Without understanding geopolitical risk, how can you successfully transform?

2. The impact of political risk on a company

Executives must map the impact of political risks across their company’s activities so that they can better anticipate and prepare for potential disruptions in the new reality — and mitigate their impact.

Strategy and mergers and acquisitions (M&A) are seen by executives as the business functions that are most impacted by political risk. About 60% of executives in our survey assess a high or very high level of impact on these two areas. And about half of executives say sales and revenue, corporate finance and treasury are similarly highly impacted. With such a wide array of highly affected business activities, political risk can therefore have a profound effect on enterprise resilience.

Encouragingly, 70% of executives say their company has an individual or function assigned responsibility for political risk management. This global view hides important discrepancies by region, however. More than 80% of companies in Asia-Pacific and Europe say they have someone tasked with political risk management, but only 51% of companies in the Americas say the same.

The global C-suite has not yet reached consensus on where primary responsibility for political risk management sits. Our survey shows that it is held in a number of different business functions. The most commonly cited functions for political risk management responsibility are risk and finance or treasury — but each of these is pointed to by only about one-quarter of global executives. The other half of companies assign the responsibility to a wide array of functions and individuals.

We recommend the responsible party be empowered to work cross-functionally and be able to effectively coordinate strategies for all stakeholders. That makes the CRO or CFO — or, indeed, any individual or function with strategic cross-functional authority — natural choices for the coordination of political risk management.

4. The tools available to manage political risk

The COVID-19 pandemic brought to the fore questions about the most effective risk management tools. Chief among these should be political risk management tools, given government policy responses to the pandemic are helping to shape the post-pandemic normal.

Executives tell us companies are already taking a variety of political risk management actions. Integrating political risk into enterprise risk management (ERM) frameworks and processes is the most common, with 85% of executives saying their company has done this. The other most common risk management actions taken by the global C-suite today are performing assessments of political risk exposure and recruiting individuals with political experience onto the board or senior leadership.

More than 40% of companies are taking 10 or more different actions to manage political risk. What's less certain is whether companies are taking this suite of actions to integrate political risk assessment into risk management, strategy and governance — what we call geostrategy — or simply implementing a series of one-off actions amounting to a piecemeal approach.

Executives still see room for improvement. Three practices stand out as providing companies with the opportunity to significantly or highly improve their political risk management: scenario analysis, collecting data on sources of political risk, and obtaining political risk insight from external sources.

Fully 89% of executives point to scenario analysis as a current or desired political risk management tool. The strategic foresight scenario analysis can provide is even more vital as companies position themselves for growth beyond the COVID-19 era. The only other two political risk management actions that executives emphasize to a similar degree are collecting data on sources of political risk, such as early warning indicators, and obtaining political risk insight from external sources. The latter is important because the often subjective nature of political risk analysis means that collecting a variety of viewpoints can be useful.

5. Whether political risk management is at the core of how a company operates

A majority of executives point to improvements in governance as crucial for better political risk management. There are three areas of governance executives believe would significantly or highly improve their ability to manage political risk. Just over half of executives say that incentives and processes to overcome internal silos, a more dynamic process around communication of political risks, and a better understanding of political risk across key functions would strengthen their ability to manage the risk.

Importantly, among the 76% of companies that have brought someone with political experience to the board or management, 66% still struggle with silos. It is not enough to simply bring political risk expertise in house — that expertise must be shared broadly across the organization.

Indeed, EY’s recent CEO Imperative study argues that C-suites need to break silos to increase organizational agility. Managing political risks — or any external risk for that matter — requires a cross-functional, whole-of-enterprise approach. And breaking down silos helps to achieve the other two impactful governance improvements by enabling better communication and greater understanding about political risks across functions.

Conclusion

To face the myriad political risks arising today and awaiting tomorrow, organizations need to assign responsibility for political risk management, use the right set of tools to manage it, and integrate it into the core of how they operate.

Companies don’t have to accept the supply chain disruptions and revenue losses that rising levels of political risk can generate. Our survey results indicate political risks can be managed. While 51% of global executives say political risk is having a greater effect on their companies today than just two years ago, 50% are also very confident in their ability to effectively manage it. Given the governance challenges a majority of executives identify, it’s unclear whether this confidence is warranted, however. It’s not enough to simply “check the box” on a set of political risk management actions. Companies must go further to implement a geostrategy — incorporating political risk management into their broader risk management, strategy and governance approaches.

COVID-19 has presented executives with the opportunity to design and implement a geostrategy to improve political risk management and enterprise resiliency in both the short term — mitigating the risks associated with pandemic-induced shifts in government policies and geopolitical relations — and the long term — as companies adjust to whatever new reality arises in the wake of this pandemic.

Mitigating political risk requires adopting a systematic and cross-functional approach that embeds geostrategy within company culture. Companies that do so will successfully migrate political risk management from the periphery to the core, improving their enterprise resilience to the COVID-19 pandemic and whatever political risks may come in the future.