Mon, May 31, 2021

Operational Risk Trends in Life Sciences

The life science industry operates in a world of uncertainty. Challenges from COVID-19 have put the industry under increased scrutiny and rapid development of the vaccine has amplified operational risk. With new growth comes new risks that are transforming the risk landscape of the life sciences industry.

Most life science companies face the normal challenge of focusing on cutting edge research and development while tyring to keep costs low, without compromising on patient safety. The necessity to comply with local and global regulations is a significant challenge, especially during a global pandemic that tests normalcy and processes.

How can the industry develop strategies that de-risk business and operating models while being compliant?

Even before the outbreak of COVID-19, there was increased enforcement and scrutiny of the life sciences industry. The Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) have pursued several companies in the life sciences sector for a number of FCPA violations - including kickbacks with foreign health departments, payments to consultants in hospitals, unjustified fees, and excessive means to influence healthcare professionals.

Now, in the post-COVID-19 climate, the industry is exposed to even more risks. The pandemic exposed weaknesses in health systems around the world in the rush to find treatments, vaccines and utilize technology effectively.

These challenges include:

Identifying Risk Exposure

According to Transparency International, of the $7.5trillion spent globally on healthcare each year, $500billion is lost to corruption. This means that the annual amount of healthcare funds stolen each year is more than enough to achieve Universal Health Coverage globally.1

Charles Cain, Chief of the SEC Enforcement Division's FCPA Unit, remarked on the prevalence of pay-to-prescribe bribery in the pharmaceutical industry, and indicated that scrutiny and enforcement would continue, “while bribery risk can impact any industry…more work needs to be done to address the particular risks posed in the pharmaceutical industry.”2

Example cases in the life sciences industry:

Incorporating transparency and accountability mechanisms, as well as multi-stakeholder participation into every project, policy and plan is difficult for the sector to do during “normal times” let alone during a rush to solve a global pandemic.

Kroll was approached by a global medical device's manufacturer headquartered in the Netherlands after they noticed that their sales of certain older models of their equipment were on the rise in Ukraine and some parts of Russia while dropping sharply elsewhere. Our client also noticed that sales margins for these devices in these jurisdictions were much higher than anywhere else in the world and that, in some cases, devices considered obsolete or outdated where being sold.

Kroll conducted targeted enhanced due diligence research on the client’s distributor to these jurisdictions. Our research found that the company was extremely successful in winning certain types of healthcare procurement tenders in Russia and Ukraine and had been accused of profiteering, corruption and grossly overpricing the equipment it sold to government hospitals.

Further research confirmed the existence of a kickback scheme with the distributors using some of the funds generated by their mark up on our client’s equipment to pay government officials involved in procurement processes.

An additional internal investigation within our client’s organization found that some members of their internal sales team had been aware of and had colluded with the distributor to artificially boost their sales, with one employee found to also be receiving undeclared payments from the distributor.

As the industry grows at a significant rate, the potential for bribery and corruption allegations increases. Bribery can be recognized in the medical service delivery, procurement corruption, improper marketing relations, misuse of (high) level positions, undue reimbursement claims, fraud and embezzlement of medicines and medical devices. Whether it is a pharmaceutical company bribing a doctor for prescribing its medicines irrespective of a health need or a government employee facilitating the infiltration of substandard medicines into the distribution system for kickbacks – the risk exposure is different than sectors. 

Understanding Complex Regulatory Changes

There have been postponements in regulatory changes to take the pressure off national authorities, notified bodies, manufacturers, and other actors so they can focus fully on urgent priorities related to the COVID-19 crisis. The EU’s Medical Device Regulation Risk Management requirement (MDR Regulation 2017/745) has been postponed until 26 May 2021, giving companies more time to fully comply with stricter standards.

From an operational point of view, companies are likely anticipating a more costly path to compliance as market access will require companies to conduct deep portfolio audits to determine the impact on margins. The new MDR is less focused on pre-approval stage of medical device manufacturing and promotes a more life-cycle approach with process-oriented risk management. The new regulation showcases a shift in policies and procedures that encourages the responsibilities of medical device companies throughout the product’s lifestyle. 

For each device, manufacturers must have a documented risk management plan, identify and analyze the known and foreseeable hazards, estimate and evaluate the associated risks and eliminate or control those risks.

In a way to control these risks, the MDR Annex I Chapter I (2) states that risks must be reduced as far as possible, without adversely affecting the benefit-risk ratio. Manufacturers must consider strengthening procedures around risk management and production and post-market information to comply with these requirements.

This MDR Regulation adopts a more universally risk-based approach compared to the EU Medical Device Directive (93/42/EEC, the “MDD”).3

Potential steps to mitigate these risks: 

  • Focus on the end-to-end supply chain—to include the end consumers 
  • Increase visibility across the supply chain 
  • Ensure comprehensive supply chain due diligence for key partners 
  • Cyber, physical security, regulatory and reputational due diligence checks where necessary 
  • Create backup plans for your backup plans 
  • Prioritize flexibility 
  • Emphasize proactive brand protection efforts 
  • Use scenario simulations, modelling, stress tests and exercises frequently
Conclusion

The pandemic exposed weaknesses in health systems around the world in the rush to find treatments, vaccines and utilize technology effectively. With this, comes an industry facing unprecedented challenges, particularly in increased risk exposure and in the regulation of products to help keep companies accountable. 

Businesses must ensure that changes in the way they operate are reflected in their arrangements. Incorporating transparency and accountability mechanisms, as well as multi-stakeholder participation into every project, policy and plan is key to mitigating these risks. 

 

References
1 https://www.transparency.org/en/our-priorities/health-and-corruption
2 https://www.ropesgray.com/en/newsroom/alerts/2019/02/New-International-Pharmaceutical-Practice-Code-Tightens-Restrictions-on-Gifts
3 https://ec.europa.eu/health/md_sector/overview_en
4 https://www.ema.europa.eu/en/human-regulatory/overview/medical-devices



Compliance Risk and Diligence

The Kroll Investigations, Diligence and Compliance team partners with clients to anticipate, detect and manage regulatory and reputational risks associated with global ethics and compliance obligations.

Background Screening and Due Diligence

Comprehensive spectrum of background checks, screening and due diligence services.

Third Party and Vendor Screening

Supporting corporate third-party management programs to drive risk-based due diligence decisions.


Compliance Portal

Your Process. Our Technology.

Compliance Program Consulting

Kroll is trusted by companies worldwide to help establish policies and programs aimed toward preventing fraud and complying with anti-money laundering (AML) and anti-bribery and corruption regulations.

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.


Valuation Services

Objective valuations for financial reporting, tax and management planning purposes.