Risk Management

The Daiichi Sankyo Group identifies risks as those factors that may prevent the Group from attaining its organizational goals and targets and that can be predicted in advance. The Group is promoting risk management through such means as taking steps to address risks inherent in corporate activities through retaining, reducing, avoiding, or transferring these risks. In addition, we seek to minimize the adverse impacts of risks on people, society and the Group should risks actualize.

Risk Management
Crisis Management
Business Continuity Plan (BCP)
Major Risks and Their Management

Risk Management System

The Head of Global Compliance & Risk Management acts as the Risk Management Officer (RMO) and oversees Groupwide risk management through an annual cycle for formulating and implementing business plans. In addition, the heads of each division autonomously manage risks to support accomplishment of their divisions’ goals and targets. Divisional heads analyze and evaluate individual risks, formulate and implement yearly risk management plans, and provide employees with underlying risk management information, education, and insights. In addition, to supplement the broad decision-making scope of the Executive Management Committee on risk, the Risk Management Committee (RMC) will be established in FY 2025 as a meeting body for intensive discussion.

Annual Cycle for Management of Material Risks

Based on impact assessment and likelihood of occurrence, risks with the potential to significantly impact the management of the Company are identified by the Executive Management Committee and the Board of Directors (see the conceptual diagram below on the Group’s risk level classification). Individuals who have been assigned responsibility for each risk formulate risk response measures (Plan), which are then enacted through coordination with relevant organizations (Do). The progress of risk response measures is monitored twice a year (Check). The risk response measures are corrected or improved upon as necessary (Action). If precursors of the potential appearance of a material risk be detected, related information will quickly be assembled for provision to the CEO and RMO, and appropriate measures will be taken.

As part of the risk management program, the Group has a business continuity plan (BCP) that stipulates preparations for and measures to be instituted in the event of a disaster (as well as for provisions for crisis management).

zoom

Crisis Management

The Daiichi Sankyo Group defines "Crisis" as a collective term for events that have arisen and require urgent action. The Group has formulated a Global Crisis Management Policy that defines basic matters related to Crisis Management for regions, functions, and group companies with the aim of minimizing losses caused by such events.

As stated in our policy, "Upon the occurrence of a crisis, the Daiichi Sankyo Group shall respond immediately and precisely based on the following principles: ensuring the safety of the lives and communities of Daiichi Sankyo Group employees and related personnel; and fulfilling the responsibilities as members of a life science company. The Group shall endeavor to minimize human, social, or corporate losses and strive for business continuity and quick recovery."

In addition to promoting autonomous Crisis Management in each region, function, and group company, we have established a process that enables us to respond flexibly and globally according to the type of crisis (disasters, accidents, incidents (including terrorism), scandals, violations of laws, information management issues, product issues, etc) and the degree of impact of the crisis.

Reporting criteria and routes will be specified and a Crisis Management Officer will be established (designated by the CEO or COO) along with an Initial Crisis Management Officer (Head of Global Risk Management). In the case of a crisis with major global impact and the need for company-wide responses, the Group will share such information with the Risk Management Officer and work to prevent the situation escalation and quickly resolve it through immediate and appropriate initial responses.

After a crisis resolution, we will analyze the situation retrospectively to prevent recurrences and improve our response.

zoom

Business Continuity Plan (BCP)

The Daiichi Sankyo Group has formulated a business continuity plan (BCP) for hazards to deal with various threats that may affect business continuity.

To meet demands in the event of an emergency, we have established a process that ensures the stable supply and quality of pharmaceuticals and other products along with a process that ensures the continuity of research and development. In response to the diversification of threats and the globalization of our business, we are continually making improvements to ensure that we can respond to threats as they emerge.

Major Risks and Their Management possibility of impact on investment decisions and other similar matters were considered.

The table below summarizes Major Risks extracted from the Group's material risks and management risks in each division. In extracting the risks, the possibility of impact on investment decisions and other similar matters were considered.

Areas	Material Risks	Risk Summary	Status of Risk Management
Research and Development & Alliances with Partner Companies	〇	The potential of discontinuation of research and development, failure to obtain approval due to changes in approval review criteria, or changes or termination of contract terms related to collaborations in the development of new drug candidates. This includes Trastuzumab Deruxtecan (T-DXd/DS-8201: Anti-HER2 ADC, product name: ENHERTU®) and Datopotamab Deruxtecan (Dato-DXd/DS- 1062: Anti-TROP-2 ADC) in partnership with AstraZeneca, as well as Patritumab Deruxtecan (HER3-DXd/U3-1402), Ivnatamab Deruxtecan (I-DXd/DS-7300), and DS-6000 (R-DXd) in partnership with Merck.	Establish a Joint Committee with AstraZeneca and Merck, create a unified vision between the two companies for each area of collaboration, and use this vision to formulate and manage the progress of strategies; Ensure constant communication with pharmaceutical regulatory authorities in each country, as a means of managing and reducing risks; Ensure distribution of manufacturing and logistics bases, and install private electricity generators; Strengthen IT foundations, such as by ensuring redundancy in core systems
Pharmaceutical Side Effects and Quality Issues	〇	Pharmaceutical products may be recalled or withdrawn from the market due to quality issues or unforeseen side effects; significant expenses may be incurred due to resulting allegations of injury and other matters of liability.	Consistent quality assurance through the enhancement of management systems compliant with GMP and GDP standards; Regular audits of group company facilities and business partners are conducted; Perform objective assessments, reviews, and analysis of safety management information (e.g., information on side effects) globally collected; and share this information with health care professionals in an appropriate manner; Provide all employees with training in safety management information every year
Overseas Business Expansion	〇	Operations overseas may be impacted by a number of factors, including: political instability; deterioration of economic circumstances; contraventions of local laws and regulations; and worsening labor management relations	Appoint risk management officers at group companies outside of Japan, and collect and share information on a regular basis; When a problem occurs, the risk management officer serves as a hub for coordinating with local Group companies, aiding prompt problem resolution
Manufacturing and Procurement	〇	Risks affecting manufacturing and procurement activities may include damage to Group-owned facilities, impairment of social infrastructure, and technical issues	Establish systems to rapidly restore operations in the event of an emergency and to ensure stable supplies of pharmaceuticals with assured quality for the continued provision of medical services; Continuously improve BCP by reviewing operations and organization- al structure related to priority supply items, etc.; Periodically review list of priority supply items
Environment & Safety		Risks include exposure to chemical substances for people both internal and external; adverse impacts on the environment through soil and air pollution; fragmentation of supply chains for pharmaceuticals due to extreme weather disasters, global warming, and other phenomena related to climate change; and rising manufacturing costs negatively affecting the stable supply of pharmaceu- ticals.	Establish and ensure continuous monitoring of independent management standards that are more rigorous than those set by local authorities; Disclose information according to recommendations of the TCFD
Intellectual Property Rights	〇	Third party claims of patent infringement or other intellectual property claims against the Group, which could interrupt the Group’s business or result in legal action; the Group itself may initiate legal action if a third party is found to have infringed Group-owned intellectual property rights.	Maximize value and minimize risks for the creation and protection of intellectual property; Establish systems to minimize the impact of intellectual property disputes on business by working together with internal and external parties
Litigation	〇	Lawsuits may arise over pharmaceutical side effects, product liability, employ- ment/labor issues, and fair trade-related litigations, among others.	Minimize legal risks and maximize business opportunities under applicable laws and regulations, contracts, and dispute prevention and resolution
Laws and Regulations and Regulatory Trends to Limit Healthcare Expenses	〇	Negative impact may arise from administrative measures related to drug price revisions, the healthcare system, and health insurance.	Revise wholesale prices and rebates in light of NHI drug price system reforms and distribution improvement guidelines; Draw up and implement appropriate sales contracts; Monitor drug price policies in each country
Legal Risk	〇	There is always legal risk the Group is cognizant of, including the serious risk associated with illegal conduct by executives and employees.	Monitor business operations to detect any inappropriate activities as early as possible; Prevent violations through strict compliance with laws and regulations and through educational and awareness-raising activities; Establish measures to prevent compliance violations and take strict action when violations occur
Financial Market and Exchange Rate Fluctuations	〇	Negative effects may result from stock market behavior, interest rate trends, or exchange rate fluctuations.	Reduce cross holdings; Implement mid-term reviews of pension fund asset allocations; Execute currency hedging transactions
IT security and information management	〇	Network virus infection, cyber-attacks, and other similar events may result in a system shutdown or leakage of confidential information including personal data.	Under the leadership of the CDXO^※, promoting measures related to information manage- ment and security, and establishing policies and rules; Provide employees with continuous information management training; Establish security systems with defense functions and infringement detection and countermeasure function; Strengthen information security infrastructure and improve its operation; Regular monitoring of personal information management practices
Securing Talent		Increasingly competitive job markets may result in an inability to secure sufficient talent with the high levels of expertise required for various roles.	Strengthening planned recruitment activities and fostering and securing talents through diverse approaches; Establishment and implementation of a globally unified HR system and human resource information system; Promote both One DS Culture and Inclusion & Diversity (I&D), and analyze and improve employee engagement through global engagement surveys

※ Chief Digital Technology Officer