New Graphite Export Controls Jeopardize A&D, Electric Vehicle Supply Chains

By Michael Eddi & Harris Allgeier

Global supply chains continue to feel the string of an escalating trade war as China implements a new range of export restrictions targeting yet another important raw material: Graphite. The latest in a series of export controls levied by China, in a tit-for-tat battle of trade restrictions with the US, these new controls have significant ramifications for a swathe of industries including Aerospace & Defense, electric vehicles, and manufacturing.

In 2021, China produced 79.1 percent of the world’s natural graphite, despite only having 22 percent of global reserves. The new laws require export permits for two types of graphite, including high-purity, high-hardness synthetic graphite, and natural flake graphite and its products. These controls took effect December 1, 2023. (Click here to read a full translation of the new regulations)

The move comes on the heels of similar Gallium and Germanium export controls, levied by China in 2023. China’s Ministry of Commerce (MOC) has classified all these materials as dual-use items under export control. “Dual use” in this context means materials that have potential military and civilian applications.

Interos analysts looked at the possible impacts these new regulations could have for the electric vehicle and A&D sectors. We then created guidance for what supply chain leaders can do in response.

1. Graphite Restrictions’ Impact on Electric Vehicle Affordability

China produces nearly 100 percent of the processed graphite used to create battery anodes used in electric vehicles. The US is taking initial steps to help diversify graphite production. However the US currently has no domestic production of natural graphite and no domestic processing of graphite into anode materials for EV batteries. A potential graphite scarcity will reverberate through the entire production process, leading to higher overall production costs for EV manufacturers. This could impact the affordability of electric vehicles, reducing the adoption of clean energy transportation globally at a time when demand has already leveled off.

Furthermore, export controls on graphite from China could instigate a broader reassessment of supply chain strategies within the EV industry. EV firms might be compelled to diversify supply sources for critical materials, including graphite, to mitigate risks associated with sole-source dependency.

This strategic shift could involve exploring alternative global suppliers or fostering the development of domestic sources, to create a more resilient and distributed supply chain.

In South Korea, EV and battery manufacturers have been focusing on silicon anode materials as a key strategy to reduce dependence on Chinese graphite. This next-generation material is estimated to have “[…] an energy density about 10 times higher than the graphite-based anode materials currently used in most electric vehicle batteries  But it will be years before these materials can meaningfully replace Chinese graphite on a global scale.

The US is also investing in alternate graphite sources, with the Department of Defense awarding a $37.5 million contract to Canadian company Graphite One.

2. Graphite Restrictions’ Impact on Aerospace & Defense Operational Readiness

Graphite is used in a wide variety of various military applications in the A&D sector, including missile systems, jet components, body armor, and electronic components. Export controls on graphite could impact the operational readiness and capabilities of multiple defense systems. The strategic repercussions of this are even more severe during these times of heightened international tension, which inherently call for increased preparedness for conflict.

Domestically, the United States has looked to shore up its graphite extraction, refinement, and production capabilities via private entities. However these are a long way away from matching the levels currently imported from China.

3. An Increasingly Restricted Supply Chain

China’s new regulations will ensure a stable supply of graphite for its growing domestic industries. They will also offer the country greater economic control over other nations dependent on Chinese graphite. However, the decision to restrict graphite exports is considered by many as a retaliatory move, influenced by the US’s recent restrictions on exporting high-tech AI chips to China. The restrictions also come on the heels of several recent efforts by the Chinese government to limit access to critical raw materials used in semiconductors and advanced technologies.

China isn’t the only country to take a more protectionist stance on natural resources. Resource nationalization is sweeping across the Asia-Pacific region. In recent years Malaysia, Indonesia, Mongolia, India, and other countries have all implemented (or announced the intent to implement) legislation to secure critical raw materials (usually rare earth elements) for domestic industries and reduce dependency on external suppliers.

China’s restrictions are likely driven by multiple factors. These include a growing domestic need for the material, the regional/global push towards nationalization, and the US’ recent restrictions targeting China.

The restrictions are a perfect example of a growing nationalization movement, where nations increasingly view control over critical resources as essential for maintaining economic resilience and national security. Overall, these trends underscore the complex interplay between economic interests, geopolitical strategies, and the evolving dynamics of global trade. All of these play a crucial role when considering how to build a resilient supply chain.

 4. What can supply chain leaders do?

Supply chain managers in aerospace & defense, the electric vehicle sector, and other industries impacted by the new graphite export controls, or other recent trade restrictions, have several strategies available to them.

  • Advanced Intelligence and Continuous Monitoring: Utilize leading vs lagging risk indicators to continuously monitor potentially impacted suppliers and identify any vulnerable portions of your supply chain. The Interos platform tracks 400M+ entities in real-time to pre-empt sub-tier risk for aerospace and defense, technology, and other sectors.
  • Diversify Sourcing: Screen for alternative sourcing options for graphite from countries or regions not subject to import controls. Diversifying suppliers can help reduce the reliance on a single source and minimize the disruptions caused by import controls. This is also known as the process of identifying potential alternative suppliers that may exist within your industry’s periphery.
  • Optimize Your Supply Chain: Review and optimize your supply chain to identify potential bottlenecks and vulnerabilities caused by export controls. Streamlining processes, improving logistics, and establishing backup plans can help ensure a smoother flow of materials despite regulatory constraints.
  • Maintain Regulatory Compliance: Stay updated on fast-moving export regulations and ensure full compliance with the requirements. Engage in advocacy efforts and lobbying activities to influence policymakers and advocate for more favorable import control policies that align with the interests of your supply chain.
  • Identify New Strategic Partnerships: Forge strategic partnerships with suppliers, distributors, and industry associations to collectively address challenges posed by import controls. Collaborative efforts can help leverage collective bargaining power and facilitate the sharing of resources and expertise.

To learn more about how Interos can help you manage regulatory compliance and identify latent geopolitical risk within your supply chain, click here.

The High Cost of Natural Disasters and How to Get Ahead of Them

By Geraint John

Wildfires, earthquakes, hurricanes, floods… just some of the catastrophic natural disasters that have devastated Libya and many other countries in recent weeks. The floods in Libya alone have killed over 11,000 people – with that number expected to rise. In addition to the tragic loss of life and destruction of people’s homes, these events also cost companies billions of dollars and can severely disrupt their supply chains.

Earlier this month, for example, Volkswagen was forced to suspend production at its Portuguese operations until November after a small sub-tier Slovenian supplier of engine parts had its sole valley-based factory wiped out by flooding. The shutdown is likely to cost VW tens of millions of euros in lost productivity.

The financial impact of natural disasters is rising almost as quickly as sea levels and global temperatures. Insurer Munich Re calculates that total economic losses have exceeded $200 billion worldwide in each of the past seven years (see chart below). Less than half of these losses were insured.

Figures for 2023 are on a pace to continue this upward trend, with damage estimated at $110 billion in the first half of the year – 12% higher than the average for the previous decade.

Global Losses From Natural Disasters

US$ billions, inflation adjusted

Chart showing global losses from natural disasters from 2013 - 2022 in billions of USD.

Supply chains bear much of this cost burden. Interos’ recent survey of 750 chief procurement officers (CPOs) found that the cost of extreme weather and natural catastrophes in their supply chains in 2022 was, on average, $45 million per organization.

Although supply shortages and commodity inflation led their list of risk concerns for the next 12 months, more than one-quarter ranked natural disasters in their top five. And just over one-fifth picked extreme weather/climate change.

While it is extremely difficult to predict, let alone prevent, catastrophic supply chain disruptions, CPOs and their teams need to be keenly aware of suppliers in potential disaster zones and closely monitor regional events as they unfold.

2023: A Catalogue of Devastation

Climate change is fueling more extreme weather patterns and more intense natural disasters, as global air, sea and land temperatures increase. A new Interos whitepaper on catastrophic risk notes that July 2023 was the hottest month on record, according to the World Meteorological Organization.

While the massive earthquake in Turkey and Syria in February, which claimed more than 50,000 lives, has been the most destructive and costly disaster in 2023 so far, there have also been many damaging climate-related events. They include:

  • The largest ever wildfires recorded in the European Union, in Greece in August, along with major fires last month in Canada and Maui, Hawaii.
  • Tropical storm Hillary in Southern California, also in August – the first time the U.S. National Hurricane Center has ever issued a tropical storm warning for the state.
  • Severe thunderstorms, tornadoes and hailstorms in the U.S., the most serious of which struck Texas in June, plus Hurricane Idalia in Florida on 30 August.
  • Unprecedented flooding in Hong Kong, due to record rainfall in September, and in New Zealand in late January and February, due in part to Cyclone Gabrielle – described as the worst storm to hit the country this century.

Key Supply Chain Hubs Susceptible to Natural Hazards

The supply chain impact of such events will, of course, vary depending on the physical presence of both upstream suppliers and downstream partners such as logistics providers. Interos’ whitepaper highlights the natural hazard risks associated with 10 major global supply chain hubs. These include earthquakes in Indonesia, Taiwan and the key U.S. port city of Los Angeles; drought and rising sea levels around the Panama Canal; and coastal flooding risks in Shanghai and at Europe’s largest port, Rotterdam.

Today, many organizations have limited visibility of how such events might impact their supply chains, and a lack of timely information about disruptions affecting critical suppliers. In Interos’ recent survey, just 4% of procurement leaders believed they would be aware of a supplier disrupted by extreme weather or a natural catastrophe at all tiers of their supply chains within a 48-hour period (see chart).

Almost half (44%) acknowledged that they needed to make “significant” or “major” improvements to their monitoring capabilities, since they would have either zero visibility during this time window or only be aware of events affecting their direct (tier-1) suppliers.

This is a serious constraint, since the research also found that disruptions in 2022 more commonly originated at indirect suppliers (those at tiers 2 and 3).

Visibility of Extreme Weather Events and Natural Catastrophes

Awareness of a supplier disruption within 48 hours of occurrence

Adapting Supply Chain Strategies to the ‘New Normal’

Overcoming these constraints means designing proactive assessments and continuous monitoring into supply chain and third-party risk management processes. Such measures include:

  • identifying which existing suppliers might be in areas more prone to natural hazards, and making adjustments to enable alternate locations and sources;
  • reviewing the geographic diversification of a supply chain to identify potential geographic concentration risks in disaster-prone areas;
  • integrating natural hazard risk as part of the evaluation process for new suppliers;
  • continuously monitoring natural hazard events to spot threats to operational business continuity faster and enable emergency response plans to be activated more rapidly.

To help organizations improve their visibility and awareness of natural disasters and weather-related events, Interos this month launched a new catastrophic risk model within its Resilience platform. Features of the new model include:

  • Comprehensive and timely hazard data: the most reliable meteorological real-time sources of information on hurricanes, earthquakes, floods, wildfires and other events.
  • Visualization of event impact zone: an intuitive world map that charts the path of tropical cyclones, impacted area of earthquakes and other natural hazard events as they relate to an organization’s global supply chain footprint.
  • Real-time catastrophic risk alerts: timely notifications of natural hazard events happening around the globe that could potentially impact suppliers at tiers 1, 2 and 3.
  • Dynamic supplier risk scores: historical location-based risk ratings for specific entities, plus a time-limited impact score that quantifies and applies a severity of risk only during a natural hazard’s duration and its aftermath.

With the upward trend in catastrophic events fast becoming the “new normal”, organizations need to adapt their supply chain strategies to take account of climate change impact.

Those that embrace this reality and deploy new digital capabilities to help them will be more resilient in the face of whatever Mother Nature decides to throw at them in the future.

How a Coup in Central Africa Could Threaten America’s Defense Supply Chains

By Joshua Clarke and Trevor Howe, Senior Operational Resilience Consultants

Multiple supply chain risks converged this week, with Hurricane Idalia spreading chaos in the Southeastern U.S. and a coup – over 6000 miles across the Atlantic – in Gabon threatening further disruption – particularly for the aerospace & defense sector.

Gabon’s military seized power yesterday following a controversial presidential election. Supply chain leaders are tracking the fallout as the country is the world’s second-largest producer of an essential material, manganese ore. The coup heralds both an uncertain time for industrial and commercial activity in the country and potential disruptions to global supply chains.

The Criticality of Manganese

Manganese is crucial for several industries including aerospace and defense, energy production and storage, and automotive – among others – because of its use as an alloying agent, metal coating additive, and as a cheaper, more ethically sourced alternative to cobalt. The shutoff of Manganese imports could impact everything from batteries to guns to automotive transmissions. Interos’ analysis identified over 155,000 US companies likely to be impacted.

According to the U.S. Geological Survey (USGS): “Because manganese is essential and irreplaceable in steelmaking and its global mining industry is dominated by just a few nations, it is considered one of the most critical mineral commodities for the United States.”

Between 2018 and 2021, 67% of manganese ore imported to the U.S. was from Gabon, compared with 19% from South Africa and 12% from Mexico. The U.S. is 100% reliant upon imports of manganese ore for apparent consumption.

Second African Coup in a Month Threatens Regional Stability and Vital Exports

This past Wednesday, Gabonese soldiers announced on national television they seized power in the African nation of Gabon and arrested recently re-elected President Ali Bongo, whose family has held power in Gabon since 1967. The soldiers behind the coup announced that they have canceled the recently certified election results.

The military announced that the country’s borders would be temporarily closed. This resulted in the anchoring of 30 commercial vessels off the coast of Gabon while they awaited the resumption of activity at the Port of Libreville.

Gabon’s top export is crude petroleum, accounting for 60.7% of its exports at approximately 200,000 barrels per day, making it Africa’s seventh largest oil producer. But there is more concern around manganese ore, which is Gabon’s other primary export.

The ore accounts for almost 23% of the country’s export activity, valued at $1.34 billion annually. The French mining firm Eramet, reportedly the top producer of manganese worldwide (having produced 7.5 mega tonnes of ore in 2022), announced shortly after the coup that it would temporarily halt all operations in the country, including the transportation of already-extracted ore.

A Flexible Transition Metal

Manganese ore is a key component in steel and alloy production because of its structure as a transition metal, which allows it to improve the strength, workability and wear resistance of partner metals. Manganese consumption in the U.S. is overwhelmingly focused on the production of iron and steel products, with 90% of manganese ore directed to this use. Beyond these applications, manganese is utilized for:

  • Aluminum alloys – Manganese, alloyed with copper, silicon, tin, nickel and zinc, is used to create high-strength and lightweight structures in aerospace and defense applications.
  • Stainless steel – Manganese, alloyed with silicon and nitrogen, is used to create oxidization-resistant steel.
  • Batteries – Manganese oxide, usually a processed version of manganese, is utilized in dry-cell and alkaline batteries to prevent the formation of hydrogen in a battery, preventing possible combustion or explosion.
  • Copper alloy – Manganin, an alloy of copper, manganese, and nickel, is utilized to create shunt resistors, with a low-temperature coefficient and resistance to sulfur, these resistors are useful for creating large currents.
  • Potassium permanganate – Manganese is essential to the production of potassium permanganate, which is widely used in drinking water and wastewater treatment.
  • Manganese phosphate – This type of metal finishing is mostly used within engines, transmission systems and gears to provide smoother overall operation while increasing the service life of treated components.

While the U.S. does maintain a domestic stockpile, disruption to manganese ore exports from Gabon could pose a material risk to American manganese refineries and manufacturers dependent on raw and refined manganese products. Manganese supply disruptions would most affect the following industries:

According to the USGS, manganese ore is consumed mainly by five companies at six U.S. facilities with plants principally in the Eastern and Midwestern States. Analysis by Interos suggests that these firms directly supply more than 200 U.S.-based customers and indirectly almost 155,000 as tier-2 suppliers.

Action That Affected Companies Need to Take

Since the coup, many countries in the international community have called for a return to Gabon’s elected government and to stability. Russia and China called for a peaceful resolution to the conflict, while France condemned the coup and called for a “commitment to free and transparent elections”.

Regardless of the coup’s ultimate outcome, the situation in Gabon – and the impact uncovered by Interos, is a stark reminder of how geopolitical turmoil (and a high degree of reliance on single/highly concentrated sources) can intersect with natural disruptions, like Hurricane Idalia, to threaten supply chains a world away.

At this time of uncertainty, companies can ill afford to sit idly by. Those that are dependent on manganese ore, particularly aerospace & defense organizations, need to identify where it is sourced within their extended ecosystem and understand their level of dependence on Gabon and suppliers operating in the country.

With its artificial intelligence-based software, Interos is well positioned to support supply chain risk management programs for companies around the world trying to address this issue. Interos provides continuous monitoring of suppliers with timely alerts so that companies can both get ahead of potential supply chain disturbances and be among the first to react to them.

Latest Salvo in the Chip Wars: Chinese Export Controls on Gallium and Germanium May Undermine Western Industries

By Trevor Howe, Senior Operational Resilience Consultant


China’s imposition of export controls earlier this month on two strategic raw materials could have significant implications for Western manufacturers of electric cars, smartphones and a host of other advanced technology products.


The restrictions require Chinese firms to attain special permits from the government to ship gallium  and germanium out of the country. Gallium compounds are commonly used in the manufacture of semiconductors, defense systems, medical devices and solar cells, while germanium is most often used in fiber optics.


Both the United States and the European Union (E.U.) are heavily reliant upon China as a source of these two critical commodities (see table below). So the Chinese government’s move could undermine global supply chains and increase the potential for disruption.


In the short term, these new export controls may add upward pressure to commodity prices in anticipation of constricted supplies to global markets. In the medium to long term, they could further accelerate moves in multiple countries to diversify the raw material supply chain away from China.


U.S. and E.U. Dependence on China for Gallium (Ga) and Germanium (Ge)


Net Reliance on Imports for Ga Import Reliance on China for Ga Net Reliance on Imports for Ge Import Reliance on China for Ge
U.S. 100% 53% >50% 54%
E.U. 98% 71% 42% 45%


Sources: The United States Geological Survey Mineral Commodities Survey (2023); The European Commission Study on the critical raw materials for the EU (2023)


An Escalating Technology Trade War


China’s action comes as it has been openly sparring with the U.S. in an escalating technology trade war. The export controls on gallium and germanium are widely seen as retaliation for the U.S. government’s restrictions on sales of advanced semiconductors and chip-making equipment to Chinese companies.


As well as its own export controls, the U.S. has been putting pressure on partners such as Japan, South Korea and the Netherlands to limit their sales. The Netherlands, for example, recently implemented controls on the export of advanced semiconductor manufacturing equipment to China from ASML. ASML is currently the only company in the world to produce extreme ultraviolet lithography machines used to produce leading-edge chips.


Given the reliance of American and European firms on Chinese supplies of gallium and germanium, experts are worried about the effect China’ new controls could have on aerospace & defense, energy, telecommunications and other industries affected. Moreover, there is the potential future threat to rare earth elements (REEs), the supply of which China also dominates. REEs are crucial for clean energy technologies, electric vehicles, consumer electronics, and national defense.


Gallium-Related Products Facing Export Controls


Gallium occurs in very small concentrations in ores of other metals. Most gallium is produced as a byproduct of processing bauxite, and the remainder is produced from zinc-processing residues. The metal is not currently recyclable and there is no substitute for its use in some products where increased semiconductor performance and efficiency are required.


Aside from gallium metal itself, China’s new controls will apply to several gallium-related products:


Material Usage Examples


Gallium arsenide (GaAs) Uses include as a doping material to manufacture compound semiconductor wafers used in integrated circuits (ICs) and optoelectronic devices, which include laser diodes, light-emitting diodes (LEDs), photodetectors, solar cells, and solid-state devices such as transistors. While several substitutes for GaAs do exist, no effective substitutes exist for GaAs in many defense-related applications where GaAs-based chips are used because of their unique properties.


Gallium nitride


Uses have been growing in importance because of its ability to offer significantly improved performance across a wide range of applications while reducing the energy and the physical space needed to deliver that performance when compared with conventional silicon technologies. For example, GaN is used in advanced radars such as the AN/TPQ-53 which has been provided to the US military.


Gallium phosphide (GaP) Uses include as a semiconductor and optical material for the manufacture of low and standard brightness red, orange, and green light-emitting diodes.


Gallium antimonide


Uses include as a compound semiconductor for infra-red (IR) photodetectors used in sensing and imaging applications. The application of GaSb detectors is extensive, encompassing military, industrial, medical, and environmental uses.


Gallium oxide


Uses take advantage of conduction and luminescence properties; this includes in semiconductors, gas sensing, catalysis, and nanostructures as blue and UV light emitters. Ga2O3 is also ued in spectroscopic analysis.


Gallium selenide


Uses include as a nonlinear optical material for frequency conversion of laser light and as a photoconductor.


Indium gallium arsenide (InGaAs) Uses include within photodetectors and short-wave infrared imaging (SWIR) devices, solar cells, high-speed electronics, and medical imaging.



Germanium-Related Products Facing Export Controls


The major use of germanium worldwide is for fiber-optic systems, whereby germanium is added to the pure silica glass core of fiber-optic cables to increase their refractive index, minimizing signal loss over long distances.


The available resources of germanium are associated with certain zinc and lead-zinc-copper sulfide ores. On a global scale, as little as 3% of the germanium contained in zinc concentrates is recovered. Significant amounts of germanium are contained in ash and flue dust generated in the combustion of certain coals for power generation.


Germanium is more available than gallium, with around 30% of global supply produced from recycled materials. However, there is a notable lack of information surrounding the mineral. According to the 2023 Mineral Commodity Summaries published by the U.S. Geological Survey, no data was available pertaining to world refinery production and reserves of germanium.


In addition to germanium metal, ingots, and substrates, China’s new controls will also apply to several germanium products:


Material Usage Examples


Germanium dioxide (GeO2) Uses include in phosphors, transistors, diodes, infrared-transmitting glass, and electroplating.


Germanium tetrachloride (GeCl4) A colorless liquid, its uses include as an intermediate in the production of purified germanium dioxide and germanium metal. GeCl4 is transparent to infrared light and therefore useful in optical materials. It is also widely used as a semiconductor and as an alloying agent.


Zinc germanium phosphide (ZnGeP2) Uses include in high power, high frequency applications and in laser diodes, especially as a component for the laser source of infrared countermeasure systems in military aircraft which protect aircraft from heat-seeking missiles.




Substitutes for germanium do exist (e.g., silicon in certain electronic applications and antimony/titanium are substitutes for use as polymerization catalysts), providing a degree of resilience to undercut supplies to global markets.


Government and Company Actions to Manage Strategic Risks


Given the geopolitical context for China’s controls on gallium and germanium exports, and the concentration of global supply, there will inevitably have to be problem solving at the government level to address any shortages. Countries can bolster their resilience by maintaining strategic stockpiles, identifying alternate suppliers, investing in domestic extraction or production, or promoting the expansion of the industry via incentives for the private sector.


South Korea serves as a prime example; officials there reported that the short-term effects on operations in their country would be limited due in part to stockpiling and alternative supplies. The Korea Mine Rehabilitation and Mineral Resources Corporation has approximately 40 days’ stockpile of gallium that domestic manufacturers could use.


Meanwhile, the E.U. is engaging with countries in South America to secure further access the region’s abundant raw materials. If the E.U. can successfully expand its partnership with the Southern Common market (MERCOSUR), it would help achieve its strategic goal of securing a diversified, affordable, and sustainable supply of critical raw materials.


At the same time, the E.U. intends to bolster domestic production through recently proposed legislation such as the Critical Raw Materials Act.


While governments must step in to secure their countries’ respective supply chains, companies can ill afford to sit idly by and not take proactive steps to secure their direct supply chain. Although relatively few companies would be in a position to invest in REE or critical commodity extraction or production, they can still benefit from identifying where these materials are sourced from within their ecosystem.

This type of visibility deep into the supply chain can help uncover concentrated reliance on a supplier or region, and the information leveraged to pursue de-risking methods such as supply base diversification to bolster resilience against certain risks.


With its artificial intelligence-based software, Interos is well positioned to support supply chain risk management programs for companies around the world trying to address this issue, as well as future disruptions that may arise.

Russian Mutiny Highlights Risks Firms Face in Global Mineral Supply Chains

By Klaudia Kokoszka & Mackenzie Clark

Coverage of the Wagner Group’s recent attempted mutiny in Russia naturally focused on the threat it posed to President Vladimir Putin’s power. Less well known is the role played by Yevgeny Prigozhin’s mercenary organization in the global supply chain for gold.

Wagner has long been suspected of operating in parts of Sub-Saharan Africa. In that region, they have exploited vulnerabilities in the gold supply chain to enrich themselves and fund their operations. Recent attention on the group has spurred a U.S. Africa Gold Advisory targeting a major source of their funding.

Using the Interos platform we identified over 600,000 companies that rely on conflict minerals. This broad exposure highlights the degree to which the global economy depends on a raw materials trade that directly benefits paramilitary and terrorist groups. These associations also pose significant regulatory and reputational concerns for companies that rely on these supply chains.

A History of Exploitation

On June 27, the U.S. Departments of State, the Treasury, Commerce, Homeland Security, Labor, and the United States Agency for International Development (USAID) warned firms to be on high alert to potential exposure to illicit gold within their supply chains.

This advisory followed a U.S. Treasury Office of Foreign Assets Control (OFAC) decision earlier in the year to sanction companies engaging with the Wagner Group in the illicit gold trade. The group uses this trade to fund its expansion. The proceeds also, like the Russian government, pay for Wagner’s military activities in Ukraine.

Wagner has also been connected to numerous human rights violations in the plunder of natural resources from conflict-affected nations. The group has long been known to have a presence across Sub-Saharan Africa. They are often found in the Central African Republic (CAR). The CAR is designated as a “country of concern” under the conflict minerals provision (Section 1502) of the Dodd Frank Act.

Since 2010, the Act has established an SEC (Securities and Exchange Commission) disclosure requirement for companies that manufacture products using so-called “conflict minerals”. The conflict minerals list consists of  tin, tungsten, tantalum, and gold, and often referred to as “3TG”. These minerals originate from the Democratic Republic of the Congo and surrounding countries. These include Angola, Burundi, the CAR, Republic of the Congo, Rwanda, South Sudan, Tanzania, Uganda and Zambia.

These countries are at higher risk of exploitation by armed groups such as Wagner and Islamic State. These illicit entities finance their activities by taking advantage of vulnerabilities in the mining, processing, and distribution of conflict minerals. In the process, they are able to significantly enrich themselves.

Interos Supply Chain Data Analysis

We took a look at Interos’ global relationship platform data in conjunction with the National Resource Governance Institute’s Resource Contracts database. With this data, we mapped the extended supply chains of companies that hold 3TG mining contracts with countries of concern in Sub-Saharan Africa.

We identified over 600,000 companies that rely on conflict minerals either directly or indirectly, in the extended supply chain of the firms that hold these contracts. This includes 56 direct relationships to mining companies. It also includes 25,000 indirect buyer-supplier relationships in the second tier, and over five million relationships in the third tier.

These relationship networks quickly expand as you move away from the source of these minerals, which are generally several tiers deep within global supply chains.

Who Uses Conflict Minerals?

While the mining and processing of 3TG is based largely in the global south, the consumption of value-added goods containing these minerals, such as semiconductors, chips, wires, and batteries, is highly concentrated among Western Economies.

Map showing counties where conflict minerals are mined.

Of those firms that have direct relationships with the mining companies, more than three quarters are located in developing and growing economies. Over half are based in India.

Downstream consumers of conflict minerals are defined as those likely purchasing a post-processed and value-added product. More than three quarters of these are based in North America and Europe.

Map showing counties where conflict minerals are consumed.

The United States is the single largest 3TG purchaser, representing nearly 45% of all downstream consumers. The second largest is the United Kingdom, representing over 9% of downstream consumers.

Based on these findings, the United States holds an extremely sensitive position in the supply chains of 3TG, and disruptions to and regulatory risks associated with these commodities will strongly impact U.S. firms.

A broad range of industries rely on conflict minerals, either directly or indirectly. Some of the most exposed industries, based on prevalence among downstream consumers, include software and communications (8%), construction (4%), vehicle manufacturing (3%), information services (3%), medical products (3%), household electronics (3%) and aerospace engineering (1%).

These industries alone make up over 40% of the companies vulnerable to a disruption in the conflict mineral supply chain. They include some of the largest global producers of technology, software, transportation, and heavy machinery. The adverse impact to these types of companies derives from their reliance on raw minerals in the parts and components of the finished goods they purchase and produce.

Though many of these firms are not directly purchasing from the companies responsible for mining conflict minerals, illicit behavior in their extended supply chain could still adversely impact their reputation, regulatory compliance, and ultimately their ability to predictably produce the finished goods they sell.

How Can Organizations Get Proactive About Conflict Minerals?

Recent events have highlighted the importance of increased due diligence for firms that rely on gold and other raw minerals sourced from conflict-affected regions. Companies looking to safeguard their extended supply chains should consider integrating the following recommendations into their procurement processes:

  • Increase and improve supply chain due diligence efforts related to the mining of conflict minerals, especially related to upstream business relationships and raw mineral suppliers.
  • Understand potential reputational risks to your firm associated with purchasing 3TG products from conflict-affected countries. This includes human rights violations, forced labor and environmental degradation among other concerns.
  • Understand potential compliance risks associated with purchasing 3TG products from conflict-affected countries. Pay attention to sanctions violations, money laundering and smuggling, among other concerns.

Regulation and Supply Chain Furor Over Minerals to Increase

Last month’s attempted mutiny highlighted the tangled interdependencies of geopolitics, raw materials, and supply chains. The U.S. Africa Gold Advisory is the latest policy action in a growing tide of regulations and concerns over conflict minerals. This swell of regulatory activity is likely to continue, and a similar increase is expected regarding critical minerals (which include aluminum, lithium, and nickel). These concerns have been compounded by recent actions by China in restricting the exports of metals critical to semiconductor production.

G7 Confronts China’s Designs on Semiconductor Supply Chain

G7 leaders meeting in Hiroshima, Japan this past weekend were hardly short of major global issues to discuss. From Russia’s unprovoked war in Ukraine and the proliferation of nuclear weapons to the steady march of climate change — the potential scope of the agenda was vast. So it was significant that the leaders devoted part of the summit’s agenda and communiqué to the risks facing critical supply chains and the need for greater resilience.

Nowhere is this more concerning for the world economy than in the case of Taiwan. We are at a time of heightened tensions between the United States and China. An all-powerful President Xi Jinping is intent on reuniting the two rival Chinese republics. Consequently, the concentration of semiconductor manufacturing in Taiwan is the biggest geopolitical risk facing supply chains today.

Taiwan-based companies control more than 90% of the world’s production of advanced microchips. These chips are used in everything from high-end smartphones to cutting-edge military hardware. One company, Taiwan Semiconductor Manufacturing Co. (TSMC), dominates this niche and owns more than half of global chip-making market share.

A Chinese invasion or blockade of its neighbor across the Taiwan Strait would have a devastating impact on the global economy one far greater in scale and longevity than the havoc wrought on food and energy supplies by Vladimir Putin’s aggression last year. So it is right that G7 leaders focused on the issue.

Taiwan’s Supply Chain: Powered by Semiconductor Exports

Taiwan exported $479.4 billion of products in 2022. The U.S. was the second biggest importer after China, with 15.7% ($74.9 billion) of the total. Japan was fourth with 7% behind Hong Kong, while the other five G7 countries Canada, Germany, France, Italy and the U.K. made up a combined 4.3% ($20.9 billion).

Many different products are shipped to these and other nations in Asia-Pacific and beyond (see chart). But it is electronic components, and especially “integrated circuits/microassemblies” in other words, semiconductors that dominate the list. The latter accounted for $183.5 billion, or 38% of Taiwan’s total exports by value last year. Despite a falloff in demand for chips in recent months, this figure was up 17.7% on 2021, which in turn was up 22.4% on 2020.

Taiwan Exports by Commodity, Q1 2023. Electronic components are the largest category.

Dependence on Taiwanese supply chains among G7 countries is, as you might expect, extensive. An analysis of Interos’ global database of business relationships shows that:

  • U.S. companies have almost 70,000 direct (tier-1) relationships with Taiwanese suppliers. Companies in other G7 member countries have almost 10,000 between them.
  • When indirect multi-tier relationships are included, G7 member companies have more than 315,000 tier-2 and 750,000 tier-3 connections to Taiwanese firms.
  • Although tier-1 relationships with the two major Taiwanese semiconductor manufacturers, TSMC and United Microelectronics Corp. (UMC), are relatively small in number (led by the U.S. with around 220), as tier-2 and tier-3 suppliers these two companies are present in hundreds of thousands of supply chains in G7 countries.


The Likelihood and Impact of China Invading Taiwan

Two key questions that arise from discussions around the China-Taiwan situation are:

  1. How likely is it that China will seek to take Taiwan by force, and when might this happen?
  2. What impact would Chinese action against Taiwan have on the global economy and supply chains?

Opinions among commentators and analysts on the first question vary widely. Some see an invasion occurring as soon as later in 2023, to sometime in the 2030s, to never. China’s official policy is one of peaceful reunification. However, U.S. intelligence reports suggest that President Xi has ordered the People’s Liberation Army to develop capabilities to seize the island by military force by 2027.

A geopolitical risk assessment of conflict between China and Taiwan by Interos concluded that the likelihood of an invasion in the next 2-5 years was “roughly even odds (45-55%).” The assessment also noted that “the majority consensus [among government policy makers and think-tank experts] appears to be that there will be an armed conflict over the island.”

On the second question, Interos’ analysis identified that a partial blockade or full invasion could disrupt ocean and air cargo shipments from Taiwan. Our analysis also raised the possibility that Taiwan could be completely cut off from international trade.

Potential Supply Chain Scenarios for Semiconductor Disruption

A tabletop exercise conducted last year among U.S. government and business leaders by the RAND Corporation centered specifically on the likely impact to advanced semiconductor supply chains. Participants were asked to consider two potential scenarios in which China imposed a “coercive quarantine on Taiwan”:

  1. Uncontested, China acquires a significant portion of global semiconductor capacity. This leaves the U.S. and other countries with a choice of continuing to buy from Taiwanese suppliers or imposing sanctions on China.
  2. China faces resistance in its attempts to take control of Taiwan’s fabs. This leads to a rapid loss of access to the country’s semiconductors, and triggers U.S. and other government action to ration limited supplies.

Unpalatable outcomes from these two scenarios included a fundamental change in the balance of global power in China’s favor, and an extended economic depression for most of the world. Unsurprisingly, given the impact on multiple industries (see graphic), business participants were keen on ensuring continuity of supply even if this meant relying on semiconductor firms such as TSMC under Chinese control.

How Loss of TSMC Would Impact Different Industries.

Military action against China, whether by Taiwan or the U.S. and its allies, was not considered in this simulation. But a recent assessment by The Economist laid bare the imbalance in military capabilities between China and Taiwan. The analysis also articulated the dire consequences of military conflict over the island state. This included “incalculable damage to the world economy” as a result of disruption to semiconductor supply chains.

The threat of war looms large over the Indo-Pacific region. Hence efforts in recent weeks by Japan and other G7 countries, including the U.S., to take some of the heat out of relations with China. In their communiqué, the G7 leaders emphasized that actions designed to boost economic and supply chain resilience were about “de-risking, not de-coupling” from China.

Some Major Players Begin Diversifying Chip Capacity Away From Taiwan

In practice, de-risking means diversification. Since their 2022 meeting in Germany, the response of G7 countries to semiconductor concentration risk has been to tempt advanced chip-making capacity away from Taiwan through vast public subsidies. The U.S. has led the way with its CHIPS and Science Act, but Japan, the European Union, and the U.K. have all followed suit, albeit with fewer billions of dollars to throw at the problem.

Over the next five years these industrial policies should result in new fabs, supply chains, and skilled workforces being developed in multiple geographies. However, Taiwan is set on keeping much of its domestic semiconductor “shield” intact, both in terms of manufacturing and R&D. Aside from contributing 15% of Taiwan’s GDP, the industry serves as vital leverage for Taiwan in its efforts to maintain independence from China.

Confidence in this strategy in waning in some quarters.  \Warren Buffett’s Berkshire Hathaway recently announced that it had sold the remainder of its $4.1 billion stake in TSMC. This is in spite of the fact that the shares were purchased as recently as November last year — and that TSMC is regarded as one of the world’s best-managed companies.

“I don’t like its location,” Buffett told analysts. “I feel better about the capital that we’ve got deployed in Japan than in Taiwan.”

Action CPOs Should Take to Prepare for Potential Disruption

To reduce the exposure of their organizations to semiconductor concentration risk, chief procurement officers should do the following:

  • Assess your dependence on Taiwan by understanding the relationships you have with Taiwanese suppliers. Include both the direct, tier-1 relationships and those at tiers 2, 3 and beyond. Chip makers such as TSMC and UMC are often present at this sub-tier level.
  • Evaluate the extent to which key semiconductors, electronic components, and other items you depend on from Taiwan-linked supply chains are single- or sole-sourced. Identify where you have viable alternative options already in place.
  • Develop a strategy aimed at diversifying your supply base to other geographies. Consider sourcing from new suppliers and/or by working with existing partners to utilize alternate and emerging capacity.
  • Conduct scenario plans and risk simulations – like the one run by British telecommunications group BT last year. These can gauge the impact that disruption to Taiwanese semiconductor supply chains might have on your business.
  • Continuously monitor your Taiwan-dependent supply chains for geopolitical, operational, financial, and cyber risk events.

Until new semiconductor capacity comes online in the U.S., Japan, Germany, South Korea, and elsewhere, companies will continue to over-rely on Taiwan-based suppliers. However, it is important to be prepared for, and to support the creation of, a more diversified global supply chain for microchips – as it is with other critical products and raw materials that are heavily concentrated in particular geographic locations.

First Republic, SVB: Why Bank Failures Disrupt Supply Chains

By Kate Anderson, Scott DeGeest and Teddy DeWitt

Amid the coverage of the evolving U.S. banking crisis that has claimed Silicon Valley Bank (SVB), Signature Bank, and First Republic Bank (FRB), and is now threatening PacWest, one aspect has remained largely hidden – the potentially massive supply chain impact of these failures.

Make no mistake, a banking crisis is also a supply chain crisis.

Interos data suggests that, thanks to the supply chain ripple effect, over 600,000 U.S. firms will be indirectly affected by the collapse of SVB and FRB alone.

Our research also indicates that, by considering banks as part of a larger supply chain and monitoring specific risk indicators, organizations – and especially their procurement leaders – can anticipate potential problems and banking failures well in advance.

So why are these banks failing? What does it mean for the broader supply chain? And what can organizations do about it?

The Banking Sector: A Supply Chain of Capital

As banks experience greater volatility, a tougher business environment and fleeing depositors, it becomes more difficult for them to obtain capital to distribute to their customers.

Much as supply chain disruptions limit access to vital goods, disruptions in the banking supply chain limit access to vital capital. This, in turn, impacts a whole range of day-to-day banking services that businesses rely on, including liquidity management, accounts payable services, lines of credit, foreign exchange services, and lending.

As with SVB, capital supply chain failures ultimately extend far beyond the financial sector and into the wider economy. Even companies not directly reliant on the bank’s capital were affected when they discovered that suppliers and service providers that banked with SVB were at risk. For example, users of Rippling a major payroll platform suddenly discovered that their operations were threatened by that supplier’s reliance on SVB.

Despite these impacts, companies seldom view financial crises through a supply chain risk lens. This is an oversight that, if corrected, could enable them to anticipate and prepare for these significant disruptions, rather than simply reacting after the event.

The importance of this kind of anticipation has become all too clear in the last few weeks and is likely to remain so given the prospect of additional volatility in the short to medium term – with regional bank stocks like PacWest continuing to slide.

So how can organizations use Interos’ data to understand the pinch in the capital supply chain that portended the collapse of FRB, for example?

Using Interos Supply Chain Data to Identify the Banking Capital Market Pinch

Volatility is a measure of how much a stock price moves over time. Increasing volatility indicates higher perceived risk, and can be an indicator that the overall risk, and potential vulnerability, of the business has increased.

Chart 1: Stock Volatility of Regional Banks

Chart showing the volatility of regional bank stocks from Mar 1 to April 26, with First Republic experiencing significantly higher volatility than others.

Source: Interos Analysis

In addition, an analysis of metrics from the Interos platform showed FRB’s liquidity access steadily decreasing from June 2022, driven by an increase in its use of non-financial trades (see chart 2).

Chart 2: Liquidity Access Score for First Republic Bank

Chart showing First Republic's declining liquidity access in the weeks leading up to its failure.

Source: Interos Analysis

Identifying the Ripple Effects on the Wider Supply Chain

Capital constraints ripple through the broader supply chain ecosystem, as was evident during the collapse of SVB, and now FRB.

Interos’ resilience platform documents 3,000 direct (tier-1) business relationships for SVB and FRB. But it also shows almost 600,000 indirect (tier-2) connections. These are companies that don’t bank directly with SVB or FRB but have a supplier that does.

For example, suppose Acme Corp. banks with SVB and provides IT services to Bravo, Inc. A failure in SVB would potentially disrupt payroll for Acme Corp., which might limit the services that Acme can provide to Bravo.

Without visibility into its extended supply chain, Bravo would be unable to anticipate the ripple effects of this failure.

Once a firm at the center of a capital supply chain disruption has been identified, the Interos platform enables procurement professionals to identify which tier-1 and tier-2 suppliers rely on that firm for vital goods and services.

How Organizations Should Respond to Potential Bank Failures

To respond to a capital supply chain disruption and get ahead of future problems, procurement organizations should do the following:

  • Identify essential tier-1 and tier-2 suppliers that use regional banks.
  • Coordinate contingency plans with these suppliers to address liquidity crunch issues and concerns about inventory management in the event that their banking partners experience a credit pinch.
  • Review the recent credit history of capital suppliers (regional banks) to look for signals of distress such as increases in non-financial trades.
  • Monitor the financial situation of your own banking partner(s) for any declines in access to liquidity.

Network effects, high volatility, and liquidity crunch issues will continue to be a problem for regional banks – with PacWest just the latest example – in the near term.

Owing to their smaller and often more concentrated deposit bases, regional banks are more susceptible to supply chain disruption from capital flight.

Interos’ approach to this type of risk, as described here, integrates financial data with supply chain network data and news alerts to flag potential problems in advance and provide guidance on navigating the aftermath of a crisis.

Why Supply Chains Need to Play a Bigger Role in Regulating Climate Change

By Geraint John

As the annual Earth Day takes place again on April 22nd, the world faces an all-too-familiar message: we are not doing enough to confront the impact of climate change and human-inflicted damage to our fragile environment.

Global supply chains, as the engine room of trade and economic growth, are a major source of carbon dioxide emissions, deforestation, water and natural resource wastage, and pollution  – which explains why national governments are busy introducing laws to regulate companies’ activities more tightly.

In the European Union, for instance, legislation currently in progress includes:

  • A carbon border tax on greenhouse gas emissions associated with imported products to begin operating from October 2023.
  • A ban on imported products linked to deforestation from 2024.
  • A Corporate Sustainability Reporting Directive that will require around 50,000 companies to disclose environmental impact data and set improvement targets.

In the United States, current proposals include:

  • New Securities and Exchange Commission (SEC) reporting rules. These include disclosure requirements for CO2 emissions in listed companies’ supply chains (so-called Scope 3 emissions).
  • Tough new Environmental Protection Agency (EPA) limits on tailpipe emissions from fossil-fuel-powered cars and other vehicles.

This surge in regulatory activity will, over time, certainly force many firms to improve their environmental practices. But those leading their procurement and supply chain organizations need to go beyond compliance with these laws if change is to be effective on the scale required.

Coming to Terms with the Impact of Supply Chains on the Environment Is No Small Feat

To mark Earth Day 2023, Interos conducted an analysis of its ESG risk-scoring data, ranking the best and worst countries based on their performance against a dozen environmental attributes — which will be published soon (check back here for a link).

The key finding from this analysis is that even the “best performing” countries – and the companies headquartered there – have their work cut out to meet net-zero emissions, limit temperature rises to 1.5°C, and hit other key environmental targets.

Research by the Carbon Disclosure Project (CDP) reveals that supply chains are not yet contributing at anything like the scale required to effect meaningful change. Data it collected from thousands of firms in 2022 shows that:

  • Only 41% reported any Scope 3 (supply chain) emissions, compared with 72% for Scope 1 or 2 (internal operations). This is despite the fact that Scope 3 emissions are typically more than 11 times greater.
  • Just 36% of reporting firms were able to calculate Scope 3 emissions for purchased goods and services.
  • Relatively few companies currently provide detailed reporting on water consumption or deforestation in their own operations, let alone in their supply chains.

Where Companies Calculate Scope 3 Emissions.

The CDP welcomes the regulations mentioned earlier, which will force many more companies to measure and report their broader supply chain environmental impact. But it argues that “the necessary cascade of action down the supply chain is just not happening”.

Compelling direct (tier-1) suppliers to provide data and make improvements isn’t sufficient. Active engagement, incentivization, and collaboration with a targeted group of direct and indirect (tier-2+) suppliers are necessary to drive change.

Just 39% of companies engage their suppliers on climate-related issues, says the CDP, while 23% do the same for water. The figure is higher for deforestation (69%), but this is tempered by the fact that relatively few firms disclose data on this issue.

ESG and Procurement: From Compliance to Engagement and Continuous Monitoring

A separate report on sustainable procurement by the United Nations Environment Programme also notes the growing body of legislation, but cautions buyers against a “superficial compliance oriented approach”.

It urges them to look beyond the needs analysis, supplier selection, and onboarding stages of the procurement cycle, where most activity takes place today (see chart), and put more emphasis on post-contract supplier management.

The need for continuous monitoring and intervention along the supply chain, rather than just one-time certification, is as important in environmental performance as it is for other types of supplier risk, such as labor standards and cybersecurity.

Most Effective Stage of the Procurement Cycle to Introduce Sustainability Considerations.

How Procurement Leaders Can Make ESG Progress

Chief procurement officers (CPOs) face plenty of complex challenges as they work to improve environmental sustainability in their organizations. Collecting relevant data and measuring results is certainly not the smallest one.

But, aside from it being “the right thing to do”, there are real business benefits to be gained. These include creating lower-risk, more resilient supply chains. Organizations will also enjoy commercial advantages over rivals in terms of innovation, customer perception, and sales. They also have greater attractiveness to stakeholders such as investors and employees.

A new study by Bain and Ecovadis also found that companies “at the forefront of sustainable procurement,” which focus on their suppliers’ environmental practices, are more profitable – by an average of three percentage points over other firms.

Practical steps CPOs can take to make progress on this journey include:

  • Raising internal awareness of supply chain-based climate, water, deforestation, and other environmental issues. This includes both within their own teams and others they work with.
  • Designing incentives to ensure that buyers and category managers pay sufficient attention to sustainability considerations at different stages of the procurement cycle.
  • Writing climate, water, and other requirements into supplier contracts and including sustainability KPIs in scorecards and regular performance reviews.
  • Harnessing technology to identify the highest-risk supply chain dependencies. Also, collecting environmental data to conduct analysis and support decisions.
  • Engaging suppliers not only to disclose and share information about CO2 emissions, water usage, and other activities, but also to encourage and incentivize them to take action to improve their environmental footprint.

Actions such as these mark a big change from the “traditional” procurement focus of lowering costs and ensuring supply. But CPOs in leading companies are increasingly staking their reputations and careers on it.

For the sake of our planet, the efforts of these leaders and others need to become a source of celebration on future Earth Days.

Global Supply Chains Braced for Further Disruption Over French Pension Protests

By Klaudia Kokoszka and Geraint John

Companies doing business in France should expect further disruption to supply chain operations after the country’s Constitutional Council ruled today that controversial pension reforms could proceed into law.

The move by President Macron’s government to increase the state pension age from 62 to 64 has led to mass protests and strikes across France in recent weeks. The protestors include trade unions, political activists, and citizens opposed to the change.

Hundreds of thousands of people took part in demonstrations on Thursday, ahead of the council’s decision. One group of protestors stormed the headquarters of luxury goods giant LVMH in Paris.

The protests of the past month have impacted oil refineries, utilities, railways, and financial services firms, among others.

French Protests Are Spread Across the Country

France currently has one of the lowest retirement ages among developed economies. French people, on average, stop work four years earlier than in countries such as Germany, Spain, the U.K., and the U.S. Despite this, the proposed reforms have attracted strong opposition, some of it violent, in many parts of the country.

Interos analysis of data from the Armed Conflict Location & Event Data Project (ACLED) shows that protests have taken place in more than 450 different locations across France (see map). Numbers involved range from a few dozen people in small towns to tens of thousands in major cities such as Paris and Nice.

Examining the Supply Chain Impact of Protests

A map of France on which hundreds of recent protests are plotted.

Source: Interos Insights using data from Armed Conflict Location & Event Data Project (ACLED), 2023. Image Copyright: © OpenStreetMap,Data is available under the Open Database License. 

Almost five million businesses have operations in the areas affected, according to Interos’ data. The biggest impacts of labor demonstrations so far have been property damage, disrupted operations, and transport problems. Some of these have already had ripple effects along supply chains.

Strikes at oil refineries owned by Esso and TotalEnergies had a negative impact on global markets in March. 500,000 barrels of daily processing capacity – 0.5% of global oil consumption – are thought to have been affected.

Disruptions at a lesser scale have occurred at nuclear, thermal, and hydropower plants operated by firms such as Engie and EDF. These disruptions have reduced French power capacity by 15.6 gigawatts.

This week, the transit of goods flowing on the Rhine river was disrupted for the second time during the protest period. Workers cut power to the Kembs lock south of Strasbourg, France and near the German and Swiss borders. This has halted all river traffic through the area since Wednesday evening. The Rhine remains one of Europe’s busiest rivers and a disruption of this type could heavily impede cross-border trade.

To illustrate the scale of supply chains at risk, according to Interos insights, the affected firms mentioned in this article have at least 360 direct customers, 68 thousand second-tier customers, and 18 million third-tier customers. Even small changes in supply chains of this magnitude may cause notable ripple effects.

French Action Part of a Global Pattern of Unrest

The events in France are part of a growing trend of labor strikes, public protests, and general civil unrest across Europe and around the world this year.

In Germany, protests and strikes have taken place in nearly 70 different locations since mid-March. They have been primarily concentrated in the airline, rail, postal, and public education sectors.

Industrial action has also taken place in the U.K. in these and other sectors such as healthcare in recent weeks. There workers are demanding substantial pay increases to counter high inflation and the cost-of-living crisis.

Italian trade unions, meanwhile, have organized a national rail strike today against what they see as worsening working conditions and insufficient pay.

In Israel, thousands of people continue to protest against judicial reforms initiated by the Netanyahu government. Political grievances have also been motivators for protests in Nigeria and Peru in recent months. These have created a moderate risk to global trade in commodities, particularly petroleum and precious metals.

How Organizations Should Respond to Supply Chains Disrupted by Protests

Procurement leaders and organizations with supply chain operations in France and other affected regions should:

  • Ensure they have visibility of both critical direct (tier-1) suppliers and indirect (tier 2, 3+) suppliers that could be impacted by strikes and civil unrest.
  • Keep communication lines open with key supply partners in order to get early notification of any disruptive events.
  • Review alternative sources of essential materials, parts, products, and services from suppliers in other geographic areas.
  • Monitor geopolitical events and risks in France and other strike-affected countries especially closely over the next few weeks.

With inflationary pressures stemming from Russia’s war in Ukraine and other sources continuing to be felt in many economies, it is possible that civil unrest could spread further across Europe in the near term. Organizations therefore need to be ready to respond quickly to additional disruption along their extended supply chains.

Modeling Supply Chain Cyber Risk in a Disrupted World

By Andrea Little Limbago

On March 2, the Biden Administration announced a new National Cybersecurity Strategy. The need for a strategic change should not come as a surprise — Interos’ 2022 Resilience survey of 1,500 procurement and cybersecurity leaders revealed supply chain disruptions from cyber incidents alone cost enterprises $37M annually. Estimates of the global annual cost of cybercrime exceed ten trillion dollars.

Interos is closely monitoring the rising costs of cyber disruption and the continuously changing state of play, among other factors. We’ve refined and updated our cyber risk factor, one of the six factors within the Interos i-ScoreTM, in light of these and other trends shaping cybersecurity. The enhancements include a new cyber behavior model to detect potentially harmful cyber activity regardless of public disclosure, along with combining commercial cyber ratings, vulnerability information (CVEs), threat assessment (Mitre ATT&CK®), cyber events, regulatory compliance, and operating country regulations and risks into a single score.

You can read about those details in our press release. This blog will focus on those strategic factors driving these changes and the challenges in developing a solution that delivers cybersecurity insights to non-experts, all within the backdrop of the generational shift underway in the international system.

Trends Driving The Need for Change in Cyber Risk Modeling

To address the growth in scope and scale of cyberattacks (and their ripple effect across the supply chain) the Biden administration’s new National Cybersecurity Strategy is putting more responsibility on vendors and service providers. This is part of a larger trend prompting organizations to prioritize long-term collective investment in cyber resilience – and is reflective of Interos’ collective resilience approach to cyber.

Cyber leaders are also increasingly acknowledging the human element and assessing those risks through a socio-technical lens. This has led to both a focus on user interactions as well as the growth in new compliance frameworks and regulations. That’s why the enhanced Interos cyber risk factor accounts for compliance with CSF V1.1, NIST SP 800-53, PCI DSS V3.2.1, and other standards, as well as the global expansion of data privacy and cybersecurity regulations.

To that end, an organization’s geographic location plays a crucial role in both compliance and data risk levels. This variation stems from differing levels of data sovereignty which depend on the localized cyber and privacy environment. Risks surrounding the concentration of the physical infrastructure underpinning the internet also pose a significant challenge, as seen in the case of Russia’s cyberattack on ViaSat’s services in Ukraine or the disconnection of undersea cables which happened in Scotland and France.

The adoption of collective resilience (creating shared supply chain and operational strength) is accompanying our broader understanding of the range of cyber risks, which is why collaboration is prioritized in national and international cyber strategies. As Alejandro Mayorkas, the Secretary of Homeland Security, noted, “We have to drive the entire ecosystem to be more cyber vigilant.”

Developing Interos’ Enhanced Cyber Risk Model

Tackling Key Challenges in the Cybersecurity Landscape

Development of this new model address two core challenges:

  1. Aggregating Data into Intuitive Formats: The difficulty of integrating disparate data sets in a timely manner and presenting them in an intuitive, explorable format. We recognize that many cybersecurity tools are designed for information security professionals, making them inaccessible to others involved in risk management.
  2. Understanding Behavior: The importance of understanding both threat actors’ and defenders’ behaviors and integrating that knowledge to identify the most relevant risks.

Cyber has an interesting data problem in that there is a data deluge and a data desert at the same time – meaning there is so much data, but it’s not always the relevant data. The Interos model addresses the above challenges by focusing on integrating and presenting the range of these trends (over individual data points) to capture the core areas of vulnerabilities, threats, compliance, and adverse cyber events. Through this holistic approach we can provide a comprehensive view of cybersecurity risks across the entire supply chain ecosystem, from vendors and service providers to critical infrastructure and sensitive data.

We also utilized the extensive community work and expertise from federal organizations like NIST CVE and MITRE’s ATT&CK framework while accounting for both opportunistic and targeted threats by identifying industries/groups most susceptible to targeting, and vulnerabilities most likely to be exploited. Our approach also focused on quantifying data risks across locations by merging different data types to capture the diverse data sovereignty and global risk environments — a project we presented at Black Hat cybersecurity conference a few years ago.

Implications and Value: Uncovering Hidden Cyber Risks and Enabling Proactive Measures

The implications of this new model are vast. It highlights areas of risk that often are not brought together, allowing users to take action to decrease cyber risk. This may include reaching out to critical suppliers that may be at risk and coordinating a plan to elevate their defensive posture, or identifying those key parts of their supply chain located in areas where the data may be more at risk due to an adverse regulatory environment.

The Interos model surfaces a range of cyber risks, while contextualizing those risks within a broader supply chain risk framework. For instance, users can identify who might be at high cyber risk as well as high financial risk, since these suppliers may not have the resources to grow their defensive posture or could be extremely vulnerable to insolvency if attacked given the cost of breaches.

Personal Observations: Expanding Access to Cyber Risk and Addressing Global Challenges

Two particular aspects of this project are especially important to me, in terms of their ability to address broader systemic challenges across the industry that have significant implications for the future:

  • Addressing the cyber industry’s gatekeeper problem, which restricts risk assessment access to those with information security technical expertise. Interos’ updated model marks a significant stride towards broadening access to cyber risk assessment outside of an enterprise’s Security Operations Center.
  • Further integrating supply chain risk and cyber risk, particularly in the context of a re-globalized world economy, technological bifurcation, and the geopolitical fracturing of the internet. This integration is essential for fostering cyber vigilance and tackling the challenges presented by emerging technologies and global competition.

A modernized approach to cyber risk will be an essential tool for organizations exploring how to adapt to a changing global order whose shifts are being felt across supply chains, geopolitics, and technology development. Interos’ enhanced model for evaluating cybersecurity risk across supply chains signifies a significant step towards that goal.

By expanding access to meaningful cybersecurity information, through a multi-factor, supply chain-wide approach, we can enable organizations to proactively manage and mitigate risks on a far greater scale than ever before, bringing non-cyber experts into the decision room, and fostering resilience and success in this ever-evolving global landscape.