Skip to main content

How to build resilience against challenging geopolitical risk

By Frederick Gentile | January 14, 2021

To remain successful in a volatile environment, organizations must have their boards’ support in managing risk and building resilience.
Corporate Risk Tools and Technology|Credit, Political Risk and Terrorism|Cyber Risk Management
Climate Risk and Resilience|COVID 19 Coronavirus|Geopolitical Risk

Geopolitical risks such as global economic recession, Brexit, societal discontent and inequality, climate change and biodiversity loss, all highlight the fragility of the world in which businesses operate. These events or changes will, to varying degrees, impact all of us.

Some will become winners. Take health care for example: Despite COVID-19, the S&P 500 pharmaceuticals, biotech and life sciences index outperformed the broader S&P 500 index in 2020. But also in other sectors: Just think Amazon.

Others however will be losers – such as, for example, the arts and theater, retail, travel and the leisure and hospitality industries.

So the question is, how can companies stay winners? The answer lies in managing risk and building resilience to help ensure long-term success.

The board’s role in resilience

Resilience needs to be built into the narrative of boardroom conversations. By resilience we mean an organization’s ability to identify, understand, respond to and successfully adapt to changes or events that may adversely – or favorably – affect it.

What’s interesting is that more and more people are talking about the need to be resilient. Lord Toby Harris, Chair of the National Preparedness Commission, has spoken recently on the subject. President-elect Joe Biden has referenced the need to make supply chains more resilient. And in October 2020, the Deputy Secretary General of NATO gave a keynote speech on the critical need to build resilience in society and commerce.

What are the key supply chain threats?

A recurring theme in these commentaries is the subject of supply chain resilience. We saw some of the impacts early in the pandemic. A 2019 survey by the Business Continuity Institute (BCI) with supply chain professionals revealed some interesting thoughts.

Cyber risk

Topping the list, unsurprisingly, is cyber threat. The cyber espionage group called Dragonfly, for example, has apparently been targeting companies across Europe and North America through their supply chains. Given the current focus on vaccines, it is interesting to note that while the primary target of the group’s activities was energy, there was evidence to suggest companies in the pharma and biotech sectors may have been the true targets. When you consider the immense value of intellectual property and patents, you can understand why pharma companies have experienced cyber attacks.

Political change and regulatory risk

Political change and regulatory requirements are two relatively recent factors that have risen to the forefront and this relates, to some extent, to societal discontent. Perhaps this sentiment is also seen in Brexit and the recent U.S. elections.

Extreme weather

Adverse weather also continues to be a top risk for the immediate and midterm future. And this becomes starker when you consider the effects of hurricanes like Harvey, Irma and Maria, and the California wildfires, which affected transportation and supply routes. It is no surprise, perhaps, that Sydney Australia recently experienced its hottest November night in 160 years with over 60 bush and grass fires burning across New South Wales.

Grey-zone aggression

I suggest we add another disruptor: Grey zone aggression in which powers such as Russia, China and Iran can exercise aggression and coercion without exposing themselves to the risks of escalation and severe retribution. China recently suspended imports of certain meats, coal and barley from Australia as retribution for suggesting a global investigation into the origin and handling of COVID-19.

What should we do?

The importance of understanding geopolitical risk cannot be overstated. We examine the drivers of geopolitical risks through six fundamental lenses:

  • People
  • Resilience
  • Climate
  • Cyber
  • Investment
  • Reputation

While companies may be powerless to avoid the impacts of geopolitical events, they may be able to mitigate them through understanding, analysis and planning. We have used this approach successfully with a number of clients and strongly advocate this method.

It’s important to keep the following in mind to mitigate some of these critical risks:

  • Understanding supply chains and the risks at each stage in the chain is absolutely critical. Geospatial supply chain analysis mapping, which focuses on natural peril risk assessment, climate, geopolitical risk and supply chain management, can help enormously in this respect. For example, we recently developed a global analysis tool for the aviation sector that maps the changing effects of pandemic closures on airports and flight routes. This was also then linked to a Willis Research Network project carried out in collaboration with the Cambridge Centre for Risk Studies to identify further risks most likely to disrupt airport operations.
  • Building supply chain continuity into mainstream business continuity plans is also very wise. Business continuity management is a capability that all companies should have in their ‘resilience’ arsenal. Its value has been particularly highlighted during the COVID-19 experience, but we should not assume that it ends there. Now more than ever companies need to ensure they have well versed response and recovery plans which have been tried and tested.
  • Linking supply chain exposure to business interruption modeling is another way to improve supply chain resilience. Some years ago for instance, we supported an energy provider in modeling losses arising from failure in its supply chain by mapping its key North American suppliers and routes, including key ports, creating a risk register and identifying their loss exposures over a three-year period. This then informed its business interruption quantification and the decision to buy non-contingent business interruption cover.
  • Organizations should also, where possible, understand their cyber exposure and assess the risks so that they can make informed decisions about their cyber-risk arrangements and suitability of cyberinsurance. 
  • Last, but by no means least, is enterprise risk management. By developing visibility and understanding enterprise risk, companies will be better placed to manage and monitor it. Solutions such as risk identification workshops, development of registers, identification of appetite and design of risk management frameworks and, of course, total cost of risk assessment are ideally suited to achieve this.


This blog begins to address the question of how to build resilience against challenging geopolitical risk. While it is by no means exhaustive, it does try to make the key points. To reiterate: A good starting point is to understand the complexity and diversity of geopolitical risk and, in particular, the effects it can have on supply chain and your business operations.

Understanding these risks allows you to take action before they materialize and, perhaps above all, respond to them by successfully adapting to a changing landscape without prejudicing your organization’s future.


Director of Risk Engagement

Contact Us