a0299f

A hard copy version of the Annual Report 2019 and the Notice of Annual General Meeting 2020 ('AGM Notice') will be sent to those shareholders who have elected to receive paper communications on or about 23 March 2020. The AGM Notice will be made available to shareholders who have not elected to receive paper communications on the same date.

The information included in the unaudited preliminary results announcement released on 5 February 2020, together with the information in the Appendices to this announcement which is extracted from the Annual Report 2019, constitute the materials required by the FCA's Disclosure Guidance and Transparency Rule 6.3.5R. This announcement is not a substitute for reading the Annual Report 2019 in full. Page and note references in the Appendices below refer to page and note references in the Annual Report 2019.

GSK cautions investors that any forward-looking statements or projections made by GSK, including those made in this announcement, are subject to risks and uncertainties that may cause actual results to differ materially from those projected. Such factors include, but are not limited to, those set out in Appendix A of this announcement. GSK also refers investors to the cautionary statement on the inside back cover of the Annual Report 2019.

The principal risks discussed below are the risks and uncertainties relevant to our business, financial condition and results of operations that may affect our performance and ability to achieve our objectives. They are the risks that we believe could cause our actual results to differ materially from expected and historical results.

During 2019, we continued to embed changes to our risk management and reporting cycle to help us identify, manage and report our most important risks across the organisation in a more consistent and proportionate way. We completed Enterprise Risk Plans for all of our most important risks and ensured businesses adopted them and only adapted them with approval. We deployed confirmation across the organisation, reinforcing leader accountability for risk management, and measured how well the controls set out in the Enterprise Risk Plans had been implemented and gaps closed. We further evolved our risk management process by introducing new reports to the Board with more focus on data and key risk indicators, leading to better informed discussions on risk exposure and action needed. We introduced a new approach to the annual risk review to support CET decisions on any changes required to our most important risks.

As rules and regulations change, government interpretation evolves, and our business activities change, the nature of a particular risk may change. Changes to certain regulatory regimes may be substantial. Any change in, and any failure to comply with, applicable laws and regulations could materially and adversely affect our financial results.

Similarly, our global business exposes us to litigation and government investigations, including but not limited to product liability litigation, patent and antitrust litigation and sales and marketing litigation. Litigation and government investigations, including related provisions we may make for unfavourable outcomes and increases in related costs such as insurance premiums, could materially and adversely affect our financial results.

UK regulations require a discussion of the mitigation activities a company takes to address principal risks and uncertainties. Below is a description of each of our principal risks with a summary of the activities that we take to manage each risk across our businesses. The principal risks and uncertainties are not listed in order of significance.

The risk impact has the potential to compromise our ability to conduct robust safety signal detection and interpretation and to ensure that appropriate decisions are taken with respect to the risk/ benefit profile of our products, including the completeness and accuracy of product labels and the pursuit of additional studies/ analyses, as appropriate. Additionally, this risk could potentially negatively impact our ability to incorporate verified safety signals into local (country) labelling. This could lead to potential harm to patients, reputational damage, product liability claims or other litigation, governmental investigation, regulatory action such as fines, penalties or loss of product authorisation.

Pre-clinical and clinical trials are conducted during the development of investigational Pharmaceutical, Vaccine and Consumer Healthcare products to determine the safety and efficacy of the products for use by humans. Notwithstanding the efforts we make to determine the safety of our products through appropriate pre-clinical and clinical trials, unanticipated side effects may become evident only when products are widely introduced into the marketplace.

Questions about the safety of our products may be raised not only by our ongoing safety surveillance and post-marketing studies but also by governmental agencies and third parties that may analyse publicly available clinical trial results. Constant vigilance and flexibility are required in order to respond to a varied regulatory environment which continues to evolve and diverge globally. Externally, developments in data interrogation present potential benefits for patient safety but the volume of data to be analysed presents a significant challenge which intensifies when coupled with fragmented regulatory requirements and privacy concerns. In the economic arena, mergers and acquisition activities introduce data integrity risks. Technology presents a significant opportunity for patient safety risk management by creating more reliable data interrogation tools and more accurate data collection mechanisms, even though the pace of Artificial Intelligence development has not been as great as once expected. Cyberattacks are an ever-growing concern given the volume of data and digital dependency.

The Group is currently a defendant in a number of product liability lawsuits, including class actions, that involve significant claims for damages related to our products. Litigation, particularly in the US, is inherently unpredictable. Class actions that seek to sweep together all persons who take our products increase the potential liability. Claims for pain and suffering and punitive damages are frequently asserted in product liability actions and, if allowed, can represent potentially open-ended exposure and thus, could materially and adversely affect the Group's financial results.

The Chief Medical Officer (CMO) is accountable for the patient safety enterprise risk and has the authoritative role for evaluating and addressing matters of human safety. The CMO is supported by an enterprise-wide Safety Governance Board to provide oversight and management of the control framework, including the risk management process. Product specific safety governance boards are in place to ensure that human safety is addressed proactively throughout the product lifecycle. Each business has a named medical officer and subsidiary business specific boards provide further oversight and governance.

It is our policy that employees are required to report immediately any issues relating to the safety or quality of our products. Each of our country managers is responsible for monitoring, exception tracking and training that helps assure the collection of safety information and reporting the information to the relevant central safety department, in accordance with policy and legal requirements.

Once a Group product is approved for marketing, we have an extensive post-marketing surveillance and signal detection system. Information on possible side effects of products is received from several sources including unsolicited reports from healthcare professionals (HCPs) and patients, regulatory authorities, medical and scientific literature, traditional media and social media.

Information that changes the risk/benefit profile of one of our products will result in certain actions to characterise, communicate and minimise the risk. Proposed actions are discussed with regulatory authorities and can include modifying the prescribing information, communications to physicians and other healthcare providers, restrictions on product prescribing/availability to help assure safe use, and sometimes carrying out further clinical trials. In certain cases, it may be appropriate to stop clinical trials or to withdraw the medicine from the market.

A failure to ensure product quality could have far reaching implications in terms of patient and consumer safety, delays in launching products, drug shortages, product recalls, as well as regulatory, legal, and financial consequences, which could materially and adversely affect GSK's reputation and financial results.

The external environment for product quality continues to be challenging. The single biggest change since 2018 is the political instability and uncertainty surrounding the delivery of Brexit and the implications for medicine supply continuity both into and out of mainland Europe. Two new sets of requirements are due to be implemented by EMA shortly and we are preparing for both. In the first quarter of 2020, there will be new reporting requirements on potential drug shortages and from May 2020 there are new regulations covering the licensing of medical devices.

Technological developments are increasingly used to both enhance manufacture and to support the inclusion of packaging features that help secure the legitimate supply chain e.g. serialisation. The threat of cyberattacks remains a key risk to the integrity of product quality data and its audit trail.

Significant changes are taking place in GSK as we implement the new organisational alignments and IPTc strategy. These changes are assessed by the Quality organisations to ensure our quality procedures and governance can facilitate the strategy whilst also ensuring that no unintended consequences increase our product quality risk.

An extensive global network of quality and compliance professionals is aligned with each business unit to provide oversight and assist with the delivery of quality performance and operational compliance, from site level to senior management level. Management oversight of those activities is accomplished through a hierarchy of quality councils and through an independent Chief Product Quality Officer and Global Product Quality Office that provides oversight of product quality risk across the company.

We have developed and implemented a single Quality Management System that defines the quality standards and systems for our businesses associated with Pharmaceuticals, Vaccines and Consumer Healthcare products and clinical trial materials. This system has a broad scope and is applicable throughout the product lifecycle from R&D to mature commercial supply. It is augmented by a consolidation of the numerous regulatory requirements defined by markets across the world which assures that it meets external expectations for product quality in the markets supplied. It is based on the internationally recognised principles from the 'ICH Q10: Pharmaceutical Quality Systems' framework.

The Quality Management System is routinely updated to ensure that it keeps pace with the evolving external regulatory environment and with new scientific understanding of our products and processes. As part of our drive to continually improve the operational deployment of our Quality Management System, we are making our policies and procedures simpler to understand and implement, as well as adopting innovative tools to give a more user-friendly experience. All staff members are regularly trained in regulatory expectations, learnings from inspections and current procedures to ensure continued maintenance of cGMP standards.

We have implemented a risk-based approach to assessing and managing third party suppliers that provide materials which are used in finished products. Contract manufacturers making our products are expected to comply with GSK standards and are regularly audited to provide assurance that standards are met.

Product Incident Committee processes are in place to investigate product issues and make recommendations on remediation activities including where necessary, the recall of product from the marketplace in order to protect patients and consumers. A complaints process is also in place to ensure GSK responds to product quality issues raised by patients and customers.

Non-compliance with existing or new financial reporting and disclosure requirements, or changes to the recognition of income and expenses, could expose us to litigation and regulatory action and could materially and adversely affect our financial results. In the current period of significant political uncertainty especially in the USA and UK, there can be significant changes at short notice. Failure to comply with any changes in the substance or application of the governing laws covering transfer pricing, dividends, tax credits, and intellectual property could materially and adversely affect our financial results.

The Group is required by the laws of various jurisdictions to disclose publicly its financial results and events that could materially affect the financial results of the Group. Regulators routinely review the financial statements of listed companies for compliance with new, revised or existing accounting and regulatory requirements. The Group believes that it complies with the appropriate regulatory requirements concerning our financial statements and disclosure of material information including any transactions relating to business restructuring such as acquisitions and divestitures. However, should we be subject to an investigation into potential non-compliance with accounting and disclosure requirements, this can lead to restatements of previously reported results and significant penalties.

The Group's effective tax rate reflects rates of tax in the jurisdictions in which the Group operates that are both higher and lower than the UK rate and considers regimes that encourage innovation and investment in science by providing tax incentives which, if changed, could affect the Group's tax rate. In addition, the worldwide nature of our operations means that our intellectual property, R&D and manufacturing operations are centered in several key locations. A consequence of this is that our cross-border supply routes, necessary to ensure supplies of medicines into numerous end markets, can be complex and result in conflicting claims from tax authorities as to the profits to be taxed in individual countries. Tax legislation itself is also complex and differs across the countries in which we operate. As such, tax risk can also arise due to differences in the interpretation of such legislation. The tax charge included in our financial statements is our best estimate of tax liability pending audits by tax authorities.

We expect there to be continued focus on tax reform driven by initiatives of the Organisation for Economic Cooperation & Development to address the taxation of the digital economy and European Commission initiatives including the use of fiscal state aid investigations. Together with domestic initiatives around the world, these may result in significant changes to established tax principles and an increase in tax authority disputes. These, regardless of their merit or outcomes, can be costly, divert management attention and may adversely impact our reputation and relationship with key stakeholders.

Financial results are reviewed and approved by regional management and then reviewed with the Financial Controller and the Chief Financial Officer (CFO). This allows our Financial Controller and our CFO to assess the evolution of the business over time, and to evaluate performance to plan. Significant judgments are reviewed and confirmed by senior management. Technical or organisational transformation and newly acquired activities are integrated into risk assessments and appropriate controls and reviews are applied.

We maintain a control environment designed to identify material errors in financial reporting and disclosure. The design and operating effectiveness of key financial reporting controls are regularly reviewed by management and tested by external third parties. A minimum standard control set is in place for all finance locations irrespective of size and reviewed by management and monitored independently. This provides us with the assurance that controls over key financial reporting and disclosure processes have operated effectively. Our Global Finance Risk Management and Controls Centre of Excellence provides extra support during significant transformations such as system deployment or management/structural reorganisations. We also add operational resources to ensure processes and controls are maintained during such changes. Additional risk mitigation has been introduced by amending the programme timelines of system upgrades to optimize delivery.

The Disclosure Committee, reporting to the Board, reviews the Group's quarterly results and Annual Report and determines throughout the year, in consultation with its legal advisors, whether it is necessary to disclose publicly information about the Group through Stock Exchange announcements. We keep up-to-date with the latest developments in financial reporting requirements by working with our external auditor and legal advisors.

The Treasury Management Group meets on a regular basis to seek to ensure that liquidity, interest rate, counterparty, foreign currency transaction and foreign currency translation risks are all managed in line with the conservative approach as detailed in the associated risk strategies and policies which have been adopted by the Board.

Counterparty exposure is subject to defined limits approved by the Board for both credit rating and individual counterparties. Oversight of Treasury's role in managing counterparty risk in line with agreed policy is performed by a Corporate Compliance Officer, who operates independently of Treasury. Further details on mitigation of Treasury risks can be found on pages 227 to 229, Note 43 'Financial instruments and related disclosures'.

Tax risk is managed through robust internal policies, processes, training and compliance programmes to ensure we have alignment across our business and meet our tax obligations. We seek to maintain open, positive relationships with governments and tax authorities worldwide and we welcome constructive debate on taxation policy. We monitor government debate on tax policy in our key jurisdictions to deal proactively with any potential future changes in tax law. We engage advisors and legal counsel to confirm the implications for our business of tax legislation. Where appropriate, we are active in providing relevant business input to tax policy makers. Significant decisions are submitted for consideration to the Tax Governance Board which meets quarterly and comprises senior personnel from across GSK's Finance division.

Our tax affairs are managed on a global basis through a coordinated team of tax professionals led by the Global Head of Tax who works closely with the business. Our tax professionals are suitably qualified for the roles they perform, and we support their training needs in order that they continue to be able to provide up to date technical advice. We submit tax returns according to statutory time limits and engage with tax authorities to seek to ensure our tax affairs are current, entering arrangements such as Continuous Audit Programmes and Advance Pricing Agreements where appropriate. These agreements provide long-term certainty for both tax authorities and for us over the tax treatment of our business. In exceptional cases where matters cannot be settled by agreement with tax authorities, we may have to resolve disputes through formal appeals or other proceedings.

Failure to mitigate this risk could expose the Group and associated persons to governmental investigation, regulatory action, and civil and criminal liability and may compromise the Group's ability to supply its products under certain government contracts. In addition to legal and financial penalties, a failure to prevent bribery through complying with ABAC legislation and regulations could have substantial implications for the reputation of the company, the credibility of senior leaders, and an erosion of investor confidence in our governance and risk management.

The overall environment for ABAC in 2019 remained challenging. Divergence of legislation is making compliance harder and countries are increasingly holding individuals accountable as well as corporations, increasing the employer duty of care. Society is holding corporations to ever higher standards with technology providing a speedy and anonymous avenue for dissemination of previously privileged information or even damaging false reports. Enforcement actions and penalties have increased across the globe with focus on use of third-party intermediaries. Supportive aspects of new policies include Latin America moving towards compliance regimes like those established by the US and UK. In India there was an amendment of the Corruption Act (2018) which explicitly makes an offence to pay a bribe. China has introduced significant anti-bribery and anti-corruption/legislative and regulatory reforms.

Programme governance is provided through Enterprise Risk Management overseen by the ABAC/TPO Governance Board which includes representation from key functional areas and the business. This joint board was created in 2019 to ensure strategic focus across the two principle risk areas as they have considerable co-dependency.

We have an enterprise-wide ABAC programme designed to ensure compliance with our ABAC policies and mitigate the risk of bribery and corruption. It builds on our business standards, values and expectations to form a comprehensive and practical approach to compliance and is flexible to the evolving nature of our business.

We have appropriate controls in place such as training, awareness raising, strong monitoring around transactions and payments to third parties. We plan to continue with pre and post-transaction ABAC due diligence, increase the capabilities in the business on monitoring, oversight and red flag resolution of third parties; review controls and accountabilities of government officials. We continue to understand and assess our money-laundering risk exposure and mitigate any existing risk.

Our Code of Conduct, values and expectations, and commitment to zero tolerance are integral to how we mitigate this risk. In light of the complexity and geographic breadth of this risk, we constantly evolve our oversight of activities and data, reinforce to our workforce clear expectations regarding acceptable behaviours, and maintain regular communications between the centre and local markets.

Our ABAC programme is built on best in class principles and is subject to ongoing review and development. It provides us with the basis from which we seek to manage the risk from top down and bottom up. For example, the programme comprises top-level commitment from the Board of Directors and leadership, and a new data analytics programme to create and embed local key risk indicators to enable targeted intervention and risk management activities.

The programme is underpinned by a global ABAC policy and written standards that address commercial and other practices that give rise to ABAC risk. In addition, the programme mandates enhanced controls over interactions with government officials and during business development transactions. Controls in our ABAC policy establish due diligence requirements for the engagement of third parties. The ABAC team continually works together with the TPO team to address and improve controls and monitoring requirements when engaging third parties.

We have a dedicated ABAC team responsible for the implementation and evolution of the programme in response to developments in the internal and external environment. For example, in 2019 we introduced a global process to centrally document conflicts of interest (COI) of employees and complementary workers supported by a simpler policy to ensure we can collate and report on COI management in the organisation.

This is complemented with independent oversight and assurance undertaken by the Audit & Assurance and Independent Business Monitoring teams. Issues identified during oversight and assurance exercises as well as resulting from investigations are used to identify areas for specific intervention in the markets as well as to continuously improve the programme.

Failure to engage in commercial activities that are consistent with the letter and spirit of the law, industry, or the Group's requirements relating to marketing and communications about our medicines and associated therapeutic areas; appropriate interactions with healthcare professionals (HCPs) and patients; and legitimate and transparent transfer of value.

Failure to manage risks related to commercial practices could materially and adversely affect our ability to deliver our strategy and long-term priorities. Failure to comply with applicable laws, rules and regulations may result in governmental investigation, regulatory action and legal proceedings brought against the Group by governmental and private plaintiffs which could result in government sanctions, and criminal and/or financial penalties. Failure to provide accurate and complete information related to our products may result in incomplete awareness of the risk/benefit profile of our products and possibly suboptimal treatment of patients and consumers. Any practices that are found to be misaligned with our values could also result in reputational harm and dilute trust established with external stakeholders.

We continue to evolve our business operations (including acquisitions and joint ventures) to operate on a global basis in an industry that is both highly competitive and highly regulated. Our competitors may make significant product innovations and technical advances and may intensify price competition. In light of this competitive environment, continued development of commercially viable new products and the development of additional uses for existing products that reflect insights which help ensure those products address the needs of patients/consumers, HCPs, and payers are critical to achieve our strategic objectives.

Developing new Pharmaceutical, Vaccine and Consumer Healthcare products is a costly, lengthy and an uncertain process. A product candidate may fail at any stage, including after significant economic and human resources have been invested. Our competitors' products or pricing strategies, or any failure on our part to develop commercially successful products, or to develop additional uses for existing products, could materially and adversely affect our ability to achieve our strategic objectives.

We are committed to the ethical and responsible commercialisation of our products to support our purpose to improve the quality of human life by enabling people to do more, feel better, and live longer. To accomplish this purpose, we engage the healthcare community in various ways to provide important information about our medicines.

Promotion of approved products seeks to ensure that HCPs globally have access to information they need, that patients and consumers have access to the information and products they need and that products are prescribed, recommended or used in a manner that provides the maximum healthcare benefit to patients and consumers. We are committed to communicating information related to our approved products in a responsible, legal and ethical manner.

Our strategic objectives are designed to ensure we achieve our purpose of helping people do more, feel better and live longer. We continue to strive for new product launches that are competitive and resourced effectively. We also strive to have a healthy proportion of the Group's sales ratio attributable to new product or innovation sales.

This innovation helps us defray the effect, for example, of downward price pressure in major markets, declining emerging market growth, rapidly evolving digital landscape, and negative foreign exchange impact. Establishing new products that are priced to balance expectations of patients and consumers, HCPs, payers, shareholders, and the community enables us to maintain a strong global business and remain relevant to the needs of patients and consumers. Our values and behaviours provide a guide for how we lead and make decisions. We constantly strive to do the right thing and deliver quality products and ensure supply is sustained to meet customer needs and demand requirements, seeking to ensure our actions reflect our values, behaviours and the purpose of our company.

We have taken action to enhance and improve standards and the application of data analytics and e-commerce channels. We have policies and standards governing commercial activities undertaken by us or on our behalf. Training has been implemented to support the evolution of our activities to all relevant employees. All of these activities we conduct worldwide must conform to high ethical, regulatory, and industry standards. Where local standards differ from global standards, the more stringent of the two applies. Where the standards of an acquired company or joint venture partner differ from our global standards, we will expediently remediate legacy policies and implement revisions to gain alignment. We have harmonised policies and procedures to guide above-country commercial practice processes as well as clarified applicable standards for operations in the various markets in which we operate. Each business has adopted the Internal Control Framework to support the assessment and management of its risks. Commercial practices activities have appropriate monitoring programmes and oversight from business unit Risk Management and Compliance Boards that manage risks across in-country business activities. Where in the past we have fallen below our own or any other regulatory or industry standards, we have sought to improve both the framework and culture for our compliance processes.

All promotional materials and activities must be reviewed and approved according to our policies and standards, and conducted in accordance with local laws and regulations, to seek to ensure that these materials and activities fairly represent the products or services of the Group. When necessary, we have disciplined (up to and including termination) employees who have engaged in misconduct and claw back remuneration from senior management in the event of misconduct.

We made changes to our incentive programme for our Pharmaceutical and Vaccines sales representatives to better recognise and reward individual effort. Specifically, in Specialty Care, the capped variable pay element of a sales representative's compensation will be evaluated on the basis of individual sales targets. The changes were implemented in the US, UK and Canada from July 2019 supported by a comprehensive training, control, and monitoring framework to ensure implementation of the new programme is fully aligned with GSK's values-based approach to HCP engagement.

We allow fair market value payments to be made by GSK to expert practitioners to speak about our innovative medicines and vaccines in a limited number of countries during a restricted time period in a product's lifecycle. Controls and training ensure appropriate oversight across the markets. We report payments to individual HCPs as part of our commitment to transparency and responsible disclosure.

Consumer Healthcare has developed a Digital risk plan to support implementation of a robust control framework. Actions include development of new written standards, use of tools to increase visibility and control over social media presence, and an increase in management monitoring.

GSK is committed to comply with all applicable sanctions laws and regulations, and it has deployed a sanctions programme designed to enable management of sanctions risk. The programme, owned by Finance, comprises of various systems and controls including, but not limited to, policies and procedures, training and awareness, screening, monitoring and risk reporting.

The General Data Protection Regulation (GDPR), with other privacy legislation following suit, increased the enforcement powers of supervisory authorities, including the ability to impose fines and to suspend processing of PI. GDPR and other privacy laws also give individuals the right to bring collective legal actions against GSK for failure to comply with data privacy laws.

Data privacy legislation is diverse with limited harmonisation or simplification, despite Europe's adoption of GDPR. It is challenging for multi-nationals to standardise their approach to compliance with data privacy laws due to the high-level of local variation. Governments are enforcing compliance with data privacy laws more rigorously. The focus on the ethical use of PI is growing, over and above compliance with data privacy laws, due to an increase in data volume processed and advancements in technology. Individuals are more aware of their rights under data privacy laws.

The Chief Compliance Officer is also the chairperson of the Privacy Governance Board (PGB), which oversees GSK's overall data privacy operating model. Each business and function have appointed a Risk Owner who is accountable for the oversight of privacy risks in that business or functional area. They are supported by Privacy Leaders within their business or function. Additionally, in some countries data privacy laws require a Data Protection Officer (DPO) to be appointed. GSK has appointed a single DPO for the European Union, who is represented and supported in specific countries by Country Privacy Advisors. The Chief Compliance Officer is the Enterprise Risk Owner (ERO). The ERO has appointed a delegate risk owner, the Global Privacy Officer (GPO) who has accountability on a day-to-day basis for designing and implementing the control framework. The GPO co-leads the cross-functional Privacy Centre of Excellence (CoE), together with the Global Privacy Counsel. They are supported by Privacy Officers and Privacy Counsel for each Region and multiple Country Privacy Advisors (who are familiar with local privacy regulations).

GSK has evolved the initial control framework implemented for GDPR to be a comprehensive privacy control framework based on global privacy principles common across many local privacy laws. This global framework is now being deployed in countries with robust privacy legislation in place or coming into effect soon to strengthen local risk mitigation measures

The Privacy Centre of Excellence in Global Ethics and Compliance is responsible for (i) improving the control framework further; (ii) implementing the control framework outside of the European Economic Area; (iii) remediating certain existing business activities to ensure compliance with GDPR and (iv) deploying a comprehensive training programme to drive greater awareness and accountability for managing PI across the entire organisation. Key roles of the privacy network at GSK will be certified with an accredited international privacy association.

Through monitoring, we continuously improve our processes, such as issue identification, reporting and handling. We have implemented a legislative scanning process to detect and assess new privacy regulations early allowing us to prepare and mitigate regulatory risk to GSK. The Privacy Centre of Excellence is involved in new business development opportunities at an early stage to ensure appropriate due diligence is performed and the right steps are taken when onboarding or splitting off a business unit.

Research practices risk is the failure to adequately conduct ethical and sound pre-clinical and clinical research. In addition, it is the failure to engage in scientific activities that are consistent with the letter and spirit of the law and industry, or the Group's requirements. It comprises the following sub-risks: Non-clinical & laboratory research; Human subject research; Data integrity; Care, welfare and treatment of animals; Human biological samples management; Data disclosure; Regulatory filings and engagement; Scientific engagement; and Intellectual property.

The impacts of the risk include harm to human subjects, reputational damage, failure to obtain the necessary regulatory approvals for our products, governmental investigation, legal proceedings brought against the Group by governmental and private plaintiffs (product liability suits and claims for damages), loss of revenue due to inadequate patent protection or inability to supply GSK products, and regulatory action such as fines, penalties, or loss of product authorisation. Any of these consequences could materially and adversely affect our financial results and cause loss of trust from our customers and patients.

Research relating to animals can raise ethical concerns however, in many cases, research in animals is the only method that can be used to investigate the effects of a potential new medicine in a living body other than in humans. Animal research provides critical information about the causes and mechanisms of diseases and therefore remains a vital part of our research. We continually seek ways in which we can minimise our use of animals in research whilst complying with regulatory requirements and reduce the impact on the animals used.

Clinical trials in healthy volunteers and patients are used to assess and demonstrate an investigational product's efficacy and safety, or further evaluate the product once it has been approved for marketing. We also work with human biological samples. These samples are fundamental to the discovery, development and safety monitoring of our products. GSK is committed to ensuring that human biological samples are managed in accordance with relevant laws, regulations and ethical principles, in a manner that respects the interests of the sample donors.

The integrity of our data is essential to success in all stages of the research data lifecycle: design, generation, recording and management, analysis, reporting, storage and retrieval. Our research data is governed by legislation and regulatory requirements. Research data and supporting documents are core components at various stages of pipeline progression decision-making and form the content of regulatory submissions, publications and patent filings. Poor data integrity can compromise our research efforts and negatively impact company reputation.

There are innate complexities and interdependencies required for regulatory filings, particularly given our global research and development footprint. Continually changing and increasingly stringent submission requirements continue to increase the complexity of worldwide product registration. The continued supply of GSK medicines to patients is dependent on the ongoing compliance and maintenance of these licenses across many geographies whose requirements and timelines differ. The secure management of the high volume of lifecycle changes to these licenses and their renewal is critical to enable compliant supply. Failure to maintain licenses will directly impact patients and company revenue.

Scientific engagement, defined as the interaction and exchange of information between GSK and external communities to advance scientific and medical understanding, including the appropriate development and use of our products, is an essential part of scientific discourse. Such non-promotional engagement with external stakeholder groups is vital to GSK's purpose and necessary for scientific and medical advance. Scientific engagement activities are essential but present legal, regulatory, and reputational risk if the sharing of data, invited media coverage or payments to HCPs have, or are perceived to have, promotional intent.

A wide variety of biological materials are used by GSK in discovery, research and development phases. Through the Convention on Biological Diversity (CBD) and the Nagoya Protocol, the international community has established a global framework regulating access to, and use of, genetic resources of non-human origin in R&D.

Patent rights are awarded to protect innovation and play an important role in providing GSK with a competitive advantage in the market for a limited period of time. Any loss of patent protection in a market for GSK's products developed through our R&D, including reducing the term, availability or scope of patent rights, could materially and adversely affect our financial results in that market. Absence of adequate patent or data exclusivity protection, which could lead to, for example, competition from manufacturers of generic or biosimilar pharmaceutical products, could limit the opportunity to rely on such markets for future sales growth for our products, which could also materially and adversely impact our financial results.

Following expiration of certain intellectual property rights, a generic or biosimilar manufacturer may lawfully produce a generic version of a product. Introduction of generic products typically leads to a rapid and dramatic loss of sales and reduces our revenues and margins for our proprietary products.

We have an established Office of Animal Welfare, Ethics and Strategy (OAWES), led by the Chief Veterinary Officer, that supports the humane and responsible care of animals, shares knowledge and advocates for the application of non-animal alternatives. The OAWES provides a framework of animal welfare governance, promotes application of 3Rs (replacement, refinement and reduction of animals in research), conducts quality assessments, manages a program of external animal diligence, and develops and deploys strategies on reproducibility and translatability.

- The Data Disclosure Board provides oversight for disclosure of our sponsored and supported human subject research. We make information available on our clinical studies, including summaries of the results - whether positive or negative. We were the first company to publish clinical study reports that form the basis of submissions to regulatory agencies and we have publicly posted more than 2,500 clinical study reports in addition to more than 6,000 study result summaries

- Specific accountability and authorisation for scientific engagement is overseen by the Scientific Engagement and Promotional Practices Board. This Board is responsible for oversight of applicable policies and seeking to ensure the highest level of integrity and continuous development of scientific engagement

We have a Global Human Biological Samples Management (HBSM) governance framework in place to oversee the ethical and lawful acquisition and management of human biological samples. Our HBSM Enterprise Risk Management Team works to minimise the risks related to the acquisition, storage, use, transfer, and disposal of HBS.

It remains an important priority to enhance our data integrity controls. Data Integrity Committees are in place to provide oversight and Data Integrity Quality Assurance teams conduct assessments to provide independent business monitoring of our internal controls for R&D activities.

The Regulatory Governance Board serves as the global regulatory risk management and compliance board, promoting compliance with regulatory requirements and procedures, and oversees Group-wide written standards for cross business regulatory processes. A significant program is in progress to transform regulatory information management systems to replace and modernise information systems cross-enterprise.

R&D maintains and controls pre-publication procedures to guard against public disclosure in advance of filing patent applications. In addition, because loss of patent protection can occur due to lack of data integrity in preparing patent application data and information, legal experts collaborate with R&D to support the review process for new patent applications.

Failure to adequately manage third party relationships could result in business disruption and exposure to risks ranging from sub-optimal contractual terms and conditions, to severe business and legal sanctions and/or significant reputational damage. Any of these consequences could materially and adversely affect our business operations and financial results.

Third parties are critical to our business delivery and are an integral part of the solution to meeting our business objectives. We rely on third parties, including suppliers, advisors, distributors, individual contractors, licensees, and other pharmaceutical and biotechnology collaboration partners for discovery, manufacture, and marketing of our products and for supporting other important business processes.

These business relationships present a material risk. For example, we share critical and sensitive information such as marketing plans, clinical data, and employee data with specific third parties who are conducting the relevant outsourced business activities. Inadequate protection or misuse of this information by third parties could have significant business impact. Similarly, we use distributors and agents in a range of activities such as promotion and tendering which have inherent risks such as inappropriate promotion or corruption. Insufficient internal compliance and controls by the distributors could affect our reputation. These risks are further increased by the complexities of working with large numbers of third parties across a diverse geographical spread.

To guide and enforce our global principles for interactions with third parties we have a global policy framework applicable to buying goods and services, managing our external spend, paying and working with our third parties. This policy framework applies to all employees and complementary workers worldwide.

The enterprise-wide TPO programme takes an enterprise-wide view of third party related risks to ensure compliance with our ABAC policies and additional risks such as Labour Rights, Health and safety and Human safety information. It forms a comprehensive and practical approach to third party oversight that is flexible to the evolving nature of our business and the type of engagement being managed. The programme is designed and governed through the Global Ethics and Compliance organisation and has been globally deployed. The operational service assisting the business in completion of assessments transitioned to Global Procurement in early 2019 to bring it closer to other core procurement processes. TPO has strengthened risk assessment, contractual terms and due diligence efforts on third parties and improved the overall management of our third party risks through the lifecycle of the third party engagement.

We have a dedicated TPO team responsible for the implementation and evolution of the programme in response to developments in the internal and external environment. Programme governance is provided through Enterprise Risk Management overseen by the ABAC and TPO Governance Board which includes representation from key functional areas and the business. This joint board was created in 2019 to ensure strategic focus across the two principle risk areas as they have considerable co-dependency. An example of this is the new ABAC Conflict of Interest tool which better protects GSK when working with third parties. Global Ethics and Compliance are working with the Global Procurement, Legal and Tech organisations to plan further simplifications in order to maintain oversight and reduce complexity for the business.

Each business leadership team retains ultimate accountability for managing third party interactions and risks. When working with third parties, our employees are expected to manage external interactions and commitments responsibly. This expectation is embedded in our values and Code of Conduct. It is our responsibility that all activities carried out on our behalf are performed safely and in compliance with applicable laws and our values, expectations, standards and Code of Conduct (See ABAC report above).

Our programme is complemented with independent oversight and assurance undertaken by the Audit & Assurance and Independent Business Monitoring teams. We review the TPO programme against other large multinational companies and use external expertise and internal insights to drive improvements in the programme.

- control of releases of substances harmful to the environment in both the short and long term; leading to incidents which could disrupt our R&D and Supply activities, harm employees, harm the communities we operate in and harm the environment and its longer-term sustainability.

Failure to manage EHS&S risks could lead to significant harm to people, the environment and communities in which we operate, fines, failure to meet stakeholder expectations and regulatory requirements, litigation or regulatory action, and damage to the Group's reputation, which could materially and adversely affect our financial results.

GSK is subject to health, safety and environmental laws of various jurisdictions. These laws impose duties to protect people, the environment, and the communities in which we operate, as well as potential obligations to remediate contaminated sites. Overall, our control framework for managing EHS&S risk is effective and our frequency of serious events is similar to peers and lower than for high hazard industries e.g. petrochemicals.

The Corporate Executive Team (CET) is responsible for EHS&S governance and risk oversight and ensures there is an effective control framework in place and in use to manage the risks, impacts and legal compliance issues that relate to EHS&S across each of our businesses. This includes assigning responsibility to senior managers for providing and maintaining those controls and ensuring that tiered monitoring and governance processes are in place within their businesses. Individual managers seek to ensure that the EHS&S control framework is effective and well implemented in their respective business area and that it is fully compliant with all applicable laws and regulations, adequately resourced, maintained, communicated, and monitored. Additionally, each employee is personally responsible for ensuring that all applicable local standard operating procedures are followed by them and expected to take responsibility for EHS&S matters.

Our risk-based, proactive approach is articulated in our Global EHS&S policy and detailed in our global EHS&S standards against which we audit all our operations to ensure compliance. We ensure hazards are appropriately controlled through safe design of facilities, plant and equipment and by following rigorous procedures that help us provide effective barriers to protect employees' health and well-being.

Control of antibiotic emissions from manufacturing effluents, is an increasing concern for a number of stakeholders (forming part of their wider concern around AMR - antimicrobial resistance). To address this, we are ensuring that all our own manufacturing facilities and those of our suppliers are following good operational practice and meeting emission limits as defined by the AMR Alliance Manufacturing Framework.

The risk that unauthorised disclosure, theft, unavailability or corruption of GSK's information or key information systems may lead to harm to our patients, workforce and customers, disruption to our business and/or loss of commercial or strategic advantage, damage to our reputation or regulatory sanction.

Failure to adequately protect critical and sensitive systems and information may result in loss of commercial or strategic advantage and could materially affect our ongoing business operations, such as scientific research, clinical trials and manufacturing and supply chain activities.

GSK operates a highly 'connected' information network that exposes our confidential research and development, manufacturing, commercial, workforce and financial data to the risk of external attacks. GSK's Digital and Data Analytics Strategy also substantially increases the businesses dependency on digital assets and distributed data, while increasing the number of assets potentially impacted by a cyberattack. As threats evolve, we cannot provide broad assurances that the significant efforts we deliver in the protection and monitoring of our systems and information will always be successful in preventing compromise or disruption. Cybersecurity losses increasingly involve highly-resourced and organised threat actors such as nation-states and online criminal collectives targeting GSK's large and complex information technology (IT) and operational technology (OT) footprint, as well as the systems of our supply chain partners (including outsourced operations).

This means that our systems and information have been and will continue to be the target of cyberattacks. Additionally, extensive use of third parties to store and process our data increases GSK's reliance on suppliers to operate effectively. This dependence increases the complexity around security controls and practices. It also reduces GSK's ability to monitor controls and effectively investigate and respond to incidents involving GSK information or systems. While GSK stands at the ready to address cybersecurity incidents and risks as they occur, in the past year GSK has not experienced a material cybersecurity incident that would have resulted in substantial harm to GSK (e.g., injury to reputation, financial performance, and customer and vendor relationships).

We have a global information security policy and accompanying information technology standards and processes that are supported through a dedicated team and programme of activity. The GSK Technology, Security, and Risk function provides strategy, direction, and oversight, including active monitoring of cybersecurity, while enhancing our global information security capabilities, through an ongoing programme of investment. The following mitigation activities represent the significant investments we have made in the past year and will continue to improve in the coming year:

We recognise that failure to supply our products can adversely impact consumers and patients who rely on them. A material interruption of supply or exclusion from healthcare programmes could expose us to litigation or regulatory action and financial penalties that could adversely affect the Group's financial results. The Group's international operations, and those of its partners, expose our workforce, facilities, operations and information technology to potential disruption from natural events (e.g. storm, earthquake), man-made events (e.g. trading barriers imposed at short notice, civil/political unrest, terrorism), and global emergencies (e.g. coronavirus outbreak, Ebola outbreak, flu pandemic). It is important that we have robust crisis management and recovery plans in place to manage such events.

Our supply chain operations are subject to review and approval by various regulatory agencies that effectively provide our license to operate. Failure by our manufacturing and distribution facilities or by suppliers of key services and materials could lead to litigation or regulatory action such as product recalls and seizures, interruption of supply, delays in the approval of new products, and suspension of manufacturing operations pending resolution of manufacturing or logistics issues.

We rely on materials and services provided by third party suppliers to make our products, including active pharmaceutical ingredients, antigens, intermediates, commodities, and components for the development, manufacture and packaging of Pharmaceutical, Vaccine and Consumer Healthcare products. Some of the third-party services procured, such as services provided by contract manufacturing and clinical research organisations to support development of key products, are important to ensure continuous operation of our business.

Although we undertake risk mitigation, we recognise that certain events could nevertheless still result in delays or service interruptions. We use effective crisis management and business continuity planning to provide for the health and safety of our people and to minimise impact to us, by maintaining functional operations following a natural or man-made disaster, or a public health emergency.

Supply Chain Governance Committees within each business unit are used to closely monitor the inventory status and delivery of our products, with the aim of ensuring that customers have the products they need. Improved links between commercial forecasting and manufacturing made possible by our core commercial cycle should, over time, reduce the risk associated with demand fluctuations and any impact on our ability to supply or the cost of write-offs where products exceed their expiry date. Each node of the supply chain is also periodically reviewed to ensure adequate safety stock, while balancing working capital in our end-to-end supply chain. Particular attention is placed on mitigating supply risks associated with medically critical and high-revenue products.

We routinely monitor the compliance of manufacturing external suppliers and service providers to identify and manage risks in our supply base. Where practical, we minimise our dependence on single sources of supply for critical items. Where alternative sourcing arrangements are not possible for certain materials, our inventory strategy aims to limit the impact and ultimately protect the supply chain from unanticipated disruption.

A corporate policy requires each business and functional area head to ensure effective crisis management and business continuity plans are in place that include authorised response and recovery strategies, key areas of responsibility and clear communication routes, before any business disruption occurs. Corporate Security supports the business by: coordinating crisis management and business continuity training; facilitating simulation exercises; assessing our preparedness and recovery capability; and providing assurance oversight of our central repository of plans supporting our critical business processes.

Each business unit performs risk oversight through their respective Risk Management and Compliance Board (RMCB) to assure adequate risk mitigation including identifying new and emerging threats. For example, we have taken a coordinated approach to evaluate and manage the implications for our business arising from Brexit.

These activities help ensure an appropriate level of readiness and response capability is maintained. We also develop and maintain partnerships with external bodies like the Business Continuity Institute and the UN International Strategy for Disaster Risk Reduction, which helps improve our business continuity initiatives in disaster-prone areas and supports the development of community resilience to disasters.

- the Strategic report and risk sections of the Annual Report, which represent the management report, include a fair review of the development and performance of the business and the position of the company and the Group taken as a whole, together with a description of the principal risks and uncertainties that it faces.

Name	Function
Sir Jonathan Symonds	Non-Executive Chairman
Emma Walmsley	Chief Executive Officer
Dr Hal Barron	Chief Scientific Officer and President, R&D
Iain Mackay	Chief Financial Officer
Manvinder Singh (Vindi) Banga	Senior Independent Non-Executive Director
Dr Vivienne Cox	Independent Non-Executive Director and Workforce Engagement Director
Lynn Elsenhans	Independent Non-Executive Director
Dr Laurie Glimcher	Independent Non-Executive Director and Scientific & Medical Expert
Dr Jesse Goodman	Independent Non-Executive Director and Scientific & Medical Expert
Judy Lewent	Independent Non-Executive Director
Urs Rohner	Independent Non-Executive Director

At 31 December 2019, GSK owned 32 million shares or 31.6% of Innoviva Inc. which is a biopharmaceutical company listed on NASDAQ. GSK began recognising Innoviva as an associate on 1 September 2015. The royalties due from GSK to Innoviva in the year were £215 million (2018 - £209 million). At 31 December 2019, the balance payable by GSK to Innoviva was £63 million (2018 - £64 million).

At 1 January 2019, GSK held a 50% interest in Japan Vaccine Co. Ltd (JVC) through its subsidiary GlaxoSmithKline K.K. This joint venture with Daiichi Sankyo Co., Ltd was primarily responsible for the development and marketing of certain prophylactic vaccines in Japan. During 2019, GSK sold £11 million of its vaccine products into the joint venture. Daiichi Sankyo's shares in JVC were acquired by GSK during 2019 at which point, JVC ceased to be a related party.

Loans of £3.8 million to Medicxi Ventures I LP and £10.6 million to Index Ventures Life VI (Jersey) LP remained due to GSK at 31 December 2019. In 2019, GSK increased the investment in Kurma Biofund II, FCPR by £1.1 million and Apollo Therapeutics LLP by £2.1 million. Further investments were also made in Medicxi Ventures I LP of £3.1 million and in Index Ventures Life VI (Jersey) LP of £1.8 million. As part of the joint venture agreement with Qura Therapeutics LLC, the Group has an obligation to fund the joint venture $1 million per quarter up to April 2020. On 26 June 2019, the agreement was extended for a second five-year period up to April 2025, with both GSK and its joint venture partner committing additional financial support in the amount of $20 million. At 31 December 2019, the outstanding liability due to Qura was £16.1 million. Cash distributions were received from our investments in Medicxi Ventures I LP of £18.5 million and in Longwood Founders Fund LP of £2.8 million.

In 2018, the Group acquired Novartis' non-controlling interest in the old Consumer Healthcare Joint Venture. As a result of the transaction, the non-controlling interest ceased to exist and should have been fully eliminated from the consolidated reserves. An adjustment of £579 million has been made between the 2018 closing balances of retained earnings and non-controlling interests to reallocate cumulative translation exchange and eliminate the remaining non-controlling interest balance. There was no impact on profit for the year, other comprehensive income, net assets or total equity for 2018 and no impact on any items in earlier years. The effect of the adjustment on the relevant equity balances was as follows:

	At 31 December 2018, as reported £m	Adjustment £m	At 31 December 2018, as revised £m
Retained earnings	(2,137)	(579)	(2,716)
Shareholders' equity	4,360	(579)	3,781
Non-controlling interests	(688)	579	(109)
Total equity	3,672	-	3,672

	At 31 December 2019, as reported £m	Adjustment £m	At 31 December 2019, as revised £m
Retained earnings	5,109	(579)	4,530
Shareholders' equity	11,984	(579)	11,405
Non-controlling interests	6,373	579	6,952
Total equity	18,357	-	18,357

	GlaxoSmithKline plc
	(Registrant)

Date: March 04, 2020

	By:/s/ VICTORIA WHYTE --------------------------

	Victoria Whyte
	Authorised Signatory for and on
	behalf of GlaxoSmithKline plc