As the transformation of society picks up pace, uncertainties that impact business strategies and the results of those strategies continue to grow more diverse and complex. Appropriately managing risks both within and outside the Group is necessary for SHIONOGI to achieve the transformation envisioned in STS2030 Revision and generate further growth. To further strengthen our resilience, we foster a risk culture by strategically managing both offensive and defensive risks.

Promoting risk management system

At SHIONOGI, our enterprise risk management (ERM) system, a system for coordinating risk management throughout the Group, is an important mechanism for both the corporate strategy and management foundation. The implementation and management of company-wide risk management is based on SHIONOGI and Group companies not only ascertaining and evaluating risks taking into consideration their probability and impact on Group management but also taking the lead in implementing responses based on the Risk Management Plan deliberated on and approved by the Corporate Executive Meeting and Board of Directors. ERM consists of compiling risk information from throughout the Group, reporting on such issues as the state of the response to the Corporate Executive Meeting and Board of Directors, receiving the opinions and advice of directors and auditors, and reflecting that in improvement initiatives

In fiscal 2022, we revised the SHIONOGI Group Enterprise Risk Management Policy, introduced the ERM system, and improved the efficiency of integrated management and monitoring of company-wide risks. In addition, we provide education on the basics of ERM to spread understanding of ERM to all employees and education for the heads of each organization that promotes risk management at workplaces so that ERM is properly implemented. We also offer newly appointed auditors education on the ERM system and ERM policies and SHIONOGI Group’s risks, and work to create an environment that fosters active discussions of risk management at all levels of the company, from the workplace to Board of Directors

リスクマネジメント体系図.png

Fostering coporate risk calture

Fiscal Year

Initiatives contents
FY2020 All Employee Education Understanding business risks and making decisions based on business risk levels
FY2021 All Manager Education Making decisions based on business risk levels
FY2022 All Employee Education

"SHIONOGI Group Risk Management Policy"

Foundation of ERM (Enterprise Risk Management) knowledge Education

All Organizational Leaders Education (Responsible for executing risk management)  ERM structure and respective roles
Basics of risk management Education
ERM leaders in each department and group company Education Introduction of company-wide risk management system Officer Education (Newly Appointed)
Officers Education (newly appointed) SHIONOGI's ERM structure and policies
SHIONOGI Group Risks
Risk Assessment in Supervisory Unit Meeting (by Business Unit)

Risk Assessment Implementation (Risk Identification, Evaluation, and Analysis).

Discussion on the validity of risk assessment and progress monitoring of risk response

FY2023 Risk Identification in Corporate Executive Meeting

Identification and Progress Monitoring of "Risks to be Monitored in Management Meetings"

External Disclosure divided into two categories based on Management Meeting Discussions ("Risks in Business Strategy" and "Risks in Business Execution")

Main Business risks

At SHIONOGI, we categorize risks that could have a material impact on performance and business as either “business strategy-related risks,” risks inherent in strategic decision-making, or that could hinder the implementation of the strategy, or “business execution-related risks,” risks that impact business execution that support business targets; assign each risk a risk owner; and promote response plans to leverage uncertainty as an opportunity or mitigate the risk. The Corporate Executive Meeting conducts a regular (around twice a year) check of progress in responding to each risk and implements corrections and improvements.

1. Summary of business strategy–related risks

1.Global growth, centered on the infectious disease field

≪ Risk Summary ≫

By dividing the infectious disease field into “infectious diseases that require long-term treatment,” “vaccines,” and “acute diseases,” we are working to transform each into a sustainable business that is part of the whole disease field through a different strategy for each sub-field. We are undertaking not only business activities, such as development, filing for and obtaining approval, marketing, and sales in Europe, the U.S., and Asia, but also health improvement activities, including expanding into low- and middle-income countries. Even so, if initially envisioned development plans and marketing strategies are delayed or fail or we are unable to create expected future therapeutic drugs or vaccines or generate related earnings, this could have a material impact on performance

≪ Main response ≫

・ Promote the sale and proper use of acute respiratory infection therapeutic drugs

・ Develop acute respiratory infection vaccines

・ Research and develop long-acting HIV therapeutic/prophylactic drugs

・ Research and develop new treatments for such diseases as malaria, tuberculous, and nontuberculous mycobacterial infection

・ Expand sales of the multidrug-resistant Gram-negative bacterial infection treatment cefiderocol

・ Create products and services that achieve total care for infectious diseases

・ Develop and file for approval of core products overseas and further expand the overseas manufacturing, distribution, and marketing system

・ Negotiate with government and regulatory authorities of various countries regarding such issues as stockpiles and the expansion of subscription-type reimbursement model

・ Improve healthcare access in low- and middle-income countries

2.Pipeline expansion

≪ Risk Summary ≫

Researching and developing pharmaceuticals requires extensive time and massive investments, and because there is the possibility candidate pharmaceuticals will not have the expected efficacy or receive approval, it is necessary to obtain new modalities and employ outside networks to create an attractive pipeline. We must also foster businesses other than the pharmaceutical business and balance those businesses in order to transform our business model, which overemphasizes earnings from patents

≪ Main response ≫

・ Take on the challenge of new modalities and technologies

・ Promote manufacturing through co-creation with outside parties

・ Actively invest in growth drivers, such as in-licensing

・ Develop human resources to ensure leading R&D capabilities

・ Maintain a high internally-discovered pipeline ratio

・ Develop innovative treatment options not limited to therapeutic drugs

・ Develop services necessary to create an environment in which all people can actively participate

3.Human capital management

≪ Risk Summary ≫

To achieve growth through transformation, it is necessary for SHIONOGI to become a community of human resources with exceptional strengths, and therefore, we focus on human capital management. Obstacles, such as failures related to measures and capturing human resources, could undermine this transformation and have a material impact on performance

≪ Main response ≫

・ Reinforce mid-career hiring

・ Reform the HR system

・ Implement workstyle reforms so that various types of people can actively participate

・ Hold events that welcome and praise challenges

4.Digital transformation

≪ Risk Summary ≫

e are implementing a digital transformation (DX) to accelerate decision-making and create new value. If DX initiatives falter, this could have a material impact on not only performance but also increase in corporate value.

≪ Main response ≫

・ Build global IT foundation

・ Transform our business models and operations using AI

・ Develop software as medical device (SaMD) and disease detection algorithms to diagnose and treat illnesses

・ Create a data use platform to increase operational efficiency and create new value

・ Implement training measures to produce digital core human resources

2. Summary of business execution–related risks

1.Systems and administration

≪ Risk Summary ≫

Government policies, such as medical insurance reforms that anticipate increases in medical costs as society grays, annual revisions to NHI drug prices, and changes in development and manufacturing-related regulations in Japan and overseas, could impact performance.

- Lower predictability of pharmaceutical business

- Calculation of drug price independently of value of innovation

- Delay in development of solutions necessary to respond to infectious disease pandemics and supply instability

≪ Main response ≫

・ Create innovative solutions and provide at a price acceptable to society

・ Accumulate evidence to prove the created value

・ Promote initiatives through industry organization activities

・ Obtain the latest information on such issues as the drug pricing system and various types of regulations related to R&D, manufacturing, and marketing, and quickly respond

2.Adverse reaction, etc

≪ Risk Summary ≫

We implement measures necessary to ensure the safety and proper use of pharmaceuticals after they are launched, but if there are unforeseen adverse reactions or other problems, this could result in the following.

- Termination of sales and recall of products

- Litigation seeking compensation for health hazards

- Damage to the corporate brand and reputation

≪ Main response ≫

・ Build and reinforce a system to appropriately collect, analyze, evaluate, and report information on adverse reactions and similar issues

・ Educate all employees to curb the spread of adverse reactions and control damage

・ Obtain insurance for medical damage compensation based on adverse reactions, etc.

3.Partnerships with other companies

≪ Risk Summary ≫

We collaborate with business partners to strengthen businesses that leverage each other’s strengths, but this entails the following risks. There is also the risk of damaging our corporate value through collaboration with companies that violate ESG-related initiatives, such as resource and environmental protection, safety, and human rights.

- Use of the Company’s technology and know-how for purposes other than those intended

- Unintentional and unauthorized use of other company’s technology and infringement on intellectual property rights

- Leak of confidential information by the Company

- Leak of confidential information by other companies

- Damage to reputation and trust due to collaboration with companies who conduct business activities that are inconsistent with the Company’s perception of ESG issues

≪ Main response ≫

・ Eliminate differences in awareness through extensive dialogues and maintain and improve trust

・ Conclude NDAs that factor in envisioned risks

・ Conclude agreements that clearly state such items as handling intellectual property

rights and compensation for damages

・ Conduct regular inspections of intellectual property to survey problems and infringement risk

・ Build a monitoring system and other information management systems that incorporate encryption, strengthen access controls, and prevent unauthorized access

・ Minimize shared information and establish information sharing rules

・ Build a system to monitor use of shared information and logs

・ Regularly audit and evaluate the information management system

・ Conduct multi-faceted due diligence related to trustworthiness, financial state, and legal issues

・ Regularly audit and evaluate partnerships in order to quickly discover problems and improvements

4.Quality

≪ Risk Summary ≫

We manufacture products and conduct commissioned production in line with pharmaceutical affairs–related laws and regulations, including GMP and ICH Guidelines, undergo inspections by the Ministry of Health, Labour and Welfare, FDA, EMA, and other regulatory authorities, and are licensed to conduct manufacturing and marketing. However, if there are quality problems, lot failures, or similar problems, this could result in the following.

- Quality defects, suspension of shipments, recalls, and administrative

action due to inconsistencies between approval documents and actual

manufacturing conditions

- Recalls and important findings of inspections by the authorities due to

incomplete information

- Deterioration in trust in the Company due to damage to reputation

≪ Main response ≫

・ Formulate a SHIONOGI Group Quality Policy

・ Spread understanding of the importance of quality by holding such events as in-house education events

・ Promote such activities as fostering a quality culture

・ Conduct control and oversight activities through plant audits, etc.

5.Supply chain management

≪ Risk Summary ≫

If there is a natural disaster, such as major earthquake, storm, or flood, or

pandemic, or our supply chain is impacted by a geopolitical event or some

sustainability-related issue, such as human rights or the environment, this

could result in the following.

- Suspension of plant operation

- Difficult in procuring raw materials and products

- Major impact on stable supply of pharmaceuticals

≪ Main response ≫

・ Conduct inventory management based on standards for the amount of inventory held

・ Create a domestic system for APIs that are used in some products but entail procurement risk

・ Examine diversification of raw material suppliers in order to ensure a stable supply of products (select a second vendor for raw materials that entail high risks)

・ Set priority BCP products and conduct regular reviews

・ Conduct due diligence and monitoring of suppliers and request improvements

6.IT security and information management

≪ Risk Summary ≫

If there is an IT security threat due to an act by an employee, outsourcing service provider, or other entity or an incident such as an attack by a malicious third party, this could result in the following.

- Difficult in continuing business due to suspension of important systems

- Outflow of confidential information, including personal information

- Legal damages, such as claims for compensation for damages, costs related to subsequent response, etc.

- Decline in performance or damage to reputation

≪ Main response ≫

・ Appoint a CIO who oversees information management, a CDO who has control over data and document use and management, and Global Head of IT who is responsible for operating IT

・ Establish rules related to information management based on laws, regulations, and guidelines

・ Establish a SHIONOGI Group Global Privacy Policy

・ Provide thorough education to employees on the importance of information management and personal information and the need to comply with personal information protection–related laws and ordinances.

・ Move forward with projects to build an IT-BCP system in case of a crisis such as cyberattacks or massive disasters

・ Create IT infrastructure and reinforce information security foundation and improve its operation

・ Conduct a fundamental group-wide review of the network based on global security assessment in light of a cyberattack at the Taiwan facilities

7.Environment and safety

≪ Risk Summary ≫

If there is the chance of an incident that could impact the environment, ecosystem, or safety of workers in a business activity process, such as research, development, or manufacture of pharmaceuticals, and the incident actually occurs, it could result in the following.

- Suspension of facility operation and equipment and cost of response and

recovery

- Litigation seeking compensation for damages and payment of

compensation

- Damage to the corporate brand and reputation

≪ Main response ≫

・ Reinforce governance by formulating a SHIONOGI Group EHS Policy, SHIONOGI Group EHS Code of Conduct

・ Create an EHS Integrated Management System

・ Reinforce ISO 14001 and ISO 45001 or equivalent management system operation at each office

・ Comply with related laws and ordinances, set independent management standards and targets that are even stricter, and implement response

8.Compliance

≪ Risk Summary ≫

We recognize the following as important risks: acts and behavior that violate laws, deviate from social norms, or violate ethics in business activities, based on an awareness of not simply complying with laws, regulations, rules, etc., but also following social norms, and acting ethically as a company and member of society. If such a risk materializes, this could result in the following.

- Damage to reputation

- Loss of stakeholders’ trust

- Damage to business performance and financial condition

≪ Main response ≫

・ Add compliance items to SHIONOGI Group Code of Conduct and formulate SHIONOGI Group Compliance Policy

・ Raise awareness of compliance throughout the Company by holding a Global Compliance Week & Quality Week

・ Rebuild the promotion system to match organizational structure

・ Operate an in-house reporting desk in line with the Whistleblower Protection Act

・ Hold regular Compliance Committee meetings, which a Representative Director chairs

・ Report Compliance Committee activities to the Board of Directors

・ Use message from the President to talk about compliance

・ Conduct compliance awareness survey of all employees and provide related feedback to all organizational units

 

9.Intellectual property

≪ Risk Summary ≫

If a third party infringes on the intellectual property rights of SHIONOGI or SHIONOGI products infringe on those of a third party, this could result in the following.

- Damage to business performance and financial position due to loss of expected earnings

- Dispute or litigation to protect the intellectual property

- Payment of compensation for damages

- Injunction on manufacturing and marketing the product

- Damage to the corporate brand and reputation

≪ Main response ≫

・ Establish appropriate rights to and management system for intellectual property and continually monitor third party’s rights infringement

・ Conduct freedom-to-operate searches in business activities

・ Create a system to prevent rights infringements based on such activities as conducting intellectual property due diligence in in-licensing and out-licensing activities

In addition to these risks, we identified risks that could impact SHIONOGI’s performance or business, which include litigation, natural disasters and pandemics, and financial market and exchange rate trends, and are moving forward with a response to each risk. The following, however, are not all the risks that SHIONOGI faces.

 The forward-looking statements with respect to risks contained herein are based on the Group’s judgment as of the date of submission of its Securities Report. For more information on these risks, please refer to our Securities Report (available only in Japanese).

Crisis management system

Under our Crisis Management Standard, which serves as the basic policy for crisis management, Shionogi aims to build a comprehensive crisis management system that includes guidelines for various countermeasures and accompanying manuals, and enables rapid response in the event of an emergency. Shionogi places the highest priority on employee safety confirmation in the event of a huge natural disaster, and mandates regular training using the safety confirmation system, as well as stockpiling in case of emergency and reviews of disaster task forces, both centrally and at each business site.

Business continuity planning (BCP)

Shionogi formulates business continuity plans (BCPs) for each link in the value chain, so that we can continue to fulfill our corporate social responsibility and supply our products and services to medical institutions in a stable manner even in the event of an emergency. 

With respect to the supply of pharmaceutical products, in fiscal 2018 we established Shionogi Pharma Co., Ltd. to take charge of manufacturing operations. At that time we conducted a BCP review, resulting in a rebuild of both our business continuity management system. In addition to the above, we regularly conduct training at both the management and front-line levels to ensure the ongoing viability of operations.

Overview of business continuity management system

System diagram

Establishing a stronger system in light of COVID-19

Our goal is to be a drug discovery-based pharmaceutical company for which infectious diseases are a core therapeutic area, and which, while confronting infectious diseases, is resilient to all threats, including pandemics. In response to COVID-19, we are taking measures to tackle various issues that became clear in the course of continuing the business, and we have established robust systems for business continuity ready for a second and third wave of the spread of the virus. In doing so, we are determined to fulfill our responsibilities to our stakeholders

while balancing the sustainability of social and economic activities.

Specifically, by taking a detailed look back at our response, we will be reviewing our BCPs so that we can flexibly respond to the re-expansion of COVID-19 or the occurrence of a new pandemic. Furthermore, we are building more-effective BCP systems through repeated BCP-based simulation training. In parallel, we are continuing to build a more robust IT system.

Measures against Pandemic Influenza, etc.

Shionogi is designated by a designated public institution based on Article 3 of the Special Measures Law for the Prevention of Pandemic Influenza, etc. (established in 2012). In the event of a pandemic (pandemic) in which a serious health hazard and a pandemic of pandemic influenza or an unknown infectious disease that is associated with a major social effect outbreak are worldwide, it is necessary to prevent the infection of employees, etc. whenever possible, to prevent the spread of infection in workplaces, and to maintain critical operations during the epidemic duration.
In order to fulfill the social responsibilities played by Shionogi, we have established the Work Plan for the Prevention of Pandemic Influenza, etc. in 2014.

Environmental risk management

Shionogi extraction the risks that environmental changes may have on its business activities, evaluates its effect in its business activities, and considers measures to deal with various issues. In the event of an unexpected event, we are working to minimize the damage from such an event and to improve the level of control and response.