns according to statutory time limits and engage proactively with tax authorities to seek to ensure our tax affairs are current, entering into continuous audit programmes and advance pricing agreements where appropriate. These arrangements provide long-term certainty for both tax authorities and GSK over the tax treatment of our business, based on full disclosure of all relevant facts. We seek to resolve any differences of interpretation in tax legislation with tax authorities in a cooperative manner. In exceptional cases, we may have to resolve disputes through formal proceedings.

 

Anti-bribery and corruption (ABAC)

 

Risk definition

The ABAC risk comprises five sub-risk areas:

-  Bribery of public officials by GSK;

-  Bribery of commercial and other non-public entities by GSK;

-  Bribery by third parties acting on behalf of GSK;

-  GSK employees receiving and/or requesting bribes and/or other undue personal benefit;

-  Other corruption-non-compliance with laws and regulations related to money laundering or facilitation of tax evasion by third parties/clients/partners.

Risk impact

Failure to mitigate this risk could expose the Group and associated persons to governmental investigation, regulatory action, and civil and criminal liability and may compromise the Group's ability to supply its products under certain government contracts. In addition, failure to prevent bribery or corruption could have substantial implications for GSK's reputation and the credibility of senior leaders and might erode investor confidence in our governance and risk management. It could also lead to legal and financial penalties.

 

Context

The overall environment for ABAC remains challenging. Countries are holding individuals, as well as corporations, accountable by increasing the employer duty of care. Divergence of legislation, increasing political protectionism, social inequality and pricing pressures are making compliance harder. Society is holding corporations to ever higher standards, with technology providing a rapid and anonymous avenue for dissemination of previously confidential information and even for damaging false reports.

 

Enforcement actions and penalties have increased across the globe with the focus on use of third-party intermediaries. Proposed EU legislation would require businesses to carry out due diligence on potential human rights and related-environmental impacts of their operations and supply chains, imposing a legal standard of care. In addition, the impact of COVID-19 on businesses, including disruptions in manufacturing, the supply chain, import/export and travel, etc., could increase the risk of bribery and corruption.

 

Supportive aspects of the external environment include an increase in transparency and collaboration among enforcement authorities with the aim of reducing bribery and corruption globally. Advances in technology are also providing better platforms to streamline processes and detect potential issues.

 

Mitigating activities

We have an enterprise-wide ABAC programme designed to ensure compliance with our ABAC policies and mitigate the risk of bribery and corruption. It builds on our business standards, values and expectations to form a comprehensive and practical approach to compliance that is flexible to the evolving nature of our business.

 

Programme governance is provided through enterprise risk management overseen by GSK's ABAC Governance Board which includes representation from key functional areas.

 

We have appropriate controls in place around transactions and payments to third parties, such as training, awareness raising and strong monitoring. We plan to continue with pre- and post-transaction ABAC due diligence, to increase the capabilities in the business on monitoring, oversight and red flag resolution of third parties, and to review controls and accountabilities of government officials. We continue to assess and understand our money laundering risk exposure and mitigate any existing risk.

 

Our Code of Conduct, values and expectations, and commitment to zero tolerance towards bribery and corruption are integral to how we mitigate this risk. In light of the complexity and geographic breadth of the risk, we constantly evolve our oversight of activities and data; reinforce to our workforce GSK's clear expectations regarding acceptable behaviours; and maintain regular communications between the centre and local markets.

 

Our ABAC programme is built on best in class principles and is subject to ongoing review and development. It provides us with the basis from which we seek to manage the risk from both top down and bottom up. For example, the programme comprises top-level commitment from our Board and leadership, and a data analytics programme to create and embed local key risk indicators to enable targeted intervention and risk management activities.

 

The programme is underpinned by a global ABAC policy, and other written standards, that address commercial and other practices that give rise to ABAC risk. In addition, the programme mandates enhanced controls over interactions with government officials and during business development transactions. Controls in our ABAC policy establish due diligence requirements for the engagement of third parties.

 

We have a dedicated team responsible for the implementation and evolution of the ABAC programme in response to developments in the internal and external environment. The ABAC team continually works with other groups across the enterprise to address and improve controls and monitoring requirements. The team's work is complemented by independent oversight and assurance from the Audit and Assurance and independent business monitoring teams. Issues identified during oversight and assurance exercises, and from investigations, are used to identify areas for specific intervention in the markets and to continuously improve the programme.

 

We periodically provide mandatory ABAC training to employees and relevant third parties in accordance with their roles and responsibilities and the risks they face.

 

We continually benchmark our ABAC programme against those of other large multinational companies and use external expertise and internal insights to drive improvements.

 

Formal and informal 'Speak Up' channels are available to report misconduct or non-compliance. Allegations of non-compliance are reviewed and triaged by the central investigations team and allocated for investigation as appropriate.

 

Commercial practices and pricing

 

Risk definition

Failure to engage in commercial activities that are consistent with the letter and spirit of the law, industry regulations, or the Group's requirements relating to sales and promotion of our medicines and vaccines; appropriate interactions with healthcare professionals/organisations and patients; legitimate and transparent transfers of value; and pricing and competition (or antitrust) regulations in commercial practices, including trade channel activities and tendering business.

 

Risk impact

Failure to engage in commercial activities that are consistent with the letter and spirit of the law, industry regulations, or the Group's requirements relating to sales and promotion of medicines and vaccines; with appropriate interactions with healthcare professionals (HCPs), organisations and patients; with legitimate and transparent transfers of value; and with pricing and competition (or antitrust) regulations in commercial practices, including trade channel activities and business tendering, could, materially and adversely affect our ability to deliver our strategy and long term priorities. Additionally, it may result in incomplete awareness of the risk/benefit profile of our products and possibly suboptimal treatment of patients and consumers; governmental investigation, regulatory action and legal proceedings brought against the Group by governmental and private plaintiffs which could result in government sanctions, and criminal and/or financial penalties. Any practices that are found to be misaligned with our values could also result in reputational harm and dilute trust established with external stakeholders.

 

Context

We continue to evolve our business operations to operate globally in a highly regulated and extremely competitive biopharma industry, where our peers may make significant product innovations and technical advances and intensify price competition. In the Consumer Healthcare marketplace, where our partners are classic retail, pharmacies and, increasingly, online platforms, we face similarly robust competition. In this challenging environment, to achieve our strategic objectives, we must continue to develop commercially viable new products and deliver additional uses for existing products that address the needs of patients, consumers, HCPs and payers.

 

In common with other pharmaceutical, vaccine and consumer healthcare companies we are embracing opportunities in an evolving digital landscape while facing uncertain market conditions due to the global COVID-19 pandemic and continued downward price pressure in major markets.

 

Developing new pharmaceutical, vaccine and consumer healthcare products is a costly, lengthy and uncertain process. A candidate product may fail at any stage, including after the investment of significant economic and human resources. Our competitors' products or pricing strategies, or our potential failure to develop commercially successful products or deliver additional uses for existing products, could materially and adversely affect our ability to achieve GSK's strategic objectives.

 

We are committed to the ethical and responsible commercialisation of our products in support of our purpose to improve the quality of human life by enabling people to do more, feel better, and live longer. To accomplish this purpose, we engage the healthcare community in various ways to provide important information about our medicines and vaccines.

 

By promoting our approved products, we seek to ensure that HCPs globally have access to the information they need, that patients and consumers have the facts and products they require, and that products are prescribed, recommended or used in a manner that provides maximum healthcare benefits. We are committed to communicating information related to our approved products in a responsible, legal and ethical manner.

 

Mitigating activities

Our strategic objectives are designed to ensure we achieve our purpose. We continue to strive for new product launches that are competitive and resourced effectively, and to ensure that a healthy proportion of Group sales come from new products or innovations.

 

By establishing new products that meet the price expectations of patients, consumers, HCPs, payers, shareholders and the community we are able to maintain a strong global business and remain relevant to the needs of patients and consumers. Our values and behaviours provide a guide for how we lead and make decisions. We constantly strive to do the right thing and deliver quality products and sustain reliable supply to meet customer needs. In doing so, we seek to ensure our actions reflect GSK's values, behaviours and purpose.

 

GSK has acted to enhance and improve our policies and standards, application of data analytics and our channel activities. We have developed policies to support the strong growth of our Consumer Healthcare internet channels and digital marketing activities, using artificial intelligence-powered tools to improve the oversight of more than 700 GSK websites. We have also improved the control framework around reporting of adverse events in the digital space by upgrading our customer service.

 

We have policies and standards governing commercial activities that we undertake or are carried out on our behalf. We have implemented training of all relevant employees to support the evolution of our activities. All our commercial activities worldwide must conform to high ethical, regulatory, and industry standards. Where local standards differ from global ones, we apply those that are most stringent. Where the standards of an acquired company or joint venture partner differ from our global standards, we will remediate legacy policies and implement revisions so they align.

 

Our Consumer Healthcare business has harmonised policies and procedures, to guide regional and global commercial practice processes, and clarified applicable standards for operations in the markets in which we operate. We are also reducing our number of export hubs from more than 20 to five, complemented by a specific control framework for their activity. In China we have developed a specific promotion code, to enable responsible business growth and employee behaviour. In 2020 we trained more than 1,800 employees in the new code.

 

GSK's Pharmaceuticals, Consumer Healthcare and Vaccines businesses have adopted our internal control framework to support its assessment and management of risks. Business unit risk management and compliance boards, that manage risks across in-country business activities, oversee commercial activities and their monitoring programmes. We continue to improve the framework and culture of our compliance processes.

 

All promotional materials and activities must be reviewed and approved according to our policies and standards and conducted in accordance with local laws and regulations; these requirements seek to ensure that such materials and activities fairly represent the Group's products or services. Consumer Healthcare has deployed a new copy approval tool to improve controls over important promotional activity. Where necessary, in the event of misconduct, we have disciplined employees, up to and including termination of contract, and clawed back remuneration from senior management.

 

We have continued to evolve our incentive programme for Pharmaceuticals and Vaccines sales representatives to better recognise and reward individual effort. In specialty care, for example, the capped variable pay element of representatives' compensation is evaluated on the basis of individual sales targets. This approach, which has been implemented in more than 30 markets, is supported by a comprehensive training, control, and monitoring framework to ensure full alignment with GSK's values-based approach to HCP engagement.

 

We allow fair market value payments to be made by GSK to expert practitioners to speak about our innovative medicines and vaccines in most countries in North America, Europe and Asia Pacific during a restricted time period in a product's lifecycle. Controls and training ensure appropriate oversight across markets. Where permitted we report payments to individual HCPs as part of our commitment to transparency and responsible disclosure.

 

Consumer Healthcare has been a key driver in the development of an ethical code for the Global Self-Care Federation, setting principles for promotion to healthcare practitioners and pharmacy staff. 

 

GSK is committed to complying with all applicable sanctions laws and regulations and has deployed a programme to enable management of sanctions risk. The programme, led by GSK Finance, is made up of various systems and controls including, but not limited to, policies and procedures, training and awareness, screening, monitoring and risk reporting.

 

Non-promotional engagement

 

Risk definition

Failure to engage in non-promotional activities that are consistent with external regulations, internal policies, and GSK values regarding scientific engagement with healthcare professionals and patients, including i) communications relating to our medicines or associated disease areas; ii) appropriate conduct of interactions; and iii) legitimacy and transparency of those interactions.

 

Risk impact

Without controls in place, the risk could result in reputational damage, governmental or regulatory investigations (e.g., regarding real, perceived or disguised promotion including off-label and prior-authorisation promotion, and real or perceived provision of medical advice), criminal investigations and penalties, civil litigation or competitor complaints affecting our financial results and reducing the trust of the general public, patients, healthcare professionals, payers, regulators and governments. At the same time, failure to engage fully and appropriately could also result in reputational damage, patient harm and financial loss.

 

Context

Non-promotional engagements are diverse activities directed at healthcare professionals, as well as patients, payers and other stakeholders. They aim to improve patient care through the exchange or provision of knowledge on the use of GSK medicines and vaccines and about related diseases. Non-promotional engagement with external stakeholder groups is vital to GSK, as a research-based healthcare company, and necessary for scientific and medical advances. We expect our non-promotional activities to be scientifically sound and accurate, conducted ethically and transparently and compliant with applicable codes, laws and regulations. However, non-promotional engagements are largely unregulated. Therefore, measured risk taking, rooted in sound values, and principles-based decision making, training, communication and monitoring are key to managing the risk and enabling full and appropriate engagement.

 

Mitigating activities

Our Chief Medical Officer (CMO) oversees all non-promotional engagement as enterprise risk owner.

The GSK Code of Practice is the key internal policy for non-promotional engagement activities. These activities include, among others, scientific interactions, support of medical and disease education, advice seeking, scientific communication of our research, and disease awareness for the general public. In 2020 we launched a revised Code of Practice supported by revised Standard Operating Procedures, in order to become a more agile and innovative organisation. 

 

In 2020 COVID-19 resulted in a significant increase in virtual engagements (e.g., with external experts, advisory boards, patient advocacy, patient engagements and congresses). We further modernized our practices and applied our internal principles and policies to this rapidly changing and growing environment. We are evolving our employee training so that our people understand the risk associated with non-promotional activities, and conduct them in compliance with GSK's values and policies, local laws and regulations. This training must be extended to third parties who support non-promotional activities to ensure they also understand and comply with the risk mitigation to ensure non-promotional activities are not, or do not appear as, promotion. We continue to build effective management monitoring systems and apply key risk indicators for managing non-promotional engagement.

 

Privacy

 

Risk definition

The failure to collect, secure, use and destroy Personal Information (PI) in accordance with data privacy laws can lead to harm to individuals (e.g. financial, stress, prejudice) and GSK (e.g. fines, operational, financial and reputational).

 

Risk impact

Non-compliance with data privacy laws globally could lead to harm to individuals and GSK. It could also damage trust between GSK and individuals, communities, business partners and government authorities.

 

Many countries have increased the enforcement powers of their data protection authorities by allowing them to impose significant fines, impact cross-border data flows, or temporarily ban data processing. Many new country laws also give individuals the right to bring collective legal actions against companies like GSK for failure to comply with data privacy laws.

 

Context

Data privacy legislation is diverse with limited harmonisation or simplification. It is challenging for multinationals to standardise their approach to compliance with data privacy laws. Governments are enforcing compliance with data privacy laws more rigorously. The focus on the ethical use of personal information is growing, over and above compliance with data privacy laws, due to an increase in the volume of data processed and advances in technology.

 

Workforce protection and effective privacy controls for research during the COVID-19 pandemic are creating unique challenges. Additionally, new data privacy laws, enforcement activities and court decisions - like the Court of Justice of the European Union ruling for Schrems II - are creating uncertainties for international data transfers and potential localisation requirements.

 

Mitigating activities

The Group's Chief Compliance Officer is also the chair of our Privacy Governance Board, which oversees GSK's overall data privacy operating model. Each GSK business area has appointed a risk owner accountable for overseeing its privacy risks, who is supported by privacy leaders within their business. In some countries data privacy laws require a data protection officer (DPO) to be appointed. GSK has appointed a single DPO for the EU, who is represented and supported in specific countries by country privacy advisors.

 

Our Chief Compliance Officer is GSK's enterprise risk owner (ERO). The ERO has appointed a delegate risk owner, the global privacy officer (GPO), who has day-to-day accountability for designing and implementing the control framework. The GPO co-leads the cross-functional Privacy Centre of Excellence, together with the Global Privacy Counsel. They are supported by privacy officers, privacy counsel, and multiple country privacy advisors (who are familiar with local privacy regulations).

 

GSK has evolved the initial control framework implemented for the EU General Data Protection Regulation into a comprehensive privacy control framework, based on global privacy principles common across the global privacy landscape. This global framework has been deployed in countries exhibiting a need for such a comprehensive framework, based on factors like robust local privacy legislation, established data protection authorities, and GSK footprint. Beyond those countries, we have started preparations to involve, resource and educate the employees in remaining undeployed countries with a GSK footprint.

 

Our Privacy Centre of Excellence is responsible for:

-  operating and improving the centralised global privacy control framework;

-  continuously assessing and providing relevant and proportionate controls and aid to non-deployed markets;

-  monitoring new, or changing, laws and adapting the privacy framework accordingly; and

-  deploying a comprehensive training programme to drive greater awareness and accountability for managing personal information across the entire organisation.

We certify key GSK privacy network roles with an accredited international privacy association.

We continuously improve our processes, such as issue identification, reporting and handling, through monitoring. The Privacy Centre of Excellence is involved in new business development opportunities at an early stage to ensure appropriate due diligence is performed and the right steps are taken when onboarding or splitting off a business unit.

 

Research practices

 

Risk definition

Research Practices risk is the failure to adequately conduct ethical and sound pre-clinical and clinical research. In addition, it is the failure to engage in scientific activities that are consistent with the letter and spirit of the law and industry, or the Group's requirements. It comprises the following sub-risks: Non-Clinical & Laboratory Research; Human Subject Research; Data Integrity; Care, Welfare & Treatment of Animals; Human Biological Samples Management; Data Disclosure; Regulatory Filings & Engagement; and Patents.

 

Risk impact

The potential impacts of the risk include harm to human subjects, reputational damage, failure to obtain the necessary regulatory approvals for our products, governmental investigation, legal proceedings brought against the Group by governmental and private plaintiffs (product liability suits and claims for damages), loss of revenue due to inadequate patent protection or inability to supply GSK products, and regulatory action such as fines, penalties, or loss of product authorisation. Any of these could materially and adversely affect our financial results and damage the trust of patients and customers.

 

Context

Research involving animals can raise ethical concerns. In many cases, however, research in animals is the only way to investigate the effects of a potential new medicine in a living body other than in humans. Animal research provides critical information about the causes and mechanisms of diseases and therefore remains a vital part of our research. We continually seek ways in which we can minimise our use of animals in research, development and testing, while complying with regulatory requirements and reducing the impact on the animals used.

 

Human subject research, including clinical trials in healthy volunteers and patients, assess and demonstrate an investigational product's efficacy and safety, or further evaluate the product once it has been approved. We disclose this research externally, according to regulations, ethical principles and industry commitments.

 

We also work with human biological samples, which are fundamental to the discovery, development and safety monitoring of our products. GSK is committed to ensuring that human biological samples are managed in accordance with relevant laws, regulations and ethical principles, in a manner that respects the interests of sample donors.

 

The integrity and governance of our data is essential to success in all stages of the data lifecycle, including design, generation, recording and management, analysis, reporting, storage and retrieval. Our R&D data are governed by legislation and regulatory requirements. Data and supporting documents are core components at various stages of pipeline progression decision making and form the content of regulatory submissions, publications and patent filings. Poor data integrity and governance could compromise GSK's R&D efforts and negatively impact our reputation.

 

There are innate complexities and interdependencies in regulatory filings, particularly given our global R&D footprint. Ever changing and increasingly stringent submission requirements continue to increase the complexity of worldwide product registration. The supply of GSK medicines to patients is dependent on the ongoing compliance and maintenance of licences across many geographies, whose requirements and timelines differ. The secure management of the high volume of lifecycle changes to these licences, and their renewal, is critical to compliant supply. Failure to maintain our licences will directly impact patients and company revenue.

 

A wide variety of biological materials are used by GSK in the discovery, research and development of our assets. Through the Convention on Biological Diversity (CBD) and the Nagoya Protocol, the international community has established a global framework regulating access to, and use of, genetic resources of non-human origin in R&D.

 

We support the principles of access to, and benefit sharing of, genetic resources as outlined in the CBD and the Nagoya Protocol. We also recognise the importance of appropriate, effective and proportionate implementation measures at national and regional levels.

 

Patent rights are awarded to protect innovation and play an important role in providing a competitive advantage in the market for a limited period of time. Any loss of patent protection in a market for GSK's products developed through our R&D - including reducing the term, availability or scope of patent rights - could materially and adversely affect our financial results in that market. Inadequate patent or data exclusivity protection which could lead, for example, to competition from manufacturers of generic or biosimilar pharmaceutical products could limit our opportunity to rely on such markets for future sales growth. This could also materially and adversely impact our financial results.

 

Following expiration of certain intellectual property rights, a generic or biosimilar manufacturer may lawfully produce a competing copy of a product. Introduction of generic products typically leads to a rapid and dramatic loss of sales and reduces our revenues and margins for our proprietary products.

 

Mitigating activities

We have an established Office of Animal Welfare, Ethics and Strategy (OAWES), led by our Chief Veterinary Officer, that supports the humane and responsible care of animals, carries out ethical reviews, independent scientific reviews of animal studies, and shares knowledge and advocates for the application of non-animal alternatives. The OAWES provides a framework of animal welfare governance, defines and provides oversight for animal care and use training, promotes the replacement, refinement and reduction of animals in research, conducts quality assessments, manages a programme of external animal diligence, and develops and deploys strategies on reproducibility of experiments and translatability to human clinical end points.

 

GSK's Chief Medical Officer oversees the following enterprise Medical Governance Boards:

-  The Human Subject Research Board and Risk Forum provide oversight for the human subject research that we sponsor and support to ensure it conforms to ethical, medical and scientific standards

-  The Data Disclosure Board and Risk Forum oversee disclosure of our sponsored and supported human subject research. We make information available on our clinical studies, including summaries of the results - whether positive or negative

We have a global human biological samples management (HBSM) governance framework to oversee the ethical and lawful acquisition and management of human biological samples. Our HBSM enterprise risk management team works to minimise the risks related to the acquisition, storage, use, transfer, and disposal of human biological samples.

 

Enhancing our data integrity controls remains an important priority. Our data integrity committees provide oversight, with data integrity quality assurance teams conducting assessments to provide independent business monitoring of our internal controls for R&D activities.

 

The Regulatory Governance Board serves as the global regulatory risk management and compliance board. It promotes compliance with regulatory requirements and procedures and oversees Group-wide written standards for cross-business regulatory processes. A significant programme is underway to replace and modernise our regulatory information management systems across GSK.

 

We established an Access and Benefit Sharing Centre of Excellence to oversee requirements and enforcement measures for the acquisition and use of genetic material of non-human origin in line with the Nagoya Protocol.

 

Our R&D organisation maintains and controls pre-publication procedures to guard against public disclosure in advance of filing patent applications. In addition, because loss of patent protection can occur due to a lack of data integrity in preparing patent application data and information, legal experts collaborate with R&D to support the review process for new patent applications.

 

The Research practices risk is overseen by an enterprise framework that seeks to ensure strengthened governance across R&D in our Pharmaceuticals, Vaccines and Consumer Healthcare businesses.

 

Under the leadership of the Research practices enterprise risk owner, management of the risk takes a pragmatic approach to information sharing, streamlining risk identification and escalation while ensuring ownership stays with the business.

 

Environment, health & safety

 

Risk definition

Failure in management of:

 

-  execution of hazardous activities;

-  GSK's physical assets and infrastructure;

-  handling and processing of hazardous chemicals and biological agents;

-  control of releases of substances harmful to the environment in both the short and long term;

leading to incidents which could disrupt our R&D and Supply activities, harm employees, harm the communities and harm the local environments in which we operate.

 

Risk impact

Failure to manage EHS risks could lead to significant harm to people, the environment and the communities in which we operate; fines; inability to meet stakeholder expectations and regulatory requirements; litigation or regulatory action; and damage to the Group's reputation, which could materially and adversely affect our financial results.

 

Context

GSK is subject to the health, safety and environmental laws of various jurisdictions. These laws impose duties to protect people, the environment, and the communities in which we operate, as well as potential obligations to remediate contaminated sites. Overall, our control framework for managing EHS risk is effective.

 

Mitigating activities

The Corporate Executive Team is responsible for EHS governance and risk oversight and ensures there is an effective control framework in place, and in use, to manage the risks, impacts and legal compliance issues that relate to EHS across each of our businesses. This includes assigning responsibility to senior managers for providing and maintaining these controls and ensuring that tiered monitoring and governance processes are in place within their businesses. Individual managers seek to ensure that the EHS control framework is effective and well implemented in their respective business area, and that it is fully compliant with all applicable laws and regulations and is adequately resourced, maintained, communicated, and monitored. Additionally, each employee is personally responsible for ensuring that they follow all applicable local standard operating procedures.

Our risk-based, proactive approach is articulated in our global EHS policy and detailed in our global EHS standards against which we audit all our operations to ensure compliance. We ensure hazards are appropriately controlled through the safe design of facilities, plant and equipment, and by following rigorous procedures that help us provide effective barriers to protect employees' health and safety.

 

Despite our extensive safety programmes, tragically we experienced two employee fatalities, one at a manufacturing site in Canada and another in a road traffic accident in India. There was an additional work-related fatality in Belgium, involving a construction worker not under GSK's direct supervision. We conducted extensive investigations into the causes of each fatality to ensure we could take actions to reduce the risk of similar tragic incidents occurring. We have developed a safety improvement plan to further strengthen our existing safety practices.

 

Environmental sustainability

 

Risk definition

Failure in the management of:

 

-  Physical climate and environmental risks;

-  Current and future regulatory requirements for environmental policies and taxes;

-  Delivery and performance of management environmental objectives;

leading to: reduced supply chain resilience; product life cycle management issues, loss of trust/reputation with employees, investors, customers, regulators and other stakeholders; increased costs; loss of sales or market access; negative impacts on the environment.

 

Risk impact

GSK recognises that the way we respond to climate change and manage environmental risks impacts our ability to supply products to patients and consumers and could lead to harm to the environment and impact our reputation.

 

Failure to meet fast-evolving regulatory requirements and stakeholder expectations could result in litigation or regulatory actions, which may materially and adversely impact our financial results.

 

Context

It is increasingly understood that the effects of climate change and nature loss, which are themselves interconnected, are impacting human health. Internal and external expectations for companies to address their impact on the environment are increasing; as are the effects of climate change on operational resilience, in regard to access to energy, water and the natural resources used in products, along with potential cost increases from any regulatory changes or environmental taxes.

 

Mitigating activities

In November 2020, GSK announced a new commitment to have net zero climate impact and to be net nature positive by 2030. These goals build on our long-term ambition, as set out in 2010, to reduce our impact on the environment.

 

The Corporate Executive Team (CET) is responsible for environmental sustainability governance and risk oversight. It ensures there is an effective framework in place, and in use, to manage the risks across each of our businesses and to deliver on the commitments made. GSK has a dedicated environmental sustainability enterprise risk plan in place. The CET's responsibilities include appointing dedicated senior leaders and resources to provide and maintain risk controls and ensure that governance processes are established and effective within their businesses. 

 

We will continue to control antibiotic emissions from manufacturing effluents at all GSK facilities, and those of our suppliers, following good operational practice and meeting emission limits as defined by the AMR Alliance Manufacturing Framework.

 

We continuously assess our business resilience to climate change against the Task Force on Climate-related Financial Disclosures framework guidelines.

 

We ensure reductions in carbon emissions, energy, water and waste are delivered and managed by our mature programmes and by including eco-design considerations into products and packaging.

 

Information security

 

Risk definition

The risk that unauthorised disclosure, theft, unavailability or corruption of GSK's information or key information systems may lead to harm to our patients, workforce and customers, disruption to our business and/or loss of commercial or strategic advantage, damage to our reputation or regulatory sanction.

 

Risk impact

Failure to adequately protect GSK's information, or key information systems, may cause harm to our patients, workforce and customers, disruption to our business and/or loss of commercial or strategic advantage, regulatory sanction, or damage to our reputation.

 

Context

The overall information security environment is challenging, because of the difficulty of keeping pace with increasingly sophisticated cyber threats. This is due to many factors including, the complexity of large regulated organisations; the well-resourced nature of hacking activities; and the increasing demands for accountability of data handled by companies. We continue to reassess GSK's reliance on interconnectivity with third party contractors, partners and suppliers. The COVID-19 pandemic has emerged as another significant external factor impacting how information security is managed at GSK. COVID-19-related threats include an increase in ransomware attacks against the healthcare sector, as hackers have used the opportunity to disrupt critical healthcare operations and, in some cases, seize healthcare research related to COVID-19 vaccines and treatments.

 

GSK operates a highly-connected information network which holds confidential research and development, manufacturing, commercial, workforce and financial data. This means that our systems and information have been and will continue to be the target of cyberattacks. We continue to consolidate information systems to reduce attack points and enable more focused controls. GSK's strategic approach to digital analytics will further increase our dependency on digital assets and distributed data. Our continued analysis and assessment of GSK's critical data assets and the threats to those assets will require a continuous re-evaluation of emerging risks to GSK. Mitigating actions already defined in these areas includes the secure deployment and operation of GSK resources in high-risk markets, the risk posed by GSK having data in the Cloud, and the potential for complexity resulting from agile business-led IT development across the enterprise.

 

Mitigating activities

We have a global information security policy and accompanying IT standards and processes that are supported by a dedicated team and programme of activity. The GSK Technology, Security and Risk function provides strategy, direction and oversight. This includes active monitoring of cybersecurity, while enhancing our global information security capabilities through an ongoing programme of investment. In 2020, we made the following significant investments in mitigation activities, which we will continue to advance in the coming year:

 

-  Modernising cyber operations to ensure the timely detection and response to information security incidents

-  Modernising operational technology (OT) to address the age, complexity and global footprint of the OT environment in manufacturing and R&D sites

-  Optimising security architecture to mitigate the risk of network users using email, externally-connected communications and removeable media inappropriately, whether intentionally or unintentionally. We are also continuing to remediate and improve the control environment for privileged or elevated user rights across GSK's systems

-  Transferring third party risk management to a managed service partner. This organisation will process GSK's critical and sensitive information and support the development of a solution that will enable us to move all third parties that access our IT resources remotely to a more secure environment

-  Enabling business performance in high risk markets by assessing data and information originating in, and flowing to, international markets where local laws and norms represent a heightened risk to the confidentiality, integrity and availability of GSK's operational systems

 

Supply continuity

 

Risk definition

Failure to deliver a continuous supply of compliant finished product; inability to respond effectively to a crisis incident in a timely manner to recover and sustain critical operations.

 

Risk impact

We recognise how important the continuity of supply of our products is to the patients and consumers who rely on them. A material interruption of supply could lead to litigation or regulatory action, including exclusion from healthcare programmes and financial penalties that might adversely affect the Group's financial results. GSK's international presence, and those of our partners, expose our workforce, facilities, operations and IT to potential disruption from natural events (e.g., storms and earthquakes), man-made events (e.g., the imposition of trading barriers at short notice, civil/political unrest, terrorism and cyberattacks), and public health emergencies (e.g., the global COVID-19 pandemic). It is therefore vital that we have robust crisis management and recovery plans in place to manage such events.

 

Context

Our supply chain operations are subject to review and approval by various regulatory agencies that effectively provide our licence to operate. Failure of our manufacturing and distribution network to deliver products could lead to litigation or regulatory action, such as product recalls and seizures, interruption of supply, delays in approval of new products, and suspension of manufacturing operations pending resolution of manufacturing or logistics issues.

 

We rely on materials and services provided by third party suppliers to make our products. These include active pharmaceutical ingredients, antigens, intermediates, commodities, and components for developing, manufacturing and packaging pharmaceutical, vaccine and consumer healthcare products. Our third-party oversight includes the outsourcing of operations, such as contract manufacturing and clinical research organisations, that provide manufacturing and support development of key products on our behalf.

 

Although we undertake risk mitigation, we recognise that certain events could still result in delays or service interruptions. We use effective crisis management and business continuity planning to ensure the health and safety of our people and to minimise the impact on supply, by maintaining functional operations in the event of a natural or man-made disaster, or a public health emergency. Drug shortages are reported to appropriate regulatory authorities such as the US Food and Drug Administration for transparency and to solicit feedback on risk mitigation.

 

Supply performance expectations increased during the COVID-19 pandemic as governments sought to secure supply for key medicines and vaccines. We prioritised, and aligned behind, the manufacture and supply of these pandemic medicines with our suppliers, leveraging strategic stocks and modifying supply routes to avoid disrupting the availability of our finished products.

 

We also participated in the EU's new reporting system for anticipated drug shortages, introduced during the pandemic to proactively resolve supply issues before they potentially impacted hospital intensive care units.

 

Mitigating activities

The supply chain model adopted in our Pharmaceuticals, Vaccines and Consumer Healthcare business units is designed to ensure, as far as possible, the supply, quality and security of our products around the world.

 

Supply chain governance committees within each business unit closely monitor the inventory status and delivery of our products, with the aim of ensuring that customers have the products they need. Improved links between commercial forecasting and manufacturing - made possible by our core commercial cycle - should, over time, reduce the risk associated with demand fluctuations and any impact on our ability to supply, or the cost of write-offs where products exceed their expiry date. Each node of the supply chain is periodically reviewed to ensure adequate safety stock, while balancing working capital in our end-to-end supply chain. Particular attention is placed on mitigating supply risks associated with medically-critical, high-revenue products and key new product launches.

 

We routinely monitor the compliance of external manufacturing suppliers and service providers to identify and manage risks in our supply base. Where practical, we minimise our dependence on single sources of supply for critical items. Where alternative sourcing arrangements are not possible for certain materials, our inventory strategy aims to limit the impact and ultimately protect the supply chain from unanticipated disruption.

 

We continue to implement anti-counterfeit systems like product serialisation in accordance with new and emerging supply chain requirements around the world, such as the EU Falsified Medicines Directive.

 

Corporate policy requires each business and functional area head to ensure effective crisis management and business continuity plans, including authorised response and recovery strategies, key areas of responsibility and clear communication routes, are in place before any business disruption occurs. Corporate Security supports the business by coordinating crisis management and business continuity training, facilitating simulation exercises, assessing preparedness and recovery capability, and providing assurance oversight of GSK's central repository of plans supporting our critical business processes.

 

Each business unit performs risk oversight through their respective Risk Management and Compliance Board to assure adequate risk mitigation, including identifying new and emerging threats. For example, we have taken a coordinated approach to evaluating and managing the implications for GSK of Brexit.

 

These activities help ensure that we maintain an appropriate level of readiness and response capability. We also develop and maintain partnerships with external bodies, including the Business Continuity Institute and the UN International Strategy for Disaster Risk Reduction, which helps improve our business continuity initiatives in disaster-prone areas and supports the development of community resilience to disasters.

 

Transformation

 

Risk definition

Failure to deliver the plan for successful transformation and separation of GSK into two competitive standalone companies:  New GSK, a biopharma company, and new Consumer Healthcare.

 

Risk impact

The failure to manage the increasing macro level risk due to COVID-19 in relation to the delivery of the transformation plan could materially and adversely affect our ability to deliver GSK's strategy and long-term priorities.

 

Context

In February 2020, GSK announced a new 'Future Ready' programme to prepare for its separation into two companies: New GSK, a biopharma company with an R&D approach focused on science related to the immune system, the use of genetics and new technologies, and a new leader in consumer healthcare. As GSK increases investment in R&D and new product launches, the two-year separation programme aims to drive a common approach to innovation across modalities with improved capital allocation; to align and improve the capabilities and efficiencies of global support functions to support New GSK; to further optimise the supply chain and portfolio, including divesting non-core assets; and to prepare Consumer Healthcare to operate as a standalone company. Once complete, the outlook of both companies will have been fundamentally strengthened, making them more efficient, modern and automated, with future skills and capabilities that will extend beyond the transition timeline.

 

Mitigating activities

The Future Ready Office (FRO), established in the fourth quarter of 2019, is accountable for monitoring the progress, performance and risks associated with creating the two new leading companies. It reports monthly to the Corporate Executive Team (CET) to ensure there is enterprise oversight of the plan, using key performance and risk indicators. In addition, GSK's Chief Executive Officer (CEO), Chief Financial Officer, Chief Strategy Officer and Head of FRO meet the leaders of Consumer Healthcare when input and approval of key design choices for that new company is required. Overall, the balance between transformation and separation is upheld through clear governance, joint New GSK and Consumer Healthcare coordination, rigorous progress tracking and the setting of clear parameters.

 

The GSK Board is regularly informed of the Future Ready programme lead indicators through the CEO Board Report at each Board meeting. A Transformation and Separation Committee has been established at Board level to support and advise management's work on transforming and separating the Group. This committee is chaired by the GSK Chairman and includes our Senior Independent Director and the Chairs of the Audit & Risk, Remuneration and Corporate Responsibility Committees.

 

 

APPENDIX B

 

Directors' responsibility statement

 

Each of the current Directors, whose names and functions are listed in the Corporate Governance section of the Annual Report 2020 confirms that, to the best of his or her knowledge:

 

-  the Group financial statements, which have been prepared in accordance with IFRS, as adopted pursuant to Regulation (EC) No 1606/2002 as it applies in the European Union, and IFRS as issued by the IASB, give a true and fair view of the assets, liabilities, financial position and profit of the Group; and

-  the Strategic report and risk sections of the Annual Report, which represent the management report, include a fair review of the development and performance of the business and the position of the company and the Group taken as a whole, together with a description of the principal risks and uncertainties that it faces.

 

Name	Function
Sir Jonathan Symonds	Non-Executive Chairman
Emma Walmsley	Chief Executive Officer
Dr Hal Barron	Chief Scientific Officer and President, R&D
Iain Mackay	Chief Financial Officer
Manvinder Singh (Vindi) Banga	Senior Independent Non-Executive Director
Dr Vivienne Cox	Independent Non-Executive Director and Workforce Engagement Director
Lynn Elsenhans	Independent Non-Executive Director
Dr Laurie Glimcher	Independent Non-Executive Director and Scientific & Medical Expert
Dr Jesse Goodman	Independent Non-Executive Director and Scientific & Medical Expert
Judy Lewent	Independent Non-Executive Director
Urs Rohner	Independent Non-Executive Director
Charles Bancroft	Independent Non-Executive Director

 

 

APPENDIX C

 

Related party transactions

 

At 31 December 2020, GSK owned 32 million shares or 31.6% of Innoviva Inc. which is a biopharmaceutical company listed on NASDAQ. GSK began recognising Innoviva as an associate on 1 September 2015. The royalties due from GSK to Innoviva in the year were £261 million (2019 - £215 million). At 31 December 2020, the balance payable by GSK to Innoviva was £65 million (2019 - £63 million).

A loan of £3.0 million to Medicxi Ventures I LP remained due to GSK at 31 December 2020. The loan due from Index Ventures Life VI (Jersey) LP was repaid in the year. In 2020, GSK increased the investment in Kurma Biofund II, FCPR by £0.8 million and Apollo Therapeutics LLP by £2.0 million. Further investments were also made in Medicxi Ventures I LP of £1.2 million. As part of the joint venture agreement with Qura Therapeutics LLC, the Group had an obligation to fund the joint venture $1 million per quarter up to April 2020. On 26 June 2019, the agreement was extended for a second five-year period up to April 2025, with both GSK and its joint venture partner committing additional financial support in the amount of $20 million. At December 2020, the outstanding liability due to Qura was $17 million.

 

Cash distributions were received from our investments in Medicxi Ventures I LP of £14.5 million and in Index Venture VI (Jersey) LP of £10.6 million.

 

The aggregate compensation of the Directors and CET is given in Note 9, 'Employee costs'.