Boards have always understood market volatility. Interest rates move, currencies swing, and commodity prices rise and fall. What has evolved is not the existence of risk, but its source. Presently, some of the most decisive threats to enterprise value arise not from markets, but from political decisions taken by governments and regulators across multiple jurisdictions.
National security reviews, energy-related policy decisions, sanctions designations, forced labour prohibitions, export controls, and tariff escalation can close markets, freeze assets, derail transactions, and disrupt supply chains with little notice. These are no longer peripheral compliance issues. They are strategic forces that shape corporate outcomes and demand sustained board attention.
The rise of economic statecraft
Governments are increasingly using economic tools to advance national security (including energy security) and foreign policy objectives. In Canada, national security reviews under the Investment Canada Act ("ICA") operate through two distinct review streams. Under the net benefit review, the Minister may require undertakings and impose conditions as a term of approval. Under the national security review, which can apply even to completed investments, the Governor in Council can block a proposed investment outright, require divestiture, or impose conditions without any obligation to approve. Both streams carry penalties for non-compliance, but the risk profile, timeline, and available outcomes differ materially. In the U.S., the expansion of the Committee on Foreign Investment in the United States’ ("CFIUS") jurisdiction following the Foreign Investment Risk Review Modernization Act ("FIRRMA") has widened its scope. The UK has introduced mandatory notification and standstill obligations under the National Security and Investment Act ("NSIA"), while the EU has established a framework for foreign investment screening and encouraged Member States to adopt their own. [1]
The result is that a single cross-border transaction can trigger parallel reviews in several jurisdictions, each with different thresholds, timelines, and mitigation expectations. Boards that treat political risk as a domestic issue, or assume that clearance in one jurisdiction implies clearance elsewhere, are increasingly exposed.
Sanction mechanisms illustrate this complexity even more starkly. Canadian sanctions under the Special Economic Measures Act ("SEMA") and the Justice for Victims of Corrupt Foreign Officials Act ("JVCFOA") operate alongside U.S., EU and UK regimes that increasingly do not align. For instance, the U.S. Office of Foreign Assets Control ("OFAC") applies secondary sanctions on non-U.S. persons transacting in U.S. dollars or touching the U.S. financial system. While a transaction may be permissible in Canada under SEMA, it may be blocked by financial institutions who have U.S. exposure under OFAC’s broad extraterritorial secondary sanctions reach, resulting in disruption, delay or even termination of the transaction. The divergence in regulatory scope does not uniformly place Canada below other jurisdictions. In some respects, including certain services-category prohibitions linked to Russia-related designations, the UK and EU have moved further. In others, Canada’s framework is equally or more demanding: SEMA violations carry criminal liability, Canada’s sanctions orders impose immediate asset-freeze obligations without the licensing flexibility that OFAC commonly provides, and Canada’s Corruption of Foreign Public Officials Act (“CFPOA”) contains no facilitation-payments exception, making it stricter in that respect than the U.S. Foreign Corrupt Practices Act. These divergences are not hypothetical. Differences in prohibitions under sanctions, broader “control” concepts in the EU and UK, and inconsistent designation lists mean that a counterparty that is not unlawful in Canada may nonetheless trigger material exposure elsewhere and the converse applies with equal force: conduct or relationships prohibited under SEMA or the CFPOA may face no equivalent restriction in other jurisdictions, meaning Canadian companies cannot benchmark their compliance solely against foreign programs, forcing difficult decisions to be made quickly.
Trade and supply chain regulation have followed the same trajectory. Canada's export controls under the Export and Import Permits Act ("EIPA"), the forced labour reporting and import prohibition framework under the Fighting Against Forced Labour and Child Labour in Supply Chains Act ("Forced Labour Act"), and tariff retaliation measures now sit alongside the U.S. Uyghur Forced Labor Prevention Act ("UFLPA") and emerging European due diligence requirements, among others, forming a global web of obligations that boards cannot manage by reference to domestic policies alone. For boards, the challenge is no longer awareness, but understanding how these regimes intersect and where they create legal pressure points.
When politics shape corporate outcomes
In this modern age, political risk increasingly determines outcomes that once turned on commercial logic alone. Canada has ordered divestitures in the critical minerals and technology sector on national security grounds.[2] CFIUS has blocked or unwound transactions involving semiconductors, sensitive data, and emerging technologies. [3] The UK has intervened in acquisitions in defence and advanced manufacturing. [4] As a result, transactions that clear valuation, financing, and competition / anti-trust hurdles can still fail late in the process due to national security intervention. The answer to this risk is early engagement. The closer to signing that a regulatory problem is first identified, the fewer tools remain available to address it. Boards that treat political risk diligence as a deal-approval gate, not an afterthought, are the ones best positioned to protect transaction value.
Operational exposure can crystallize just as quickly. A supplier relationship may become untenable overnight following a sanctions designation or tariff application. Goods can be detained at the border under forced labour rules, disrupting production and customer commitments. Automakers experienced this following Russia’s invasion of Ukraine—production depended on concentrated supplies of specialized components that could not be replaced easily, and when disruptions took hold, supplies dried up almost immediately, forcing slowdowns and plant closures. In early 2024, finished vehicles were held at U.S. ports after authorities identified a prohibited subcomponent several tiers down the supply chain; delays stretched for weeks. [5]
Political risk should no longer be an external shock. It is embedded in contracting, treasury operations, procurement decisions, technology access, and merger activity. Boards that underestimate its velocity and reach risk being forced into reactive decision making under unfavourable conditions.
Uncertainty and timing
One of the most difficult aspects of political risk is timing uncertainty. National security reviews can extend through multiple phases with limited visibility into government concerns. Conditions may be imposed late and may conflict with obligations elsewhere.
Boards must therefore demand scenario analysis of their management. What does this mean? It means that (a) boards should be identifying what decisions, contracts and relationships could be exposed to political risk and (b) instruct management to account for “what if” in their analysis of undertaking the risk. For example, what happens if a counterparty is designated in one jurisdiction but not another? What if goods are detained at the border with no clear timeline on release? What if regulator-imposed conditions across various jurisdictions conflict and constrain integration plans or future growth? Boards should be mindful that their oversight requires adaptive and dynamic considerations.
The governance implications for boards
Board duties have not changed, but the facts directors must consider have. Under Canadian corporate law, fiduciary duties and common law care obligations require directors to act honestly and in good faith with a view to the best interests of the corporation, and to exercise the care, diligence, and skill that a reasonably prudent person would exercise in comparable circumstances. As the Supreme Court of Canada has emphasized, the best interests of a corporation “are not confined to short-term profit or share value” and, “Where the corporation is an ongoing concern, it looks to the long-term interests of the corporation.[6] As circumstances evolve, geopolitical factors affecting a corporation’s long-term interests form part of the risk landscape a “reasonably prudent” board must consider.
Comparable expectations are visible across jurisdictions. U.S. case law emphasizes the need for effective compliance systems.[7] UK directors are required to consider long-term consequences of decisions.[8] European initiatives are moving toward explicit board-level responsibility for sustainability and human rights due diligence.[9] In Canada, several pieces of legislation already place boards directly within the compliance scheme, including forced labour reporting and anti-money laundering ("AML") obligations. The Proceeds of Crime (Money Laundering) and Terrorist Financing Act ("PCMLTFA") requires board approval of foreign branch compliance policies.[10] The Forced Labour Act mandates that forced labour reports be approved by the governing body.[11]
Political risk is one of many external forces directors must weigh when acting in the corporation's best interests. Where an issue touches core stakeholders, boards may need to engage it through the lens of stated purpose and values. Companies facing political pressure with clear articulation of how policies connect to long term performance often fare better than those that reverse course abruptly.
The role of management and advisors
Boards can rely on management and qualified advisors, but directors must make informed, good-faith decisions. This means not mere reliance on management to advise, but a clear understanding of the inputs required to make the relevant decision. In matters like sanctions and forced labour reporting, where statutes name the governing body, the expectation is active oversight, not ceremonial sign-off. Management should support oversight through the implementation of robust enterprise-wide compliance programs (not mere paper programs), periodic independent testing, and a direct reporting line from the general counsel or chief compliance officer to the board.
Adopting a scenario framework
Traditional planning tends to assume one base case with downside scenarios, but geopolitical uncertainty makes that approach obsolete. Political decisions or global events can push a business in different directions; boards need to understand what those outcomes could look like and what choices each would demand. Geopolitical risk should be part of strategic governance with management deciding which futures to plan for while preserving flexibility, instead of allowing exposure to accumulate through inaction.[12]
When considering multiple futures, boards should ask three questions: What forces drive the uncertainty? What distinct paths could emerge? What strategic positioning works under each? A company exposed to cross-border supply chains might map scenarios ranging from managed cost increases to forced relocation to technological disruption, each demanding different capital and operational commitments.[13] Since no strategy optimizes for all possibilities, boards must consciously choose where to build flexibility and where to accept trade-offs.
Prior to each board meeting cycle, directors should consider what has changed in the relevant geopolitical climate, whether current positioning remains sound, and whether any course correction is warranted. This approach shifts the governing question from "What could go wrong?" to "Are we nimble enough to be well positioned for where global events are heading in the next 6, 12 and 18 months?"
Integrating political risk into enterprise risk management
Political risk should be an integral pillar of enterprise risk oversight. National security risks should inform transaction planning from the earliest stages of deal development. When boards approve an acquisition, investment or partnership, they should consider not only price and commercial fit but also whether regulatory reviews could delay closing, impose conditions, or unwind the deal.
Sanctions considerations should tie into treasury functions. Treasury teams need to understand how sanctions could disrupt payment or banking access. Customer onboarding should flag relationships that seem low risk today but could not be sustained if sanctions were tightened.
Forced labour exposure should be managed through procurement governance. Boards should expect management to identify suppliers in higher risk regions and understand whether a minor component could prevent an entire product from being imported.
Export control constraints should shape how products are built, not only how they are marketed. Boards should ask whether design decisions today could limit where products can be sold tomorrow. (i.e., If controlled technology is embedded in a way that makes approvals impractical or impossible). Early attention to architecture can preserve market options; late attention can eliminate them.
Tariff vulnerability should be evaluated alongside revenue concentration and sourcing flexibility. Boards should understand which revenues and supply chains rely on tariff-sensitive trade and how quickly the company could adapt.
Effective integration depends on assigning accountability, pre defining escalation triggers, and ensuring consistent board level visibility. It requires advisors capable of assessing regulatory, strategic, and operational risk holistically across jurisdictions. Because investments in redundancy commonly depress short term returns, boards should assess whether compensation frameworks unintentionally discourage risk positioning.
Building political risk awareness in the boardroom
Board composition, education, and information flows determine whether oversight keeps pace. Risk committees are adding directors with national security or trade compliance backgrounds. Has your board done this? Has your skills matrix been updated to add these skills? Regular education on key legislation should join the board calendar. Most boards set aside funds for ongoing director education. Management should include these topics in ongoing security awareness training and provide dashboards tracking sanctions alerts, forced labour incidents, and regulatory engagements, with escalation thresholds outside normal meeting cycles.
Warning signs that governance must evolve include (i) geopolitics remaining confined to risk committee updates rather than full board discussion, (ii) management presenting a single forecast rather than multiple scenarios, and (iii) no one asking, "Which scenario are we positioned for?” Crisis preparedness matters because political risk events are a matter of “when,” not “if.” Boards should identify likely flashpoints, pre designate response teams, and ensure those teams rehearse together.
External pressure can also clarify strategy. When initiatives face challenge, companies have an opportunity to reassess how those efforts advance business objectives. More boards are using dedicated retreats built around scenario planning to do this work—directors step away from the boardroom and walk through realistic scenarios such as regulatory changes, cyber incidents, or geopolitical events. Boards that create space for these conversations are better positioned to govern proactively.
Questions boards should be asking
Directors should ask practical questions that illuminate exposure and readiness.
- Does sanctions screening capture ownership and control beyond list matching, including foreign designations?
- Would our supplier checks detect forced labour risks in our supply chain?
- If goods were stopped at the border, do we know what we would do next to keep operations moving?
- For transactions, which foreign investment reviews would we trigger, when should we engage with the regulator, and could conditions imposed in different countries conflict with each other?
- For transactions currently in diligence or negotiation, has political risk been assessed at the term-sheet stage and has management been directed to structure the deal, set closing timelines, and engage with regulators in a way that reflects that assessment?
- Do our export control policies ensure that data access, remote support, and software updates comply with the relevant regulations?
- Are our AML, sanctions, procurement, export-control, and anti-corruption policies aligned across jurisdictions, or do they create blind spots?
- How vulnerable are we to tariff escalation on key product lines or input materials, and do we have contingency sourcing or market access strategies?
- Which scenario is our current strategy positioned for, and is that still the right bet?
- Have we mapped our international business activities against CFPOA risk, particularly in higher-risk markets, and do our anti-corruption controls meet the standard required to support a due diligence defence?
Looking ahead
Political risk is now a permanent feature of the corporate landscape. Governments will continue to assert control over investment, trade, and supply chains in pursuit of security and policy objectives. Boards do not need a new theory of governance to respond. Existing fiduciary duties already encompass these realities. What boards do need is an oversight model that treats political risk as a core driver of long-term value: global in scope, adaptive in execution, and embedded in governance architecture. Those that adapt early will be better positioned to protect enterprise value and preserve stakeholder trust.
***
Brian Hiebert practices corporate, commercial, energy, and environmental law. Brian has significant experience in mergers and acquisitions, joint ventures, corporate finance, as well as construction, energy, forest industry, and transportation, and waste management projects and transactions. Brian served on the environmental management committee of a major forest products company and provides advice to a wide range of clients on environmental compliance and regulatory issues. Among Brian's clients are a number of construction companies, major forest products companies producing logs, market pulp, dimensional lumber, paper products, and wood pellets, producers, distributors, and marketers of electricity and renewable energy and fuels, and owners of waste management facilities.
Jennifer Cleall, K.C. is a partner in DLA Piper's Edmonton office where she practises business law, with a particular emphasis on corporate/commercial, environmental and governance matters. Jennifer has a quarter century of experience providing strategic advice to domestic and international clients in a broad range of commercial matters. Jennifer represents clients involved in a wide variety of industries, including waste management, construction, energy, consumer and retail products, manufacturing, transportation, government agencies. As a key advisor to each organization, Jennifer draws on specialized areas of the firm, including tax, litigation, intellectual property (IP) and employment law services to ensure that her clients' legal needs are met in a timely, cost-effective and thoughtful way. Jennifer is the national Co-chair of the Corporate Practice Group.
Juma Amisi, articling student at the firm, assisted with the publication.
[1] EC, Regulation (EU) 2019/452 of the European Parliament and of the Council of 19 March 2019 establishing a framework for the screening of foreign direct investments into the Union, [2019] OJ, L 79I/1
[2] Innovation, Science and Economic Development Canada, "National Security Decisions" (last modified 10 March 2026), online: Investment Canada Act
[3] Committee on Foreign Investment in the United States, Annual Report to Congress: Report Period: CY 2024 (Washington, DC: US Department of the Treasury, 2025), online: US Department of the Treasury
[4] United Kingdom, Ministry of Defence, Defence Industrial Strategy: Making Defence an Engine for Growth, Cm 1388 (8 September 2025), online: GOV.UK
[5] Christina Amann & David Shepardson, "Some Volkswagen Cars Delayed in U.S. Ports over Chinese Part" (14 February 2024), online: Reuters
[6] Peoples Department Stores Inc. (Trustee of) v. Wise, 2004 SCC 68 at paras 62–67 and BCE Inc. v. 1976 Debentureholders, 2008 SCC 69 at paras 38-42
[7] Caremark International Inc Derivative Litigation, 698 A (2d) 959 (Del Ch 1996); See also Marchand v Barnhill, 212 A (3d) 805 (Del 2019) (reaffirming Caremark oversight duties).
[8] UK Companies Act 2006, c 46, s 172(1).
[9] EC, Directive (EU) 2024/1760 of the European Parliament and of the Council of 13 June 2024 on corporate sustainability due diligence and amending Directive (EU) 2019/1937 and Regulation (EU) 2023/2859, [2024] OJ, L 2024/1760
[10] Proceeds of Crime (Money Laundering) and Terrorist Financing Act, S.C. 2000, c. 17, s. 9.7(2)
[11] Fighting Against Forced Labour and Child Labour in Supply Chains Act S.C. 2023, c. 9, s. 11(4)
[12] Paul Hayman, "Geopolitical Scenario Planning and the Board" (18 December 2025), online: Directors & Boards
[13] Ibid.