Risk Appetite & Control
Before reading this section, please carefully review the following cautionary statement:
In this section we will make the required disclosures regarding our risk appetite and mitigating actions. We fully take the risk mitigation actions and risk management described in this section into account while preparing the description of the main risks and uncertainties we face, as set out in Section “Risk Factors”. Any mitigating language used in this section does not have any impact on the risks and uncertainties we face or their potential adverse effects as they are described in Section “Risk Factors”.
Section “Risk Factors” describes the main risks and uncertainties we face already fully having taken into account our risk management and the risk mitigating actions described herein.
Introduction
This Section 3 provides a general description of our willingness to mitigate the risks and uncertainties we face (also called our ‘risk appetite’), and to give a description of the mitigating actions we have taken with regard to our most relevant risks.
Controlling Actions We Take with Regard to Our Most Relevant Risks and Uncertainties
The following is a description of the main risks and uncertainties we face (being the first risk of each category of risk factors set out in Section “Risk Factors”) and a description of the measures we took to control them. A description of the expected impact upon materialization of these risks is included for each risk in Section “Risk Factors.”
RISK FACTOR
MEASURES TAKEN TO CONTROL THESE RISKS
The commercial success of our products and product candidates, including in new indications or methods of administration, will depend on the degree of market acceptance.
We plan to focus on the successful commercialization of the products and product candidates after they are launched. We aim to further expand and develop our sales and marketing organization, including by attracting and retaining top talent for key positions such as the recent hire for the position of the chief commercial officer, enter into and/or amend where necessary collaboration arrangements with third parties, outsource certain functions to third parties, or use some combination of each to promote market acceptance of our products and product candidates. We seek to execute on our business model and long term version by advancing our core focus on innovation through identifying and selecting new product candidates in our IIP program, expanding our intellectual property portfolio, further expanding our labels and developing next-generation products such as the PFS.
Failure to successfully identify, select and develop our products in other indications, or additional products or product candidates could impair our ability to grow.
We will continue to focus on the IIP program, which is part of our method of identifying, selecting and developing product candidates and product based on scientific data and rationale. In addition, we remain committed to data driven decision making by driving innovation through cultivation of strategic opportunities across clinical stage development pathways. As part of this strategy, we aim to create optionality within our product portfolio, which is why we are advancing and prioritizing the continued development of adimanebart and empasiprubart.
We rely, and expect to continue to rely, on third parties to conduct some of our research activities, manufacturing and clinical trials and for parts of the development and commercialization of our existing and future research programs, products and product candidates. If our relationships with such third parties are not successful, our business may be adversely affected.
Project management is crucial to our success, and thus we seek to maintain a rich pipeline of possible collaboration partners, as well foster good relationships with existing and potential future partners to spread operational risks. As part of our contracting strategy, we seek to align incentives with our partners by structuring agreements that emphasize payment for outcomes rather than activities. Both during selection of our partners as well during the duration of our contracts with them, we apply continued and integrated quality management focused oversight to support performance and mitigate any potential risks.
We may be unable to adequately maintain, enforce or protect our intellectual property rights in products, product candidates and platform technologies which could adversely affect our ability to maximize the value for patients in our marketed products and product candidates.
We strive to protect the proprietary technologies that we believe are important to our business. We aim to achieve this by filing patent positions covering key patient innovations. Those key patient innovations are often embodied in the product labels describing how our products should be deployed to treat disease including the structure of our molecules in our products, and the formulation, dosing, administration, and other key innovations establishing the utility of our products for patients. In addition, we invest deeply in our manufacturing technologies and strive to protect new innovations with the potential to bring options and value to the company. These patent positions may prove useful in preventing an infringing third party from introducing a product into commerce during the term of our granted patent positions. In addition to patent protection, we also rely on trademarks to protect the goodwill and brand recognition the company brings to health care providers and patients. In particular, we aim to protect the hard-earned goodwill we earned with patient groups, our IIP partners, and other key partners that support the co-creation of our business. We also rely on trade secrets to protect valuable aspects of our business that are not amenable to, or that we do not consider appropriate for, patent protection, including certain aspects of our antibody engineering technologies, assay development, product development, biological insights, and multiple aspects of our business operations that have made a positive patient and commercial impact.
Our future growth and ability to compete depends on maintaining our culture, retaining our key personnel and recruiting additional qualified personnel.
We prioritize building and maintaining a strong, values‑driven culture, which is reflected in the way we hire, reward, and promote talent. Cultural fit, integrity, and alignment with our five cultural pillars are key criteria in our talent processes, and we continue to invest in programs that strengthen our culture and support the development of our employees. As part of this broader talent framework, we seek to offer competitive remuneration packages and share-based incentives in the form of the Equity Incentive Plan. We perform periodic benchmark analyses with an external independent service provider to promote the competitiveness of the compensation offered to our key personnel in comparison to other (reference group) companies.
General Description of Our Risk Appetite
Our risk appetite is defined by risk category and serves as a framework for assessing and managing risks in line with our strategy and priorities. While certain risks and uncertainties are inherent to our business and beyond our control, others may be influenced or mitigated. The Global Risk Management Committee regularly assesses whether risk exposures given the risk appetite remain within the levels approved by the Global Risk Management Committee. Key risks and related mitigating measures are monitored through the Enterprise Risk Management framework and reported to the Audit and Compliance Committee. In accordance with guideline 400.1054 of the Dutch Counsel for Annual Reporting (Raad voor de Jaarverslaggeving), this risk management section provides an overview of the risk mitigating actions taken or planned to be taken by us. The mentioning of these mitigating actions may not in any way be viewed as an implied or express guarantee that such mitigation will in practice be effective in limiting the risk exposure and/or the potential damage to us from any such risk materializing.
Material Impact of Risk Materialization in 2025
During the period between January 1, 2025 and December 31, 2025, we did not identify any material impact as a result of materialization of previously identified risks and uncertainties.
Financial Risks and Controls
In running our business, we seek to implement a sustainable policy regarding internal control and risk management. Our Board of Directors has delegated an active role to our Audit and Compliance Committee in the design, implementation and monitoring of an internal risk management and control system to manage the significant risks to which we are exposed.
Our financial reporting is structured within a tight framework of budgeting, reporting and forecasting. A distinction is made between reports for internal and external use. External reporting at group level consists of an annual report (in the form of this Annual Report), including financial statements audited by the independent auditor, as well semi-annual reporting and quarterly updates, containing summarized financial information. The external reports are based on the internal financial reporting.
Internal financial reporting consists of extensive consolidated monthly reports in which current developments are compared to the monthly (cumulative) budgets and previous forecasts. In addition, each quarter we reiterate or update our forecast for the annual results, including the cash flow position at the end of the year. The quarterly budgets are part of the annual group budget, which is prepared every year by our Senior Management Team and approved by our Board of Directors. Our specialized finance and administration department are primarily responsible for evaluating the draft internal and external reporting, before these are finally approved by our Board of Directors.
Our Board of Directors discusses the financial results of the group at all formal board meetings, which meetings are minuted.
Our internal controls over financial reporting are a subset of internal controls and include policies and procedures that:
- pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of our assets;
- provide reasonable assurance that transactions are recorded as necessary to permit preparation of our financial statements in accordance with IFRS as issued by the International Accounting Standards Board and as adopted by the EU, and that receipts and expenditures are being made only by authorized persons; and
- provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of our assets that could have a material effect on the financial statements.
Since we have securities registered with the SEC and are a large accelerated filer within the meaning of Rule 12b-2 of the Exchange Act, we need to assess the effectiveness of our internal controls over financial reporting and provide a report on the results of our assessment. Our Board of Directors reviewed its internal controls over financial reporting based on criteria established in the Internal Control – Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission and engaged an external advisor to help assess the effectiveness of its controls.
Recent or Current Developments in our System of Risk Management
We pay attention to proactive risk management by continuing to have the evaluation of our core risks and uncertainties as a standing discussion topic for our Board of Directors. In addition, since 20242025, we have added quarterly updates for specific risks to our Board of Directors agendas, including cyber security, privacy and healthcare compliance risks.
Framework and Effectiveness of Internal Risk Management and Control Systems
According to best practice provision 1.4.2(ii) of the DCGC, the Board of Directors must report in the board report on the design and operating effectiveness of the internal risk management and control systems during the past financial year. The revised DCGC of March 2025 added that the frameworks that have been used for this purpose (such as the COSO framework for internal control) must be reported on. It is expected that the management board indicates, in the reporting on the design and operating effectiveness of the internal risk management and control systems, which reference or standards framework (e.g. the COSO framework for internal control) has been used. It is also expected that the Board of Directors clearly explains how it has assessed the operating effectiveness of the internal risk management and control systems. Additionally, the revised DCGC of March 2025 added that, pursuant to best practice provision 1.4.2(iii), the Board of Directors must report in their board report on its assessment of the effectiveness of the internal risk management and control systems in relation to operational, compliance and reporting risks for the past financial year.