As 2023 begins, we’re taking stock of the last 12 months in supply chain news and trends. From increased regulation of environmental, social, and corporate governance (ESG) to geopolitical disruptions and cybersecurity threats, 2022 has been a busy and sometimes tumultuous year for supply chains and the corporations and countries that manage them.
Below we review the year’s biggest trends, priorities, and disruptions and share our forecasts as we look ahead in 2023.
The past year has seen growing momentum from governments to promote ethical and sustainable supply chains. This includes a bigger focus on transparency to prevent corporate greenwashing and hold companies accountable to their ESG commitments.
Here are a few of the biggest laws and proposals this year:
The SEC released a climate disclosure proposal in March 2022 in an effort to standardize how companies report and manage their ESG initiatives. The proposed legislation will require publicly traded companies to report key climate-related information, including:
Currently, the proposal only applies to public companies that have ESG initiatives in place. However, it signals a growing commitment from the U.S. government to address climate and sustainability issues along the supply chain.
The Uyghur Forced Labor Prevention Act (which went into effect in June 2022) aims to prevent goods made by forced labor in the Xinjiang region of China from entering the U.S. market. Forced labor in China has a far-reaching impact on global supply chains—with countries (including the U.S.) importing millions of dollars worth of goods each year from the Xinjiang region alone. Among the biggest exports that permeate supply chains are:
The legislation enforces a policy of “rebuttable presumption,” which means all imports from the region are assumed to be connected to forced labor and cannot be admitted into the U.S. without approval by U.S. Customs and Border Protection.
This shifts the burden of proof to the importer. Companies with suppliers based in Xinjiang must provide due diligence to demonstrate their products are not sourced from Xinjiang or, if they are, that they are not produced by forced labor.
The Biden-Harris Administration also took further action this year with a proposed rule to address greenhouse gas emissions (GHG) and protect the federal government’s supply chain from climate-related financial risks.
The proposed Federal Supplier Climate Risks and Resilience Rule would require major federal contractors to disclose:
It would also require contractors to set emissions reduction targets.
As a key part of the President’s Sustainability Plan, the rule will cover approximately 85% of federal supply chain emissions. It will also help the government increase resilience and reduce costs in support of a comprehensive strategy to measure, disclose, manage, and mitigate climate-related risks to the U.S.
Biden-Harris Administration Proposes Plan to Protect Federal Supply Chain from Climate-Related Risks
In February 2022, the European Commission proposed legislation that would introduce mandatory supply due diligence obligations for both EU and non-EU companies that meet certain criteria.
The Directive on Corporate Sustainability Due Diligence (CSRD) builds on the EU’s Non-Financial Reporting Directive (NFRD) to cover more companies and expand disclosure and due diligence requirements with respect to human rights and environmental standards. The CSRD will make sustainability reporting more consistent while enforcing reliable and transparent disclosures from companies doing business in the EU.
ESG in the News: Current Trends and Policies Impacting Supply Chain Sustainability
The Norwegian Transparency Act went into effect this year on July 1. The goal of the legislation is to promote corporate respect for human rights and fair labor conditions within company supply chains and increase public access to ESG information. The law applies to larger Norwegian enterprises as well as larger foreign companies that offer goods and services in Norway.
The main requirements include:
Europe and North America are not the only global actors making progress on ESG policy. China released voluntary ESG guidelines this year for domestic enterprises. The aim is to establish standardized disclosure practices tailored to China’s ESG priorities.
While the guidelines remain voluntary for now, they represent progress in developing a robust, uniform reporting infrastructure in China.
ESG in the News: Current Trends and Policies Impacting Supply Chain Sustainability
Not all companies are dragging their feet on ESG efforts. Companies like Mars-Wrigley and Procter & Gamble have both made pledges this year to improve sustainability within their operations.
2022 saw a rise in regulatory enforcement with crackdowns on greenwashing and forced labor violations both within and outside the U.S. Here are just a few of the major ones:
A Toyota subsidiary falsified emissions data as far back as 2003: Hino Motors admitted to falsifying emissions and fuel performance data earlier this year. An investigative committee reported that a high-pressure environment contributed to the scandal, as engineers didn’t feel able to challenge superiors when facing unrealistic demands.
Goldman Sachs agreed to pay a $4 million penalty for misleading customers about its ESG investments: The settlement highlights growing enforcement against unsupported claims within the financial industry related to ESG funds.
U.S. blocks sugar shipments from Dominican Republic: In November, the U.S. Customs and Border Protection issued a withhold release order against Central Romana Corporation, a Dominican Republic company that produces sugar, on suspicion of forced labor.
U.S. Customs seized a Uniqlo shipment on suspicion they were sourced from Xinjiang: In May, U.S. Customs seized a shipment of cotton shirts from the Japanese fashion retailer Uniqlo. Officials suspected the garments were made using forced labor from Xinjiang.
A Hyundai subsidiary has been found using child labor in Alabama: After a Guatemalan migrant child disappeared in February, police discovered she and a large cohort of underage workers were working at the SMART factory (a Hyundai subsidiary). While the investigation is ongoing, the discovery demonstrates that the U.S. isn’t immune to ESG compliance laws.
Conflicts around the world have also impacted supply chains on regional and global levels. This has been particularly evident in the Russia-Ukraine war and escalating tensions between the U.S. and China.
While conflicts on another continent can seem far away, their impacts can reverberate globally. That has been the case this year with the Russia-Ukraine War. A whopping 241,000 businesses around the world rely on Ukrainian suppliers. And 90% of them are based in the U.S.
The result has been significant—and sometimes unexpected—disruption in a slew of industries and supply chains, including:
Tensions between the U.S. and China have been growing in recent years. In October, the Biden administration issued a new set of export controls that cut China off from certain semiconductor chips made with U.S. equipment. The measure is intended to slow Beijing’s technological and military advances. However, the rules have also caused widespread disruptions in the supply chain, impacting U.S. aerospace and defense firms.
The COVID-19 pandemic drove massive digital transformation across industries and businesses. That, combined with the Russia-Ukraine War, has led to a drastic increase in cybersecurity threats. This has led to supply chain disruption as well as legislative action to shore up cybersecurity in the public and private sectors.
Cyber attacks always remain a pressing issue, but ransomware attacks, in particular, have been on the rise this year and represent a growing threat. The trend has likely been exacerbated by the Russia-Ukraine War as foreign enemies try to disrupt global supply chains.
The main threat facing governments and corporations is in their supply chains. Today, terrorists are targeting n-tier suppliers (that may be more vulnerable and easier to breach) as a means to gain entry to larger organizations.
Organizations must be vigilant in strengthening supply chain security beyond their own perimeters to include downstream suppliers.
The Growth of Ransomware-as-a-Service & Its Effect on Supply Chain Security
While all industries need to prioritize cybersecurity, some industries have more robust cybersecurity health than others. Craft’s 2022 industry analysis uncovered key findings in cybersecurity postures across industries:
See our Cybersecurity Industry Report here.
While some industries fare better than others overall, attacks on global supply chains occur across all industries.
The Elbit Systems of America breach in June underscores the importance of investing in preventative measures. Elbit Systems is an aerospace and defense organization with large government contracts and access to sensitive data. Attacks on these targets can have serious consequences for national security and infrastructure.
Recent Ransomware Attack on U.S. Aerospace & Defense Firm Highlights Need for Cyber Risk Prevention
In response to the growing cyber threats facing supply chains today, local and national governments around the world have passed legislation aimed at improving cybersecurity and supply chain resilience.
Here are a few of the key bills and proposals passed in 2022:
2022 was marked by growing cyber threats, increased pressure from consumers and governments to regulate and improve ESG standards, and continued shockwaves from geopolitical disruptions and an ongoing pandemic.
As we look to 2023, here are the biggest things to prepare for:
The German parliament passed the Act of Corporate Due Diligence in Supply Chains in 2021, and it will go into effect in 2023. The legislation requires companies to implement strict due diligence systems to protect human rights and the environment within their supply chains. The law will have far-reaching impact on not only German companies but European and international vendors along the supply chain.
Companies need to prepare their due diligence programs and supply chain compliance systems with a focus on risk identification, analysis, mitigation, and disclosure.
Understanding the German Supply Chain Due Diligence Act
We’ve already seen an increased focus on labor laws and enforcement this year. Companies should plan for that trend to continue into 2023.
One of the biggest pieces of legislation coming up is in the E.U. In September, the European Commission issued a proposal to ban products made with forced labor on the E.U. market. The ban is comprehensive, covering all products made in the E.U. as well as imported goods, without targeting specific companies or industries. Once adopted, the legislation will go into effect within 24 months of ratification.
Organizations that have any business connection to the E.U. supply chain should prepare now to comply with this expansive mandate.
How the Recent EU Imports Proposal Reflects Broader Compliance Trends on Forced Labor
Compliance risk extends beyond the primary company to its suppliers. With increased enforcement and public pressure for better ESG, corporations must work with their suppliers to ensure compliance at every level of the supply chain.
This will require improved supplier monitoring and network visibility. Companies need to have the tools and systems in place to:
Ransomware attacks will continue to be a major threat in the coming year. Large firms need to invest more heavily in getting their suppliers, especially SMBs, to strengthen their cybersecurity health.
How To Help Your SMB Suppliers Strengthen their Cybersecurity Health
Even beyond cybersecurity and ESG, procurement and supply chain leaders must take a holistic view of their suppliers and connect the dots on financial health, labor metrics, and more, all in real-time.