Identifying, analysing and responding appropriately to business risks and opportunities is vital to attaining Roche’s business objectives, protecting the interests of stakeholders and meeting legal requirements.
Risk Management is an integral part of the Group’s business practice on all levels of the Roche Group. Risk Management includes:
analysis and evaluation of risks and opportunities,
the appropriate response and opportunities,
tracking and reporting of risks to provide assurance regarding the achievement of objectives.
On Roche Group level this is formalised in the Group Risk Management Process, where Divisional and Group functions and business areas assess risks and opportunities and develop plans for the most material ones identified. This happens in parallel to the development of the business plans.
A consolidated Group Risk Report is then discussed and approved together with the business plan by the Corporate Executive Committee and reviewed by the Board of Directors.
This process is overall supported by Group Risk Advisory, which is responsible for the necessary alignment, co-ordination and development of Group Risk Management. Continuous improvement is applied to the Group Risk Management Process through stakeholder feedback and maturity measurement, and when appropriate external reviews.
In addition, Group Risk Advisory is coordinating / consolidating various risk management activities across the organisation including training and risk awareness activities. Risk management trainings include customised trainings for line management and Risk Managers (including a mandatory online training). Further Risk Management trainings (virtual and classroom) are offered by Risk Advisory and are available to all employees. Additionally, upon request Risk Awareness workshops are conducted for functions and regions and Roche Affiliates can receive risk management training to establish their own Risk Management process. These activities also focus on identification and management of risks as well as opportunities.
Also under the lead of Group Risk Advisory, a Risk Forum was kicked off in 2014 to create a cross functional network to explore new ways to raise risk awareness across the organisation. This has evolved into a Risk & Opportunity Alliance (ROAD) which conducts innovation dialogues/workshops to address complex topics which have a cross functional/divisional significance.
We also implemented a risk management programme designed to systematically identify, assess, mitigate and adequately manage the risk of human rights violations. This risk management programme does not only apply to our operations, but likewise to our value chain and activities related to our business. We discuss and assess identified risks within the Corporate Sustainability Steering Committee. At the time being, the four identified top risks - including vulnerable groups such as patients, employees, suppliers and business partners – are Data Privacy, Safe workplace (incl. health risks), Working conditions (incl. child, forced or compulsory labour, harassment and discriminations) and Employee association. For further information, please visit our
Beside Group Risk Advisory many other 2nd lines of control perform risk management activities and trainings (e.g. Healthcare Compliance, Medical Compliance, Safety, Health & Environment (SHE), Quality, Procurement, Pharma Global Technical Operations, etc.). In addition, many cross-functional risk activities occur within Roche, a few of which are described below as examples.
Financial Risk Management within the Group is governed by policies reviewed by the Board of Directors. Policy implementation and day-to-day Risk Management are carried out by the treasury functions and regular reporting on these risks is performed by the relevant accounting and controlling functions.
Crisis Management, where every subsidiary of the Group has established Emergency Management teams, with corresponding alarm and escalation procedures and authority to act quickly in the event of a crisis. Also, at Roche Group level there is a Roche Emergency Management Organisation and Support (REMOS), supporting Local Emergency Management when needed. These teams comprise operational line management with appropriate authority and they rehearse different crisis scenarios regularly.
A risk-based compliance management approach was developed in 2013 for one of the regional organisations to target compliance efforts to areas most at risk. A Compliance & Risk Management Office has been established to address specific risks in the procurement area.
Safety, Security, Health and Environmental risks are managed by Group SHE. A comprehensive bottom-up approach is used to identify and assess all SHE risks which are consolidated in a risk inventory and integrated into the Roche Group Risk Report.
Product Development continues to apply a consistent methodology for identification and management of risks and opportunities that could impact achievement of development projects.
Digital Media risks and opportunities continue to be monitored and managed by a cross-functional group.
A group wide Business Continuity Programme aims to further strengthen our business continuity management (BCM) to ensure that all sites respond effectively to catastrophic events and deliver a minimum, acceptable level of key products and services. The respective
We consider Sustainability in a broader context to include three elements: society, the environment and economy.
The Corporate Sustainability Steering Committee is responsible for assessing social, environmental and ethical trends, which is done through the ‘Business Sustainability Risk & Opportunity Assessment’ process. Each year, emerging trends (including associated risks and opportunities) are identified from internal and external sources and are reviewed by selected internal stakeholder groups and the top ten business sustainability trends are approved by the Corporate Sustainability Steering Committee. These ten trends represent key areas where we would like to raise internal awareness so that the associated risks and opportunities can be considered as appropriate by our Roche Risk Managers in the respective Risk Assessments of their business unit. Since 2013 these Business Sustainability trends have been reported, first in the Roche Annual Report, now in the complementing part on the internet. This process continues to evolve and is reviewed by the Corporate Sustainability Steering Committee annually.
These top ten business sustainability trends and associated risks and opportunities are also shared with the Group Risk Managers involved in the Group Risk Management Process where they are then considered and if relevant included within scope of respective risk assessments. Mitigation of these business sustainability risks and opportunities are done at the business unit and/or group level as part of the Group Risk Management Process.
The ten business sustainability trends identified for 2022 are:
Healthcare Evolution & Data Insights: Healthcare evolves towards a continuum of care approach, including prevention, detection, treatment and cure, offering a wider range of solutions (products and services). Integrated solutions increasingly leverage the use of data and data insights. This is contrasted by societies’ and/or payors’ ability or willingness to afford the increasing cost of highly innovative solutions.
Accelerated Technological Transformation: The accelerated technological transformation driven by the digital evolution increases the unpredictability of implications on new and existing markets as well as on business and working models.
Climate Action Failure and Environmental Degradation: Aggravated by climate action failure, change of climate with weather extremes and ecosystem collapse are all attributed directly or indirectly to human activity and alter the availability, accessibility, affordability, quality and quantity of fresh water/food, other natural resources and change the composition of the global atmosphere, in addition to natural climate variability.
Mistrust and Scepticism in Science: Growing educational gap and populism with increasing spread of fake news (intended or unintended) leading to mistrust and scepticism in science, medical therapies, pharmaceutical industry and institutions.
Increasing Prevalence of Infectious and Chronic Diseases: Continuous threat from newly emerging or resistant infectious diseases leading to epidemic/pandemic crises with severe global impact. Increasing prevalence of non-communicable diseases (chronic diseases), partially owed to ageing populations, leading to rising costs through long-term or high-priced treatment, threatening societal gains in life expectancy and quality.
Lasting Economic Instability: Lasting macroeconomic instability in large economies leading to collapse of systemically important industries and prolonged economic stagnation.
Rising Cyber Dependency and Vulnerability: Accelerating cyber dependency due to continuously increasing digital interconnection of people, things and organisations and intensified by COVID-19 resulting in increased exposure and vulnerability.
Societal Crises: Ineffective social models with limited economic and educational prospects are likely to lead to dissolution of societal solidarity and exacerbate mental health deterioration and youth disillusionment.
Political Interdependency and Complexity: State collapses, war, regional/global instability, shifting political influence from the Western to the Eastern world (e.g. China) and unstable political relationships lead to increasing complexity in the business environment (e.g. complex/uncertain supply chains, volatile pricing landscape, emerging legislations and standards).
Future of Work: New, diverse and complex working models (remote, hybrid) lead to an increasingly fluid workspace and -force, which requires an agile workforce management to avoid negative as well as leverage positive impacts on talent attraction, retention and engagement, especially in a highly innovation-dependent sector.
Using Mistrust & Scepticism in Science and Future of Work as examples it can be seen below how these are then developed into specific risks and opportunities at the level of the functions where specific mitigations are applied and managed.
Trend descriptor: Growing educational gap and populism with increasing spread of fake news (intended or unintended) leading to mistrust and scepticism in science, medical therapies, pharmaceutical industry and institutions.
Raise awareness and create clarity around the true value of diagnostics to people everywhere through Roche's Value of Diagnostics initiative, a company-wide campaign.
Fundamentally shift and improve public perception and appreciation for diagnostic healthcare through the “Value of Diagnostics” campaign.
Getting people to interact better with their healthcare system, getting diagnosed earlier and improving their outcome or preventing disease from ever developing is supported through the campaign, ultimately not only being good for human health but also to relieve pressure on the healthcare systems that support it.
Demystifying and promoting the role of scientific innovation in bringing novel solutions to people and society through the Roche Celebrate Science program, a connected programme of stories and company engagements initiated as part of Roche's 125 Years Anniversary celebrations.
Roche Celebrate Science Programme
Value of Diagnostics Campaign
Roche Risk Management Approach
Trend descriptor: New, diverse and complex working models (remote, hybrid) lead to an increasingly fluid workspace and -force, which requires an agile workforce management to avoid negative as well as leverage positive impacts on talent attraction, retention and engagement, especially in a highly innovation-dependent sector.
Roche has introduced “working flexibly” as a further evolved working model and is committed to creating an environment of truly flexible working so that all employees can meet both their professional and personal responsibilities.
Great place to work: We provide employees with the flexibility to work at different times and locations to help them combine their work and private responsibilities. This also contributes to making Roche an employer of choice for talented people.
Global collaboration: Flexible working models allow our employees to work with other people across borders and time zones, an important requirement for global teams.
Sustainability: We are committed to sustainability and environmental responsibility. Flexible working supports the reduction of emissions by reducing the number of people commuting by car or plane.
2021 Roche Employment Policy
How we roll
Roche Risk Management Approach
Chief Compliance Officer
Tel. +41(0) 61 688 48 90
The contents of this page are reviewed and updated regularly in the second quarter of each year or when necessary.