By: Trevor Howe, Senior Operational Resilience Consultant

On September 26th, sudden drops in pressure were observed in the natural gas pipeline Nord Stream 2 before undersea leaks were detected in the Baltic Sea. Shortly thereafter, leaks were also detected for Nord Stream 1. While the pipelines are not currently facilitating gas flows from Russia to Europe, they were filled with natural gas which has leaked into the Baltic, creating an operational hazard for vessels in the area. The Prime Minister of Sweden, Magdalena Andersson, disclosed to a news conference on September 27th that seismologists in Sweden, as well as Denmark, had registered two powerful blasts the day prior in the vicinity of the leaks. Moreover, the explosions occurred in the water, not under the seabed, and at relatively shallow depths which would be reachable by divers or unmanned underwater vehicles.

Nord Stream Sabotage Damages European Energy Infrastructure

While these explosions occurred inside the exclusive economic zones of Sweden and Denmark, they have not been considered an attack on either country, which could trigger NATO intervention through Article V of the Washington Treaty. European Officials, including NATO, have claimed that the explosions were the result of sabotage, though the European Union has not yet named a perpetrator or suggested a reason behind the incidents. The Kremlin’s spokesman, Dmitry Peskov, also told reports that the incidents could have been the result of sabotage and that they would promptly investigate the matter.

While investigations are underway to ascertain the cause of the explosions and responsible parties, neither pipeline was active and these incidents should have no immediate effect on the supply of natural gas to Europe, though they have put additional upward pressure on prices.

Operational Threats Against Energy Infrastructure & Supply Chain

What the Nord Stream events highlight is the fact that European critical infrastructure can be a potential target for those seeking to precipitate disruptions and undermine energy security on the continent. This threat is made particularly dangerous amid EU Member States’ efforts to prepare for the winter season without Russian natural gas.

The speaker of Lithuania’s parliament, Viktoria Čmilytė-Nielsen pointed out that “these incidents show that energy infrastructure is not safe” and that “[the explosions] can be interpreted as a warning.” If indeed these explosions were intended as a warning, it is possible the threat could be directed towards the Baltic Pipe, a new gas pipeline carrying supplies from Norway through Denmark to Poland which was just opened on September 27. Norway has been a crucial supplier to Europe amid the scramble to replace Russian energy, so disruptions to Norwegian exports could have significant downstream effects. However, it is crucial to note that this threat is not unique to Norwegian energy infrastructure.

Cyber Threats Against Energy Infrastructure

While physical threats to critical infrastructure (as defined by Council Directive 2008/114/EC of 8 December 2008) are a priority for EU Member States, governments must also prepare against cyber threats. According to the Commission, “traditional energy technologies are becoming progressively more connected to modern, digital technologies and networks,” and while this makes the energy system smarter, “digitalization creates significant risks as an increased exposure to cyberattacks and cybersecurity incidents potentially jeopardizes the security of energy supply and the privacy of consumer data.”

One need only look to the disruptions caused in the U.S. in the wake of the ransomware attack against the Colonial Pipeline Company in May 2021 which led to the shutdown of 5,500 miles of pipeline carrying around 45% of fuel supplies on the East Coast. That attack was made possible by a single password being compromised for a legacy virtual private network (VPN) which didn’t use two-factor authentication. A relatively simple theft enabled hackers to disrupt one of the country’s largest and most vital pipelines, forcing President Biden to declare a state of emergency.

Europe is not immune to threats similar to the Colonial Pipeline cyberattack. Early February 2022 saw a slew of cyberattacks against oil transport and storage companies across the continent. These attacks forced an affected company, Oiltanking Deutschalnd GmbH & Co. KG, to operate at a limited capacity and even caused slowdowns at ports in the Netherlands as barges awaited oil deliveries. With supply chains in a state of recovery due to the COVID-19 pandemic, disruption events like this have the potential to set recovery efforts back significantly, especially at a time when energy security in Europe is a top priority.

Russian Hybrid Warfare

Though Russia has wielded energy as a foreign policy weapon, by cutting flows entirely through the Yamal pipeline and Nord Stream 1 the Kremlin has lost leverage in terms of the future damage it can unilaterally instill via energy exports to Europe. As a result, it would be unsurprising if Russia were to employ additional hybrid warfare tactics in the form of cyberattacks, an area in which the Kremlin wields asymmetrically advanced capabilities, to further Russian national interests. These could include attacks which target critical energy infrastructure to further destabilize Europe’s energy security and put more upward pressure on energy prices which threaten business’ operations across the continent.

Multiple entities in Russia are known to possess and deploy advanced cyber capabilities against adversarial targets, this includes Russia’s Federal Security Service (FSB); Russia’s Military Intelligence Agency (GRU); Russia’s Foreign Intelligence Service (SVR); and a private organization, the Internet Research Agency (IRA). These actors can act alone, or in tandem with one another, to devastating effect if they so desired to further destabilize Europe’s energy security.

Supply Chain Risk Management

To guard against physical disruptions, Norway and Denmark have already stepped-up security posturing around their oil and gas industries’ infrastructure, rigs, and buildings after the Nord Stream incidents. However, physical security does not guard against cyberattacks which can be mounted from halfway across the world.

Companies can better-understand their risk exposure to physical and digital infrastructure attacks by gaining greater visibility into their third parties’ risk posture. Doing this at-speed, continuously, and without breaking the budget requires artificial intelligence-driven software like the Resilience platform offered by Interos.

Additionally, entities should implement risk management programs, conduct internal reviews to assess their own security posture, prepare and test resilience plans for likely scenarios, and strengthen collaboration with stakeholders in their respective industries to better manage risk in their supply chains.

by Julia Hazel, Ph.D

Climate change-driven extreme weather events wreaked havoc across the world this past summer and amplified concerns of data center resiliency. The possibility that “The Internet wasn’t built to endure climate change,” as stated in InformationWeek, seems more likely than ever. In July, an unprecedented heat wave hit the UK and temperatures reached the highest ever recorded in the region. In addition to the toll on human life and devastating wildfires, the heat also impacted the data center industry. At least two data centers controlled by Google and Oracle were forced to shut down due to cooling system problems. Unfortunately, this likely was not a black swan event. As with many other global challenges, the black swan is dead, and the shutdown is indicative of the growing risk water scarcity poses to data centers and supply chains across the globe.

Data Centers, Supply Chains, and Climate Change

Data centers power the cloud infrastructure fundamental to modern daily life and the overall functioning of businesses and industries. Cloud infrastructure is imperative to the supply chain and allows for logistical efficiency, management of inventory, and enterprise planning. Outages in London underscore the fact that data centers are an often-overlooked component of supply chains that are increasingly under heightened risk from climate change. Data center closures due to extreme weather events — which are projected to become more severe in the coming years — will lead to rising costs and disruptions across the supply chain. 

The risks to data centers from climate change extend beyond heat waves. Data centers need vast amounts of water for two purposes: electricity generation and cooling. Drought and water scarcity are therefore enormous threats to operations. According to Your Computer is on Fire, midsize data center consumes about 400,000 gallons of water each day while larger data centers can consume up to 1.7 million gallons (about twice the volume of an Olympic-size swimming pool) per day. In a paper published last year, it was reported that the U.S. data center industry uses water from 90% of U.S. watersheds, and 20% of data centers rely on watersheds under moderate to high stress. Water use limitation has not been prioritized due to the tradeoff between using more energy-intensive closed loop chillers or water-intensive evaporative cooling. In short, water scarcity will pose an extreme risk to data center operations, and more attention should be focused on water usage and operational resilience given the threat of climate change.

A Global Analysis of Data Centers and Water Scarcity

The threat that climate change poses to exacerbating drought motivates our analysis on data centers found in water-scarce regions that place extra stress on the already strained environment. We compare global data center facility locations to both the historical drought risk, based on the historical frequency of drought events weighted by magnitude, and the drought risk we attribute to climate change, based on the linear multi-decadal trend of drought severity. The drought risk is calculated from global Climate Research Unit Palmer Drought Severity Index data that spans 1901-2021 and scaled between 0-100 globally on a 10km-by-10km grid. We consider drought risk scores below 34 to be “high” risk and scores below 67 to be “medium” risk.        

Our findings show that out of 4,772 global data centers, 34 are within areas that have a historical high drought risk, and 665 are located within areas of medium drought risk. Those data centers within high-risk locations are primarily located within Arizona, which has recently become a data center hotspot for large U.S. companies such as Microsoft, Google, and Facebook despite record low water levels at Lake Meade and the Colorado river.  

These numbers are even more stark when looking at the drought risk attributed to climate change. Looking ahead at the future risks posed by climate change, 15% of global data centers are in high-risk areas such as the Southwestern U.S., Western Europe, and Japan, where the trend in drought conditions has worsened in recent decades, and approximately 33% or 1,566 of all data center facilities are within medium risk areas. Equinix, one of the largest data center corporations that serves companies such as Amazon, Facebook, and Apple, has multiple locations within these high-risk areas.

Climate change will lead to unpredictable events and various disruptions, and these risks need to be mitigated where possible. Our analysis of drought risk and data center facilities highlights the need for climate change to be considered when constructing data centers and assessing the potential supply chain disruptions that may occur at the intersection of data centers and water scarcity. The geographic locations of these data centers will determine their water footprint and their resultant impact on the surrounding environment, in many cases exacerbating already pressing water shortages.   

The risk of climate change to data centers extends beyond water scarcity and droughts. Hurricanes and severe weather, forecasted to become more severe with climate change, will pose a large cybersecurity risk to data centers if critical infrastructure is damaged during these events. Given the importance of cloud infrastructure to the supply chain, organizations should itemize those data centers on which their supply chains (and their livelihoods) rely and assess the current and future risks posed by climate change to augment their resiliency and avoid disruption from climate-related events.

To learn more about how the Interos platform can help prepare companies to face climate change challenges, visit interos.ai.

By Geraint John

As if a pandemic, war, labor strikes, and rampant inflation weren’t enough, supply chain leaders now have another disruptive force to contend with – mass-scale drought.

From the U.S. and South America to Western Europe and China, record-breaking heatwaves and exceptionally low rainfall are disrupting not only agriculture, but also power generation, manufacturing, and logistics, necessitating drought risk management on a massive scale.

For many companies, severe water scarcity will be the first tangible impact of the relationship between climate change and supply chains. It should act as a wake-up call to take this category of supply chain risk more seriously and model it more systematically in footprint investment and supplier selection decisions.

Manufacturers are suffering from the heat

Farmers and agricultural producers are used to drought risk and their crops being at the mercy of extreme weather, from major storms and floods to wildfires and drought. But for manufacturers, recent events are more unusual, and make operational resilience more important than ever before.

In Germany, chemicals firms and car makers are among those that have been affected by low river levels in the Rhine, making it impossible for the biggest barges to transport their products to ports and onwards to customers.

Almost half of Europe is currently experiencing drought, according to a new European Commission report – the worst situation in 500 years.

In China, which is battling its most severe heatwave on record, hydroelectric power plants have been taken offline this month by low water levels in the Yangtze River. This has forced many manufacturing firms in Sichuan, Zhejiang, Jiangsu, and Anhui provinces to suspend operations.

Those impacted by rationing measures include Toyota, Volkswagen, Apple supplier Foxconn, and CATL – China’s biggest lithium-ion battery maker – according to news reports.

Analysis of Interos’ global relationship mapping platform data shows that:

• There are over 560,000 relationships between suppliers in the four affected Chinese provinces and buyers outside of China.
• More than 185,000 distinct foreign entities buy from Chinese suppliers in these regions.
• The main industries represented by these trading relationships include machinery, electronic equipment and components, chemicals, and textiles.
• In Germany, BASF – the world’s largest chemicals company and a major user of the Rhine for transportation – supplies almost 1,400 customers directly (tier 1) and over 86,000 indirectly (tier 2) in sectors such as chemicals, pharmaceuticals, food products, and apparel.

Drought risk management is an increasingly dire concern

While the scale and intensity of this summer’s droughts are the worst for many years, they shouldn’t come as a big surprise to companies that have been following discussions about climate change and supply chain risks:

• Research by the United Nations shows that the number of droughts across the world has risen by 29% since 2000. 
• The Intergovernmental Panel on Climate Change has been warning that drought and other extreme weather events are becoming more common since its formation in 1988.
• Extreme weather was ranked as the number one most likely risk in the World Economic Forum’s annual global risks perception survey for five years in a row from 2017.

As climate change increasingly impacts supply chains, the implications are dire. Interos’ proprietary risk i-Score shows that in terms of “natural disasters” (an attribute of operational risk that includes meteorological and climatological events):

• China is in the top 10 highest-risk countries and territories, with a ranking of 240 out of 249 and a score of 12.1/100.
• The U.S. is in the top 20 highest-risk countries and territories, with a ranking of 234 out of 249 and a score of 14/100.
• Germany is, by comparison, considered much lower risk for natural disasters, with a score of 82.4/100, although it still only ranks mid-table at number 134.

A Gartner survey of procurement leaders in the DACH region last year found that extreme weather and natural disasters were rated as the third highest risk for the next 2-3 years after cyber attacks and supply shortages.

A quarter of the sample also rated climate change as very or extremely concerning, putting it ahead of pandemics, geopolitical tensions, and trade disputes (see chart).

Past events are not always a guide to climate change and supply chain risks

Sentiment in the U.S. and other parts of the world will no doubt vary somewhat, but these findings demonstrate that drought risk management and other extreme weather concerns are recognized as more significant supply chain risks than they would have been a few years ago.

Another recently published Gartner survey found that just 11% of 320 supply chain leaders “do not consider climate change as a future risk”.

• Just over a quarter (27%) said they had conducted a climate change risk assessment and identified their most critical supply chain risks.
• Just under a fifth (18%) had conducted risk assessments and scenario planning around climate change.
• Almost half (44%) said they had “a general sense of potential future climate risks based on events from the last three years”.

This last finding is a little concerning, given the extremely hot and dry conditions afflicting so many countries in recent months. 

The lesson must surely be that the risk of drought risk management – along with other disruptive weather considerations – is no longer as predictable and as confined to certain areas of the world as it used to be. The future is going to look different than the past, so relying solely on historical patterns is dangerous.

Instead, companies are going to need to model climate change-related supply chain risks much more diligently than they have previously when deciding where to build new manufacturing and distribution facilities, and when making critical supplier selection decisions. 

To learn about how the Interos platform can help to protect your supply chain from drought risks and other potential impacts of climate change, visit interos.ai. 

By Geraint John

Since the U.S.-China trade war kicked off in early 2018, “supply chain resilience” has become a top agenda item for procurement leaders, company bosses and legislators alike.

The case for resilience has been massively strengthened during this period by the COVID-19 pandemic, severe semiconductor shortages, and most recently Russia’s invasion of Ukraine.

But what started out as a largely operational effort by businesses to shore up fragile supply chains is in danger of being subsumed by political considerations, as governments pour money into favored firms on home soil in an attempt to reverse globalization.

In this febrile atmosphere, advocates of operational resilience need to guard against attempts to narrow its focus unduly to national interests and protectionist trade policies.

Globalization & bringing production ‘back home’

Recent years have seen a growing debate about whether globalization — a 30-year-plus stretch in which hundreds of thousands of firms shifted production to far-flung destinations in search of cost efficiencies — is in retreat.

Bringing sourcing and manufacturing activity back to home countries (onshoring or reshoring) or neighboring ones (nearshoring) is seen as proof that global supply chains are not the panacea they once were.

After several false starts, in which there has been plenty of talk but relatively little action, Wall Street is now pointing to evidence that suggests a reverse trend may finally be real. 

Last month, analysts at Bank of America and Barclays were among those who noted a growing number of references to reshoring by CEOs and other senior executives at S&P 500 companies during second-quarter earnings calls.

Data from Bloomberg shows a 1,000% increase in use of the terms onshoring, reshoring, and nearshoring in these calls compared with pre-pandemic levels (see chart).

The business drivers for changing global operating models in this way include:

• A closing of wage differentials between offshored locations — especially China — and home nations
• More expensive logistics costs to transport components and finished goods by air and sea
• Extended lead times and shortages of materials and labor caused by COVID lockdowns and other disruptive events
• The need to respond more quickly to evolving customer requirements in local markets 

An expanding national security agenda impacts operational resilience

At the same time, governments in the U.S., Europe and elsewhere are pushing for the rebuilding of domestic supply chains in the name of national security and self-sufficiency.

In practice, this means reducing dependence on China and Russia as tensions escalate and a largely stable and benign era of international free trade is fractured by the battle for global economic and geopolitical supremacy.

Russia’s war in Ukraine highlighted just how reliant many countries are on it for supplies of oil and natural gas, as well as many critical industrial and agricultural commodities.

China, meanwhile, remains the world’s preeminent manufacturing base, and an electronics powerhouse that dominates supply chains for everything from 5G networks to lithium-ion batteries.

Both countries have been subjected to an ever-growing list of Western sanctions and export controls, with Russia essentially closed for business and China’s access to U.S. and European chip-making equipment and related technologies heavily restricted.

U.S. House Speaker Nancy Pelosi’s controversial visit to Taiwan at the beginning of August shone a spotlight on that island’s almost total control of advanced semiconductors — used not only in the latest smartphones, but also cutting-edge military systems — and its vulnerability to a Chinese takeover.

A&D semiconductor supply chains rely on Taiwan and China

An analysis of Interos’ global relationship platform data shows that:

• The major U.S. aerospace & defense (A&D) companies each have as many as 85 direct (tier-1) relationships with semiconductor suppliers 
• The vast majority of these tier-1 relationships are with U.S.-headquartered companies, led by the likes of Intel, Broadcom and Nvidia 
• At the tier-2 level, big Taiwanese chip makers such as Taiwan Semiconductor Manufacturing Co. (TSMC), Advanced Semiconductor Engineering (ASE) and United Microelectronics Corporation (UMC) have hundreds of connections to U.S. A&D supply chains  
• SMIC, China’s largest semiconductor manufacturer, has over 300 connections to tier-1 suppliers serving U.S. A&D customers, and there are many other Chinese-owned suppliers present in these supply chains at tiers 2 and 3

In a survey conducted by Interos in the first quarter of 2022, U.S.-based respondents in A&D said that, on average, almost two-thirds (64%) of their suppliers were located outside North America, with 16% in Asia (see chart below).

They expected just over half (53%) of these contracts to be reshored or nearshored during the next three years.

Public subsidies incentivize regional production

Regionalizing semiconductor manufacturing to reduce over-concentration in Taiwan makes sense to the West for risk diversification and national security reasons — particularly in the light of China’s extensive live-fire military drills in the area following Pelosi’s visit.

Manufacturers such as TSMC, Intel, Samsung, and Micron are being showered with billions of dollars in public subsidies to build fabs in the U.S., buoyed by the recently passed CHIPS and Science Act. 

It’s a similar story for the lithium-ion batteries needed to power a new generation of electric vehicles (EVs) and clean energy solutions. 

The climate measures of the new Inflation Reduction Act promise over $15 billion in subsidies for EV and other manufacturers to expand capacity within the U.S. 

As it stands, this legislation goes further in a bid to reduce dependence on China by withdrawing consumer tax credits from vehicles that contain Chinese battery components (in other words, most of them).

In practice, however, replicating entire supply chains onshore, whether for silicon chips or lithium-ion batteries, is likely to be prohibitive for both cost and time reasons, putting operational resilience in jeopardy.

An in-depth article by Nikkei Asia lays bare the fact that semiconductor supply chains are reliant on a complex network of specialist sub-tier suppliers, not all of whom are going to set up shop next door to shiny new wafer plants.

The U.S. government appears to accept that domestic supply chains have their limits, judging by recent speeches from top officials.

Treasury Secretary Janet Yellen and Trade Representative Katherine Tai are among those who have been busy promoting the virtues of “friendshoring” — doing business only with trusted allies and not authoritarian regimes.

While this concept, and government intervention to support domestic production, seem like sensible strategies to boost supply chain resilience in critical industries, they have come under fire from a number of respected commentators.

Earlier this month, Financial Times trade columnist Alan Beattie questioned whether fashioning an anti-China trading bloc will really be that simple and argued that subsidies and tax credits have the potential to distort markets and increase prices.

And a cover story in The Economist on reinventing globalization warned: “The danger is that a reasonable pursuit of security will morph into rampant protectionism.”  

Resilience is about more than security

Where does all of this leave procurement, supply chain, and operational resilience leaders? 

For starters, they should be wary of attempts by some politicians and journalists to equate supply chain resilience solely with re/near/friendshoring and national security (including in the otherwise excellent Nikkei article mentioned earlier).

Research by the International Monetary Fund (IMF), discussed in a previous blog, concluded that diversifying sources of supply abroad is a more effective way of building resilience than concentrating it at home. 

This finding is supported by a newly published Gartner survey of 400 global supply chain leaders, which found that diversification away from China to other low-cost countries in Asia was more prevalent than nearshoring to developed markets.  

A balanced view of supply chain resilience in a changing trade environment comes from Christine Lagarde, a former IMF boss who is currently President of the European Central Bank.

In a speech in Washington, DC, in April, Lagarde pointed to “three distinct shifts in global trade”:

1. Reducing dependence and geographic concentration risk by diversifying suppliers, stockpiling essential materials, and operating “just-in-case” supply chains.
2. Focusing less on cost efficiency and more on supply chain security through industrial policies and other government measures.
3. Developing regionalized import-export and risk-sharing models where the first-choice “rules-based multilateral trading system” no longer functions effectively.

Lagarde argued that the goal for Europe should be “open strategic autonomy” — defined as striking “a careful balance between insuring against risk in areas where our vulnerabilities are excessive and avoiding protectionism”.

At a time when the benefits of globalization and free trade — including prosperity, innovation, openness, and integration—– are under attack, this is a message that the U.S. and other developed economies would be wise to embrace.

To learn more about how the Interos platform can help your firm face challenges relating to globalization, supply chains, and operational resilience, visit interos.ai.

By Geraint John

Global sales of electric vehicles (EVs) hit the accelerator pedal last year, with their market share speeding past 10% of new car registrations in the first half of 2022.

That’s great news for the planet, since passenger cars account for more than 40% of total carbon dioxide emissions annually worldwide, whereas EVs emit zero.

But from a supply chain perspective, the rapid growth of EV sales poses two particularly significant and worrisome challenges:

1. The supply of key raw materials used to make rechargeable lithium-ion (Li-ion) batteries – the most important component in every EV – is not expected to keep up with demand.
2. The processing of these raw materials and battery production are both dominated by China, at a time when geopolitical tensions are rising and developed economy governments want to reduce their strategic dependence on the country.

The importance of building a strong EV supply chain strategy

In recent months, the CEOs of several auto makers, including Tesla, Rivian and Stellantis, have spoken out about a looming supply shortage of Li-ion batteries during the next 3-5 years – one potentially far worse than the current semiconductor crisis.

Their concerns center around a projected deficit in the availability of lithium and cobalt – two of the main ingredients in battery cells – along with a lack of future capacity to refine these materials and manufacture the much higher battery volumes required.

Last week, the world’s biggest producer of lithium for EV batteries warned of a tight supply market for the rest of this decade.

High demand and constrained supply have already caused significant raw material inflation, particularly for lithium. Prices for battery-grade lithium carbonate are up 375% year on year, and 116% in 2022, according to Benchmark Mineral Intelligence (BMI).

Raw materials now make up 80% of the cost of a Li-ion battery, reports BMI – double the share in 2015.

This has forced auto makers to raise list prices for EVs, and at least temporarily halted the notion that lower battery costs will make EVs more affordable for consumers.

The EV battery supply chain is dependent on China and Russia

Concentration risk is also a major concern. The latest global mining data shows that extraction of cobalt, graphite and lithium are highly concentrated in the Democratic Republic of the Congo (DRC), China and Australia respectively, based on the Herfindahl-Hirschman Index.

The DRC, which produces 70% of the world’s cobalt supply, is tainted by the use of child labor. And the second biggest source of cobalt is Russia, which is also the leading producer of battery-grade nickel.

Concentration risk for Li-ion batteries becomes even more pronounced further downstream in the supply chain. A new report by the International Energy Agency (IEA) notes that China:

• Owns more than half of the world’s processing and refining capacity for lithium, cobalt and graphite.
• Controls 70% of global production capacity for cathodes and 85% for anodes – the two key battery components.
• Manufactures three-quarters of the world’s supply of Li-ion batteries, and accounts for 70% of new production capacity set to be added through 2030.

An Interos survey of 750 procurement executives in Q1 found that 85% were concerned that their supply bases were too concentrated in certain geographic regions, such as China.

A similar share of participants in the aerospace & defense (A&D) and IT & technology sectors – both also significant users of Li-ion batteries – took the same view.

Chinese producers are heavily embedded in key industry supply chains

An analysis of Interos’ global relationship platform data reveals that:

• Almost 300 A&D entities in the U.S., Europe and Japan have the leading Chinese lithium firms Ganfeng Lithium Co., Tianqi Lithium Corporation and Zijin Mining Group in their supply chains.
• China’s primary cobalt miner – and the world’s second largest after Glencore – China Molybdenum indirectly supplies a slew of leading automotive components, car manufacturing and A&D firms operating in Japan and China.
• Almost 167,000 U.S., European and Japanese firms have indirect (tier-2 or tier-3) relationships with Chinese cathode and anode components firms, notably Ningbo Shanshan, BTR New Materials Group Co., Shenzhen Capchem Technology Co. and Tianjin B&M Science and Technology Co.
• Almost 500 technology and automotive manufacturers in the U.S., Europe and Japan use the top three Chinese Li-ion battery makers, Contemporary Amperex Technology Co. (CATL), BYD and China Aviation Lithium Battery Co. (CALB).
• South Korean battery makers LG Energy Solution, Samsung SDI and SK Innovation are rated as “low risk” (average i-Score of 79), whereas Chinese battery makers BYD and CALB are rated “medium risk” (average i-Score of 63).

Alternative strategies deployed by governments and OEMs

The dependence on Chinese refining, component and battery manufacturers is of concern not only to companies, but also to many Western and Asian governments.

Last year the U.S. Department of Energy published a blueprint for lithium-based batteries. In the context of a market that is expected to grow 5-10 times in size by 2030, it calls for the development of a domestic supply chain to support EVs, electrical grid storage, aviation and national defense.

The plan includes more secure access to raw materials; the elimination of cobalt and nickel from battery formulas; and the expansion of onshore processing, cell production, pack manufacturing and recycling capacity.

Source: National Blueprint for Lithium Batteries, 2021-2030, Federal Consortium for Advanced Batteries

The European Commission unveiled a similar strategy back in 2018, while in Japan the Battery Association for Supply Chain was established last year, with 55 member firms spanning all industry segments, to develop policy recommendations.

Auto makers aren’t waiting around for national governments to reshape battery supply chains. Many are now pursuing their own strategies in an effort to head off future supply chain disruptions. The two main ones are:

• Direct sourcing from mining companies. During the past 12 months, Tesla has signed contracts with lithium, nickel and graphite miners, including BHP and Vale, as it ramps up its battery raw material purchasing. BMW and General Motors have each made multi-million dollar investments in lithium mining projects, while Ford, VW, Renault and Stellantis have all done their own lithium supply deals. GM has also signed a multi-year agreement for cobalt with Glencore.
• Diversification of battery manufacturing.S., European and Japanese OEMs are also extending their cell components and battery pack production capacity outside China. Suppliers Panasonic, LG Energy Solution and Samsung SDI have announced new battery manufacturing plants on the U.S. east coast. Redwood Materials, an electronics recycling specialist, is building a new cathode material plant in Nevada, close to Tesla’s Gigafactory. And Europe’s Northvolt is planning new factories in Germany and Sweden.

Changing battery chemistries is another strategy being pursued by auto makers such as VW and Tesla to improve range, lower costs and reduce dependence on raw materials such as cobalt. But, as with the development of new manufacturing plants, this will take several years to fully implement.

In the meantime, vertical integration – a characteristic of the early automotive pioneers, but out of fashion in recent decades – seems to be the order of the day, as the industry seeks to minimize its vulnerabilities and regain control of electronics supply chains.

CBP Implements UFLPA: The Newest Law Targeting Supply Chain Washing and ESG Violations

On Monday, the United States’ Uyghur Forced Labor Prevention Act (UFLPA) goes into effect. Focused on a controversial region in northwest China, the landmark law creates a presumption that any products “manufactured wholly or in part” in Xinjiang are made with forced labor. It bans all imports from the territory unless a company can prove otherwise.

The guidance sets out the US Customers and Border Protection (CBP) agenda of enforcement and prioritizes investment in supply chain visibility technology and “digital traceability.” It also explicitly bans US companies from importing any products from a list of 20 newly named Chinese companies (many of which are based in Xinjiang), unless the importer proves the goods were not made with forced labor. The list of restricted companies is expected to grow as further labor violations are uncovered, and as named companies adopt aliases to evade detection. Interos is adding these restricted entities to our platform to help customers ensure they’re not in violation.

The law is the latest and boldest attempt to combat an increasingly common practice known as supply chain washing – the concealment of critical information about how products and services are sourced and sold.

While bad actors are certainly responsible for a significant amount of supply chain washing, even companies that believe they are acting in good faith can inadvertently violate sanctions, restrictions, and export controls through hidden unknown relationships in their supplier or customer networks.

UFLPA Compliance: Concerns Over Supply Chain Washing, Supply Chain Visibility, Rise 

The implementation of the UFLPA comes at a time when outcry over supply chain deception is high, as much of the world witnesses China’s persecution of the ethnic minority Uyghur population in Xinjiang. The U.S. has described China’s treatment of Uyghurs as genocide.

The UFLPA is part of a series of growing global regulatory actions requiring organizations to act on ESG hazards in their supply chains.

Global supply chains could be significantly impacted by the new law, since Xinjiang is one of the world’s largest producers of cotton as well as polysilicon, which is used to manufacture solar panels.

These growing regulatory dynamics are creating a new urgency to comply with the UFLPA and the many other anti-supply chain washing laws being passed around the world. In their enforcement strategy, CBP specifically cites supply chain washing as a concern, stating that “manufacturing processes and multi-tiered supply chains can further obscure the use of forced labor inputs by incorporating them into legitimate manufacturing processes… Such goods could then be exported from a third country to the United States as a means of obscuring or “laundering” the importation of tainted raw materials from Xinjiang.”

The shifts require organizations take a multi-pronged approach to reduce related supply chain risk.

UFLPA Forces Extra Due Diligence and Required Documentation

1. To comply with the law and overcome the rebuttable presumption, importers with exposure to Xinjiang need to implement a heightened due diligence process for supply chain tracing. The UFLPA requires a significant, risk-based supply chain diligence program, including a written code of conduct, an ongoing monitoring and compliance program and plans on how to remediate violations. The evidence required to demonstrate supply-chain tracing is extremely detailed and requires very extensive mapping and documentation.
2. A substantial portion of CBP’s guidance focuses on prioritizing “cutting-edge technologies to identify and trace goods made with forced labor, specifically those technologies that support enhanced visibility into trade networks and supply chains that source goods or materials made with forced labor.”
3. The Forced Labor Enforcement Task Force (FLETF) has issued detailed guidance on “due diligence, effective supply chain tracing, and supply chain management measures” aimed at avoiding the importation of goods produced with forced labor in Xinjiang. CBP points to the Department of Labor’s Comply Chain as a template for a compliant due diligence program.
4. Supply chain leaders should only expect the need for compliance to rise with future guidance, as CBP makes clear in their release of intent to gather “foreign corporate registry data to map the structure of multinational companies and their global corporate networks.”

Anti-Supply Chain Washing Laws are On the Rise Globally

The UFLPA is far from the only sign that global regulators are cracking down on supply chain washing.

The US Securities and Exchange Commission has proposed rules to dramatically increase ESG disclosure requirements, and is taking a much stricter approach towards enforcement, probing large investment firms’ so-called sustainability funds. 

Take the example of S&P: In late March S&P settled allegations that it violated U.S. sanctions on Russia when it continued to extend credit to Rosneft, the country’s leading oil and gas company. Or examine recent incidents where components sourced in the UK and Germany were found in Russian warfare machinery being used against the people of Ukraine.

It’s simply not enough to know just who is in your supply chain and what they are doing. You also need to know about where your own products end up.

Supply Chain Washing Can Occur Anywhere

Xinjiang is far from the only area of the world generating concern over supply chain washing: On June 29, the Financial Times published a story highlighting evidence that strongly suggests that Russia may be using concealed/intentionally mislabeled shipments to export stolen grain from Ukraine through already-sanctioned ports in Crimea. Authorities admit confirming whether or not these shipments contain looted grain is difficult, and that ships containing sanctioned goods will often directly transfer cargo to other vessels once at-sea to avoid detection.

Despite these difficulties, accepting shipments of potentially sanctioned goods creates massive risk for large companies. In an interview with the Financial Times, Aline Doussin, a partner at Hogan Lovells, stated that even companies in locations that have not directly placed sanctions on Russia “might find that large multinational companies from those places stop trading with them over concerns that they were indirectly trading with sanctioned entities.”

German Law Shows Trend in Supply Chain Accountability 

Germany’s Supply Chain Law takes effect January 1, 2023. That law requires any company doing business in Germany to vet both their direct (Tier 1) and indirect (Tier 2) suppliers for compliance with core human rights and environmental protection measures – or face fines of up to 2% of their global revenue.

In analyzing companies subject to the German law, Interos found approximately 53% have problematic ESG scores using a proprietary scoring method that dynamically assesses an organization’s risk.

Although other European Union member countries are not yet in agreement on the terms of such legislation, it is likely the E.U. will follow with similar anti-supply chain washing laws in the near future.

ESG Supply Chain-related Disruptions Remain Expensive

The Interos 2022 Annual Global Supply Chain Report revealed that ESG-related issues currently cost companies, on average, $35 million per year – and those costs will rise as more anti-supply chain washing laws are enacted.

But many aspects of global supply chains are complex and opaque: most organizations only have visibility of their first- and second-tier suppliers.

Almost one-third (30%) of respondents to Interos’ annual survey said they would only know about an ESG violation in their supply chain if it occurred at their first tier of suppliers – not beyond.

Awareness of ESG issues in a company’s supply chain is no longer optional. Ignorance is not only costly financially and reputationally, but it can also put a company out of compliance with governmental regulations.

The Uyghur Forced Labor Prevention Act is just the beginning

The UFLPA is just one piece of a growing body of global legislation aimed at cracking down on unsound business practices, and the supply chain washing measures used to conceal them.

With new regulations being implemented every day, the already-high cost of noncompliance and poor supply chain visibility is only going to rise – but most organizations still report limited visibility of their suppliers, and a majority have ESG scores indicating noncompliance with some emerging laws.

Organizations will need to invest in capabilities and tools that give them continuous visibility over their direct and indirect suppliers and buyers. CBP’s guidance specifically states that the organization will invest in “enhanced supply-chain tracing technology that can connect imported goods to Xinjiang and other parts of the world at high-risk for forced labor. CBP also plans to invest in advanced search engines that may allow CBP to link known or suspected forced labor violators with their related business structures and transactions.”

As mentioned, Interos is adding the 20 entities named in Monday’s guidance to our automatically monitored entity list. We will continue to update our platform to assist with UFLPA compliance.

When it comes to sustainability and supply chain washing, the tide is clearly turning. Businesses that invest in powerful technology solutions and build robust compliance programs will be able to embrace this change with open arms. Those that ignore this wave of change, do so at their peril.

How Interos Can Help

The video below shows how Interos customers can quickly check their exposure to Xinjiang and the companies sanctioned in the UFLPA with just a few clicks – and how to setup continuous monitoring groups to receive alerts should their risk exposure change.