Takeda views risk management as the responsibility of our Board of Directors, the Takeda Executive Team, business units, business functions, local operating companies, and employees and business partners.
Risk management is an important pillar of our corporate governance and culture. It helps protect the company’s reputation and operating environment while supporting Takeda’s long-term strategy for growth and success. We view risk management as the responsibility of the Board of Directors, TET, business units, business functions, local operating companies, and employees and business partners.
Our Global Risk Management Policy uses a common set of principles to manage risk. The Policy covers the following areas, each supported by a relevant Standard Operating Procedure (SOP):
• Enterprise Risk Management (ERM)
• Business Continuity Management (BCM)
• IT Disaster Recovery (ITDR)
Our ERM program uses a consistent set of risk-related methods, tools and approaches to support the business. We look at the likelihood and impact of possible risks, along with the effectiveness of our mitigating actions to reduce those risks over a period in line with our Mid-Range Planning. Principal enterprise risks are presented to the Risk, Ethics and Compliance Committee, and Board of Directors on an annual basis.
Risk management is embedded in the business, and each relevant area is responsible for managing their key risks. Typical risk mitigation strategies may include, but are not limited to, business continuity planning, crisis planning, process redesign, management and technology implementation, monitoring, communications, training and third-party engagement.
Risks in our industry may include R&D exposure, legal and regulatory compliance, intellectual property rights, patent expirations and adverse events. They may also include industry reforms, impacts associated with changing government policies, mergers and acquisitions (M&A) and integration-related issues, supply continuity, environmental compliance, competition litigation, geopolitical events, cybersecurity, and natural or man-made disasters.
Audits are an important way to make sure our EHS management systems are effective. A central EHS audit function leads the program, which includes management systems and compliance audits. The program utilizes independent external local auditors who are experts in national and regional regulations for the EHS regulatory compliance audits when needed. Through Corporate EHS Management System Assurance Programs including audits, Takeda assures compliance to our obligations including Takeda management’s expectations, our standards and operating procedures, as well as regulatory requirements.
Based on audit results, site leadership develops Corrective and Preventive Action (CAPA) plans, which are approved by Corporate EHS audit and
EHS Regional Heads.
These CAPAs are tracked based on operational KPI expectations until closed. We also look at audit trends to see what we need to work on for the coming year and where we need to provide support. Audit results are reported to the Risk, Ethics and Compliance Committee of the Board of Directors. Audits are conducted based on the level of EHS risk and ISO certification requirements. Corporate EHS audits typically occur on a three-year cycle. EHS risk often depends on the type of operations, the complexity and size of the operation, past EHS performance and other factors.
Takeda is committed to operating with integrity. Our Global Anti-Corruption Policy prohibits Takeda from conducting, through third-party intermediaries, activities that Takeda is prohibited from conducting itself. Takeda must assess every third-party intermediary to identify and address issues that pose any potential risks for Takeda. We conduct regular audits to assess instances of bribery and corruption and have implemented an ongoing monitoring program that samples and evaluates high-risk transactions against governing policy and procedure control documents. Takeda executes root cause analysis against monitoring nonadherence and develops remediation plans to drive continuous improvement.
Crisis management is a critical part of our corporate governance, enabling us to keep operating in times of crisis. Our Group Global Crisis Management Policy lays out basic policies, rules and standards for crisis management. The Policy supports the systems and operations we have in place to respond to a crisis swiftly and effectively, and minimize any potential harm to our people, Takeda’s finances or the world around us.
As with risk management, our businesses and functions are responsible for establishing their own crisis management systems, introducing preventive measures and taking appropriate action if a crisis occurs. In the event of a crisis calling for companywide action, a Global Crisis Management Committee (GCMC), chaired by our President and CEO, will coordinate the response. For example, in January 2020, we activated a GCMC to help govern our response and efforts to the COVID-19 pandemic.