The latest enterprise risk management news from around the world

The Risk Coalition has released best practice guidance for company boards and risk functions on responding to geopolitical risk and the diverse range of ways it can impact business performance. In this article Derek Leatherdale, Managing Director, GRI Strategies Ltd, explores the growing issue of geopolitical risk and how the new guidance can help.

Business leaders and board members are generally well aware that the global geopolitical environment has become more volatile. A spate of global corporate surveys in recent years, across industry sectors, show concern about geopolitical instability has spiked amongst directors and management teams. This is not surprising. The immediate post-Cold War years, memorably described by Francis Fukuyama as ‘the end of history’, are long gone – though not before many firms globalised their market footprint and supply chains.

Globalised business models are now exposed to an increasingly antagonistic geopolitical environment, however. Deteriorating US-China relations represent perhaps the most significant aspect of this for firms, given the significance of both countries in the global economy. Trade wars, sanctions, and financial and geo-economic measures in key industry sectors like technology, financial services, and strategic commodities have all come to the fore in recent years and show few signs of abating despite the change in US administration.

Underlying these measures are concerns about China’s role in Hong Kong, and increasingly militarised disputes over Taiwan and maritime sovereignty in the South and East China Seas.

The risk list goes further. In the Middle East, new tensions drive the kind of volatility long associated with the region. The politics and fiscal arrangements of the Eurozone remain unsettled, while concern has risen in recent years about the state of domestic politics in the US, once regarded as the international guarantor of global stability. Emerging markets elsewhere in Asia, Africa, and Latin America remain characterised by political and socio-economic challenges.

In other words, geopolitical risk has gone from a peripheral emerging market concern to a core challenge across almost all of the global economy. While this was apparent before 2020, the COVID pandemic’s long-term macroeconomic and fiscal impacts will exacerbate global political friction.

The same corporate surveys also show something else, however. Neither boards or management teams feel confident in their internal capabilities to interpret fast-moving geopolitical events or judge how these might impact their firms. The absence of this capability makes it impossible to consider effective impact mitigation.

Geopolitics increasingly cuts across the ESG landscape for corporates too. For instance, that climate change is likely to drive scarcity of key resources like water across national borders or generate destabilising migration flows is generally well known.

Less well appreciated are the causal links in the other direction. Measures such as the EU’s Carbon Border Adjustment Mechanism, regarded as thinly veiled protectionism by other states, risk adding to geopolitical friction, while the long-term stability implications of Net Zero for oil-exporting states in the Middle East, Africa, or Latin America, or the political risks inherent in their attempts to diversify economic models away from fossil fuel dependency, are not well understood.

How does this backdrop affect business? Observers tend to think primarily of impacts on supply chains or perhaps enhanced cyber risks. While these are certainly pressure points for some firms, the impacts go much wider.

For one, geopolitical volatility, and the associated use of geo-economic policy measures like tariffs and investment restrictions, degrade the macroeconomic conditions and industry sector performance on which corporate strategies are based. Geopolitical volatility can also disrupt key consumer or client segments for firms, while longer term political uncertainty undermines investment strategies. The increasingly complex crossover with corporate ESG agendas also creates additional reputational pressure on firms with key external stakeholders such as investors, regulators, and NGOs.

Geopolitics therefore has consequences for balance sheets and financial performance, as well as for operational and non-financial risk and control functions. Some of these areas are new, but geopolitics is equally capable of exacerbating the risks an organization already recognises. The challenge therefore is to optimise the management of multiple risk impacts from a new kind of macro external uncertainty and instability.

In this context, how can boards ensure their organization remains resilient to adverse external trends and shocks? Who in the organization should have the leadership and oversight capabilities and responsibilities in this area? More generally, what internal capabilities do businesses need to anticipate geopolitical risks and their impacts, and how should these be deployed internally?

Given the increasing significance of these issues it is striking that comprehensive guidance for firms on this subject does not already exist. This is partly because the issue is still relatively new and geopolitical risk management is not a traditional part of the corporate repertoire.

We at the Risk Coalition and GRI Strategies have sought to close this gap with innovative and comprehensive leading practice guidance, called ‘The Extra G – ESG2’. It focuses on the role of boards, their risk oversight committees, heads of risk and risk functions and articulates a framework approach that spans accountability, risk culture, the integration of specialised analytical capabilities and expertise, including within complex multinational groups, and the interface with corporate strategy setting.

The guidance also addresses the close links between geopolitical risks and environmental and social issues – hence squaring the G in the guidance title. Not only do these issues share a requirement for the kind of agile governance needed to anticipate and manage the multifaceted corporate impacts of a risk over which firms have no direct control, but their overlap means integrated oversight and risk management are increasingly key.

The guidance does not stand alone, however. Linked to it is a self-assessment tool that directors, management teams, heads of risk and others key stakeholders in firms can use to do two things.

First the tool generates an organization-wide perspective on whether leading practice is in place. Second, and more importantly, it allows internal users to select the practical steps and actions that can be taken to implement the guidance, allowing internal users to select the options that most suit their organization.

Early use of this tool, based on how the guidance applies to them, is beginning to yield interesting insights. Our data show how corporates in different sectors are responding to the challenge of geopolitical volatility and integrating new approaches to the oversight, anticipation, and management of the impacts of risks that have traditionally been seen as outside the control of businesses.

As the geopolitical environment becomes more ‘competitive’ – the euphemism used by diplomats and other political analysts to describe the trajectory of the geopolitical environment over the next two decades – business is increasingly affected. This is not all downside - geopolitics can also generate commercial opportunities for agile firms. For the first time, ESG2 gives boards and senior business leaders the guiderails needed to consider these issues systematically, develop resilience and enhance decision-making to successfully navigate a more challenging macro environment.

More details on ESG2 are available at:

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.