Biotechnology is booming, yet the neglect of effective risk management could have disastrous consequences for the public and for the industry as a whole

Biotechnology is big business. A growing, ageing, global population is creating a demand for high-tech products, from genetically engineered crops to new drugs, to feed us and keep us healthy.

Analysts at international accounting firm EY estimate that global biotechnology industry revenues for publicly held companies were more than €66bn in 2012, up from €61bn in 2011 and €59bn in 2010.

Already a new generation of genetically engineered drugs is estimated to make up 10% of the global prescription drugs market – 20% in the US – and this will only grow as more drugs emerge and existing drugs drop in cost.

The area planted with GM crops globally increased by a factor of 94 between 1996 and 2011.

But despite booming business, the industry is far from risk free. Investment costs are sky-high, competition is fierce and there is danger of a catastrophic problem, whether in clinical trials (see box below) or with PR – as with the introduction of ‘Frankenstein food’ GM crops in the UK, which triggered widespread protests.

Successfully risk-managing this process is “all about how you get from the lab to the high street”, according to Christopher Bryce, leader of the Chemicals and Life Sciences Practice at Marsh. “The beginning and the middle is the most interesting bit. The end is usually taken care of through licensing deals and not that interesting in terms of risk management. What’s actually happening in and out of the lab, the way you are interacting with patients in trials, that’s the critical bit.”

Risk neglect

Biotechnology is heavily reliant on innovative start-ups and this can result in a cavalier approach to risk in the early stages. “I’m not sure if it is that they are not fully attuned to the risks, or whether they are just hoping that it doesn’t happen to them,” says Bryce.

Neglecting risk management is extremely dangerous. For example, according to Bryce, the cost of getting a drug to market is estimated to be about $1bn to $2bn, up from $200m a few years ago. “The easy wins were back in the 1970s,” he says. “Now it’s much more difficult and takes longer to get them through the process. Regulators are demanding a lot more information about the effect of drugs because they are concerned about public health.”

Given the scale of the investment, risk-managing the early stages of development is critical. Of particular importance is data security. The risk of a hacking attack is real (see box overleaf ) and can be catastrophic for a young firm.

Some firms choose to transfer this risk to the market. “In Europe, buyers often think they are getting their cyber risk covered under their normal liabilities cover,” says Bryce. “In the US, it’s more typical to buy a specialist product.

“I don’t think in the biotechnology sector people have really caught up with the risk. There have been examples of where data has been mismanaged and you have to get back to the trials, or you get out of step with the regulators and have to go back – which can have a real impact if you are competing to get a drug to market. Also, espionage cyber risk can cost them a huge amount.”

But some in the industry feel that the risk goes beyond insurance and look to other solutions. “I have not found anyone who thinks separate [intellectual property] cover is a value proposal,” says Claude Breutel, head of insurance at Syngenta. “The area is highly skilled, highly complex. For smaller companies, it may be a value proposition. But for the larger companies, you are talking about exposures far beyond the capacity available on the market.

“Cyber insurance is also a no-brainer for us. It is not a value proposition. The picture is diverse. We are exposed to various activist groups that wish to attack us or launch a cyber war against us, but we know about this and so we are prepared.

“In terms of data security, data integrity, risk management and technology are at such a high level that our security group does not think it is of value for us to look into financial cover.

“We have identified our employees as the main exposure – how they are managing, transporting and handling critical information. We looked at this and felt that, ultimately, insurance is not the way for us to address this risk.”

All agree the moment that a product interacts with the public, the stakes are raised in terms of risk – as are the demands on insurers. The regulatory framework is complex and evolving. No one can afford mistakes.

Added complications

“When you get into clinical trials you get added complications,” says Bryce. “The whole issue of clinical trials is very interesting – the EU is about to change the way things are done” (see box overleaf ).

Liabilities cover is a key issue. “So far, there haven’t been many claims, but when they happen they tend to be high-profile, media events,” says Bryce. “It’s been a profitable area for the insurance industry. But it hasn’t tackled the regional laws, and at the moment you are still subject to different rules in different countries; different attitudes to compensation.”

As such, the onus is on risk managers to make sure their cover takes a multinational view. “Complex liabilities are something that occupy [firms looking at their exposures] more and more,” says Breutel. “We have to abandon the idea that one size fits all. We cannot function with one standard liability package across whole industry sectors; this kind of thinking goes back to the 1980s and 1990s. Everything has developed since then – technology, regulations, everything.

“I am not sure whether this is reflected in the products available. Biotechnology in general is high-tech, and depending on where companies are located they may be directly consumer-facing and this can be a challenging place to be in terms of regulation and pressure from consumer groups.”

Complex chains

As with all firms, supply chains are an issue for biotechnology. “One constant theme for us is always logistics and supply chain complexity, the vulnerability to contingent business interruption,” says Breutel. “Specific to our company, over the past few years we have seen more and more extreme climate-related events. This continues to be an issue for our risk managers.”

Biotechnology comes with its own specific supply chain issues. “There is a lot of pressure coming through from the regulators at European level for compliance within the supply chain and regulation of quality both in the end product and along the way,” says Bryce. “They are starting to put pressure on drug manufacturers to warrant their products from cradle to grave within the supply chain.

“The further you get away from the developed world, the harder it is to find companies that will comply, and so you have a situation now where Indian companies are being battered by the regulator and excluded from the market.

“This is significant, because biotechnologies don’t tend to make products themselves, they make them in the lab, get them through animal tests and then go to specialist companies to get this stuff made for human trials. It’s obvious that you need good risk management. If you get a product made incorrectly, it can be a real problem.”

Risk managers need to ensure that their firms maintain good practice in the distribution of products. “Particularly around the handling of temperature-sensitive goods there is increasing pressure for regulations and this is all bearing down on the industry,” says Bryce.