Our six ESG focus areas
ESG is embedded in our strategy and supports our sustainable performance and long-term growth. It helps us build trust with and deliver returns to our stakeholders, reduce risk to our operations and deliver positive social impact.
We have six ESG focus areas addressing what is most material to our business and the issues that matter the most to our stakeholders.
ESG investor education events
Our ESG Performance Rating
Our ESG Performance Rating helps us integrate ESG into the delivery of our strategy and allows us to measure and verify the progress we are making. The rating is one of our corporate KPIs and measures progress against key metrics aligned to each of our six focus areas. In 2023, this included 22 metrics, which are summarised in our ESG Performance Report.
The GSK Leadership Team (GLT) is accountable for delivering progress against the metrics and regularly reviews performance along with the Board’s Corporate Responsibility Committee (CRC). Each individual metric is assessed as either: on track (metric met or exceeded); on track with work to do (at least 80% of metric has been achieved); or off track (metric missed by more than 20%).
In addition, in order to calculate the overall ESG Performance Rating, performance across all metrics is aggregated to a single score to illustrate whether we are on track, on track with work to do, or off track.
Our 2023 ESG Performance Rating is on track, based on 95% of all performance metrics being met or exceeded.
ESG Performance Report 2023
Download to find out more about our approach to ESG and progress in 2023
External ESG ratings
We have maintained our acknowledged leadership in ESG, and this continues to be a key driver in our goal to deliver health impact and shareholder returns. Detailed below is how we perform in key ESG ratings that we are frequently asked about by investors.
| External benchmarking | Current rating |
Previous rating |
Comments |
|---|---|---|---|
| S&P Global's Corporate Sustainability Assessment | 84 | 86 | 1st in the pharmaceutical industry group; Assessment conducted annually, current score updated Nov 2023 |
| Access to Medicines Index | 4.06 | 4.23 | Led the bi-annual index since its inception in 2008; Updated bi-annually, current results from Nov 2022 |
| Antimicrobial Resistance Benchmark | 84% | 86% | Led the bi-annual benchmark since its inception in 2018; Current ranking updated Nov 2021 |
| CDP Climate change | A- | A- | Updated annually, current score updated Feb 2024 |
| CDP Water security | A- | B | Updated annually, current score updated Feb 2024 |
| CDP Forests (palm oil) | B | A- | Updated annually, current score updated Feb 2024 |
| CDP Forests (timber) | B | B | Updated annually, current score updated Feb 2024 |
| CDP Supplier engagement rating | Leader | Leader | Updated annually, current score updated March 2023 |
| Sustainalytics | 16.7 | 18.6 | 1st percentile in pharma subindustry group; Lower score represents lower risk. Current ranking updated September 2023 |
| MSCI | AA | AA | Last rating action date: September 2023 |
| Moody's ESG solutions | 62 | 61 | 2nd in the pharmaceutical sector; Current score updated August 2023 |
| ISS Corporate Rating | B+ | B+ | Current score updated June 2023 |
| FTSE4Good | Member | Member | Member since 2004, latest review in June 2023 |
| ShareAction’s Workforce Disclosure Initiative | 79% | 77% | Current score updated Jan 2024 |
Updated February 2024
Governance
We are committed to operating at the highest standards of corporate governance. We believe our governance structure underpins our ability to deliver the Group's strategy to create long-term value and benefit for our shareholders and stakeholders.
View information on how GSK is governed, including details on our Board Committees and Management Committees, global compliance and Policies, codes and standards on our Governance section.
Risk management
Identifying, evaluating and managing risks
Our risk management and internal control framework is well embedded and provides the ability for the Board to evaluate and oversee how the company manages principal and emerging risks in line with our long-term objectives. We have a company-wide policy that sets out the requirements, roles and responsibilities for the management and governance of risks, controls and supporting guidance on the essential elements of our internal control framework. We routinely evaluate our framework for improvements.
Governance
The Board oversees our risk management system and establishes our risk appetite, supported by the Audit & Risk Committee (ARC). The Corporate Responsibility Committee (CRC) and Science Committee further assess the effectiveness of risk management strategies pertinent to their defined remits. Our Risk Oversight & Compliance Council (ROCC) helps the ARC and CRC to oversee the risks, and the strategies used to address them. Risk management and compliance boards across the Group promote the ‘tone from the top’. They also establish our risk culture and oversee the effectiveness of risk management activities, as well as communicating information about internal controls.
Our business is accountable for delivering on its objectives in line with its established risk appetite. An Enterprise Risk Owner is responsible for each principal risk, with oversight by a GLT member. Risk owners report risk and mitigation to ROCC, the GLT and the appropriate Board committee. Legal and Compliance support these efforts by advising on our business strategies, activities, risks and controls, and Audit & Assurance provides assessments of the adequacy and effectiveness of our framework.
Considering current and emerging risks
We continuously evaluate our risks. Our risk assessment process considers the likelihood and impact of risks, and the timescale over which a risk could occur. We consider both current and emerging risks that could affect our ability to achieve our long-term objectives. Emerging risks are those on the three-year horizon, in line with our viability statement. We also define risks in this way if we need to know more about how likely they are to materialise, or what impact they’d have if they did. We will evaluate if additional investigation is required before classifying them as principal risks.
Risk management and compliance boards at all levels of the organisation identify emerging risks on an ongoing basis, and ROCC discusses emerging risks at each meeting. We also scan the risk horizon throughout the year to identify external trends that may be opportunities and/or emerging risks and monitor our business activities and internal environment for new, emerging and changing risks.
ROCC conducts an annual risk review to assess principal and emerging risks for the company. This review is supported by extensive analysis of external trends and insights, senior level interviews and recommendations from risk management and compliance boards and risk owners. ROCC shares this annual review with the ARC and Board for assessment and this forms the basis for the following year’s risk management focus.
2023 principal risks summary
We outline below the principal risks and uncertainties relevant to GSK’s business, financial condition and operations that may affect our performance and ability to achieve our objectives. These are the risks that we believe could cause our actual results to differ materially from expected and historical results. Operating in the pharmaceutical sector carries various inherent risks and uncertainties that may affect our business.
The risk that GSK, including our third parties, fails to appropriately collect, assess, follow up, or report human safety information, including adverse events, from all potential sources or that GSK potentially fails to appropriately act on any relevant findings that may affect the benefit-risk profile of a medicine or vaccine in a timely manner.
- Product governance
- Our approach to clinical trials (PDF - 198kb)
- Cloning and stem cell technologies (PDF - 185kb)
- The convention on biological diversity (PDF - 240kb)
- Public disclosure of clinical research (PDF - 175kb)
- The care, welfare and treatment of animals (PDF - 202kb)
- Pharmacovigilance (PDF - 171kb)
- Falsified and substandard healthcare products (PDF - 200kb)
- Third party oversight programme - working with third parties (PDF - 206kb)
- Anti-bribery and corruption policy (PDF - 330kb)
- The Code (PDF - 2.4mb) and Code Hub (PDF - 223kb)
The risk that GSK or our third parties potentially fail to ensure appropriate controls and governance of quality for development and commercial products are in place; compliance with industry practices and regulations in manufacturing and distribution activities; and terms of GSK product licenses and supporting regulatory activities are met.
The risk that GSK fails to comply with current tax laws; fails to report accurate financial information in compliance with accounting standards and applicable legislation; or incurs significant losses due to treasury activities.
The risk that GSK or our third parties potentially fail to comply with certain legal requirements for the development, supply and commercialisation of our products and operation of business, and specifically in relation to requirements for competition law, anti-bribery and corruption, and sanctions. Any failure to meet compliance and legal standards for these particular areas could lead to increasing scrutiny and enforcement from government agencies.
The risk that GSK or our third parties potentially engage in commercial activities that fail to comply with laws, regulations, industry codes, and internal controls and requirements.
- Competitiveness and investment criteria - (PDF - 182kb)
- Marketing practices and scientific engagement (PDF - 155kb)
- GSK pharma and vaccine code of practice for promotion and scientific engagement (PDF - 219kb)
- Third party oversight programme - working with third parties (PDF - 206kb)
- Anti-bribery and corruption policy (PDF - 330kb)
- Engaging with HCPs
- The Code (PDF - 2.4mb) and Code Hub (PDF - 223kb)
The risk that GSK or our third parties potentially fail to engage externally to gain insights, educate and communicate on the science of our medicines and associated disease areas, and provide grants and donations in a legitimate and transparent manner compliant with laws, regulations, industry codes and internal controls and requirements.
- Engagement with patient organizations (PDF - 159kb)
- Marketing practices and scientific engagement (PDF - 155kb)
- Political advocacy (PDF - 199kb)
- GSK pharma and vaccine code of practice for promotion and scientific engagement (PDF - 219kb)
- Third party oversight programme - working with third parties (PDF - 206kb)
- Anti-bribery and corruption policy (PDF - 330kb)
- Engaging with HCPs
- The Code (PDF - 2.4mb) and Code Hub (PDF - 223kb)
The risk that GSK or our third parties potentially fail to ethically collect; use; re-use through artificial intelligence, data analytics or automation; secure; share and destroy personal information in accordance with laws, regulations, and internal controls and requirements.
The risk that GSK or our third parties potentially fail to adequately conduct ethical and credible pre-clinical and clinical research, collaborate in research activities compliant with laws, regulations, and internal controls and requirements.
- Our approach to clinical trials (PDF - 198kb)
- Cloning and stem cell technologies (PDF - 185kb)
- The convention on biological diversity (PDF - 240kb)
- Public disclosure of clinical research (PDF - 175kb)
- The care, welfare and treatment of animals (PDF - 202kb)
- Use of animals
- Pharmacovigilance (PDF - 171kb)
- Third party oversight programme - working with third parties (PDF - 206kb)
- Anti-bribery and corruption policy (PDF - 330kb)
- Engaging with HCPs
- The Code (PDF - 2.4mb) and Code Hub (PDF - 223kb)
The risk that GSK or our third parties potentially fail to ensure appropriate controls and governance of the organization's assets, facilities, infrastructure, and business activities, including execution of hazardous activities, handling of hazardous materials, or release of substances harmful to the environment that disrupts supply or harms employees, third parties or the environment.
- Third party oversight programme - working with third parties (PDF - 206kb)
- Hazardous chemicals management (PDF - 244kb)
- Genetically modified micro-organisms and EHS (PDF - 139kb)
- Nanotechnology (PDF - 207kb)
- Pharmaceuticals in the environment (PDF - 218kb)
- Environmental sustainability (PDF - 331kb)
- Environment, Health and Safety (PDF - 144kb)
- The Code (PDF - 2.4mb) and Code Hub (PDF - 223kb)
- Environment
The risk that GSK or our third parties potentially fail to ensure appropriate controls and governance to identify, protect, detect, respond, and recover from cyber incidents through unauthorised access, disclosure, theft, unavailability or corruption of GSK's information, key systems, or technology infrastructure in accordance with applicable laws, regulations, industry standards, internal controls and requirements.
The risk that GSK or our third parties potentially fail to deliver a continuous supply of compliant finished product or respond effectively to a crisis incident in a timely manner to recover and sustain critical supply operations.
Find more information in the sections on Risk management (page 56) and Principal risks and uncertainties (page 284) in our Annual Report. You can also explore our Code and all our policies:
