Compliance Risk Management

Systematic & Effective Compliance Management

For systematic and effective management of compliance and ethics, Celltrion has established and operates a Compliance Risk Management process consisting of five steps: risk identification, assessment, mitigation planning, monitoring, and reporting. In addition, the Compliance Team focuses on managing key risks by running the ITRS (Internal Transaction Review System), an IT system that monitors internal transaction risks continually.

Risk Management Process

  1. Risk Identification
    • Identify key trends and compliance issues
    • Categorize risks and update the list of categories according to relevant regulations
  2. Risk Assessment
    • Rate risks depending on impact and frequency
    • Select key risks to manage
  3. Risk Mitigation Planning
    • Establish a risk mitigation plan for each relevant legal area
    • Review and update the risk mitigation plan regularly
  4. Risk Monitoring
    • Check compliance status with a checklist by legal area
    • Monitor the status of key risk responses and management
  5. Risk Reporting
    • Report on the status of Compliance Risk Management on a regular basis
    • Report to the BoD on the results of compliance checks conducted by the Compliance Officer