Principal Risk Mitigation
Operational risk  
Acquisitive growth remains a core element of the Group’s strategy. A failure to execute and properly integrate acquisitions, capitalise on the synergies they bring and/or maintain and develop their talent pool, may adversely affect the Group. All potential acquisitions are assessed and evaluated to ensure the Group’s defined strategic and financial criteria are met. A discreet integration process is developed for each acquisition. This process is supported by experienced management with a view to achieving identified benefits, cultivating talent and minimising general and specific integration risks.
As the Group’s activities integrate and further acquisitions are completed, the Group’s client base may become more concentrated making the Group more susceptible to competitive, client merger or procurement led threats. At each business review we monitor our client base and the threats and opportunities that may arise, both from our clients’ activities and any concentration of our client base. The impact that any potential acquisition may have on client concentration is considered as part of the acquisition assessment process.
The Group has many legal and regulatory obligations, including in respect of: (a) protection of patient information (such as HIPAA); (b) patient and employee health and safety; and (c) promotional spend. In addition, many of the Group’s activities are subject to stringent licensing regulations and the requirements of regulators (e.g. the FDA). A failure to meet any of these could result in products and services being defective, harming patients and/ or giving rise to very significant liability. Maintenance of legal, regulatory and quality standards is a core value of the Group. We continue to build and review our quality and compliance management systems to ensure that they are fit for purpose in the context of the Group’s strategy and its legal and regulatory obligations. These reviews are supported by corporate audits on compliance, quality and environment, and health and safety.
Throughout the Group medicines and medical devices can be packaged, supplied or administered directly to patients. The risk of inappropriate packaging, supply or administration could lead to a negative patient
experience.
Packaging and supply activity is carried out under licence and a contract with the marketing authorisation holder (MAH). This requires a regulated quality management system to ensure the integrity of the packaged product and the supply chain. Administration of medicines to patients is covered by a detailed client contract with the MAH and the local clinical governance framework. All of these processes are subject to risk assessment, training, management review, internal and external audits.
The success of the Group is built upon effective management teams that consistently deliver superior performance. If the Group cannot attract, retain or develop suitably qualified, experienced and motivated employees, this could have an impact on business performance. The talent requirements of the Group are monitored to ensure its management teams meet prevailing requirements in skills, competencies and performance. Remuneration policies, management development, succession planning and the systems for developing talent inherited from our acquisitions have been reviewed and the process of building a One UDG management development programme has started with the Inspire programme and will be developed throughout the coming years.
The continued growth and evolution of the Group requires its organisational design and infrastructure to be subject to review and successful ongoing development. A failure to do so could adversely affect the Group’s ability to meet its objectives. At least once per year a thorough review on strategy is carried out. One element of strategy is whether
the organisational structure is fit for purpose. Each year the growth drivers for the business are reviewed against the current organisation to establish whether change is required.
The ability of the Group to provide its services effectively and competitively is dependent on technology and information systems that are appropriately integrated and that meet current and anticipated future business, regulatory and security requirements. In addition, there is a cyber security risk through the use of technology which may result in financial or data loss. The Group’s technology and information systems and infrastructure are the subject of an ongoing redesign programme to ensure that they are capable of meeting the Group’s strategic intent and future requirements, whilst further mitigating against systems failures and the increasing threat of external interference.
The Group is exposed to risks that, should they arise, may give rise to the interruption of critical business processes that could adversely impact the Group or its clients. The Group is developing and reviewing its business continuity risks as part of the risk management and the corporate audit processes. Mitigation strategies and continuity plans are part of a structured review process.
The underlying terms of the Group’s commercial relationships drive the profitability of the Group. The nature of the Group’s business means that the Group could be exposed to undue cost or liability if it agrees inappropriate terms. The Group has adopted processes for identifying and mitigating against undue risks in all prospective commercial relationships, supported by personnel with expertise and/or experience in key commercial risk areas.
Financial risks  
The Group’s resources and finances must be managed in accordance with rigorous standards and stringent controls. A failure to meet those standards or implement appropriate controls may result in the Group’s resources being improperly utilised or its financial statements being inaccurate or misleading. The financial controls of the Group, as well as their effectiveness, are monitored by the Board in the context of the standards to which the Group is subject and the expectations of its stakeholders. This monitoring is supported by a dedicated internal audit function. The Group’s financial function, systems and controls are also subject to periodic review to ensure that they remain robust and fit for purpose.
The Group is exposed to liquidity, interest rate, currency and credit risks. The management of the financial risks facing the Group is governed by policies reviewed and approved by the Board. These policies primarily cover liquidity risk, interest rate risk, currency risk and credit risk. The primary objective of the Group’s policies is to minimise financial risk at a reasonable cost. The Group does not trade in financial instruments. The Group was in a net cash position at 30 September 2016.
UDG Healthcare plc’s reporting currency and that in which its share capital is denominated is the Euro.
Given the nature of the Group’s businesses, exposure arises in the normal course of business to other
currencies, principally Sterling and the US Dollar. The Group’s reporting currency will change to US Dollar in 2017, as the US is now the largest contributor to Group profits.
The primary foreign exchange risk arises from the fluctuating value of the Group’s net investment in different currencies. The majority of the Group’s activities are conducted in the local currency of the country of operation. The recent UK vote to leave the European Union (Brexit) has increased the level of exchange rate volatility.