Effective risk management and control is key to the delivery of our business strategy and objectives. Our risk management and control processes are designed to identify, assess, mitigate and monitor significant risks, and can only provide reasonable and not absolute assurance that the Group will be successful in delivering its objectives.

The Board is responsible for overseeing how the Group's strategic, operational, financial and compliance risks are managed, and for assessing the effectiveness of the risk management and internal control framework.

Our Senior Executive Team (SET) owns the risk management process and is responsible for managing specific Group risks.

The SET is also responsible for embedding sound risk management in strategy, planning, budgeting, performance management, and operational processes within their respective Operating Segments and business units.

The Board and the SET together set the tone and decide the level of risk and control to be taken in achieving the Group's objectives.

Risk TopBoard
Overseeing of the Group's risk management and internal controls
Risk UpAudit Committee
Annual validation of the risk reporting process
Risk DownSenior Executive Team
Owners of the risk management process and responsible for embedding risk management into business units
Risk BottomBusiness Unit
Identification, mitigation and monitoring of risks.

Risk Management Process

Our strategy informs the setting of the objectives across the business and is widely communicated. Strategic risks and opportunities are identified as an integral part of the strategy setting process.

The SET is responsible for evaluating and managing risk from both a bottom up and top down level and acts as a link between the Board and the business units to ensure management of operational risks is embedded in the business.

Each SET member owns one or more Group risks and is responsible for identifying how the risks are currently controlled, what additional mitigating actions are required, what monitoring and assurance mechanisms are in place, assessing the effectiveness of key control processes, and addressing any weaknesses identified.

The Board conducts a review of the risk management and internal control framework and SET members present their risks, controls and mitigation plans to the Board for review on a rolling programme throughout the year. The Audit Committee reviews the effectiveness of internal financial controls annually.

 

Internal Control Framework

Our internal control framework is designed to ensure:

  • proper financial records are maintained;
  • the Group's assets are safeguarded;
  • compliance with laws and regulations; and
  • effective and efficient operation of business processes.

The Dechra Values are the foundation of the control framework and it is the Board's aim that these values should drive the behaviours and actions of all employees. The key elements of the control framework are described below:

  • Management Structure

    Our management structure has clearly defined reporting lines, accountabilities and authority levels.

    The Group is organised as business units. Each business unit is led by a SET member and has its own management team.

  • Policies and Procedures

    Our key financial, legal and compliance policies that apply across the Group are:

    • Code of Business Conduct;
    • Delegation of Authorities;
    • Anti-Bribery and Anti-Corruption;
    • Whistleblowing;
    • Sanctions; and
    • Charitable Donations.
  • Strategy and Business Planning

    We have a five year strategic plan which is updated and reviewed by the Board annually. Business objectives and performance measures are defined annually together with budgets and forecasts. Monthly business performance reviews are conducted at both Group and business unit levels.

    The product pipeline is reviewed regularly to:

    • assess whether products in development are progressing according to schedule;
    • identify new product ideas and assess fit with our product portfolio; and
    • assess the expected commercial return on new products.
  • Operational Controls

    Our key operational control processes are as follows:

    • Quality Assurance: All our manufacturing sites have an established Quality Management System. These systems are designed to ensure that our products are manufactured to a high standard and in compliance with the relevant regulatory requirements.
    • Pharmacovigilance: Our regulatory team operates a robust system with a view to ensuring that any adverse reactions related to the use of our products are reported and dealt with promptly.
    • Information Technology: Our business units currently use a number of different local financial, manufacturing and warehouse management systems to support their operations. We are in the process of implementing Oracle across the Group.
    • Financial Controls: Our controls are designed to prevent and detect financial misstatement or fraud and operate at three levels:
      • Entity Level Controls performed by senior managers at Group and business unit level;
      • Month-end and Year-end procedures performed as part of our regular financial reporting and management processes; and
      • Transactional Level Controls operated on a day-to-day basis.

Internal Audit provides independent and objective assurance and advice on the design and operation of the Group's internal control framework. The internal audit plan seeks to provide balanced coverage of the Group's material financial, operational and compliance control processes.

Improvements in 2017

We have continued to strengthen and improve a number of key control processes and the following changes have been implemented:

  • a number of portfolio and project management improvements have been implemented in our product development processes;
  • the manufacturing Quality Management Systems in all our recent acquisitions have been assessed and improvements implemented to ensure they meet relevant regulatory standards;
  • a risk assessment of the key contract manufacturing organisations (CMOs) that our supply chain is dependent upon has been completed and quality audits have also been conducted on the top 35 CMOs; and
  • our standard financial control framework has been updated and rolled out across the Group, including all recent acquisitions, in response to a number of improvement opportunities identified from internal audit reviews.

Plans for 2018

We will continue to refine and strengthen our internal control framework where required in response to changes in our risk profile and improvement opportunities identified by business management, quality assurance and internal audit.

We are planning to review our key corporate compliance processes and training activities including our Group Code of Conduct, key Group Policies and our Third Party Principles Policy in order to improve our ability to comply with existing and emerging legislation.