Baker Tilly
Contact us
Enterprise Risk Management for Life Science Companies

Enterprise Risk Management for Life Science Companies

Supporting life sciences companies in establishing consistent risk governance mechanisms to identify, manage and mitigate risks throughout the enterprise and through the product life cycle, from research through commercialization.

Enterprise Risk Management for Life Science Companies

It is no secret that life sciences companies need to be able to identify risks across all parts of their organization, know the potential impacts, and have a plan to monitor and manage these risks with effective internal controls if they are to become, or remain, successful in today’s complex environment. At Baker Tilly, our team of Value Architects™ are able to offer tailored ERM solutions that protect your company’s value so that your organization can continue focusing on developing and delivering innovations to better patients’ lives.

    Alleviating fear, uncertainty and doubt

    Connect with usarrowCreated with Sketch.

    Life sciences companies continue to face external pressures and challenges that are unique to other industries. Almost every aspect of the business – from research and development (R&D), sales and marketing, to manufacturing and development – is affected by the driving forces of fear, uncertainty and doubt, arising from:

    • Complex and evolving global regulations
    • Risk overload of executive and management teams
    • Changing expectations from stakeholders
    • Greater emphasis on innovations that serve smaller – and often more competitive – patient segments

    Effective enterprise risk management (ERM) can alleviate the fear, uncertainty and doubt that affects management’s decision-making skills, and most notably the speed by which risk-informed decisions can be made.

    Risk throughout the organizational life cycle

    From the company’s inception to the expansion of the organization on a global scale, it is essential that enterprise risks are proactively identified and risk management disciplines are established early on. In addition, the risks associated with the growth of life sciences companies evolves as the innovation moves from the research phase, towards development and through product launch.

    As risks evolve throughout the organizational life cycle, it is essential that scalable solutions are introduced early enough to influence confident decision-making through the evolution. Risk management is a fundamental leadership competency and must be implemented even before commercialization or stabilization.

    The discovery stage spans preclinical to Phase I research. In this evolutionary stage, life sciences organizations strive to establish the viability of their innovations. With a deep focus on evidence generation, key risks are concentrated in gaining access to researchers and patients in order to drive these various early-stage studies forward. Cultivating relationships with researchers comes with many risk drivers, such as anti-kickback considerations and patient identification challenges.

    After establishing viability of the innovation in early research stages, organizations will next look to establish clinical viability and market viability as Phase II through Phase III studies are underway. Focus maintains on clinical development, further cultivating and maintaining a network of key opinion leaders (KOLs) for principal investigator recruitment, and developing partnerships with contract research organizations (CROs). From a market viability perspective, after clinical viability is established, focus begins on sourcing capital, market research, market access planning and preparedness for commercialization or transaction.

    After the post-launch of a new asset (e.g., pharmaceutical product, medical device, FDA-approved digital health solution, etc.), organizations will be working to reinforce the clinical and market viability, while scaling safety surveillance and reporting. From a therapeutic area (TA) perspective, efforts shift to commercial enablement with a focus on market and patient access, along with medical affairs enablement for supporting relevant medical communities. Further emphasis is placed on sourcing capital, investing in human capital, continuing to build a network of KOLs, gaining access to data and healthcare professionals (HCPs), and developing market content. Secondarily, attention must still be paid to ongoing clinical development in the form of real world evidence (RWE), health economics outcomes research (HEOR), and Phase IV and investigator-initiated studies (IIS). Key activities that will drive risk in this phase of clinical development will be maintaining a network of KOLs, gaining access to data, initiating strategic partnerships and building safety surveillance protocols.

    At this point, organizations will need to apply adjustments to the market plan as the real-time dynamics of the market begin to have impact on the new product. The long-term commercial success of the product is incumbent on these adjustments within the first 90 days. Once the fine-tuning is conducted and the asset is on its planned growth trajectory, the next key consideration of the product life cycle management will emerge: continued clinical development, including RWE, HEOR and IIS for new and evolving safety information as well as future label extensions. There will be investment considerations, but rather than solely sourcing funds, there will be focus on normalizing the balance sheet, and beginning to alleviate debt and resolve early private equity or venture capital investor expectations. At this point, organizations may need to reassess their risk appetite and align the new investment strategy with that risk.

    The global regulatory landscape surrounding the life sciences industry is complex and evolving, requiring diligent attention to maintain compliance in each market. As organizations consider expanding globally, focus must be concentrated on product life cycle management while continuing to support the collection of data for future label extensions and safety surveillance. In addition, organizations may have grown substantially – in value and headcount – leading to increased corporate structure and governance. Furthermore, the commercial success and growth of the organization may support the case for globalization, which will require deep market evaluations and development of market access strategies.

    Benefits of implementing a successful ERM platform

    • Mitigating business progress and interference from state and federal regulatory agencies
    • Improved quality and compliance programs
    • Enhanced board governance
    • Improved process efficiency
    • Optimized resource allocation
    • Increased transparency
    • Reduced volatility and avoidance of surprises
    • Proactive approach to risk management
    • Consistent methodology for risk identification and mitigation

    Questions to consider

    • Does your organization have history with state and federal regulatory agencies due to lapse in ERM?
    • Does your organization have strong and visible support from those charged with governance to aggressively manage risk?
    • Does your organization struggle to consistently identify, prioritize and measure risks being raised by compliance and quality functions?
    • Does your organization have a dedicated team of cross-functional management and staff to operationalize ERM and integrate into business practices?
    • Does your organization align its ERM activities to your company’s key strategic and financial goals and its business processes?
    • Does your organization have adequate training and supporting tools available?

    ERM implementation activities

    Baker Tilly’s ERM implementation is not a one-size-fits-all solution. The services our team of Value Architects™ provide are tailored to each organization’s maturity level, resource capabilities and risk management needs. However, Baker Tilly’s ERM implementation generally encompasses the following key activities:

    Define key roles and responsibilities of the program:

    • Develop and communicate the ERM program and ERM charter
    • Train key stakeholders on ERM methodologies
    • Assess maturity of existing compliance and quality functions

    Agree upon and understand key risks:

    • Identify and prioritize the risk universe
    • Determine the scope of the ERM program
    • Evaluate the risk management capabilities of compliance and quality functions

    Prioritize and focus on the most significant risks:

    • Develop response strategies (i.e., accept, mitigate or transfer) for the highest priority risks
    • Implement consistent risk response governance across risk domains
    • If resources are limited, focus greater attention on risks deemed to have higher severity, low risk tolerance and high organizational governance exposure

    Confirm the organization is kept abreast of changes to its risk profile and mitigation efforts:

    • Monitor ongoing policies and procedures to detect and address changes in risk severity and response effectiveness