Geopolitics drive a significant amount of risk and create liabilities in sectors and locations that may seem far removed from world events. For example, consider how conflict in Ukraine has impacted economies and sanctions regimes across the U.S. and EU. Because of these risks, risk practitioners must consider how global events can quickly challenge risk management strategies. As U.S. Deputy Attorney General Lisa O. Monaco recently said, “companies are on the front lines of today’s geopolitical and national security challenges.”
The world is undoubtedly at a governance crossroads. This year, at least 64 countries will hold elections and millions of members of Gen Z will reach the eligible voting age, increasing the probability of significant shifts in the established world order, including longstanding regulatory norms. Elections and political polarization also lead to an increase in misinformation and disinformation campaigns that can sway voters, public discourse and business reputations. In addition, politicized regulation, fiscal spending decisions and global conflict can significantly impact national economies and companies.
It is essential for companies to get more proactive about managing their geopolitical risk exposure. Here is a breakdown of the key geopolitical risks to consider for the rest of 2024 and ways for companies to remain resilient:
1. Global Conflict
International conflict will continue and expand in 2024, increasing the downstream impact on companies operating globally. Conflicts in Ukraine and Gaza have recently hurt portfolio investments in sectors ranging from tourism to energy, while also spurring growth in others. Companies must understand how major geopolitical shifts impact revenue to protect themselves from conflict-related risks and disruptions up and down the supply chain. Key questions focus on how conflicts affect shareholder value, customer access, operating costs, market share and security expenses. Global conflict will also factor into insurance decisions and costs as certain insurers have suffered from recent events and others are weighing future risks. Assessing your geopolitical risk exposure will allow more informed decision-making when negotiating your insurance coverage.
2. Economic Sanctions
Recently, economic sanctions have significantly impacted the global economy. Western sanctions issued by U.S., UK and EU against Russia have grown in scope and complexity. Other countries, including China, have also issued sanctions against U.S. companies, which increases the burden on risk teams to ensure strict compliance. Notably, the U.S. Department of Justice has prioritized sanctions enforcement and will pursue sanctions evaders in 2024, increasing the magnitude of potential financial and reputation risks from violations.
Understanding your exposure to potential sanctions in emerging and established markets now requires more extensive due diligence and boots-on-the-ground knowledge than in the past. Simply reviewing lists of sanctioned entities may not uncover indirect sanctions exposure within your company’s supply chain.
3. Social Unrest
Social unrest has defined the post-COVID era in ways that few other trends can match. Political demonstrations and activism can pose risk to assets and security in diverse sectors and countries. Climate activism, protests over the Middle East conflict, government reforms, migration, and sectors ranging from agriculture to the automotive industry have blurred the lines between political action and social movements. However, open-source intelligence monitoring can provide suitable advanced warnings of unrest and may facilitate advanced planning for alternative supply chains, insurance packages and inventory. In addition, keeping a pulse on local public sentiment toward your company may help you to anticipate any social unrest issues that could directly impact ongoing operations.
4. Misinformation and Disinformation
Respondents to the World Economic Forum's Global Risks Report 2024 cited misinformation and disinformation risk as their top concern. Additionally, what was once the domain of politics and propaganda is now a risk to the private sector. Elections are one thing, but companies worldwide also face new risks in the form of social engineering attacks, reputation threats and fraud risks from misinformation and disinformation. This year, disinformation in the form of deepfake attacks impersonating executive management cost one Hong Kong firm millions of dollars. Today, companies even face professional disinformation agents that can target any company and tarnish its reputation.
Tackling disinformation threats requires establishing a team within your company to respond in the event of an attack. The team may include legal counsel, risk officers, public relations leaders and cybersecurity professionals who can establish and execute crisis response plans.
5. AI Implementation and Regulation
The competition over AI and the risks firms face when considering implementation of such technology are heating up. Government leadership in the U.S. and Europe have recently recognized the emerging risks posed by AI and announced new guidelines. However, the early announcements demonstrate that government officials currently need to improve their ability to regulate rapidly evolving technology, increasing the burden on the private sector to avoid violations of current and emerging regulatory requirements.
Aside from monitoring emerging regulations, companies will need to develop policies regarding the internal use of the technology and how to mitigate risks posed by outside or foreign actors that may be utilizing AI technology for illicit purposes.
6. Cybersecurity and Critical Infrastructure Risks
The new front lines in global conflict are frequently established through cybersecurity attacks, and there are heightened risks in areas near international conflicts. For example, Russia has ramped up attacks against companies located in Baltic states supporting Ukraine and NATO. Warfare today is also coming to include cyberattacks on critical infrastructure. In the Ukraine war, for example, Russia has waged cyberattacks against civilian power grids.
The Biden administration has also warned of emerging critical infrastructure security risks in the United States. Water utilities have repeatedly been targeted by nation-state hackers, for example. FBI Director Christopher Wray also recently warned of the threat to U.S. infrastructure due to Chinese hacking networks and the advanced placement of malware. Wray noted that Beijing has been placing “offensive weapons within our critical infrastructure poised to attack whenever Beijing decides the time is right.”
Today, terrorists and hostile governments no longer confine themselves to government targets, often targeting the private sector as well. The U.S. Cybersecurity & Infrastructure Security Agency provides an in-depth breakdown of the key risk sectors. Companies involved in the management of utilities, financial services, transportation, shipping and public venues are all at higher risk of attack.
To combat cybersecurity and critical infrastructure risks, firms must first examine their proximity to global conflict zones, even indirectly through suppliers or service providers. Then, companies must establish a cybersecurity plan for emerging international threats. The latter may require consulting with overseas local partners to employ the most effective cybersecurity measures available to thwart potential or known attack patterns.
7. National Elections
Elections can rapidly shift the regulatory and economic landscape. If a company is not prepared, the impact on its bottom line can be immediate. Heightened political activity and polarization can also translate into greater risk of civil unrest. Mitigating election-related risk requires scenario planning to ensure that existing compliance programs and operating plans will hold up in the event of different election outcomes.
8. Know Your Customer (KYC) Risks
To avoid bad actors, it is essential to know who you are doing business with. Depending on the scope and scale of a business, there may be hidden risk exposure to money laundering and sanctions evasion. As specific industries are more prone to these risks, businesses in these verticals are at greater risk of compliance failures regarding anti-money laundering (AML) regulation and KYC requirements. For example, the U.S. government has recognized the increased risks associated with real estate investment in the country. The Department of Treasury recently proposed a rule focused on curbing money laundering through real estate, particularly for all-cash deals.
All companies should assess their current KYC programs to best avoid exposure to money laundering or terrorist financing links, starting with understanding who your customers and clients are. It is also essential to periodically review a risk-ranking methodology in the context of shifting geopolitical conditions. Relying on available watch lists alone may not truly depict the current risk landscape as watch lists are backward-looking. Organizations must also ensure that their risk management program incorporates a forward-looking mechanism to account for emerging risks.
9. Supply Chain Integrity
Supply chain disruption is still top-of-mind for many companies, especially those that have felt the impact of COVID-era breakdowns. Global tensions, including ongoing and emerging conflicts, directly impact supply chain integrity. From investors to customers, many stakeholders now prioritize avoiding supply chain-related environmental and social harm. Ensuring a healthy supply chain requires a deep understanding of the third parties involved, digging below the immediate tier-one suppliers and conducting due diligence on tier-two and tier-three entities.
Many companies are now reconsidering their supply chain networks and seeking new locations and partners with decreased risk exposure. In the coming years, long-term company resilience may depend directly on supply chain reliability.
10. Inflation and Price Stability
Inflation and price stability can significantly impact both domestic and international revenue streams. Avoiding loss requires understanding the macroeconomic and microeconomic conditions impacting a given market. In Argentina, for example, the national currency recently became virtually worthless overnight, with inflation ultimately topping 200%. While this case is extreme, even minor fluctuations can impact the value and sustainability of overseas contracts. It is increasingly critical to be sure to consider inflation risk as part of contract and insurance negotiations.
How Risk Teams Can Prepare for and Mitigate Geopolitical Risk
While the risks above may seem daunting, there are steps risk professionals can take to minimize their firm’s exposure and ensure business resiliency in 2024 and beyond.
- Understand your firm’s current risk profile and exposure to the global risk landscape. Geopolitical risk can impact operations, supply chain integrity, cybersecurity protections and insurance premiums.
- Consider integrating geopolitical risk-monitoring into existing risk management and reporting structures. This can differ significantly by industry and company size. Stress testing risk management programs against alternative geopolitical scenarios is also important.
- Consider developing and delivering training on geopolitical risk. The program’s goal should be to educate risk management teams on what to look for on the global risk horizon. Identifying emerging risks can strengthen a company's ability to respond.
- Ensure that any key investment decisions include geopolitical risk analysis. This requires integrating global risk assessments into due diligence processes. For example, due diligence around mergers and acquisitions should incorporate how world events can impact well-established operating plans and projected valuations. Ultimately, an acquisition’s value can rapidly erode based on changing geopolitical factors that may throw business operations off course.
Companies that integrate geopolitical risk analysis into their risk management programs will not only enhance their ability to spot and mitigate emerging risks, but also bolster their strategic planning capabilities and ensure long-term resilience.