Supply chain disruption puts governance to the test
Freight, ethics, cyber, reputation – directors must lead with foresight, not just react when critical links start to fail.
Supply chain risk surged into the spotlight during Covid-19, and rightly so. From freight delays to critical shortages, disruption forced boards to reassess operational resilience and supplier dependencies.
In the 2021 Director Sentiment Survey, 17% of directors cited supply chain disruption as their single biggest organisational risk – a concern that climbed even higher in 2022 when 31% classified it as their single biggest organisational risk and 36.2% named it a top impediment to New Zealand’s economic performance.
But as global logistics stabilised, director focus waned. By 2023, only 6.1% of directors rated supply chain disruption as an economic impediment, and just 1.4% saw it as their top organisational risk.
The 2025 Global Supply Chain Risk Report from WTW reminds us that while the pandemic may have passed, supply chain volatility has not. Geopolitical shocks, sustainability scrutiny, cyberattacks and climate-related disasters are introducing new and complex risks.
The report finds that nearly two-thirds (63%) of businesses experienced higher-than-expected losses in the past year, while fewer than one in 10 feel they have complete control over their supply chain risk exposure. Like cyberattacks, supply chain disruptions are inevitable. The real question for boards is whether they are equipped to anticipate them, contain the damage and recover fast.
Reputational damage has now overtaken short-term commercial impacts, such as lost sales or declining market share (which dominated board concern in WTW’s 2023 survey), to become the most significant risk associated with supply chain disruption.
Closely following is a related consequence, the erosion of customer trust. Together, these findings signal a major shift in how organisations perceive the consequences of supply chain failure – from temporary operational setbacks to longer-term threats to brand equity and stakeholder confidence.
This is a timely reminder that supply chains are no longer hidden, back-office logistics functions. They are visible, scrutinised and increasingly seen as a reflection of an organisation’s values and credibility.
In today’s interconnected and hyper-transparent world, suppliers aren’t just delivering goods, they’re delivering on a company’s social licence to operate. Whether it’s ethical sourcing, climate resilience or human rights compliance, stakeholders expect companies to know what’s happening deep within their supply chains and can stand behind it.
WTW’s report identifies an unsettling trend: although most businesses believe they can control at least part of their supply chain risk, the reality tells a different story. Perceived control is slipping in the face of geopolitical conflict, cyber threats, inflationary pressure and regulatory upheaval.
Cybersecurity has surged as a critical supply chain risk, rising from just 5% in 2023 to 16% in 2025 as a top-ranked concern in WTW’s global survey. This sharp increase reflects growing awareness that cyber threats can enter through third-party suppliers, not just internal systems.
As supply chains become more digitised and data flows more freely between organisations and their vendors, every supplier becomes a potential access point for malicious actors. Far from being just an IT issue, these vulnerabilities carry strategic, legal and reputational consequences.
For boards, this underscores the need to treat cyber resilience as a core governance issue, one that requires oversight of third-party risk, contractual safeguards and coordinated incident response planning across the supply chain.
Yet many boards continue to underestimate their exposure. According to WTW, more than 95% of organisations have made at least some change to their supply chains, but only 14% report having completed a full overhaul, and just 22% believe those changes have greatly improved the robustness of their supply chains. The vast majority are focused on incremental, fine-tuning improvements.
Post-pandemic, many organisations turned to diversification – onshoring, near-shoring and expanding supplier networks – to build resilience. But diversification without due diligence can simply replace one risk with another.
Rapidly onboarding new suppliers, particularly in unfamiliar jurisdictions, can introduce hidden risks, including human rights violations, environmental non-compliance and weak cyber hygiene. With international regulation tightening, including EU and UK supply chain laws and Australia’s Modern Slavery Act, boards are facing growing compliance and reputational risks.
Locally, the 2024 Director Sentiment Survey paints a picture of short-term focus. With financial pressures top of mind, many boards are concentrating on cost control, productivity and viability. Only 5.1% of directors identified supply chain transparency as a top strategic issue.
Yet the risk is real. Risks are increasing around modern slavery, greenwashing and sustainability-related trade requirements. New Zealand’s free trade agreements increasingly include labour and sustainability clauses. Businesses that can’t demonstrate robust oversight could lose market access or public trust. With workforce migration, political polarisation and natural disasters adding further layers of volatility, supply chain scrutiny will only intensify.
The stakes are high, but so are the opportunities. Boards that lead with foresight, oversight and courage will not only avoid risk, but they will also build resilience, enhance brand trust and future-proof their organisation.
Supply chain disruption is not just a logistical challenge; it’s a governance test. And while no board can predict the next ‘black swan’ event, every board can choose to prepare.
Considerations for directors
-
- Do we have visibility across our full supply chain beyond Tier 1 (direct) suppliers?
- Are our suppliers aligned with our social and environment sustainability values, and how do we know?
- Is cyber risk being assessed across our vendors and logistics partners?
- Are we prepared for scrutiny under international reporting standards and trade and market requirements, such as the EU’s Corporate Sustainability Reporting Directive, Australia’s Modern Slavery Act, and the UK’s Supplier Code of Conduct?
- Do we understand the reputational impacts of a supply chain failure, and do we have a crisis plan?
* AI assisted
