Businesses are stepping up their risk management strategies with tighter control of supply chains, enhanced contractual protection, centralised regulatory oversight and more frequent cyber simulations, according to insights from Clyde & Co.

Across industries, firms are shifting towards greater vertical integration to manage third-party exposure and reduce vulnerability to geopolitical volatility. In energy and agriculture, some are expanding operations or acquiring supply chain components to ensure continuity if one jurisdiction becomes unstable. Others are adopting friend-shoring approaches to concentrate suppliers in politically aligned markets.

Economic uncertainty is being met with structural change. Companies are embedding inflation clauses and stronger force majeure provisions directly into contracts, and redesigning governance frameworks to build in flexibility. There has also been a marked focus on automation and workforce agility to maintain performance during market disruption, according to the firm.

James Roberts, partner at Clyde & Co, London, said: “Volatility is a feature, not a bug. The more resilient companies will redesign workforces with automation, flexible resourcing and agile structures. This means teams [that] can look at the detail of potential risk are a key part of the upfront contracting process, rather than a second stage.”

Rising regulatory obligations are driving further internal reorganisation. Many large corporates, particularly in financial and insurance sectors, are setting up centralised regulatory intelligence hubs to map and monitor global obligations, while recruiting more sector specialists to interpret new rules. This is also elevating the role of HR and chief people offices in risk governance.

Cyber security is another area of rapid change. Businesses are embedding cyber awareness into their cultures and running regular simulations to test defences, with demand for cyber expertise outpacing supply. In the Middle East and Asia, ransomware attacks have intensified, prompting companies to strengthen protocols and controls as regional data privacy laws evolve.

Artificial intelligence has entered the mainstream of corporate risk planning. Companies are introducing governance frameworks to manage AI adoption, ensuring efficiency gains do not create new exposures.

Ben Knowles, partner and chair of the global arbitration group at Clyde & Co, London, commented: “Leadership will provide the tools, but each department, including legal, is expected to figure out how to use AI. The focus is on efficiency over innovation, and this efficiency drive is probably trumping concerns about risks. Organisations must introduce guidance, guardrails and frameworks as they roll out any AI tools in the workplace.”

---