A leading global pharmaceutical company wanted to evaluate the feasibility of a holistic risk based approach to manage regulatory oversight of its customer engagement programs. A recent internal audit of its policy and controls concluded that the current control regime lacked comprehensive and effective controls to ensure identification and reporting of Adverse Events (AEs) from these programs which may result in under-reporting of AEs to regulatory authorities and possible regulatory action. Many of these findings were related to programs that were currently rated as ‘low’ or ‘medium’ risk highlighting the need to determine which parameters should be considered in assessing the risk of a program. Additionally, there was a broader belief that an effective risk based approach to control definition would lead to an efficient allocation of resources, reducing the overall cost of compliance. Finally, the organization struggled to assess (a) the total cost of executing programs that qualified as customer engagement programs as defined in the current policy and (b) the overall cost of regulatory oversight for these programs.
We developed a framework with which the risk of a program could be assessed, which included two distinct types of risk: (1) the risk of non-compliance and (2) the likelihood of the seriousness of Adverse events reported. The framework also included different parameters with which each risk would be measured. Using this framework, we analyzed around 4000 different programs conducted over a 3-year period and measured the risk of each program. The assessment showed that risks varied significantly not only by therapeutic area, but also by the nature of interactions with customers/ patients. Further, as part of the cost component of the program, we assessed Purchase Order history and developed a high-level estimate of program spends by each therapeutic area, lending visibility to a hitherto unknown quantity of actual spends in this area. Additionally, using Activity Based Costing techniques, we estimated the total cost of oversight for these programs.
Our team identified the following distinct categories of recommendations: – Aligning the customer engagement program policy and controls with risks so that risk levels are differentiated by therapeutic areas and interaction types; – Reviewing the volume of invalid Adverse Events and Adverse Events that do not add any value to patient safety and business; – Helping the business evaluate the utility of ongoing programs; – Assisting the business in reducing the complexity of some high-risk program; and – Leveraging synergies between different support functions to provide enhanced value to the business. Acting on these recommendations helped the client optimize compliance costs by up to $17 million (i.e. 20% of compliance costs).