Compliance in an era of geopolitical and technological complexity

Abstract

Global business now operates within a fragmented and geopolitically charged regulatory environment in which sanctions, ESG enforcement, supply-chain opacity, and technological transformation intersect. Traditional compliance models—centred on formal rule adherence and procedural checklists—are increasingly inadequate in contexts defined by economic statecraft, polycentric regulation, and heightened personal accountability. Sanctions regimes have expanded in scope and extraterritorial reach, embedding firms within geopolitical power competition and transforming compliance into a strategic function shaped by political alignment and network exposure. Simultaneously, supply-chain complexity and mandatory human rights due-diligence frameworks elevate traceability and transparency from voluntary practice to enforceable obligation. ESG has shifted from reputational discourse to legally material governance, collapsing the boundary between ethics and compliance.

Recent scholarship documents a broader transition from formalistic compliance toward intent-oriented, risk-based, and anticipatory governance models. Regulators increasingly evaluate economic substance, behavioural patterns, and organisational foresight rather than technical conformity alone. Technological innovation, including AI-enabled compliance systems, further enhances predictive capacity while introducing new risks relating to explainability, auditability, and liability. At the same time, enforcement trends increasingly personalise responsibility, exposing executives and compliance officers to direct accountability.

This paper argues that compliance is undergoing a structural reconstitution within the global political economy. It is evolving from a reactive legal safeguard into a predictive, intelligence-driven governance function that integrates geopolitical analysis, supply-chain oversight, ESG accountability, and technology risk management. Sustainable compliance in this environment requires holistic, risk-informed architectures capable of aligning regulatory intent, organisational strategy, and individual accountability under conditions of persistent uncertainty.

1. Introduction

Global business operations are increasingly embedded in environments where geopolitical volatility, social expectations, technological transformation, and regulatory expansion intersect, reshaping the nature of compliance risk. Contemporary scholarship in international business and regulation highlights that firms now operate within “polycentric” governance structures, where state regulation, transnational standards, and private governance mechanisms overlap (Kolk, 2016; Arner, Barberis & Buckley, 2020). This multiplicity increases legal uncertainty and amplifies exposure to reputational and enforcement risk.

1.1 Geopolitical Volatility and Sanctions Risk

The Russian invasion of Ukraine in 2022 triggered one of the most expansive and coordinated sanctions responses in modern history, reshaping the international sanctions landscape and intensifying geopolitical risk for multinational enterprises. Sanctions packages introduced by the United States, the European Union, the United Kingdom, and allied states combined traditional restrictive measures (such as asset freezes and trade controls) with novel mechanisms that extend beyond primary sanctions to target third-party actors that assist, finance or facilitate sanctioned entities (Ruys & Silvestre, 2024). Indeed, scholars argue that the post-2022 environment has reinforced the extraterritorial reach of secondary sanctions, whereby jurisdictions seek to influence conduct outside their borders by threatening denial of access to markets, financial systems or supply chains if firms engage with sanctioned targets (Ruys & Rodríguez Silvestre, 2024).

Secondary sanctions function as an anti-circumvention device: by holding third-country firms accountable for indirect involvement with sanctioned parties, states aim to close loopholes in enforcement and prevent economic actors in non-sanctioning jurisdictions from negating the intended coercive impact of primary measures. This increasingly complex sanctions architecture has significant implications for multinational enterprises’ compliance obligations, particularly in the context of global ownership structures and cross-border value chains. Firms can no longer manage risk merely by monitoring direct counterparties; they must now map and supervise indirect relationships and ultimate beneficial ownership (UBO) chains in order to avoid inadvertent exposure to secondary sanctions or extraterritorial enforcement actions (Ruys & Rodríguez Silvestre, 2024).

This trend aligns with broader insights from international business research showing that sanctions regimes disrupt traditional institutional and corporate frameworks and force firms to adapt governance and compliance systems rapidly. The complexity of modern sanctions environments increases costs, heightens legal risk, and can push firms toward over-compliance or strategic withdrawal from certain markets as a risk mitigation strategy. For example, multinational corporations faced reputational and regulatory pressure to withdraw or scale back operations in Russia following the war, as seen in datasets tracking corporate behaviour and sanctions compliance during the conflict (Sonnenfeld & Tian, 2022; linked via Yale’s CELI list).

In this context, beneficial ownership transparency has emerged as a key regulatory focus, as sanctions enforcement agencies and financial intelligence units seek to trace control and financial benefit back to sanctioned persons or entities hidden behind layers of corporate structures. Regulatory reforms in jurisdictions such as the UK’s Economic Crime (Transparency and Enforcement) Act 2022 demonstrate this shift by compelling the disclosure of beneficial ownership to strengthen asset tracing and sanctions compliance frameworks (UK Parliament, 2022).

However, this expanded extraterritorial regime also raises legal and normative concerns about sovereignty and fairness in enforcement. The literature on extraterritorial sanctions in international law argues that extending compliance obligations to non-target states or non-nationals for conduct occurring outside the imposing state’s territory can create jurisdictional tensions and uncertainty for global firms (Abely, 2023).

1.2 From Formalistic Compliance to Substantive, Risk-Based Governance

Traditional compliance systems have often emphasised procedural adherence and documentary formalism. However, regulatory theory increasingly points toward risk-based and outcomes-oriented regulation, where regulators assess the substance and intent behind corporate behaviour rather than mere procedural conformity (Gunningham & Sinclair, 2017). This shift requires firms to integrate predictive risk intelligence, scenario planning, and adaptive governance mechanisms.

In the financial sector, Arner, Barberis and Buckley (2020) argue that digital transformation and regulatory technology (RegTech) are driving a move toward proactive compliance architectures that rely on data analytics, real-time monitoring, and anticipatory risk assessment. Such systems enable organisations to identify emerging vulnerabilities before enforcement action materialises. This represents a paradigmatic shift from reactive compliance toward embedded, forward-looking governance.

1.3 Supply-Chain Complexity and ESG Enforcement

Global supply chains significantly amplify compliance exposure. Multi-tier supplier networks create opacity that complicates monitoring for forced labour, human rights violations, and environmental harms. Research shows that lead firms often lack visibility beyond first-tier suppliers, increasing the risk of inadvertent ESG breaches (Hurt et al., 2023; Kolk, 2016).

Simultaneously, ESG-related enforcement has intensified through instruments such as mandatory due diligence laws and disclosure requirements. Kolk (2016) emphasises that sustainability governance has evolved from voluntary corporate social responsibility initiatives to binding regulatory expectations, embedding ESG compliance into core business strategy. As a result, compliance functions must now integrate environmental and human rights risk mapping into traditional legal oversight structures.

1.4 Technological Transformation and New Risk Domains

Technological advances, including AI-enabled compliance tools and automated monitoring systems, offer efficiency and detection benefits. However, they also introduce new forms of model risk, opacity, and accountability challenges. Krafft and Manhartsberger (2021) highlight that algorithmic decision-making in regulated environments can generate explainability deficits and audit challenges, particularly when enforcement agencies require demonstrable oversight.

The governance of AI systems intersects with rising expectations for executive accountability. Regulatory trends increasingly impose personal liability on senior managers and compliance officers, reinforcing the need for robust oversight and documentation (KPMG, 2022). This development strengthens the argument that technological adoption must be embedded within formal governance frameworks, including audit trails, validation procedures, and escalation protocols.

1.5 Toward Holistic, Risk-Informed Compliance

The literature converges on a central conclusion: contemporary compliance requires a holistic, risk-informed, and adaptive approach. Rather than treating legal obligations as discrete silos, firms must integrate geopolitical intelligence, supply-chain transparency, ESG risk assessment, and technological governance into unified risk architectures.

This transformation reflects broader shifts in international business governance, where regulatory expectations extend beyond technical legality to encompass ethical conduct, resilience, and reputational stewardship (Kolk, 2016; Gunningham & Sinclair, 2017). Predictive analytics, scenario planning, and cross-functional coordination are increasingly necessary to manage compound risks emerging from geopolitical instability, regulatory fragmentation, and technological disruption.

In sum, recent scholarship supports the argument that global compliance has moved beyond procedural conformity toward substantive, forward-looking governance. Organisations that embed geopolitical awareness, supply-chain visibility, ESG integration, and technology oversight within structured governance frameworks are better positioned to safeguard both corporate entities and individual executives in an increasingly complex regulatory landscape.

2. Literature Review

2.1 Geopolitical Compliance and Sanctions

Current research underscores that economic sanctions have evolved well beyond narrow legal instruments and are now central components of geoeconomic strategy and statecraft, reflecting the complex interplay between political objectives and economic coercion. Sanctions are increasingly used not only to punish non‑compliance with written laws but also to shape geopolitical behaviour and influence international relations, especially in response to major conflicts such as Russia’s invasion of Ukraine (Reddie & Walker, 2024; van Bergeijk, 2021). Recent analyses describe sanctions as restrictive policy measures designed to induce policy changes or address violations of international norms, and their employment has expanded in scale, scope and frequency (Morgan, Syropoulos & Yotov, 2023; van Bergeijk, 2021).

Sanctions disrupt institutional frameworks for international business and challenge existing compliance assumptions, forcing firms to respond to politically motivated restrictions that may arise rapidly and unpredictably (Aguilera & Walker, 2024; Meyer & Li, 2022). This geopolitical dimension of sanctions means that compliance can no longer be limited to adherence to extant regulations; organisations must cultivate predictive intelligence capabilities to anticipate where sanctions risks may emerge, including potential secondary sanctions, conflicting regimes, and shifting alliances (Morgan, Syropoulos & Yotov, 2023). Such predictive approaches align with broader academic calls for compliance frameworks that integrate risk assessment, real‑time geopolitical monitoring and scenario planning rather than relying solely on static rules‑based screening (Reddie & Walker, 2024; van Bergeijk, 2021).

2.2 Compliance with Intent

Recent literature emphasises a transition from narrow, procedural compliance toward a substantive, risk‑informed and intent‑oriented approach to regulation. Traditional compliance models—often criticised as “box‑ticking” or merely rule‑following—are increasingly seen as insufficient for complex regulatory environments where compliance decisions require interpretation, judgement and contextual understanding (Boeken, 2024; From compliance to security, 2024). Scholars argue that compliance should be understood not just as adherence to formal requirements but as active engagement with the purpose of regulation and the spirit behind legal obligations (Kuiper et al., 2022).

This shift is reflected in regulatory theory, particularly in the concept of smart regulation, which advocates for flexible, multi‑instrument and multi‑actor governance rather than rigid command‑and‑control approaches (Smart regulation, Gunningham & Sinclair, 2017; OECD, 2021). Smart regulation accommodates a variety of tools, institutional actors, and adaptive mechanisms to influence behaviour beyond simple rule enforcement, aligning regulation with broader goals such as effectiveness, efficiency and legitimacy (Smart regulation, 2017; OECD, 2021).

In parallel, risk‑based regulatory frameworks now require compliance practitioners to assess broader contextual risks—economic purpose, supply‑chain complexity, stakeholder impacts and circumvention strategies—rather than focusing solely on the surface conformity of formal procedures (OECD, 2021; Boeken, 2024). This substantive shift reflects a deeper evolution in compliance practice, from managing formal requirements to interpreting and operationalising regulatory intent in dynamic and interconnected environments.

2.3 Supply-Chain Complexity

Supply‑chain opacity has emerged as a central compliance risk because global value chains span multiple tiers, jurisdictions and actors, making visibility and traceability difficult for organisations. Research shows that complex, fragmented supply networks impede the identification of human rights violations such as forced labour and modern slavery, which frequently occur beyond first‑tier suppliers (Pinnington, Benstead & Meehan, 2023).

This lack of visibility not only complicates compliance with labour standards but also undermines the effectiveness of transparency‑based governance regimes; firms often struggle at the discovery stage before even disclosing risks in reporting frameworks (Pinnington, Benstead & Meehan, 2023). Empirical studies modelling supply networks suggest that a high proportion of firms are interconnected through multi‑tier relationships where human rights abuses may exist disproportionally in upstream nodes, illustrating that risks multiply with each additional tier of obscured supply links (Hurt et al., 2023).

Moreover, regulatory responses such as the UK Modern Slavery Act 2015 and the EU Corporate Sustainability Due Diligence Directive mandate enhanced due diligence and public reporting precisely because opacity in supply chains masks violations of labour, environmental and governance norms (UK Government, 2023; BCG, 2024). In practice, the rising imperative for greater supply‑chain transparency is linked directly to compliance exposure: without end‑to‑end mapping of materials, components and flows, companies cannot reliably identify, mitigate or report on modern slavery, forced labour and related ESG violations, which in turn increases litigation, regulatory and reputational risk (Pinnington, Benstead & Meehan, 2023; UK Government, 2023).

2.4 ESG and Human Rights Compliance

Environmental, social and governance (ESG) factors have moved beyond voluntary corporate initiatives and reputational considerations to become embedded in binding legal and regulatory frameworks, with direct implications for compliance and enforcement. Governments and regulators are increasingly integrating human rights and environmental protections into corporate due diligence and enforcement regimes, requiring companies to identify, prevent and mitigate adverse impacts along their value chains under threat of sanctions and penalties (Hogan Lovells, 2023; ComplianceCheck, 2023).

For example, modern statutory instruments such as the German Lieferkettensorgfaltspflichtengesetz (LkSG) impose legally binding human rights and environmental due diligence obligations on firms, penalising failures to act on risks identified in supply chains (Lieferkettensorgfaltspflichtengesetz, 2025). These regulatory developments reflect a broader trend in which human rights and environmental harm are no longer peripheral to compliance but core components of enforceable law: companies that fail to meet these obligations risk sanctions, litigation and regulatory actions, making ESG compliance a legal and strategic imperative rather than a purely voluntary standard (Hogan Lovells, 2023).

This shift aligns with scholarly and policy discussions increasingly framing ESG issues within mandatory governance and enforcement structures, challenging firms to integrate ESG risk assessment and mitigation into operational decision‑making rather than treating them as reputational add‑ons (OECD Double Materiality, 2024).

2.5 Technology-Driven Compliance

Advances in artificial intelligence, automated screening, and cyber-risk management have introduced model and operational risk into compliance functions. Literature stresses the challenges of auditability, liability, and transparency in AI-driven systems (Krafft & Manhartsberger, 2021; Ringe & Ruof, 2022), highlighting the regulatory expectation that firms explain and defend algorithmic compliance decisions.

2.6 Personal Accountability

Compliance failures increasingly attract personal liability for executives and compliance officers, particularly in contexts of weakened rule-of-law governance (KPMG, 2022). Scholars suggest robust documentation, governance structures, and escalation procedures as necessary safeguards in high-risk environments (Biersteker et al., 2016; Arner et al., 2020).

2.7 Sanctions and Economic Statecraft as Structural Features of the Global Economy

A central theme is the normalisation of sanctions and economic coercion as enduring instruments of state power, rather than exceptional policy tools. Aguilera and Walker (2024), Blackwill and Harris (2016), Farrell and Newman (2019), and van Bergeijk (2021) collectively show that sanctions now operate within a context of strategic competition where economic interdependence itself becomes weaponised.

Empirical studies reinforce this shift. Bapat and Morgan (2009), Drezner (2015), Early (2015), and Biersteker et al. (2016) demonstrate that sanctions effectiveness depends less on formal design and more on network positioning, enforcement asymmetries, and private-sector responses. Morgan et al. (2023) further frame sanctions as geoeconomic tools, embedded in broader conflict dynamics rather than isolated legal measures.

Firms are no longer passive rule-takers; they are transmission belts of state coercion. Compliance thus becomes a geopolitical function shaped by strategic rivalry rather than neutral legal harmonisation.

2.8. Fragmented, Polycentric, and Risk-Based Regulation

A second unifying theme is the fragmentation of regulatory authority and the rise of polycentric governance. Bradford’s (2020) “Brussels Effect” explains how powerful jurisdictions externalise regulation globally, while Schmidt (2022) highlights the legal tensions created by unilateral and extraterritorial sanctions.

OECD (2021, 2024, 2025) frameworks describe a shift toward risk-based and anticipatory regulation, where regulators expect firms to identify, assess, and mitigate risks proactively rather than merely comply with prescriptive rules. Gunningham and Sinclair’s (2017) “smart regulation” and Gunningham’s (2020) work on enforcement show how responsibility is increasingly delegated to firms through layered regulatory strategies.

Regulatory systems no longer provide clear, stable rules. Instead, they create expectations of judgement, foresight, and internal governance, pushing compliance inward into corporate decision-making structures.

2.9. From Formal Compliance to Substantive Responsibility and Intent

Many authors document a move from formalistic compliance toward substantive evaluation of intent, outcomes, and economic purpose. Arner, Barberis, and Buckley (2020a; 2020b) argue that post-crisis regulation increasingly targets behavioural patterns rather than technical violations, a trend reinforced by risk-based supervision models.

This shift is mirrored in ESG and human rights scholarship. Kolk (2016), Gunningham et al. (2012), Ruggie (2018), and OECD (2024) all argue that firms are now expected to manage social and environmental impacts as governance obligations, not voluntary ethics. Supply-chain due-diligence research (Lambin et al., 2018; Hurt et al., 2023; Pinnington et al., 2023) shows regulators evaluating whether firms genuinely understand and control their value chains.

Compliance is increasingly judged by economic substance, traceability, and responsibility, not procedural adherence. “Box-ticking” is widely depicted as inadequate and even risky.

2.10. Supply Chains as Sites of Power, Risk, and Liability

Another dominant theme is the reconceptualisation of global supply chains as compliance-critical infrastructures. Gereffi (2018) frames global value chains as systems of power and dependency, while Lambin et al. (2018) and Hurt et al. (2023) empirically demonstrate how opacity enables regulatory evasion and social harm.

Legal and policy-oriented sources (ComplianceCheck, 2023; Hogan Lovells, 2023; UK Government, 2023) align with academic findings by emphasising due diligence, traceability, and disclosure obligations. Network-based compliance models (Kuiper et al., 2022) further suggest that compliance failures emerge from systemic complexity, not isolated misconduct.

Supply-chain governance is no longer peripheral. It is a core locus of regulatory enforcement, reputational risk, and geopolitical vulnerability.

2.11. Technology, Automation, and the Accountability Paradox

A substantial subset of the literature examines technology-driven compliance, particularly AI and RegTech. Arner et al. (2020a; 2020b) position RegTech as a response to regulatory complexity, while Busch and Henriques (2020), Ringe and Ruof (2022), and Krafft and Manhartsberger (2021a; 2021b) warn of new accountability risks.

These authors converge on a paradox: automation increases efficiency and predictive capacity but does not displace human responsibility. Algorithmic opacity, bias, and model drift create legal and ethical exposure, particularly where regulators demand explainability and auditability. López and Hildebrandt’s (2024) systematic review shows a trend toward formal, logic-based compliance systems—but emphasises governance gaps between technical capability and institutional accountability.

Technology transforms compliance into a predictive intelligence system, but simultaneously intensifies demands for governance, documentation, and human oversight.

2.12. Compliance, Ethics, and the Rise of Personal Accountability

Finally, the literature highlights the personalisation of compliance risk. ESG scholarship (Eccles & Klimenko, 2019; OECD, 2024) links investor pressure to executive accountability, while sanctions and enforcement research (Biersteker et al., 2016; Schmidt, 2022) shows regulators targeting individuals to overcome jurisdictional limits.

Boeken (2024) and Ruggie (2018) frame this development normatively, arguing that compliance now extends beyond legal obligation into corporate responsibility and security. Compliance officers and executives increasingly function as ethical and geopolitical gatekeepers, not merely legal technicians.

Compliance is becoming personally consequential, blurring the boundary between organisational governance and individual liability.

3. Implications for Compliance

3.1 Compliance Becomes Geopolitical

The transformation of compliance into a geopolitical function reflects the broader shift from liberal economic interdependence toward strategic economic statecraft. Sanctions, export controls, and investment screening are no longer episodic policy tools but embedded instruments of power competition (Farrell & Newman, 2019). Compliance risk thus increasingly derives from anticipated political alignments, not only from formal legal prohibitions.

Peer-reviewed research shows that sanctions effectiveness and targeting are shaped by network centrality in finance, trade, and technology, making firms embedded in these networks especially vulnerable to rapid regulatory shifts (Early, 2015; Farrell & Newman, 2019). As Hufbauer et al. (2020) argue, modern sanctions regimes operate with compressed timelines and ambiguity by design, forcing firms to infer regulatory intent before explicit designation.

Compliance evolves from a reactive legal function into a strategic intelligence capability. Scenario analysis, geopolitical foresight, and continuous monitoring of state behavior become necessary to anticipate regulatory exposure and avoid sudden de-risking or stranded assets (Blackwill & Harris, 2016).

The traditional view of compliance—as a retrospective, “box-ticking” legal exercise—is increasingly challenged in scholarly literature. Research in governance, risk, and compliance shows that compliance is becoming integrated with strategic risk management and enterprise intelligence, rather than operating in isolation as a backward-looking control function (see e.g., López & Hildebrandt, 2024).

This shift reflects broader trends in anticipatory governance and predictive risk analytics, where organisations face multidimensional risks that cannot be effectively managed through retrospective controls alone. Methods such as horizon scanning, scenario analysis, and predictive analytics—long staples in strategic foresight literatures—are now being applied to compliance to anticipate regulatory exposure and emerging risk patterns (Kitsing, 2022; OECD, 2025).

3.1.1. Evolution Toward Intelligence-Driven Approaches

López and Hildebrandt’s (2024) systematic review of formal compliance methods shows that compliance frameworks are progressing beyond simple verification of rules to incorporate continuous monitoring and logic-based reasoning systems that enable real-time enforcement and early warning of potential violations. This represents a movement toward proactive, data-informed compliance management, where intelligence generation is embedded in compliance systems.

3.1.2. Scenario Planning and Strategic Resilience

Kitsing (2022) demonstrates how geopolitical scenario planning can strengthen corporate resilience by systematically anticipating changes in regulatory environments resulting from geopolitical dynamics. Scenario planning here functions as a form of strategic intelligence, enabling organisations to map plausible futures and embed these insights into risk and compliance strategies rather than reacting after the fact.

3.1.3. Anticipatory Governance Principles

In broader governance literature, scholars describe anticipatory governance as a predictive decision-making framework that embeds foresight and early signal detection into organisational processes to proactively manage uncertainty (Fuerth & Faber, 2009; OECD, 2025). When applied to compliance, this concept reinforces the view that compliance functions must operate as strategic intelligence hubs, integrating predictive tools and foresight analysis into their core remit.

3.1.4 What This Means in Practice

These insights converge on a common theme: compliance is no longer a passive cost centre. Instead:

• It integrates technologies and data analytics to anticipate emerging regulatory shifts and threats, effectively serving as an early warning system (López & Hildebrandt, 2024).

• It adopts scenario analysis and foresight techniques from strategic management to map risk trajectories and regulatory exposures (Kitsing, 2022).

• It aligns with anticipatory governance frameworks that privilege prediction and foresight over retroactive enforcement (OECD, 2025).

Together, this scholarly work supports the proposition that compliance has evolved irreversibly from being reactive to being deeply connected to strategic foresight, intelligence, and organisational risk governance.

3.2 Sanctions Regimes Are Expanding and Fragmenting

Sanctions regimes are expanding along two dimensions: scope and jurisdictional reach. Research highlights a move from narrow financial sanctions toward comprehensive controls covering commodities, logistics, dual-use technologies, insurance, and professional services (Drezner, 2015). At the same time, sanctions authority is fragmenting across competing legal systems, producing what scholars describe as “sanctions pluralism” (Schmidt, 2022).

Conflicting obligations—such as U.S. secondary sanctions versus EU blocking statutes or Chinese anti-sanctions laws—create legally irreconcilable compliance environments (Bradford, 2020). Empirical studies show firms increasingly respond through over-compliance, market exit, or structural reorganization rather than legal contestation (Bapat & Morgan, 2009).

Effective compliance requires real-time sanctions intelligence, cross-jurisdictional legal harmonization analysis, and strategic exposure mapping. Firms must assess not only the probability of violation but also the cost of compliance with one regime at the expense of another, turning compliance into a core strategic trade-off rather than a binary legal question.

3.3 Compliance with Intent

Regulatory attention has shifted from formal rule adherence to economic substance and intent, reflecting frustration with circumvention through intermediaries, routing arbitrage, and pricing manipulation. Studies in financial regulation emphasize that enforcement increasingly targets patterns of behavior rather than isolated transactions (Arner et al., 2020).

Research on regulatory governance shows that authorities now rely on inference—pricing anomalies, routing inefficiencies, ownership opacity—to establish intent and knowledge. This aligns with broader trends toward “principles-based enforcement,” where firms are expected to demonstrate understanding of their own commercial logic.

Compliance programs must incorporate transactional intelligence, supply-chain economics, and behavioral red-flag analysis. The compliance function is expected to understand why a transaction occurs, not merely whether it technically clears a screening tool—blurring the boundary between compliance, finance, and operations.

3.4 Supply-Chain Opacity

Global supply chains are increasingly characterized by simultaneous fragmentation and concentration—multiple tiers combined with dependence on a small number of critical nodes (Gereffi, 2018). Kolk (2016) shows that such structures systematically obscure responsibility while amplifying compliance risk, especially in commodities, extractives, and critical materials.

Peer-reviewed research on global value chains demonstrates that opacity is not accidental but often structurally incentivized through subcontracting and jurisdictional arbitrage (Lambin et al., 2018). Regulators now increasingly treat lack of visibility itself as a compliance failure.

End-to-end supply-chain mapping, traceability technologies, and ownership transparency are no longer best practices but baseline regulatory expectations. Compliance must integrate procurement, logistics, and sustainability data into a unified risk architecture.

3.5 ESG and Human Rights as Enforcement Tools

ESG has transitioned from voluntary disclosure to quasi-regulatory enforcement, particularly in relation to human rights, forced labor, and environmental harm. Empirical studies show that ESG-linked enforcement is most effective when reputational, legal, and trade mechanisms are combined (Eccles & Klimenko, 2019).

Human rights due diligence laws and trade restrictions increasingly operationalize normative values into enforceable obligations, collapsing the distinction between ethics and compliance (Ruggie, 2018). Scholars note that misalignment between ESG disclosures and operational reality is now treated as deceptive conduct rather than aspirational failure.

Firms must align ESG governance, compliance, and operations into a single accountability system. ESG compliance becomes legally material, requiring verification, auditability, and operational integration rather than narrative reporting.

3.6 Technology Risk

The automation of compliance through AI and advanced analytics introduces new accountability challenges. Research on algorithmic governance highlights risks related to opacity, bias, and model drift—particularly when automated systems are used for sanctions screening, transaction monitoring, or risk scoring (Krafft & Manhartsberger, 2021).

Regulators increasingly expect firms to explain and defend automated decisions, even when generated by third-party vendors. Peer-reviewed studies emphasize that delegation to technology does not reduce liability and may increase it if governance frameworks are weak (Busch & Henriques, 2020).

3.7 Personal Liability

Finally, the expansion of compliance complexity coincides with rising individual accountability for executives and compliance officers. Research shows that regulators increasingly use personal liability to compensate for institutional opacity and enforcement limitations, particularly in cross-border contexts (Biersteker et al., 2016).

In environments with weakened rule-of-law or politicized enforcement, personal exposure becomes a central governance concern. Studies in corporate governance emphasize that unclear escalation paths and weak documentation amplify individual risk more than substantive violations themselves.

Robust documentation, clear escalation protocols, and well-defined governance frameworks are essential not only for organizational compliance but for personal risk mitigation. Compliance is no longer solely an institutional shield—it is an individual one.

3.8 The Strategic Reconstitution of Compliance in the Global Political Economy

Across these dimensions, compliance is no longer a peripheral control function. It is becoming:

• Predictive rather than reactive

• Substantive rather than formal

• Geopolitical rather than purely legal

• Personally consequential rather than institutionally diffuse

This reconfiguration places compliance at the intersection of strategy, ethics, and power—fundamentally reshaping how firms engage with the global political economy.

4. Conclusion

Compliance has undergone a profound reconstitution, moving from a peripheral, reactive legal safeguard to a strategically integrated, forward-looking, and ethically substantive capability. Across geopolitical, regulatory, technological, and supply-chain dimensions, firms can no longer rely on formal adherence alone; they must anticipate risks, interpret regulatory intent, and integrate intelligence into operational decision-making.

Key insights emerging from recent literature indicate that:

1. Predictive Intelligence is essential: Firms must employ scenario planning, horizon scanning, and real-time monitoring to anticipate regulatory shifts, sanctions, and geopolitical disruptions.

2. Substantive engagement is required: Compliance is increasingly judged on economic purpose, transaction logic, and supply-chain understanding rather than procedural conformity.

3. Compliance is geopolitical: Firms operate at the intersection of state strategy and corporate governance, where regulatory regimes are fragmented, overlapping, and used as instruments of power.

4. Personal accountability is rising: Executives and compliance officers face direct liability, making governance, documentation, and escalation protocols critical to both organisational and individual protection.

Together, these trends position compliance not merely as a risk-management function but as a strategic, ethical, and operational lens through which firms navigate the global political economy. Organisations that successfully integrate predictive, substantive, geopolitical, and personally accountable compliance frameworks are better equipped to mitigate risk, sustain legitimacy, and maintain resilience in an increasingly complex and volatile international business environment.

References

Abely, C. (2023) Extraterritoriality, in The Russia Sanctions: The Economic Response to Russia’s Invasion of Ukraine, Cambridge: Cambridge University Press.

Aguilera, R.V. & Walker, L.P., 2024. Sanctions in an Era of Strategic Competition. In: V. K. Aggarwal & T. M. Cheung, eds. The Oxford Handbook of Geoeconomics and Economic Statecraft. Oxford: Oxford University Press, pp.319–334.

Arner, D.W., Barberis, J. & Buckley, R.P., 2020. FinTech, RegTech and the Reconceptualization of Financial Regulation. Northwestern Journal of International Law & Business, 37(3), pp.371–413.

Arner, D.W., Barberis, J. and Buckley, R.P. (2020), The evolution of FinTech: A new post-crisis paradigm?, Georgetown Journal of International Law, 47(4), pp. 1271–1319.

Bapat, N.A. and Morgan, C.T. (2009) Multilateral versus unilateral sanctions reconsidered: A test using new data, International Studies Quarterly, 53(4), pp. 1075–1094.

Basel Institute on Governance, (2022). Global Compliance Trends Report 2022. Basel: Basel Institute.

BCG - Natasha Peacock and Tim Mohin, (2024). Companies Must Address Human Rights in Supply Chains. Boston Consulting Group.

Biersteker, T., Eckert, S. & Tourinho, M., (2016). Targeted Sanctions: The Impacts and Effectiveness of United Nations Action. Cambridge: Cambridge University Press.

Blackwill, R.D. and Harris, J.M. (2016), War by other means: Geoeconomics and statecraft. Cambridge, MA: Harvard University Press.

Boeken Jasmijn, (2024). From compliance to security, responsibility beyond law

Bradford, A. (2020) The Brussels effect: How the European Union rules the world. Oxford: Oxford University Press.

Busch, D. and Henriques, M. (2020) Regulating artificial intelligence in financial services, Journal of Financial Regulation, 6(2), pp. 203–215

ComplianceCheck, 2023. Lieferkettensorgfaltspflichtengesetz – Menschenrechte, Umweltschutz in der Lieferkette. ComplianceCheck.

Drezner, D.W. (2015), Targeted sanctions in a world of global finance, International Interactions, 41(4), pp. 755–764.

Early, B.R. (2015) Busted sanctions: Explaining why economic sanctions fail. Stanford, CA: Stanford University Press.

Eccles, R.G. & Klimenko, S., 2019. The Investor Revolution: Shareholders and ESG. Harvard Business Review, 97(3), pp.106–116.

Farrell, H. and Newman, A.L. (2019) Weaponized interdependence: How global economic networks shape state coercion, International Security, 44(1), pp. 42–79.

Fuerth, L.S. and Faber, M. (2009) Anticipatory Governance: Practical Up-Front Policy Making in the Federal Government. Washington, DC: Woodrow Wilson International Center for Scholars

Gereffi, G. (2018) Global value chains and development: Redefining the contours of 21st century capitalism, Cambridge Journal of Regions, Economy and Society, 11(1), pp. 61–75.

Gunningham, N. & Sinclair, D., 2017. Smart Regulation. In: P. Drahos (ed.), Regulatory Theory: Foundations and Applications. Canberra: ANU Press, pp.133–148.

Gunningham, N., 2020. Enforcing Corporate Environmental and Social Responsibility. Oxford: Oxford University Press.

Gunningham, N., Kagan, R.A. & Thornton, D., 2012. Social License and Environmental Regulation: Lessons from Theory and Practice. In: Regulatory Enforcement and Compliance, pp.355–379.

Hogan Lovells, 2023. ESG‑Compliance: Das Lieferkettengesetz und seine Compliance‑Risiken.

Hufbauer, G.C., Schott, J.J. & Elliott, K.A., 2020. Economic Sanctions Reconsidered. 4th ed. Washington DC: Peterson Institute.

Hurt, J., Ledebur, K., Meyer, B., Friesenbichler, K., Gerschberger, M., Thurner, S. & Klimek, P., 2023. Supply Chain Due Diligence Risk Assessment for the EU: A Network Approach to Estimate Expected Effectiveness of the Planned EU Directive

Kitsing, M. (2022), Geopolitical risk and uncertainty: how transnational corporations can use scenario planning for strategic resilience, Transnational Corporations Review, 14(4), pp. 1–14.

Kolk, A., 2016. The Social Responsibility of International Business: From Ethics and the Environment to CSR and Sustainable Development. Journal of World Business, 51(1), pp.23–34.

Krafft, M. and Manhartsberger, C. (2021) Algorithmic governance and accountability in AI-based decision-making, Business & Information Systems Engineering, 63(5), pp. 539–552.

Krafft, T. & Manhartsberger, C., 2021. AI in Compliance: Risks, Models and Auditability. Journal of Financial Compliance, 5(2), pp.112–129.

Kuiper, M.E. et al., 2022. A network approach to compliance: A complexity science understanding of how rules shape behavior. Journal of Business Ethics, 184(2), pp.479–504.

Lambin, E.F., Gibbs, H.K., Heilmayr, R., Carlson, K.M., Fleck, L.C., Garrett, R.D., le Polain de Waroux, Y., McDermott, C.L., McLaughlin, D., Newton, P. and Walker, N.F. (2018) ‘The role of supply-chain initiatives in reducing deforestation’, Nature Climate Change, 8(2), pp. 109–116.

López, H.A. and Hildebrandt, T.T. (2024) Three Decades of Formal Methods in Business Process Compliance: A Systematic Literature Review. arXiv, 2410.10906.

Morgan, P., Syropoulos, C. & Yotov, Y., 2023. Global Sanctions Database and Analysis of Sanctions as Geoeconomic Tools. In: Geoeconomics and Conflict. (Global Sanctions Database, pp.1–26).

Organisation for Economic Cooperation and Development (OECD) (2024), Global Corporate Sustainability Report 2024, Paris: OECD Publishing.

Organisation for Economic Cooperation and Development (OECD) (2025) Strategic Foresight Toolkit for Resilient Public Policy. Paris: OECD Publishing.

Organisation for Economic Co‑operation and Development (OECD), 2021. Risk‑based regulation. OECD Regulatory Policy Outlook 2021

Pinnington, B., Benstead, A. & Meehan, J., 2023. Transparency in Supply Chains (TISC): Assessing and Improving the Quality of Modern Slavery Statements. Journal of Business Ethics, 182(3), pp.619–636.

Ringe, W.G. & Ruof, T., 2022. Artificial Intelligence and Corporate Compliance. European Business Organization Law Review, 23(1), pp.1–29.

Ruggie, J.G. (2018) Multinationals as global institution: Power, authority and relative autonomy. Abingdon: Routledge.

Ruys, T. & Rodríguez Silvestre, F. (2024) Secondary Sanctions after Russia’s Invasion of Ukraine, in The Cambridge Handbook of Secondary Sanctions and International Law, Cambridge: Cambridge University Press.

Schmidt, J. (2022) ‘The legality of unilateral extra-territorial sanctions under international law’, Journal of Conflict and Security Law, 27(1), pp. 53–81

UK Government, 2023. Transparency in Supply Chains (TISC): statutory guidance. GOV.UK.

van Bergeijk, P.A.G., 2021. Sanctions and International Policy Instruments: A Survey of Literature and Practice. Geoeconomics, pp.1–184.