Managing risk | 2023 Annual Report

Risk governance

The Board and its supporting committees, including the Audit and Risk Committee (ARC) and People, Culture, Nomination and Remuneration Committee (PCNRC) oversees and approves Telix’s strategic direction. The Board also retains ultimate oversight of material risks and opportunities. The Board has delegated responsibility to the ARC for risk management, governance and oversight. The ARC receives quarterly reports relating to strategic risks, risk management activities, and the effectiveness of - and operational compliance with - the Group’s Enterprise Risk Management Framework (ERMF) and risk appetite and tolerances. The Board, through the ARC, sets the Group’s risk appetite, which constitutes the boundaries within which Management operates while achieving strategic and corporate objectives.

The MD & CEO, and GET are ultimately responsible for the identification and management of financial and non-financial risks (including compliance risks) and opportunities relevant to the delivery of the Group’s strategic objectives and operational targets. Accountability for developing and implementing the ERMF sits within our Governance Risk and Compliance (GRC) function, led by the Senior Vice President of Global Governance, Risk and Compliance (SVP GRC).

Our strategy for the management of risk and opportunity substantially follows the guidelines of ISO 31000:2018 – Risk Management and is designed to enable us to: identify and manage risks and opportunities to improve business performance; remain innovative and establish competitive advantage; anticipate and communicate uncertainties; reduce operational losses and surprises; and protect our corporate reputation. Our ERMF data informs leaders in their decision-making from prioritising activities, to resourcing, to escalation.

We manage risk and opportunity through objective and consistent identification, assessment, monitoring, measurement and reporting across the Group. Management executes daily risk management activities, including by making decisions within stated Board-delegated authority; ensuring employees understand their responsibilities for managing risk through a 'three lines' model; and establishing internal controls and guidance for the implementation of the ERMF.

In the three lines model, the first line - consisting of the business units and expert teams - executes core processes and controls. The second line - comprising the GRC function - sets policies and establishes frameworks to manage risks. The third line, which constitutes internal and external audit, provides independent review of the first and second lines.

Principal risks

The risk context within which we operate is underpinned by:

our purpose to help people with cancer and rare diseases live longer, better quality lives
our mission to deliver on the promise of precision medicine through targeted radiation
our various business activities, including innovation of new products, product development, commercialisation and marketing of approved products, service delivery, and research and manufacturing operations
the global regulatory regime, and
our intent to deliver adequate shareholder returns in a complex and/or competitive environment.

We actively manage a range of principal risks and uncertainties with the potential to have a material impact on the Group and our ability to achieve our strategic and business objectives.

During 2023, we reassessed our strategic risk profile to ensure we had appropriately identified risks and opportunities relating to our short, medium and long-term objectives. These principal risks have formed the basis of our forward-looking three-year internal audit plan.

While we have made every effort to identify and manage all material risks, there may be currently unknown risks, or risks that are not detailed below, that may impact our future performance.

Because of the specialised nature of our business, we are highly dependent on attracting and retaining qualified, scientific, technical and managerial personnel. A failure to do so could harm our R&D and commercialisation programs, and materially and adversely affect our business, operating results and financial prospects. The management of people-related risks and opportunity is one of the five pillars of our sustainability strategy. More detail on our programs to build a safe, inclusive and rewarding workplace is included in the Sustainability section of this Annual Report.

A summary of our principal risks is provided below.

Principal risk area	Description of risk	Key mitigation strategies and tactics
Successful commercialisation of assets	Telix’s operating and financial performance is dependent on its ability to develop and successfully commercialise its product portfolio. The Group will need to manage and optimally develop its business model and global presence to support the commercialisation of its existing and future portfolio. Successful commercialisation is subject to the following risks: clinical trials may not succeed regulatory approvals may not be granted acceptable pricing and reimbursement of products may not be achieved Telix’s development program may be delayed the oncology therapy industry is highly competitive and radiopharmaceuticals is increasingly competitive reliance on effective exclusivity and intellectual property protection reliance on licence agreements for key products, and dependence on commercial partnering. Telix faces risks in respect to the ongoing success of its first commercial product, Illuccix®. This includes the impact of new and existing competitive products in the market, adequate pricing and reimbursement to address unmet patient need in the longer term, and Telix's ability to continue to drive market growth and market penetration.	Telix’s purpose and mission are implemented through short, medium and long-term strategies, clear near-term objectives restated on at least an annual basis, and forward-looking measurable targets. Telix dedicates resources to attracting and retaining talent to key roles and has implemented dedicated global commercial strategy and global asset development business units. Telix has embedded program development and commercialisation planning and reporting systems into its operations - including asset lifecycle management planning, an intellectual property development and management strategy, market access planning, competitive awareness, sales team targets, training and maturity activities. The Group is committed (with appropriate cost/benefit analysis) to investment into required internal infrastructures to support its ongoing commercial success in its complex global environment. Telix has an enterprise risk management approach and an internal audit function dedicated to protecting and enhancing company value. Telix seeks to drive competitive success through its identification and hiring of experienced key talent into senior leadership, sales, marketing and strategic commercialisation roles. Lifecycle planning strategies are in place to enable the identification of opportunities and risks associated with the continuing success of Illuccix®.

Principal risk area

Description of risk

Key mitigation strategies and tactics

Successful commercialisation of assets

Telix’s operating and financial performance is dependent on its ability to develop and successfully commercialise its product portfolio. The Group will need to manage and optimally develop its business model and global presence to support the commercialisation of its existing and future portfolio. Successful commercialisation is subject to the following risks:

clinical trials may not succeed
regulatory approvals may not be granted
acceptable pricing and reimbursement of products may not be achieved
Telix’s development program may be delayed
the oncology therapy industry is highly competitive and radiopharmaceuticals is increasingly competitive
reliance on effective exclusivity and intellectual property protection
reliance on licence agreements for key products, and
dependence on commercial partnering.

Telix faces risks in respect to the ongoing success of its first commercial product, Illuccix®. This includes the impact of new and existing competitive products in the market, adequate pricing and reimbursement to address unmet patient need in the longer term, and Telix's ability to continue to drive market growth and market penetration.

Telix’s purpose and mission are implemented through short, medium and long-term strategies, clear near-term objectives restated on at least an annual basis, and forward-looking measurable targets.

Telix dedicates resources to attracting and retaining talent to key roles and has implemented dedicated global commercial strategy and global asset development business units. Telix has embedded program development and commercialisation planning and reporting systems into its operations - including asset lifecycle management planning, an intellectual property development and management strategy, market access planning, competitive awareness, sales team targets, training and maturity activities.

The Group is committed (with appropriate cost/benefit analysis) to investment into required internal infrastructures to support its ongoing commercial success in its complex global environment. Telix has an enterprise risk management approach and an internal audit function dedicated to protecting and enhancing company value.

Telix seeks to drive competitive success through its identification and hiring of experienced key talent into senior leadership, sales, marketing and strategic commercialisation roles. Lifecycle planning strategies are in place to enable the identification of opportunities and risks associated with the continuing success of Illuccix®.

Principal risk area	Description of risk	Key mitigation strategies and tactics
Supply chain resilience and responsibility	Nuclear medicine products and technologies have inherently complex manufacturing, supply and logistics chains. Telix is dependent on third parties, including Contract Development and Manufacturing Organisations and radiopharmacy networks, for the manufacture and supply of a substantial portion of our products, both commercial and those under development. Telix is also dependent on the global radioisotope supply chain which can be subject to periodic limitations and disruptions. Disruptions to Telix’s supply chain caused by an interruption to the availability of key product components or cost-effective transportation may result in unexpected delays or increased costs.	Telix has dual supply surety where possible and continues to seek viable and sustainable opportunities for supply chain integration within the Group structure - for example, through the acquisition and development of in-house manufacturing capability at its TMS facility. Supplier risk programs are critical elements of Telix’s risk mitigation tactics in this area and we aim to continuously improve our vendor selection, diligence and vendor management strategy and framework to manage supply chain resilience and related risk.
Compliance, including legal and regulatory	As a complex global organisation, Telix has substantial compliance obligations across its business units, including legal and healthcare compliance, commercial, pricing and regulatory compliance, financial, statutory and taxation compliance, and environmental compliance. The profitability of Telix’s operations and its continued viability - including its ability to have assets successfully approved or commercialised in its operating regions - may be adversely impacted by material non-compliance and/or regional specific legal or regulatory regimes. This could result in delays or rejections of applications (or sanctions if not appropriately managed), changes in legal, regulatory or fiscal regimes, difficulties in interpreting or complying with local laws and reversal of current political, judicial or administrative policies, including as a result of geopolitical tensions.	The GRC function is in place to establish and embed the framework to help ensure Telix meets its obligations under applicable laws, regulations, codes and corporate policy. Telix aims to continuously improve its integrated program, which is consistent with ISO 37301:2021 Compliance Management Systems. The pillars of Telix's compliance framework are: inform - ensuring employees are aware of their obligations and the legislative changes that may impact their business units/activities comply - via ongoing review of the compliance register, recorded obligations and completion of activities, and assure - via internal and/or external audit and review of activity where appropriate. Telix has teams and structures in place to enable it to maintain awareness of relevant legal and regulatory changes, including as relates to market access, pricing and reimbursement.
Product pipeline	Telix’s long-term sustainable viability will be determined in part by its ability to continue to identify and successfully develop and fund a pipeline of products capable of commercialisation, and will need to be successful in this in a dynamic and changing competitive landscape. Telix will also need to protect and enhance the intellectual property position surrounding its portfolio in the long-term.	Telix has a strong Research and Innovation (R&I) ethos and has developed an R&I team and strategy which is driven to continuously identify and progress early development on a broad pipeline of pre-clinical and clinical assets. Revenue growth from the commercialisation of Telix assets, including Illuccix®, will provide the Company with optionality to fund the research and development of its core pipeline assets to address unmet patient needs. The commercial and business development teams remain alert to scientific, medical and market developments and the Group engages expert scientific advisors. The Group dedicates resources to intellectual property protection strategy, competitive monitoring and implementation.
Financial risk	In addition to the above-mentioned risks associated with securing financial viability through the successful commercialisation of its product portfolio, Telix faces a variety of risks arising from the unpredictability of financial markets, including the cost and availability of funds to meet its business needs and movements in market risks, such as interest rates and foreign exchange rates. Telix may need to raise additional capital.	In addition to mitigation strategies and tactics - as described above - to seek long-term financial sustainability through the successful commercialisation of its product portfolio, Telix implements financial risk management practices and procedures aimed at protecting value by managing exposure to financial risks, including those for sound internal controls, cash flow management and controls, customer diligence and payment management, treasury management, and relevant business insurances.
Product quality	Telix is committed to delivering high quality innovative medicines to patients and conducting our clinical trials with a philosophy and in a manner that recognises the importance of patient safety and respecting the rights of participants. Telix’s products are required to comply with a wide range of jurisdictionally unique regulatory requirements aimed at ensuring the quality and efficacy of its products and the safety of patients. Telix’s financial performance and social licence to operate could be adversely impacted by poor or sub-optimal quality products.	Telix has a Quality Management System (QMS) in place based on the international ISO 9001 series of Quality Management standards that is consistently implemented, and risk-based to maintain quality product for clinical and commercial distribution. High quality clinical research is conducted in accordance with all applicable laws and regulations. When conducting multinational, multi-site trials we follow all applicable legal, ethical and scientific standards. Telix products are researched, manufactured and tested at certified Good Laboratory Practice (GLP), Good Distribution Practice (GDP) and Good Manufacturing Practice (GMP) facilities, and processes, methods and change control are validated. Telix has a Global Safety Review Committee (GSRC) that meets quarterly to oversee safety signal assessments across all Telix products in human use including clinical trials, compassionate use, and post market use. Telix’s Quality and Safety Evaluation Board (QSEB) is responsible for reviewing and evaluating product release and quality and safety issues. The QSEB comprises the CDO, CMO and senior representatives of the quality, regulatory, medical and risk and compliance functions.
Information management and information security including cybersecurity	Increasing sophistication of external attacks demands an effective and up-to-date cyber security control environment to prevent significant organisational loss of systems, intellectual property and clinical data, damage to reputation and/or disruption to business. This includes loss or misuse of data or personal information.	Telix undertakes business continuity, crisis and disaster preparedness planning. This includes monitoring and enhancing information security capabilities to keep pace with the evolving nature and sophistication of cyber threats. Telix’s Information Technology team seeks to continuously enhance our ability to prevent, detect and respond to cyber-attacks both through implementing new tools and a cyber awareness program for team members. We have in place an Information Security and Information Management (ISMS) program that is subject to ongoing review and internal audit.
Environmental risk	Radiopharmaceutical products use radioactive materials, which generate medical and other regulated wastes. The possession and disposal of these materials and waste products present the risk of accidental environmental contamination and physical injury.	We have designed manufacturing and storage processes for radioactive compounds to mitigate the risk of exposure of employees and others to radioactive materials. These processes are subject to internal and (where relevant) external audit. We have systems and processes in place to enable us to maintain awareness of national radioprotection laws in the jurisdictions in which the Company operates. We have a vendor assurance program whereby we conduct due diligence and internal audit on material suppliers. This includes ensuring our relevant vendors have the appropriate licences and standard operating procedures (SOPs) as well as regulatory compliance certifications (as relevant) for the safe disposal of radiopharmaceuticals.
Sustainability risk	Risks arising from perceived or actual shortcomings in the management of sustainability matters, including Environment, Social and Governance (ESG) matters.	Telix will continue to best-manage sustainability-related risks through the incorporation of sustainability matters (including those classed as ESG) into its ERMF. In this way, sustainability topics and risk and opportunity areas are built into the fabric of strategic and business decision making. Governance and oversight, management, delivery, compliance, reporting and accountability align with the Group’s three lines model of risk and opportunity management, and we will monitor, measure and report on performance. We incorporate this into our governance and operations with a strong investor and stakeholder engagement program, which includes materiality assessments. We will further develop scenario planning capability to enhance visibility and thinking related to emerging areas of risk and opportunity.