Geopolitical risks to supply chains are top of mind across C-Suites but few say what it means. The term “geopolitical risk” has largely become a codeword for import, export, and economic sanctions compliance. The fast pace of change in 2025 requires adopting meaningful compliance structures that achieve results. It is no longer acceptable to simply rely on a “policy” that collects dust. Today thoughtful compliance structures are mission-critical for making sure sales and deliveries occur, payments are received, supply is not interrupted, investors are happy, and negative headlines are avoided.
Now is the time to think strategically about developing quality compliance programs that empower personnel in procurement, sales, shipping, and logistics roles to do the right thing and protect the company. Four keys to successful compliance structures can help deliver results.
1) Risk Assessment and Awareness
Every supply chain has unique compliance risks. Those are driven by footprint, industry sector, and types of third-party relationships. Some companies will face very real forced labor risk for import compliance, critical technology risk for export compliance, sanctions risk for financial transactions with foreign relationships, and many others. A good kicking-off point is to conduct a preliminary risk assessment followed by awareness training. Lack of awareness for company-specific risks has become acute among many internal teams, suppliers and customers, and supply chain service providers. Recent tariff changes and the Ukraine War have made this painfully clear to many supply chains.
2) Roles and Responsibilities
Getting the right team around enterprise-wide compliance, and at appropriate roles within business units, is as important as identifying incidents and managing through those. If there are red flags or concerns then clarity on how to escalate those, and to whom, is half the battle. We are living in a “see something say something” environment. The other half of the battle is that compliance leadership or outside counsel will swiftly resolve any concerns from personnel or investigate whether or not a violation occurred. In most cases learnings can be found to improve ongoing processes even if there is no violation. If there are material issues then corrective actions can be implemented and voluntary disclosures can be considered to mitigate risk of civil penalties. This exercise also produces valuable documentation to defend against government investigation.
3) Risk Appropriate Compliance Processes
Compliance is a process. It must begin and it never ends. It is essential to create behaviors and resources that maintain awareness of rules and red flags for the existing team and new hires as well as for responding to global changes. The toolbox for business operations compliance is full: appropriate compliance policies, internal and external training resources, processes for risk and role specific functions like sales or shipping, consolidated classification of HTS codes for imports and ECCN codes for non-military exports, and automated sanctions screening functionality in company ERPs and operating systems. Compliance personnel must determine which mix of tools is best for managing compliance without unreasonably restricting business. This is not a one-size-fits-all problem. If done well then a thoughtful foundational compliance program can grow and change to meet the evolving company relationships, footprint, and trade lanes.
4) Procurement and Sales Teams
The golden rule of compliance is to avoid self-blinding. Procurement and sales professionals are on the leading-edge of defense against regulatory violations, quality assurance, and financial risk. Targeted questions on the front end can be as helpful in recognizing geopolitical risk as assessing credit is for financial performance. Developing thoughtful onboarding processes can ensure that responsible due diligence occurs before sending or taking a purchase order. Every supply chain is different but key questions can include: company demographics like top leaders and ownership, company footprints around the world, company affiliates, credit ratings, and banks through which company will pay or get paid. Those onboarding records yield party names and fact patterns for screening.
Jonathan Todd is a Partner with Benesch Law. He is available by telephone at 216-363-4658 or by e-mail at jtodd@beneschlaw.com