Immunocore IPO filing reveals kickback scheme, Immatics row and phishing attacks

Immunocore’s filing for a $100 million IPO has revealed a range of issues affecting the TCR bispecific immunotherapy developer, including a kickback scheme run by a former employee and a trademark row with Immatics.

The kickback scheme involved an Immunocore employee and two third-party vendors. From 2018 to 2020, the parties allegedly took advantage of a weakness in Immunocore’s procurement processes. Immunocore estimates the kickback scheme was worth up to £1.8 million ($2.5 million). 

Immunocore began looking into the activities last year in response to a whistleblower complaint, leading to the resignation of the employee and termination of the one vendor contract that was still open. Last month, Immunocore recovered £1.8 million from the former employee and third-party vendors. 

The investigation showed Immunocore’s internal controls “did not operate effectively to prevent or timely detect unauthorized contracts and purchase orders.” In light of those shortcomings, the U.K. biotech has added personnel to implement procurement controls and improved its purchase order software. The procurement process now features additional layers of contract review. 

Immunocore disclosed the kickback scheme in IPO paperwork that also detailed other issues relevant to potential investors. For example, Immunocore revealed its U.S. trademark application for ImmTAX, the name of its TCR bispecific immunotherapies, is subject to an opposition filed by Immatics. The biotechs are both working on TCR bispecifics. Immunocore warned the dispute may force it to change the branding of the ImmTAX platform, incurring costs and affecting name recognition in the process.  

Finally, Immunocore disclosed “two minor phishing attack incidents” dating back to 2018 and 2019. The IPO filing lacks further details of the attacks but talks in general about the cyberthreats to Immunocore, explaining that “the risk of a security breach or disruption, particularly through cyber-attacks or cyber intrusion, including by computer hackers, foreign governments and cyber terrorists, has generally increased.”