Take a look at our previous reports:

Business Conduct

ESRS G1 – Business Conduct

Material impacts, risks and opportunities and their interaction with strategy and business model

Corporate Culture and Conduct

A strong corporate culture and ethical conduct are foundational to our success, representing both a risk and an opportunity in the short term across the entire value chain. A poor corporate culture could harm our reputation, talent retention and attraction, and stakeholder relationships. To mitigate this risk and maximize opportunities, we continue to ensure the utmost adherence to our Code of Conduct by fostering an ethical, patient-centric corporate culture and through targeted training, leadership accountability coaching, and embedding core values into our daily operations.

Whistleblower Policies

Maintaining robust whistleblower policies is critical to managing compliance risks across our value chain. In the short term, non-compliance with the EU Directive on whistleblower protections or similar legislation could result in financial penalties and reputational damage. To address this, we have implemented a clear Speak-Up Policy designed to protect whistleblowers and ensure regulatory compliance. We also monitor and review these processes regularly to uphold transparency and integrity in all operations.

Supplier Relationship Management

Effective supplier relationship management is essential to safeguarding the continuity of our operations and ensuring ethical practices across our value chain. In the short term, supply chain disruptions could delay drug development, and non-compliance with ethical standards could expose us to enforcement actions that may impact our license to operate. To mitigate these risks as we are expanding our supplier network, we conduct rigorous supplier assessments and incorporate anti-bribery and anti-corruption clauses into our contracts. These actions aim to build a resilient, transparent, and compliant supply chain that supports our vision to deliver transformational medicines.

G1-1 – Business conduct policies and corporate culture

We have set forth a Code of Conduct which sets out the overarching business conduct expectations for all employees and people working on behalf of Galapagos. The Code of Conduct is written and supervised by the Head of Compliance & Ethics. The person in this role reports to the General Counsel, who is a member of the Executive Committee. The Board of Directors approves the Code of Conduct. Please read more in the section on our Code of Conduct in the Corporate Governance chapter of this report.

The principles of the Code are focused on:

  • Patients as our foremost consideration in decision making
  • Acting in an ethical, honest and transparent manner
  • Being responsible corporate citizens
  • Speaking up to address issues that may arise
  • Not tolerating harassment or discriminatory behavior
  • Complying with the UN Global Compact
  • Holding ourselves accountable

The Code of Conduct refers to our Supplier Code of Conduct, which outlines our expectations for the behavior of our vendors and suppliers.

The Code of Conduct incorporates the specific needs of the industry we operate in, taking into account various stakeholders such as patients and healthcare professionals. Given the regulatory obligations associated with engaging with these stakeholders, we consider them to be a crucial aspect of its business conduct.

The Code of Conduct and the Supplier Code of Conduct can be found on our corporate website. Suppliers and other stakeholders are being made aware of the Code of Conduct, and it may be included in legal agreements when necessary.

In addition to the Code of Conduct, we have established a rigorous compliance program that is built on guidelines and standards through group-wide policies, standards and procedures. This program includes:

  • A Speak-Up Policy which provides mechanisms for employees and third parties to raise concerns in relation to business conduct in line with the EU Whistleblowing Directive (see detailed description below).
  • An Anti-Bribery & Anti-Corruption Policy which prohibits all forms of bribery in the course of Galapagos business.
  • Guidance on Identifying and Declaring Personal Interests which provides guidance on how to prevent certain situations where a personal interest is involved and establishes rules for identifying, disclosing, and handling of potential risks that may occur in certain (specific) situations with personal interests.
  • A procurement policy outlining how we purchase goods and services based on their type, budget, risk, and importance to operations.
  • Through the Audit Committee Complaints Procedure Policy, complaints can be made regarding (1) accounting, internal accounting controls or auditing matters, including the confidential, anonymous submission by employees of concerns regarding questionable accounting or auditing matters, or (2) potential violations of any applicable law, including the relevant federal securities laws and including any rules and regulations thereunder, or the U.S. Foreign Corrupt Practices Act.

Our Speak-Up Policy includes a non-retaliation principle. To encourage a culture where persons dare to speak-up and effectively report concerns or breaches, we ensure protection from retaliation by applying an anti-retaliation principle. It wants to protect those who raise their voices. Concretely, we prevent and protect against retaliation by: 

  • Always acting proactively (e.g. through analytics tracking and monitoring of pay rises, bonus, relocation, promotions etc.); 
  • Remaining in contact (after consent) with the reporter to discuss the outcome; 
  • Investigate fully all allegations of retaliation;
  • Taking the appropriate disciplinary actions;  and
  • Being open about cases of retaliation, where possible. 

These measures should help to build trust in the system and to encourage others to come forward. Besides, the necessary (periodical) training is provided and required to new and current members of personnel.

The Speak-up Policy sets out steps to investigate business conduct incidents promptly and objectively. Incidents are recorded and tracked using an independent reporting platform which also doubles as a case management system. We have a clear process for reporting concerns and take all reports seriously. For substantiated or partially substantiated compliance concerns, corrective and preventative action is taken in collaboration with relevant functions. We also oversee activities in our supply chain and aims to resolve any issues responsibly. The general investigation principles of the Speak-Up policy are:

  • Confidentiality
  • Objectivity
  • Timeliness
  • Consistency
  • Integrity
  • Documentation
  • Transparency

Where permissible, it may be possible to raise concerns anonymously. It also describes how escalation & reporting should take place, and how and whether a non-retaliation plan should be implemented.

We have implemented robust systems which help to ensure that appropriate training is provided to all employees as relevant to their individual roles. It is a mandatory element of onboarding new employees.

G1-2 – Management of relationships with suppliers

Our standard payment terms recommendation described in our procurement policy for regular suppliers is 45 days. For healthcare suppliers, our payment term is 30 days. For governmental bodies, personnel insurances and patients, we have 0 days i.o.w. immediate payment. To prevent late payments, we are using an ERP (Enterprise Resource Planning) system with an integrated invoice system and invoice processing. Some deviations and exceptions from this policy exist but all best efforts are made to uphold these terms.

Our vendor selection process includes a Third Party Risk Assessment process which enables us to identify and mitigate risks (including Quality, IT Security, Compliance & Ethics, Data Privacy and Sustainability) associated with the appointment of suppliers in a proactive manner. We have in place a Supplier Code of Conduct which sets out the expectation by which we expect our suppliers to comply. This has been developed and the roll-out was started in 2024 and will continue into 2025 and beyond.

Metrics and targets:

G1-6 – Payment practices

We are using an ERP (Enterprise Resource Planning) system with an integrated invoicing processing system. In 2024, we, excluding the entities transferred to Alfasigma, paid invoices on average within 28 days after the start date of the contractual or statutory term, with 83.61% of our payments aligned with the standard payment terms as described above. On December 31, 2024, we had no legal proceedings outstanding for late payments.