The contents of this page are reviewed and updated regularly in the second quarter of each year or when necessary.

The Rochedescribes our approach for managing material risks – the possibility that an event will occur and adversely affect the achievement of Roche’s objectives.

Risk Management is an integral part of the Roche Group’s business practice on all levels. Risk Management includes:

  • Identification,

  • Analysis and evaluation of risks & opportunities,

  • Appropriate response plans,

  • Monitoring and reporting of risks & opportunities to provide assurance regarding the achievement of objectives.

At Roche Group level this is formalised in the Group Risk Management Process, where divisions, relevant divisional and Group functions assess risks & opportunities and develop plans for the most material ones identified. This happens in parallel to the development of the business plans.

The consolidated Group Risk Report is then discussed and approved together with the business plan by the Corporate Executive Committee and reviewed by the Board of Directors.

This process is supported by Group Risk Advisory, being responsible for the necessary alignment, coordination and development of Group Risk Management. The Group Risk Management Process is continuously improved through stakeholder feedback and effectiveness evaluation, and when appropriate through external reviews.

Beside this core activity, Group Risk Advisory fosters best practice, e.g. through risk & opportunity management education and raising of risk & opportunity management awareness. Education includes an online training open to all employees, as well as practice labs or customised trainings for line managers and Risk & Opportunity Managers.

Additionally, upon request, either e.g. regions or affiliates are supported in the establishment of their own Risk & Opportunity Management Process, as is the case for specific projects or focus areas (e.g. regarding Human Rights). In this area, a risk management programme designed to systematically identify, analyse, mitigate and adequately manage potential risk of human rights violations has been implemented. This risk management programme is not limited to our operations, it covers our value chain and activities related to our business. Identified risks are discussed within the Corporate Sustainability Steering Committee. Currently, the four identified top risks - including vulnerable groups, such as patients, employees, suppliers and business partners – are Data Privacy, Safe workplace (incl. health risks), Working Conditions (incl. child, forced or compulsory labour, harassment and discriminations) and Employee Associations. For further information, please visit our

Beside Group Risk Advisory, many other 2nd lines of control functions perform risk management activities and trainings (e.g. Healthcare Compliance, Medical Compliance, Safety, Health & Environment (SHE), Quality, Procurement, Pharma Global Technical Operations). In addition, many cross-functional risk activities occur within Roche, a few of which are described below as examples.

Financial Risk Management within the Group is governed by policies reviewed by the Board of Directors. Policy implementation and day-to-day Risk Management are carried out by the treasury functions and regular reporting on these risks is performed by the relevant accounting and controlling functions.

At Roche Group level, a global Crisis Management organisation is established. Every subsidiary of the Group has furthermore established Emergency Management teams, with corresponding alarm and escalation procedures and authority to act quickly in the event of emergencies/crises. Also, at Roche Group level there is a Roche Emergency Management Organisation and Support (REMOS), which supports Local Emergency Management when needed. These teams comprise operational line management with appropriate authority and they rehearse different crisis scenarios regularly.

A risk-based compliance management approach was developed for one of the regional organisations to target compliance efforts in areas at most risk. A Compliance & Risk Management Office has been established to address specific risks in the procurement area.

Safety, Security, Health and Environmental risks are managed by Group SHE. A comprehensive bottom-up approach is used to identify and assess all SHE risks, which are consolidated in a risk inventory and integrated into the Roche Group Risk Report.

Product Development continues to apply a consistent methodology for identification and management of risks and opportunities that could impact achievement of development projects.

Digital Media risks and opportunities continue to be monitored and managed by a cross-functional group.

A group wide Business Continuity Programme aims to further strengthen Roche’s business continuity management (BCM) to ensure that all sites respond effectively to catastrophic events and deliver a minimum acceptable level of key products and services. The respectiveand guideline are in place, facilitating a consistent and aligned local implementation.

Roche considers Sustainability in the broader context to include three elements: society, the environment and economy.

The Corporate Sustainability Steering Committee is responsible for assessing social, environmental, economic and governance trends, which is achieved through the ‘Business Environment Risk & Opportunity Assessment’ process.

Each year, emerging trends (including associated risks & opportunities) are identified from internal and external sources and are reviewed by selected internal stakeholder groups. The top ten business environment trends are subsequently approved by the Corporate Sustainability Steering Committee. These ten trends represent key areas that serve to raise internal awareness, so that the associated risks & opportunities can be considered as appropriate by Roche Risk & Opportunity Managers in the assessments of their respective business units. Responses to these business environment risks & opportunities are developed at the business unit and/or Group level as part of the Group Risk Management Process.

The ten business environment trends identified for 2023 are:

Climate Action Failure and Environmental Degradation with  Increasing Biodiversity Loss: Aggravated by climate action failure, change of climate with weather extremes and ecosystem collapse as well as  increasing biodiversity loss are all attributed directly or indirectly to human activity. Availability, accessibility, affordability, quality and quantity of fresh water, air, food and other natural resources are negatively influenced. Transmission of certain diseases is increasing with the progression of global warming.

Healthcare Evolution Challenged by its Affordability: Healthcare evolves towards a continuum of care approach, including prevention, detection, treatment and cure, offering a wider range of solutions (products and services). Integrated solutions increasingly leverage the use of data and data insights. Societies’/payors’ expectations for cutting edge healthcare solutions is contrasted by their ability or willingness to afford the increasing cost of innovation, (leading  to an increased margin pressure).

Accelerated Technological Transformation: The accelerated technological transformation continues to offer a wide range of opportunities, yet increases the unpredictability of implications on new and existing markets as well as on business and working models.

Widespread Increase in Chronic Physical and Mental Health Conditions and Infectious Diseases: Continuous threat from newly emerging or resistant infectious diseases leading to epidemic/pandemic crises with severe global impact. Increasing prevalence of non-communicable diseases (chronic physical and mental health conditions), partially owed to ageing population and rising inequality across multiple demographics, negatively impacts wellbeing. This ultimately leads to rising healthcare cost through long-term or high-priced treatment, threatening societal gains in life expectancy and quality. Environmental health is becoming an increasingly important issue, with healthcare systems and businesses working to reduce exposure to pollutants and other environmental burdens.

Progressing Cyber Dependency and Vulnerability: Accelerating cyber dependency due to ever increasing digital interconnectedness of people, things and organisations together with increasingly sophisticated cybercrimes results in increased cyber insecurity, exposure and vulnerability. 

Mistrust and Scepticism in Science: Persistent false information (deliberate or unintended) widely disseminated through states, populists, media organisations and social media significantly altering public opinion and leading to mistrust and scepticism in science, medical therapies, pharmaceutical industry and institutions.

Political Complexity and Geoeconomic Confrontations: State collapses, war, regional/global instability, shifting political influence and unstable political relationships lead to increasing complexity in the business environment (e.g. complex/uncertain supply chains, accessibility of strategically important raw materials, volatile pricing landscape, emerging legislations and standards). 

Societal Crises: Ineffective social models with limited educational and economic prospects are likely to lead to dissolution of societal solidarity and overall social cohesion.

Lasting Economic Instability: Lasting global macroeconomic instability leading to collapse of systemically important industries and prolonged economic stagnation.

Future of Work: Companies increasingly embrace and experiment with agile organisational design and New Ways of Working requiring a shift in mindsets and behaviours. Diverse and complex working models (remote, hybrid, short-term contracts, reduced working hours) lead to an increasingly fluid workspace and -force, which requires an agile workforce management to avoid negative as well as leverage positive impacts on talent attraction, retention and engagement, especially in a highly innovation-dependent sector.

Using the two trends of “Mistrust & Scepticism in Science” and “Healthcare Evolution Challenged by its Affordability” as examples, it can be seen below how these are then developed into specific risks and opportunities at the level of the functions where specific mitigations are applied and managed.

Trend descriptor: Persistent false information (deliberate or unintended) widely disseminated through states, populists, media organisations and social media significantly altering public opinion and leading to mistrust and scepticism in science, medical therapies, pharmaceutical industry and institutions.

  • Raise awareness and create clarity around the true value of diagnostics to people everywhere through Roche's Value of Diagnostics initiative, a company-wide campaign.

  • Fundamentally shift and improve public perception and appreciation for diagnostic healthcare through the Value of Diagnostics campaign.

  • Getting people to interact better with their healthcare system, getting diagnosed earlier and improving their outcome or preventing disease from ever developing is supported through the campaign, ultimately not only being good for human health but also to relieve pressure on the healthcare systems that support it.

  • Demystifying and promoting the role of scientific innovation in bringing novel solutions to people and society through the Roche Celebrate Science program, a connected programme of stories and company engagements initiated as part of Roche's 125 Anniversary celebrations.

  • Roche Celebrate Science Programme

  • Value of Diagnostics Campaign

  • Roche Risk Management Approach

Trend descriptor: Healthcare evolves towards a continuum of care approach, including prevention, detection, treatment and cure, offering a wider range of solutions (products and services). Integrated solutions increasingly leverage the use of data and data insights. Societies’/payors’ expectations for cutting edge healthcare solutions is contrasted by their ability or willingness to afford the increasing cost of innovation, (leading to an increased margin pressure).

  • Roche invests in and drives Personalised Healthcare (PHC) and outcomes for individual patients translate to more efficient, affordable care for entire populations and will be a benefit to society. As HC is shifting from a one-size-fits-all approach to a tailored treatment designed to address each patient’s unique needs will improve results and the way people experience care.

  • Roche is working on taking PHC toward a future in which treatments are targeted to individual’s needs and unique genetic profiles. Our PHC partnering strategy is built around identifying partners with whom we pursue this vision. With Flatiron and Foundation Medicine we are shaping new ways of realising the promise of PHC.

  • We subscribe to WHO's definition of ‘fair price’; ‘One that is affordable for health systems and patients and, at the same time, provides sufficient market incentive for industry to invest in innovation and the production of medicines’. This underpins our value-based pricing strategy.

  • Roche Personalized Healthcare

  • Digital and personalised healthcare

  • Roche Position on Pricing

Chief Compliance Officer
Pascale Schmidt
Tel. +41(0) 61 688 48 90

This website contains information on products which is targeted to a wide range of audiences and could contain product details or information otherwise not accessible or valid in your country. Please be aware that we do not take any responsibility for accessing such information which may not comply with any legal process, regulation, registration or usage in the country of your origin.