Some risks do come and go. But amid headlines involving cyberattacks, climate change and corruption, it can be easy to forget that geopolitical risk forms the single most significant threat to businesses in a range of sectors.
Geopolitical risk is the number one global corporate risk. Political and civil tensions remain high across the world. The race between the U.S. and China for technological leadership is intensifying. Geopolitically motivated cyberevents are increasing, as evidenced by the recent ransomware attacks on national infrastructure.
Risk and compliance leaders can best manage the growing geopolitical risk landscape by applying lessons learned from past risk events.
Why You Need to Pay Attention to Geopolitical Risk
The business impact of geopolitical risks cuts deep. In fact, 68 percent of executives state geopolitical risks have a very high impact on their company. Immigration and travel restrictions can limit availability of talent and key skill sets. Slow response to social issues or the suspicious activities of third parties overseas could lead to reputational consequences. Trade conflicts, tariffs and sanctions threaten supply-chain performance. Recessions and economic uncertainty slow revenue growth.
Each of these impacts is severe on its own. A perfect storm of coalescing geopolitical threats could significantly disrupt businesses that haven’t properly prepared.
3 Steps to Take Now
Get a handle on geopolitical threats now. Here’s where to start:
1. Strengthen Your Third-Party Risk Management (TPRM) Program
Your organization’s resilience against geopolitical risks heavily depends on your third parties. One poor decision by a vendor can poke holes in the defenses you’ve worked hard to build.
More than 80 percent of legal and compliance leaders admit that their organization identified third-party risks after initial onboarding. Do your due diligence before the contract is signed to ensure you only engage with trusted vendors that share your values. And make sure you’re not associating with any vendors that may cause harm to the company, including involvement in malicious activity, terrorist groups or other risky behavior. Send detailed questionnaires to verify that your third parties operate in accordance with what they’ve told you.
2. Ensure Ownership at the Executive Level for Geopolitical Risk
Senior leaders are recognizing the urgent need to have a chief risk officer (CRO) at the executive table. CROs look at risk holistically. They are attuned to the various business impacts of geopolitical and other threats and can strategically guide executives on how to address high-impact events.
Organizations that appoint a CRO are better positioned to handle geopolitical risk events and bounce back faster if disruption occurs. The path for navigating through the crisis is much clearer when one person is accountable for steering the company’s risk strategy and working with functional leaders to mobilize its risk response.
3. Turn Your Risk Data Into Targeted Actions
Confident, fast decision-making can minimize geopolitical disruption. This ability to respond quickly requires facts. Educated guesses and gut feelings are no match for today’s interconnected risk landscape. One overlooked threat, even one that seems inconsequential, could lead to a catastrophic event. Risk and compliance leaders need clear insight into the impact and consequence of every decision.
Technology creates this complete and contextual view of the organization’s risk environment. The right software can centralize risk data from across the organization, connect the dots between insurable and noninsurable risk and make the information actionable. You’ll have a clear understanding of how one geopolitical risk could impact other areas of the business – reputation, competitive position, strategic growth and more – and what needs to be done to prepare and respond.
Boost Defenses Against Geopolitical Risk
One of the biggest lessons learned from dealing with the disruptions of the past year is to anticipate even the most unlikely scenarios. No leader wants to be caught off guard by a geopolitical risk they didn’t plan for.
Prepare now and honestly assess which risk management policies, processes and systems have worked for your organization. Where can you strengthen your approach and infrastructure to withstand a new wave of threats?
The next event could come at any time. Organizations serious about boosting resiliency will proactively build the capabilities and confidence to address growing geopolitical risks.