Supply Chains and the Multiverse of Risk

By Mark Nuttall, Director – Risk Solutions, Thomson Reuters


From your breakfast cereal (Bienenfeld et al., 2016) to the world of illicit substances (Miltenburg, 2018), most property (both tangible and intangible) requires complex transactional supply chains for the local, regional, and global economies to function (Isik, 2010), and for you as an individual to produce and consume. We must remember that this is inclusive of thoughts and intellectual property (Ghamat et al., 2021), and I am aware that as I produce this report on a computer (Apple Inc, 2022) made of tangible and intangible elements including hardware, software, and SaaS, alongside the powering and communicative elements (Simoes, Huppes and Seixas, 2015), that I am a consumer and a producer in very large and multitudinal supply chains (Hardaker and  Graham, 2008). 

Would a lay individual or most of the population understand the intricacies of the supply chains that have provided me with the tools and utilities to complete this work, or what supply chains my work will go through or how it will be digested, copied, printed, cited, or referred to?

The answer is fundamentally no, however a lay individual would have expectations of traceable diligence and would expect this of organisational constructs and professionals (Ageron, Bentahar and Gunasekaran, 2020). These organisations and professionals, dependent on jurisdiction and sector, are subject to regulation, governance, profit and loss protection frameworks (Buhr, 2017), and their own internal Environmental, Social, and corporate Governance (ESG) standards (Gualandris et al., 2021).

Environmental, Social, and Corporate Governance (ESG)

 – Checking at every level

What does this mean and why should you care? Well in most countries, ESG standards are being hardened (Whittaker, 2021), and the future is becoming increasingly regulated in this area through geopolitical influence. 

Singapore was one of the first countries to implement environmental risk guidelines for banks, asset managers, and insurers, through the Monetary Authority of Singapore (MAS), to deal directly with natural resource organisations and supply chain clients (Monetary Authority of Singapore, 2020). 

On a softer note, the European Securities and Markets Authority (ESMA) has taken a different influencing stance in publishing a roadmap of activities in 2022 to deal with transparency, green-washing, and stress-testing of sustainable finance products (European Securities and Markets Authority, 2022). 

Whichever way this is analysed, the call is for a deeper and more considered evaluation of the supply chain, and all matters vending (Anin, Boso and Asamoah, 2021). This also falls in line with the requirements of goods entry regimes such as STP+ in Singapore (Singapore Customs, 2022) and CTPAT in the United States (U.S. Customs and Border Protection, 2021), which require a complete and holistic review of the entire shipping (both onshore and offshore), security, human resource, and vending process. 

Enhanced traceability and due diligence

Schemes such as STP+ and CTPAT, give organisations the opportunity to have a trusted and rapid goods entry relationship with the respective countries that they have been accepted as having enhanced traceability and diligence levels with (Li, 2014). 

The process is cyclical, and albeit for those organisations who have been granted enhanced import and export permissions through schemes such as STP+ and CTPAT, the supply chain can be disrupted when a lack of due-diligence and threat intelligence, leads to malfeasance and calamity (Sibanda, Zindi and Maramura, 2020).  

Impact of supply chain security measures

The requirement to conduct remedial exercises of securitisation within the logistical chain combined with having to undergo a full audit of a product catalogue and organisational supply chain processes and policies (Gonzalez-Padron, 2016), can fundamentally slow down and even halt the end-to-end processes within each stage of agriculture, manufacturing, logistical supply, consumptive supply and purchasing (Frost et al., 2021). This then impacts the further use of component products within other products, especially when taking into consideration natural disaster security threat assessment matters (Inman and Blumenfeld, 2014). 

When combined with the effects of the events such as a global pandemic, this can have a direct effect on us all as consumers, employees, organisational professionals, and familial entities, and so when engaging as professionals, we need to recognise that our decisions have a range of cascaded impacts (Guan et al., 2020). 

Although conducting threat intelligence reviews, assessments, and due diligence has initial outlay and ongoing costs, this is nothing in comparison to the costs and reputational risks associated with ignorance or malfeasance (Greer and  Purvis, 2016).

In short supply

Semiconductor chip shortages have been slow-burning small-column news for a significant period, with the blame being laid squarely at the foot of the 2019-2022 pandemic, and varied government decisions to close the shutters on a global basis (Ivanov, 2021). Although this is a contributing factor, there are also other geopolitical considerations to be taken note of, such as how the productive supply chain is typically split across a range of geographies, alongside the sourcing of raw material such as silicon, and now with more advanced chipsets, rare earths (Khan, 2021). 

Rare earth materials are typically located in areas which are consistent with geopolitical debates, sanctioned entities, nefarious and obscure financial dealings, and ultimately the provision of questionable human labour practices (Wan, 2019). 

Returning to the effects of the 2019-2022 pandemic and continued endemic, the globalised supply chain has suffered from its own success (Medina-Serrano et al., 2021). Globalisation previously meant that Multinational Corporations (MNC’S) could set up shop in most locations around the world, either in substance, by joint venture, via franchise, or through a proxy.

Often in a rush to market, or for dominance, many of the due-diligence requirements, supply chain mapping, securitisation, and threat intelligence processes and checks could potentially have been glided over with a tick-box mentality, if at all implemented dependent on jurisdiction (Pandey, Singh and Gunasekaran, 2021). 

It is clear that the demand for technology is reaching a critical point, and that the race to digitalisation by geopolitical influencers, governments (Hantrais et al., 2021), and MNC’s is fuelling the supply chain meltdown (Sheffi, 2021). There is also a conflicting position posited within the ESG space (Tscherning and Chapman, 2021), that electric vehicles are to take over from combustible vehicles (Kaunda, 2020), and as a result the transportation market is currently being regulated in many jurisdictions to reflect this (IEA, 2021). 

Where these policies collide with the supply chains, with the combustible tinder of the lack of associated relevant due-diligence and threat intelligence requirements (Wilson, 2018), the result could resemble a meltdown of globally significant proportions. If the supply chain cannot keep up at this point of inflection, how can it keep up into the future when digitalisation is mandated, and vehicles must by decree, be electric?

The mixing pot of micro and macro

Any supply chain is a roller-coaster of checks and balances (Lei et al., 2021), which require consistent and holistic review processing, and detailed project/program/portfolio management with the associated range of quality assurance and control expected. 

These typically should all have risk management procedures built into the standard processes, as the relevant institutes and associations which standard-set all place risk management as a priority issue which should be embedded within all documentation, project stages, and processes (Project Management Institute, 2022). 

In this vein, detailed due diligence and threat intelligence on soft-service vendors, contractors, staff, investors, logistics providers, raw material and hard-service vendors, regions and locality, geopolitics, local matters of issue, and technological should be conducted (Ooms, 2022), and in a thorough manner (Smith-Roberts et al., 2021). 

The reality of this is a different matter, however, as can be seen at a macro level in the case of the 1MDB scandal, and at almost every micro level when the complexities are reviewed in relation to the lack of diligence conducted on the organisations, products, people, vendors, and contractors (Abadi, 2021). This is inclusive of the mixing of funds, assets, and resources from the natural resource sector and their associated supply chains, which was subject to media reporting and alerted the relevant authorities on an international basis to criminal recidivism which needed to be dealt with by a multitude of organisations and individuals (Siddiquee and Zafarullah, 2022). 

The situation displayed the power of supply chain ignorance (Carroll, 2021), as the lack of threat intelligence, assessment, due diligence, and lack of understanding of the supply chain resulted in worldwide reputational risk, and financial and prosecutorial penalties (Chen, 2019).

Shoring up the defences

The high-level and rapid commentary around supply chain activities, their symbiosis with everyday life (De Angelis, Howard and Miemczyk, 2018) and the reverberating impacts upon everything from geopolitical relations to breakfast cereal (Lu and Koufteros, 2017), gives a taste of the complexity of reviewing and securitising this overarching domain.

It is with very little doubt that supply chains require detailed and substantial diligence (Franck, 2007), with threat profiling and intelligence at the heart of any reporting or reviews. It is vital to societies across every jurisdiction that supply chains don’t have any broken or weak links, and that producers, suppliers, logistics providers, purchasers, and manufacturers maintain their respective responsibilities to prevent malfeasance (Bechtsis et al., 2021).

On the lips of the geopolitical community is food security, food exploitation (Friel, 2021), water security, utility security, counterterrorism, forced labour and exploitation (Islam, Deegan and Gray, 2018), human trafficking, illicit substances, fraud, money laundering, digital assets (Lo, 2021) and the metaverse, sanctioned entities, munitions supply, and the list goes on.


Abadi, A.M. (2021) ‘Kleptocracy, strategic corruption, and defence policymaking: the impact of Najib Razak’s 1MDB scandal on Malaysia’s defence relationship with China (2015–2017)’, Contemporary Politics, 27(5), pp. 508–527. doi:10.1080/13569775.2021.1917163. 

Ageron, B., Bentahar, O. and Gunasekaran, A. (2020) ‘Digital supply chain: challenges and future directions’, Supply Chain Forum: An International Journal, 21(3), pp. 133–138. doi:10.1080/16258312.2020.1816361. 

Anin, E.K., Boso, N. and Asamoah, D. (2021) ‘Moderating effect of supply chain complexity in governance mechanisms and operational performance relationship: Evidence from a subSaharan African market.’, Africa Journal of Management, 7(3), pp. 400–422. Available at: 

Apple Inc (2022) Supplier Responsibility, Apple (Singapore). Available at: (Accessed: 18 February 2022). 

Bechtsis, D. et al. (2021) ‘Data-driven secure, resilient and sustainable supply chains: gaps, opportunities, and a new generalised data sharing and data monetisation framework’, International Journal of Production Research, pp. 1–21. doi:10.1080/00207543.2021.1957506. 

Bienenfeld, J.M. et al. (2016) ‘Country of origin labeling for complex supply chains: the case for labeling the location of different supply chain links.’, Agricultural Economics, 47(2), pp. 205–213. Available at: 

Buhr, B. (2017) ‘Assessing the sources of stranded asset risk: a proposed framework’, Journal of Sustainable Finance & Investment, 7(1), pp. 37–53. doi:10.1080/20430795.2016.1194686. 

Carroll, T. (2021) ‘Capitalism, Conflict and Contradiction: Southeast Asia’s Development and the Reorganisation of Production’, Journal of Contemporary Asia, 51(2), pp. 207–232. doi:10.1080/00472336.2020.1734227. 

Chen, V. (2019) ‘Enforcement of directors’ duties in Malaysia and Australia: the implications of context’, Oxford University Commonwealth Law Journal, 19(1), pp. 91–117. doi:10.1080/14729342.2019.1616942. 

De Angelis, R., Howard, M. and Miemczyk, J. (2018) ‘Supply chain management and the circular economy: towards the circular supply chain’, Production Planning & Control, 29(6), pp. 425–437. doi:10.1080/09537287.2018.1449244. 

European Securities and Markets Authority (2022) ESMA prioritises the fight against greenwashing in its new Sustainable Finance Roadmap. Available at: (Accessed: 21 February 2022). 

Franck, C. (2007) ‘Framework for Supply Chain Risk Management’, Supply Chain Forum: An International Journal, 8(2), pp. 2–13. doi:10.1080/16258312.2007.11517178. 

Friel, S. (2021) ‘Redressing the Corporate Cultivation of Consumption: Releasing the Weapons of the Structurally Weak.’, International Journal of Health Policy & Management, 10(12), pp. 784–792. Available at: 

Frost, K. et al. (2021) ‘Environmental impacts of a circular recovery process for hard disk drive rare earth magnets.’, Resources, Conservation & Recycling, 173, p. N.PAG-N.PAG. Available at: 

Ghamat, S. et al. (2021) ‘Using intellectual property agreements in the presence of supplier and third-party copycatting.’, European Journal of Operational Research, 291(2), pp. 680– 692. Available at: 

Gonzalez-Padron, T.L. (2016) ‘Ethics in the Supply Chain: Follow-Up Processes to Audit Results.’, Journal of Marketing Channels, 23(1/2), pp. 22–33. Available at: 

Greer, B.T. and Purvis, J.G. (2016) ‘Corporate supply chain transparency: California’s seminal attempt to discourage forced labour’, The International Journal of Human Rights, 20(1), pp. 55–77. doi:10.1080/13642987.2015.1039318. 

Gualandris, J. et al. (2021) ‘The association between supply chain structure and transparency: A large-scale empirical study.’, Journal of Operations Management, 67(7), pp. 803–827. Available at: 

Guan, D. et al. (2020) ‘Global supply-chain effects of COVID-19 control measures’, Nature Human Behaviour, 4(6), pp. 577–587. doi:10.1038/s41562-020-0896-8. 

Hantrais, L. et al. (2021) ‘Covid-19 and the digital revolution’, Contemporary Social Science, 16(2), pp. 256–270. doi:10.1080/21582041.2020.1833234. 

Hardaker, G. and Graham, G. (2008) ‘Community of self-organisation: supply chain perspective of Finnish electronic music.’, International Journal of Technology Management, 12 44(1–2), pp. 93–114. Available at: 

IEA (2021) Global EV Outlook 2021. Paris, France: IEA. Available at: 

Inman, R.R. and Blumenfeld, D.E. (2014) ‘Product complexity and supply chain design.’, International Journal of Production Research, 52(7), pp. 1956–1969. Available at: 

Isik, F. (2010) ‘An entropy-based approach for measuring complexity in supply chains.’, International Journal of Production Research, 48(12), pp. 3681–3696. Available at: 

Islam, M.A., Deegan, C. and Gray, R. (2018) ‘Social compliance audits and multinational corporation supply chain: evidence from a study of the rituals of social audits’, Accounting and Business Research, 48(2), pp. 190–224. doi:10.1080/00014788.2017.1362330. 

Ivanov, D. (2021) ‘Supply Chain Viability and the COVID-19 pandemic: a conceptual and formal generalisation of four major adaptation strategies’, International Journal of Production Research, 59(12), pp. 3535–3552. doi:10.1080/00207543.2021.1890852. 

Kaunda, R.B. (2020) ‘Potential environmental impacts of lithium mining’, Journal of Energy & Natural Resources Law, 38(3), pp. 237–244. doi:10.1080/02646811.2020.1754596. 

Khan, S. (2021) The Semiconductor Supply Chain: Assessing National Competitiveness. Georgetown University, Washington DC, USA: Center for Security and Emerging Technology, p. 98. Available at: 

Lei, Z. et al. (2021) ‘Modelling of risk transmission and control strategy in the transnational supply chain.’, International Journal of Production Research, 59(1), pp. 148–167. Available at: 

Li, T.-S. (2014) ‘Establishing an integrated framework for security capability development in a supply chain’, International Journal of Logistics Research and Applications, 17(4), pp. 283– 303. doi:10.1080/13675567.2013.861396. 

Lo, A.W. (2021) ‘The Financial System Red in Tooth and Claw: 75 Years of Co-Evolving Markets and Technology’, Financial Analysts Journal, 77(3), pp. 5–33. doi:10.1080/0015198X.2021.1929030. 

Lu, G. and Koufteros, X. (2017) ‘Toward a Taxonomy of Food Supply Chain Security Practices’, Journal of Marketing Channels, 24(3–4), pp. 190–203. doi:10.1080/1046669X.2017.1393237. 

Medina-Serrano, R. et al. (2021) ‘Do risk events increase supply chain uncertainty? A case study’, Economic Research-Ekonomska Istraživanja, pp. 1–19. doi:10.1080/1331677X.2021.2016462. 

Miltenburg, J. (2018) ‘Supply chains for iilicit products: Case study of the global opiate production networks.’, Cogent Business & Management, 5(1), pp. 1–1. Available at: 

Monetary Authority of Singapore (2020) Guidelines on Environmental Risk Management for Banks. Available at: (Accessed: 21 February 2022). 

Ooms, M.E.A.A.M. (2022) ‘Risk-based due diligence reporting in global mineral supply chains and the rule through transparency’, The Theory and Practice of Legislation, pp. 1–19. doi:10.1080/20508840.2022.2033943. 

Pandey, S., Singh, R.K. and Gunasekaran, A. (2021) ‘Supply chain risks in Industry 4.0 environment: review and analysis framework’, Production Planning & Control, pp. 1–28. doi:10.1080/09537287.2021.2005173. 

Project Management Institute (2022) PMBOK Guide | Project Management Institute. Available at: (Accessed: 21 February 2022). 

Sheffi, Y. (2021) What Everyone Gets Wrong About the Never-Ending COVID-19 Supply Chain Crisis, MIT Sloan Management Review. Available at: (Accessed: 21 February 2022). 

Sibanda, M.M., Zindi, B. and Maramura, T.C. (2020) ‘Control and accountability in supply chain management: Evidence from a South African metropolitan municipality’, Cogent Business & Management, 7(1). Available at: 

Siddiquee, N.A. and Zafarullah, H. (2022) ‘Absolute Power, Absolute Venality: The Politics of Corruption and Anti-corruption in Malaysia’, Public Integrity, 24(1), pp. 1–17. doi:10.1080/10999922.2020.1830541. 

Simoes, S., Huppes, G. and Seixas, J. (2015) ‘A Tangled Web: Assessing overlaps between energy and environmental policy instruments along the electricity supply chain.’, Environmental Policy & Governance, 25(6), pp. 439–458. Available at: 

Singapore Customs (2022) Secure Trade Partnership (STP) & STP-Plus. Available at: (Accessed: 21 February 2022). 

Smith-Roberts, A. et al. (2021) ‘“All that glitters is not gold”: the effects of the COVID-19 pandemic on artisanal and small-scale gold mining and supply chains in Peru’, Journal of Energy & Natural Resources Law, 39(4), pp. 489–527. doi:10.1080/02646811.2021.1895526. 

Tscherning, R. and Chapman, B. (2021) ‘Navigating the emerging lithium rush: lithium extraction from brines for clean-tech battery storage technologies’, Journal of Energy & Natural Resources Law, 39(1), pp. 13–42. doi:10.1080/02646811.2020.1841399. 

U.S. Customs and Border Protection (2021) CTPAT: Customs Trade Partnership Against Terrorism, U.S. Customs and Border Protection. Available at: (Accessed: 21 February 2022). 

Wan, E. (2019) ‘Labour, mining, dispossession: on the performance of earth and the necropolitics of digital culture’, International Journal of Performance Arts and Digital Media, 15(3), pp. 249–263. doi:10.1080/14794713.2019.1669358. 

Whittaker, D.H. (2021) ‘Beyond secular stagnation: A digital and green economy?’, The Japanese Political Economy, pp. 1–22. doi:10.1080/2329194X.2021.2012806. 

Wilson, J.D. (2018) ‘Whatever happened to the rare earths weapon? Critical materials and international security in Asia’, Asian Security, 14(3), pp. 358–373. doi:10.1080/14799855.2017.1397977.

About the author

Mark Nuttall CAMS CPP PMP

Mark Nuttall is Director of Risk solutions for Thomson Reuters in the Asia and Emerging Markets region. With an extensive counter-crime and risk background and over 20 years’ experience in global risk management, anti-financial crime, and international security, Mark is a renowned expert in his field.

Marks holds an MA in International Security, is a Certified Anti-Money Laundering Specialist (CAMS), Certified Protection Professional (CPP), and has managed corporate projects through his qualification as a Project Management Professional (PMP).

All the above is compounded by his professional expertise base as a risk, security, and geopolitics expert, as quantified by the Global Institute against Transnational Organised Crime (GI-TOC), and published works of academia.

As an active member of Singapore Institute of Directors, Mark offers his deep corporate understanding to peers and advises businesses on navigating complex supply chain and risk assessment ventures. He is a fellow and member of many other associations and institutes, both in terms of corporate activity, as well as security, geopolitics, military matters, and AML/Compliance, and so is well placed to advise on this basis.

Download your digital PDF copy of the whitepaper below.