Nucana (NCNA) Risk Factors

As a foreign private issuer listed on Nasdaq, we are subject to corporate governance listing standards. However, Nasdaq rules permit a foreign private issuer like us to follow the corporate governance practices of its home country in lieu of certain Nasdaq corporate governance listing standards. Certain corporate governance practices in the United Kingdom, which is our home country, may differ significantly from Nasdaq corporate governance listing standards. For example, neither the corporate laws of the United Kingdom nor our Articles of Association require a majority of our directors to be independent; we can and do include non-independent directors as members of our nominations; and our independent directors are not required to hold regularly scheduled meetings at which only independent directors are present. Therefore, our shareholders may be afforded less protection than they otherwise would have under Nasdaq corporate governance listing standards applicable to U.S. domestic issuers.

Effective internal controls over financial reporting are necessary for us to provide reliable financial reports and, together with adequate disclosure controls and procedures, are designed to prevent fraud. Any failure to implement required new or improved controls, or difficulties encountered in their implementation could cause us to fail to meet our reporting obligations. In addition, any testing by us conducted in connection with Section 404, or any subsequent testing by our independent registered public accounting firm, may reveal deficiencies in our internal controls over financial reporting that are deemed to be material weaknesses or that may require prospective or retroactive changes to our financial statements or identify other areas for further attention or improvement. Inadequate internal controls could also cause investors to lose confidence in our reported financial information, which could have a negative effect on the trading price of our ADSs. Management is required to assess the effectiveness of our internal controls annually. We are no longer an EGC under the JOBS Act and our independent registered public accounting firm would be required to attest to the effectiveness of our internal controls over financial reporting pursuant to Section 404(b); however, we remain exempt from this requirement due to our current status as a non-accelerated filer. We ceased to be an EGC on the last day of 2022. An independent assessment of the effectiveness of our internal controls could detect problems that our management's assessment might not. Undetected material weaknesses in our internal controls could lead to financial statement restatements requiring us to incur the expense of remediation and could also result in an adverse reaction in the financial markets due to a loss of confidence in the reliability of our financial statements.

The development of pharmaceutical drugs is capital-intensive. We have incurred recurring losses from our operations, have an accumulated deficit totaling £207.7 million and cash flows used in operating activities of £26.4 million as of and for the year ended December 31, 2023. We had cash and cash equivalents of £17.2 million at December 31, 2023. We expect our expenses to increase in the medium to long-term with our ongoing activities, particularly if we conduct larger-scale clinical trials of, and seek marketing approval for, our product candidates. In addition, if we obtain marketing approval for any of our product candidates, we expect to incur significant commercialization expenses related to product sales, marketing, manufacturing and distribution. Furthermore, we will continue to incur costs associated with operating as a public company. Accordingly, we will need to obtain substantial additional funding in connection with our continuing operations. In addition, we have based estimates of our cash runway on assumptions including, but not limited to, our expectations as to our future expenses and costs and our continued eligibility to receive R&D tax credits in the United Kingdom. There is no assurance that these assumptions will be correct and, as a result, we could use our available capital resources sooner than we currently expect. Because of these funding needs and related risks and the current cash balance on hand, there is uncertainty related to our ability to raise sufficient additional capital within the going concern period, prior to our cash balances being exhausted, which occurs in the going concern assessment period. These events or conditions raise substantial doubt on our ability to continue as a going concern and, therefore, that we may be unable to realize our assets and discharge our liabilities in the normal course of business. If we are unable to obtain funding on a timely basis, we may be required to significantly curtail, delay or discontinue one or more of our research or development programs or the commercialization of any product candidate or be unable to expand our operations or otherwise capitalize on our business opportunities. We may also need to raise additional funds if we choose to pursue additional indications or geographies for development and commercialization of our product candidates or otherwise expand more rapidly than we presently anticipate. In light of the foregoing, we have disclosed in the footnotes to our financial statements that there is uncertainty related to the ability of us to raise additional capital within the going concern period and our independent registered public accounting firm has included an explanatory paragraph stating that we have concluded that a substantial doubt exists about our ability to continue as a going concern. The inclusion of these may negatively impact the trading price of our securities, have an adverse impact on our relationship with third parties with whom we do business, including our customers, vendors and employees, and could make it challenging and difficult for us to raise additional equity or debt financing to the extent needed, all of which could have a material adverse impact on our business, results of operations, financial condition and prospects.

To manage our anticipated development and expansion, we must continue to implement and improve our managerial, operational and financial systems, expand our facilities and continue to recruit and train additional qualified personnel. Also, our management may need to divert a disproportionate amount of its attention away from its day-to-day activities and devote a substantial amount of time to managing these development activities. Due to our limited resources, we may not be able to effectively manage the expansion of our operations or recruit and train additional qualified personnel. This may result in weaknesses in our infrastructure, give rise to operational mistakes, loss of business opportunities, loss of employees and reduced productivity among remaining employees. The physical expansion of our operations may lead to significant costs and may divert financial resources from other projects, such as the development of our product candidates. If our management is unable to effectively manage our expected development and expansion, our expenses may increase more than expected, our ability to generate or increase our revenue could be reduced and we may not be able to implement our business strategy. Our future financial performance and our ability to commercialize our product candidates, if approved, and compete effectively will depend, in part, on our ability to effectively manage the future development and expansion of the company.

In the United States and some foreign jurisdictions, there have been a number of legislative and regulatory changes and proposed changes regarding the healthcare system that could prevent or delay marketing approval of our product candidates, restrict or regulate post-approval activities and affect our ability to profitably sell any product candidates for which we obtain marketing approval. If we are slow or unable to adapt to changes in existing requirements or the adoption of new requirements or policies, or if we are not able to maintain regulatory compliance, we may lose any marketing approval that we otherwise may have obtained and we may not achieve or sustain profitability, which would adversely affect our business, prospects, financial condition and results of operations. In addition, there have been and continue to be a number of initiatives at the U.S. federal and state levels that seek to reduce healthcare costs and improve the quality of healthcare. For example, in March 2010, the ACA was enacted in the United States, substantially changing the way healthcare is financed by both governmental and private insurers and significantly affecting the pharmaceutical industry. The ACA contained a number of provisions, including those governing enrollment in federal healthcare programs, reimbursement adjustments and changes to fraud and abuse laws. As another example, the 2021 Consolidated Appropriations Act signed into law on December 27, 2020 incorporated extensive health care provisions and amendments to existing laws, including a requirement that all manufacturers of drugs products covered under Medicare Part B report the product's average sales price to the federal government. As another example, on March 11, 2021, President Biden signed the American Rescue Plan Act of 2021 into law, which eliminates the statutory Medicaid drug rebate cap, currently set at 100% of a drug's AMP, for single source and innovator multiple source drugs, beginning January 1, 2024. Payment methodologies may also be subject to changes in healthcare legislation and regulatory initiatives. For example, CMS may develop new payment and delivery models, such as bundled payment models. Recently, there has been heightened governmental scrutiny over the manner in which manufacturers set prices for their products. Such scrutiny has resulted in several recent U.S. Congressional inquiries and proposed and enacted federal and state legislation designed to, among other things, bring more transparency to drug pricing, reduce the cost of prescription drugs under Medicare, review the relationship between pricing and manufacturer patient programs, and reform government program reimbursement methodologies for drugs. By way of example, in August 2022, the Inflation Reduction Act of 2022, or IRA, was signed into law. Among other things, the IRA requires manufacturers of certain drugs to engage in price negotiations with Medicare (beginning in 2026), with prices that can be negotiated subject to a cap; imposes rebates under Medicare Part B and Medicare Part D to penalize price increases that outpace inflation (which were first due in 2023); and replaces the Part D coverage gap discount program with a new discounting program (beginning in 2025). The IRA permits CMS to implement many of these provisions through guidance, as opposed to regulation, for the initial years. CMS has begun to implement these new authorities and entered into the first set of agreements with pharmaceutical manufacturers to conduct price negotiations in October 2023. However, the IRA's impact on the biopharmaceutical industry in the United States remains uncertain, in part because multiple large pharmaceutical companies and other stakeholders (e.g., the U.S. Chamber of Commerce) have initiated federal lawsuits against CMS arguing the program is unconstitutional for a variety of reasons, among other complaints. Those lawsuits are currently ongoing. For that and other reasons, it is currently unclear how the IRA will be effectuated, or the impact of the IRA on our business. In addition, individual states in the U.S. have also passed legislation and implemented regulations designed to control pharmaceutical product pricing, including price or patient reimbursement constraints, discounts, restrictions on certain product access and marketing cost disclosure and transparency measures, and regional healthcare authorities and individual hospitals are increasingly using bidding procedures to determine what pharmaceutical products and which suppliers will be included in their prescription drug and other healthcare programs. In December 2020, the U.S. Supreme Court held unanimously that federal law does not preempt the states' ability to regulate pharmacy benefit managers, or PBMs and other members of the health care and pharmaceutical supply chain, an important decision that has led to more aggressive efforts by states in this area. The U.S. Federal Trade Commission, or FTC, in mid-2022 also launched sweeping investigations into the practices of the PBM industry that could lead to additional federal and state legislative or regulatory proposals targeting such entities' operations, pharmacy networks, or financial arrangements. During the current congressional session, numerous PBM reforms are being considered in both the Senate and the House of Representatives; they include diverse legislative proposals such as eliminating rebates; divorcing service fees from the price of a drug, discount, or rebate; prohibiting spread pricing; limiting administrative fees; requiring PBMs to report formulary placement rationale; promoting transparency. Significant efforts to change the PBM industry as it currently exists in the U.S. may affect the entire pharmaceutical supply chain and the business of other stakeholders, including pharmaceutical developers like us. In the European Union, similar political, economic and regulatory developments may affect our ability to profitably commercialize our products. In addition to continuing pressure on prices and cost containment measures, legislative developments at the European Union or E.U. member state level may result in significant additional requirements or obstacles that may increase our operating costs. We expect that the ACA and the IRA, as well as other healthcare reform measures that may be adopted in the future, may result in more rigorous coverage criteria and in additional downward pressure on the price that we will receive for any approved product. Any reduction in payments from Medicare or other government programs may result in a similar reduction in payments from private payors. The implementation of cost containment measures or other healthcare reforms may prevent us from being able to generate revenue, attain profitability, or commercialize any of our products for which we receive marketing approval. Legislative and regulatory proposals have also been made in recent years to expand post-approval requirements and restrict sales and promotional activities for pharmaceutical products, and the FDA's statutory authorities are periodically amended by Congress. For example, Congress recently provided the FDA with additional authorities related to the accelerated approval pathway for human drugs and biologics. Under these recent amendments to the FD&C Act, the agency may require a sponsor of a product granted accelerated approval to have a confirmatory trial underway prior to approval. The amendments also give the FDA the option of using expedited procedures to withdraw product approval if the sponsor's confirmatory trial fails to verify the claimed clinical benefits of the product. We cannot be sure whether additional legislative changes will be enacted, or whether the FDA regulations, guidance or interpretations will be changed or what the impact of such changes on the marketing approvals, if any, of our product candidates, may be. In addition, increased scrutiny by the U.S. Congress of the FDA's approval process may significantly delay or prevent marketing approval, as well as subject us to more stringent product labeling and post-marketing conditions and other requirements.

We are incorporated under English law. Substantially all of our assets are located outside the United States. The majority of our senior management and board of directors reside outside the United States. As a result, it may not be possible for investors to effect service of process within the United States upon such persons or to enforce judgments obtained in U.S. courts against them or us, including judgments predicated upon the civil liability provisions of the U.S. federal securities laws. The United States and the United Kingdom do not currently have a treaty providing for the reciprocal recognition and enforcement of judgments (other than arbitration awards) in civil and commercial matters. Consequently, a final judgment for payment given by a court in the United States, whether or not predicated solely upon U.S. securities laws, would not automatically be recognized or enforceable in England and Wales. In addition, uncertainty exists as to whether the English and Welsh courts would entertain original actions brought in England and Wales against us or our directors or senior management predicated upon the securities laws of the United States or any state in the United States. Any final and conclusive monetary judgment for a definite sum obtained against us in U.S. courts would be treated by the courts of England and Wales as a cause of action in itself and sued upon as a debt so that no retrial of the issues would be necessary, provided that certain requirements are met consistent with English law and public policy. Whether these requirements are met in respect of a judgment based upon the civil liability provisions of the U.S. securities laws is an issue for the English court making such decision. If an English court gives judgment for the sum payable under a U.S. judgment, the English judgment will be enforceable by methods generally available for this purpose. As a result, U.S. investors may not be able to enforce against us or our senior management, board of directors or certain experts named herein who are residents of the United Kingdom or countries other than the United States any judgments obtained in U.S. courts in civil and commercial matters, including judgments under the U.S. federal securities laws.

Generally, if for any taxable year, at least 75% of our gross income is passive income, or at least 50% of the value of our assets is attributable to assets that produce passive income or are held for the production of passive income, including cash, we would be characterized as a passive foreign investment company, or PFIC, for U.S. federal income tax purposes. The determination of whether we are a PFIC depends on the particular facts and circumstances (such as the valuation of our assets, including goodwill and other intangible assets, and the characterization of our income, including whether certain research and development tax credits received from the government of the United Kingdom will constitute gross income, and if they do, whether they will constitute passive income for purposes of the PFIC income test) and may also be affected by the application of the PFIC rules, which are subject to differing interpretations. In addition, for purpose of the PFIC asset test, the value of our assets will depend in part on the market price of our ordinary shares, which may fluctuate significantly. Based on our estimated gross income, the average value of our assets, including goodwill and the nature of our active business, we believe we were a PFIC for U.S. federal income tax purposes for the taxable year ended December 31, 2023. There can be no assurance regarding our PFIC status for the current taxable year or any particular year in the future because PFIC status is factual in nature, depends upon factors not wholly within our control, generally cannot be determined until the close of the taxable year in question and is determined annually. Accordingly, U.S. investors should invest in our ADSs only if they are willing to bear the U.S. federal income tax consequences associated with investments in PFICs. If we are a PFIC, U.S. holders of our ADSs may be subject to adverse U.S. federal income tax consequences, such as the ineligibility for any preferred tax rates on capital gains or on actual or deemed dividends for individuals who are U.S. holders, having interest apply to distributions by us and the proceeds of sales of the ADSs, and additional reporting requirements under U.S. federal income tax laws and regulations. Investors should consult their own tax advisors regarding all aspects of the application of the PFIC rules to our ADSs. We intend to provide the information necessary for a U.S. investor to make a qualifying electing fund election with respect to us. For further information, see "Taxation-Material U.S. Federal Income Tax Consideration-Passive Foreign Investment Company Considerations" in this Annual Report.

The regulatory environment surrounding information security and privacy is increasingly demanding, and these laws and regulations are increasing in complexity and number, and may change frequently and sometimes conflict. We are subject to numerous regulations governing the protection of personal and confidential information of our clinical trial subjects, clinical investigators, and employees, including in relation to medical records, credit card data and financial information, which encompass state privacy and confidentiality laws (including state laws requiring disclosure of breaches), federal and state consumer protection and employment laws, the Health Insurance Portability and Accountability Act, or HIPAA, and European and other foreign data protection laws. For example, the European Union General Data Protection Regulation, or GDPR, is applicable in all E.U. member states and member states of the European Economic Area, or E.E.A. Following the United Kingdom's withdrawal from the European Union, the data protection obligations of the GDPR continue to apply to U.K.-related processing of personal data in substantially unvaried form and fashion (retained in U.K. law as the "U.K. GDPR"). We are subject to the GDPR and/or U.K. GDPR when conducting clinical trials involving U.K.- or E.E.A.-based data subjects (whether the trials are conducted directly by us or through a clinical vendor or collaborator) or offering approved products (or any other products or services) to U.K. or E.E.A. based data subjects (regardless of whether involving a U.K. or E.E.A. based subsidiary or operation), when monitoring of their behavior of data subjects in the United Kingdom or E.E.A. and/or when acting through a U.K.- or E.E.A.-based subsidiary, operation or other establishment. The GDPR (and U.K. GDPR) sets out a number of requirements that must be complied with when handling personal data (i.e. data relating to an identified or identifiable living individual) in these circumstances, including: having an appropriate lawful basis for processing, and a relevant condition if processing ‘special category' personal data (which includes personal data related to health, biometric data used for unique identification purposes and genetic information); the obligation to appoint data protection officers in certain circumstances; accountability and record-keeping obligations; transparency obligations for data controllers; the obligation to carry out ‘data protection impact assessments' in certain circumstances; rights for data subjects (such as rights for individuals to be "forgotten", rights to data portability, rights to object etc.); a stringent standard of data subject consent; and the obligation to notify certain significant personal data breaches to the relevant Supervisory Authority(ies) and affected individuals. In addition, the GDPR provides a very broad definition of what constitutes personal data (for example, the GDPR expressly clarifies that it applies to ‘pseudonymized' (i.e., key-coded) data). A number of opinions from Supervisory Authorities has further supported a very wide interpretation of the concept of personal data and, thus, the application of the GDPR. Recent decisions by E.U. supervisory authorities and the Court of Justice of the E.U. have confirmed that the rights granted to individuals under the GDPR must be applied broadly, and the law itself must be interpreted strictly, to guarantee the protection of the rights of individuals. The GDPR and U.K. GDPR also impose strict rules on the transfer of personal data out of the E.E.A. and United Kingdom to U.S. and other Third Countries. Recent legal developments have created further complexity and uncertainty regarding transfers of personal data from the E.E.A. and United Kingdom to the United States (although there have also been some positive developments on this front). A new ‘adequacy decision' for the ‘E.U.-U.S. Data Privacy Framework', which allows personal data to be transferred from the E.E.A to U.S. entities who self-certify under the Data Privacy Framework, was adopted by the European Commission on July 10, 2023. The UK-US Data Bridge (the UK extension to the Data Privacy Framework) came into force shortly after on October 12, 2023. While the Data Privacy Framework and Data Bridge, in principle, makes it easier to transfer personal data from the E.E.A. and United Kingdom respectively to the United States, a legal challenge has already been issued in Europe against the Data Privacy Framework and other prominent European privacy campaigners have indicated their intention to challenge the decision in 2024. Similarly, the U.K. Information Commissioner's Office issued an Opinion highlighting areas of the Data Bridge that could leave it open to challenge. As the Data Privacy Framework is limited to transfers to certified participants in the U.S., many transfers continue to rely on the standard contractual clauses. Use of the standard contractual clauses must be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country, in particular applicable surveillance laws and rights of individuals and additional measures and/or contractual provisions may need to be put in place, however, the nature of these additional measures is currently uncertain. In May 2023, the Irish Data Protection Commission issued a €1.2 billion fine against Meta for transferring personal data to the United States in reliance on standard contractual clauses, on the basis that the personal data was not sufficiently protected in the United States. In light of all of these developments, it is expected that the uncertainty surrounding data transfers will continue into 2024 and beyond. As the legal challenges continue and/or supervisory authorities increase their enforcement activities, we could suffer additional costs, complaints, and/or regulatory scrutiny, investigations or fines, and/or if we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, the geographical location or segregation of our relevant systems and operations, and could adversely affect our financial results and generally increase compliance risk. The GDPR also provides that E.E.A. member states may make their own further laws and regulations to introduce specific requirements related to the processing of: "special categories of personal data", including personal data related to health, biometric data used for unique identification purposes and genetic information; as well as personal data related to criminal offences or convictions. This fact may lead to greater divergence on the law that applies to the processing of such data types across the E.E.A. and U.K., compliance with which as and where applicable may increase our costs and could increase our overall risk. In the past 12 months, the European data protection authorities have been particularly active in seeking to regulate Artificial Intelligence, in the absence of comprehensive A.I. regulation. Until the A.I. Act becomes applicable in the E.U., we expect to see this focus continue and so any use of A.I. within the healthcare sector will be subject to a heightened risk under European privacy laws. Now that the United Kingdom is no longer a member of the European Union, there is increasing scope for divergence in application, interpretation and enforcement of the data protection law between the United Kingdom and European Union. On March 8, 2023, the U.K. Government presented the ‘Data Protection and Digital Information Bill' to Parliament, which seeks to amend various aspects of the United Kingdom's data protection regime. The Bill is still being debated in Parliament and there is no indication as of yet for when the Bill will pass into law. As currently drafted, the Bill will result in only minor changes to the substance of the U.K. GDPR, and so the United Kingdom will remain very closely aligned with the European Union in this regard. However, any changes relating to the U.K. and E.U. position regarding aspects of data protection law may lead to additional compliance costs and could increase our overall risk. There are also concerns that changes to the U.K. regime, in particular changes to the data transfer rules, could increase the risk of the European Commission's adequacy decision in respect of the U.K. being invalidated or withdrawn when it is reviewed in 2025 (or earlier, in the event of a legal challenge). It should be noted that a U.K. general election is expected in the second half of 2024: depending on the stage of the legislative procedure that the Bill has reached by that time and/or the outcome of the election, there is a possibility that the Bill may never become law. Alongside the GDPR, the European Union has a number of new laws currently going through the legislative process, including the European Health Data Space (EHDS) Regulation. The EHDS Regulation is likely to, for example, require us to make health data available to other organizations in this sector (in an anonymized form) and to the patients themselves. This law is approaching the final stages of the E.U. legislative procedure and so we may have to devote substantial resources to understanding and preparing for it. These laws and regulations are increasing in complexity and number, and new regulatory guidance and case law means the regulatory landscape changes frequently. Complying with these numerous, complex and often changing regulations is expensive and difficult. Failure by us, any partners, our service providers, or our employees or contractors to comply with the GDPR could result in regulatory investigations, enforcement notices and/or fines of up to the higher of €20 million or up to 4% of our total worldwide annual turnover. Further, following the withdrawal of the United Kingdom from the European Union, we now have to comply with the GDPR and U.K. GDPR separately, each regime separately having the ability to fine up to the higher of €20 million / £17.5 million or 4% of global turnover. In addition, the value of fines issued by supervisory authorities has increased substantially in recent years: numerous multi-million € / £ fines have been issued by supervisory authorities across the E.E.A. and by the U.K. Information Commissioner's Office, and the first €1.2 billion fine was issued against Meta by the Irish supervisory authority in May 2023. Guidance from the European Data Protection Board has indicated that turnover will be taken into account when defining the starting amount of fines, resulting in higher fines for larger organizations. Therefore, we expect the amount of fines to continue to rise. In addition to administrative fines, a wide variety of other potential enforcement powers are available to competent authorities in respect of potential and suspected violations of the GDPR, including extensive audit and inspection rights, and powers to order temporary or permanent bans on all or some processing of personal data carried out by non-compliant actors. In addition to the foregoing, a breach of privacy laws or data security laws, particularly those resulting in a significant cybersecurity incident or breach involving the misappropriation, corruption, modification, loss or other unauthorized use or disclosure of sensitive or confidential patient or consumer information, could have a material adverse effect on our business, reputation and financial condition. In addition, widely publicized security breaches are increasingly being followed in the European Union by attempts to bring large ‘class action' style claims; this trend is likely to continue in light of recent decisions by the European Court of Justice confirming data subjects' right to compensation even for minor non-material damage. Although such ‘class action' style claims have yet to succeed in any significant compensation orders, defending these claims is costly and could still result in substantial liability for compensation and legal fees. As a data controller, we are accountable for any third-party service providers we engage to process personal data on our behalf, including our CROs. We attempt to mitigate the associated risks by performing security assessments and due diligence of our vendors and requiring all such third-party providers with data access to sign agreements, and obligating them to only process data according to our instructions and to take sufficient security measures to protect such data. There is no assurance that these contractual measures and our own privacy and security-related safeguards will protect us from the risks associated with the third-party processing, storage and transmission of such information. Any violation of data or security laws by our third-party processors could have a material adverse effect on our business and result in the fines, penalties and/or other enforcement actions outlined above. We strive to comply with all applicable laws, but they may conflict with each other, and by complying with the laws or regulations of one jurisdiction, we may find that we are violating the laws or regulations of another jurisdiction. Despite our efforts, we may not have fully complied in the past and may not in the future. If we become liable under laws or regulations applicable to us, we could be required to pay significant fines and penalties (including those described above), our reputation may be harmed and we may be forced to change the way we operate. That could require us to incur significant expenses or to discontinue certain services, which could negatively affect our business.

On January 31, 2020, the United Kingdom left the European Union. The terms of a withdrawal agreement, provided for a "Transition Period" during which E.U. rules continued to apply in the United Kingdom until December 31, 2020. The Trade and Cooperation Agreement, or the TCA, which governs the future relationship between the United Kingdom and the European Union, was agreed upon in December 2020 and implemented in the United Kingdom through the European Union (Future Relationship) Act 2020, which came into force when the Transition Period ended. The TCA provides for zero tariff/zero quota trade in goods (including medicinal products) between the United Kingdom and E.U. member states, and includes commitments from the United Kingdom and the European Union to maintain common high standards across a number of areas, such as intellectual property, competition and taxation, as well as a number of other benefits, such as a commitment to the United Kingdom's continued access to the Horizon Europe research program (in which UK-based researchers are able to participate as of January 1, 2024, following a political agreement made between the European Commission and the U.K. government). However, the United Kingdom's departure from the European Union single market has resulted in substantial changes for U.K. businesses, including an end to the free movement of persons, goods and services between the United Kingdom and the European Union, and the loss of a number of other benefits afforded to citizens and businesses in the United Kingdom and the European Union prior to the withdrawal, such as the mutual recognition of professional qualifications, or passporting for financial services. Furthermore, as the United Kingdom is no longer subject to E.U. law, or the jurisdiction of the European Court of Justice, there is increasing scope for divergence between United Kingdom and E.U. member states' laws and regulations, including through (a) the amendment, application, interpretation and enforcement of the body of domestic law, known as (i) for the period prior to December 31, 2023, retained E.U. law, which is based on the E.U. law that applied to the United Kingdom at the end of the Transition Period, and (ii) for the period since January 1, 2024, assimilated law, which is based on the directly applicable E.U. legislation and domestic U.K. law related to former E.U. obligations that applied to the United Kingdom at the end of the Transition Period, and (b) the repeal by the U.K. government with effect from January 1, 2024 of the other rights and principles in E.U. law that had direct effect in the United Kingdom at the end of the Transition Period and which aren't assimilated law (e.g., the right not to be discriminated on grounds of nationality). These developments, and continued uncertainty around how the United Kingdom's legal, political and economic relationship with the European Union will evolve following the withdrawal, have had and may continue to have a significant adverse effect on global economic conditions and the stability of global financial markets, and could significantly reduce global market liquidity. Asset valuations, currency exchange rates and credit ratings may be especially subject to increased market volatility. These developments may also have a significant effect on our ability to attract and retain employees, including scientists and other employees who are important for our and our collaborators' research and development efforts.

As a company based in the United Kingdom, our business is subject to risks associated with conducting business internationally. Many of our suppliers and collaborative and clinical trial relationships are located outside of the United States. Accordingly, our future results could be harmed by a variety of factors, including: - economic weakness, including inflation, or political instability;- differing and changing regulatory requirements for drug approvals;- differing jurisdictions could present different issues for securing, maintaining or obtaining freedom to operate in such jurisdictions;- potentially reduced protection for intellectual property rights;- difficulties in compliance with non-U.S. laws and regulations;- changes in regulations and customs, tariffs and trade barriers;- changes in currency exchange rates of the pound sterling, the euro and currency controls;- changes in a specific country's or region's political or economic environment, including the implications of the United Kingdom's withdrawal from the European Union, or any potential future referendum regarding the independence of Scotland;- trade protection measures, import or export licensing requirements or other restrictive actions by U.S. or non-U.S. governments;- differing reimbursement regimes and price controls in certain non-U.S. markets;- negative consequences from changes in tax laws;- compliance with tax, employment, immigration and labor laws for employees living or traveling abroad;- workforce uncertainty in countries where labor unrest is more common than in the United States;- difficulties associated with staffing and managing international operations, including differing labor relations;- production shortages resulting from any events affecting raw material supply or manufacturing capabilities abroad;- business interruptions resulting from geo-political actions, including war and terrorism, or natural disasters including earthquakes, typhoons, floods and fires; and - changes in financial markets or general economic conditions, including the effects of recession or slow economic growth in the U.S. and abroad, interest rates, fuel prices, international currency fluctuations, corruption, political instability, acts of war, including the ongoing conflict in Ukraine and any potential spread of the conflict into a wider war, acts of terrorism, and pandemics or other public health crises.

Natural disasters could severely disrupt our operations and hurt our financial condition. If a natural disaster, power outage or other event occurred that prevented us from using all or a significant portion of our headquarters, that damaged critical infrastructure, such as the manufacturing facilities of our third-party contract manufacturers, or that otherwise disrupted operations, it may be difficult or, in certain cases, impossible for us to continue our business for a substantial period of time. The disaster recovery and business continuity plans we have in place may prove inadequate in the event of a serious disaster or similar event. We may incur substantial expenses as a result of the limited nature of our disaster recovery and business continuity plans.

We are a clinical development-stage company, and, as of December 31, 2023, had 28 employees, including four executive officers. We are highly dependent on the research and development, clinical, business development and commercialization expertise of Hugh Griffith, our Chief Executive Officer, as well as the other principal members of our management team and our collaborators' scientific and clinical team. Although we have entered into service agreements with our executive officers, each of them may at any time serve notice to terminate their employment with us. Other than for Mr. Griffith, we do not maintain "key person" insurance for any of our executives or other employees. In addition, we rely on consultants and advisors, including scientific and clinical advisors, to assist us in formulating our research and development and commercialization strategy. Our consultants and advisors may be employed by employers other than us and may have commitments under consulting or advisory contracts with other entities that may limit their availability to us. If we or our collaborators are unable to continue to attract and retain high quality personnel, our ability to pursue our growth strategy will be limited. Recruiting and retaining qualified scientific, clinical, manufacturing, finance, sales and marketing personnel will also be critical to our success. The loss of the services of our executive officers or other key employees could impede the achievement of our research, development and commercialization objectives and seriously harm our ability to successfully implement our business strategy. Furthermore, replacing executive officers and key employees may be difficult and may take an extended period of time because of the limited number of individuals in our industry with the breadth of skills and experience required to successfully develop, obtain marketing approval of and commercialize products. Competition to hire from this limited pool is intense and we may be unable to hire, train, retain or motivate these key personnel on acceptable terms given the competition among numerous pharmaceutical and biotechnology companies for similar personnel. We also experience competition for the hiring of scientific and clinical personnel from universities and research institutions. Failure to succeed in clinical trials may make it more challenging to recruit and retain qualified scientific personnel. If we or our collaborators are unable to continue to attract and retain high quality personnel, our ability to pursue our growth strategy will be limited.

We do not currently own or operate, nor do we have any plans to establish in the future, any manufacturing facilities or personnel. We rely, and expect to continue to rely, on third parties for the manufacture and shipment of our product candidates for preclinical studies and clinical trials, as well as for the commercial manufacture of our drugs if any of our product candidates receive marketing approval. This reliance on third parties increases the risk that we will not have sufficient quantities of our product candidates or drugs or such quantities at an acceptable cost or quality, which could delay, prevent or impair our development or commercialization efforts. The facilities used to manufacture our product candidates must be evaluated by the FDA pursuant to inspections that will be conducted after we submit our marketing applications to the FDA to ensure compliance with cGMP. We do not control the manufacturing and shipment process of, and will be completely dependent on, our contract manufacturers for compliance with cGMPs in connection with the manufacture and shipment of our product candidates. If our contract manufacturers cannot successfully manufacture and ship material that conforms to our specifications and the regulatory requirements of the FDA or others, we will not be able to use the products produced at their manufacturing facilities. In addition, we have no control over the ability of our contract manufacturers to maintain adequate quality control, quality assurance and qualified personnel. If the FDA or a comparable foreign regulatory authority finds that these facilities do not comply with cGMP, we may need to find alternative manufacturing facilities, which would significantly impact our ability to develop, obtain marketing approval for or market our product candidates, if approved. Further, our failure, or the failure of our third-party manufacturers, to comply with these or other applicable regulations could result in sanctions being imposed on us, including clinical holds, fines, injunctions, civil penalties, delays, suspension or withdrawal of approvals, license revocation, seizures or recalls of product candidates or drugs, if approved, operating restrictions and criminal prosecutions. We may be unable to establish any agreements with third-party manufacturers or do so on acceptable terms. Even if we are able to establish agreements with third-party manufacturers, reliance on third-party manufacturers entails additional risks, including: - reliance on the third party for regulatory compliance and quality assurance;- the possible breach of the manufacturing agreement by the third party;- the possible misappropriation of our proprietary information, including our trade secrets and know-how; and - the possible termination or non-renewal of the agreement by the third party at a time that is costly or inconvenient for us. Our product candidates and any other drugs that we may develop may compete with other product candidates and approved drugs for access to manufacturing facilities. There are a limited number of manufacturers that operate under cGMP regulations and that might be capable of manufacturing for us. Any performance failure on the part of our existing or future manufacturers could delay clinical development or marketing approval. If our current contract manufacturers cannot perform as agreed, we may be required to replace such manufacturers. Although we believe that there are several potential alternative manufacturers who could manufacture our product candidates, we may incur added costs and delays in identifying and qualifying any such replacement. Our current and anticipated future dependence upon others for the manufacture and shipment of our product candidates or drugs may adversely affect our future profit margins and our ability to commercialize any drugs that receive marketing approval on a timely and competitive basis.

If any of our product candidates receives marketing approval, it may nonetheless fail to gain sufficient market acceptance by physicians, patients, third-party payors and others in the medical community. If our product candidates do not achieve an adequate level of acceptance, we may not generate significant product revenues and we may not become profitable. The degree of market acceptance of our product candidates, if approved for commercial sale, will depend on a number of factors, including: - the timing of our receipt of any marketing approvals;- the terms of any approvals and the countries in which approvals are obtained;- the efficacy and safety and potential advantages and disadvantages compared to alternative treatments;- the prevalence and severity of any side effects associated with our products or with any product that is used in combination with our product;- the indications for which our products are approved;- adverse publicity about our products or favorable publicity about competing products;- the approval of other products for the same indications as our products;- our ability to offer our products for sale at competitive prices;- the convenience and ease of administration compared to alternative treatments;- the willingness of the target patient population to try new therapies and of physicians to prescribe these therapies;- the success of our physician education programs;- the strength of our marketing and distribution;- the availability of third-party coverage and adequate reimbursement, including patient cost-sharing programs such as copays and deductibles; and - any restrictions on the use of our products together with other medications.