Our risk portfolio covers 20 risks. Of these, seven are categorized as strategic, nine as operational, and the remaining four as emerging. In addition, we have identified four awareness topics.
Overall, our 2021 risk portfolio is broadly consistent with the previous year. “Sandoz business transformation” was added as a new strategic risk in 2021, reflecting the increasingly competitive environment for generic medicines. Additionally, “facility and workplace safety” was renamed “occupational health and workplace safety” in 2021 to incorporate aspects of the post-pandemic working environment – such as employee well-being – that were identified as an emerging risk in 2020.
Risk rating:
Strategic Risks
Key products and commercial priorities Failure to deliver key commercial priorities and successfully launch new products
Pricing, reimbursement and access Pricing and reimbursement pressure, including access to healthcare
Alliances, acquisitions and divestments Failure to identify external business opportunities or realize the expected benefits from our strategic acquisitions or divestments
Research and development Failure or delay in the research and development of new products or new indications for existing products
Sandoz business transformation Inability to drive sustainable growth mid-term by pursuing biosimilars and inorganic growth opportunities
Environmental, social and governance matters Failure to meet increasingly challenging environmental, social and governance expectations
Emerging business models Missed opportunities in digitalization and emerging business models
Operational Risks
Cybersecurity and IT systems Cybersecurity breaches and catastrophic loss of IT systems
Fragmented IT landscape and ERP/EDM implementation Fragmented business processes and unclear data ownership may impact future digital opportunities, including the implementation of the new Enterprise Resource Planning (ERP) system and Enterprise Data Management (EDM) governance
Talent management Inability to attract, integrate and retain key personnel and qualified individuals
Third-party management Failure to maintain adequate governance and oversight over third-party relationships, and failure of third parties to meet their contractual, regulatory or other obligations
Occupational health and workplace safety Failure to ensure the safety of Novartis facilities and operations, and that of our employees and contractors
Legal, ethics and compliance Challenges in keeping up with legal and regulatory requirements, and evolving societal expectations regarding ethical behavior
Manufacturing and product quality Inability to ensure proper controls in product development and product manufacturing, and failure to comply with applicable regulations and standards
Data privacy Noncompliance with personal data protection laws and regulations
Supply chain Inability to maintain continuity of product supply
Emerging Risks
Geo-political and socio-economic threats Impact of geo- and socio-political threats and macroeconomic developments
Tax laws and developments Changes in tax laws or their application
Intellectual property Expiry, assertion or loss of intellectual property protection
Antitrust Potential increased antitrust scrutiny of transactions, together with continued close examination of conduct by pharmaceutical companies
Awareness Topics
Climate change Climate change and increased risk of major natural disasters
Changes in disease patterns, antimicrobial resistance and pandemics Antimicrobial resistance is a growing threat to public health, closely related to changes in disease patterns including possible future pandemics
Falsified medicines Impact on patient safety, and reputational and financial harm to Novartis and our products
Governance and ethical use of artificial intelligence Lack of artificial intelligence governance or ethical lapses in its use may expose Novartis to operational, reputational and regulatory risks