Top Geopolitical Risks Facing Businesses in 2026: What Boards, Principals, and Investment Committees Should Be Watching

What This Outlook Is — and Is Not

Annual geopolitical risk lists tend to recycle the same headlines: great-power competition, the Middle East, election cycles, sanctions. They are accurate at the level of generality and useless at the level of decision-making. The companies that lose money to geopolitics in 2026 will not lose it because they did not see "tensions in Asia" coming. They will lose it because they failed to translate visible structural conditions into specific decisions about counterparties, capital, supply, personnel, and timing.

This outlook is written for principals, general counsel, board members, and investment committees who need to translate the geopolitical environment into action. It is structured around the risks I assess as most likely to produce material corporate consequences in 2026 — not the most newsworthy. For each, the question is not what is happening but what does this mean for the decisions a leadership team will need to make this year. The methodology is the same one applied to a client-specific scenario plan: structural drivers, observable indicators, and the decisions the indicators should prompt.

1. Contested Political Transitions in High-Exposure Jurisdictions

Several jurisdictions where Western corporates and investors hold material exposure are entering or exiting leadership transitions in 2026 — through scheduled elections, succession events, factional realignment, or constitutional change. The corporate consequences of contested transitions are rarely the transitions themselves. They are the policy reversals, expropriation pressure, contract renegotiation campaigns, regulatory weaponization, and selective enforcement that follow.

The mistake is to treat each transition as a country-specific event. The pattern is general: incoming administrations have strong incentives to extract from foreign-held positions, and the framework that protected the position under the previous government is precisely what the new government will want to revisit. Organizations with material exposure to transition jurisdictions in Latin America, the Middle East, and South Asia should be running active transition-risk planning now — not after the new administration takes office.

What to watch: specific cabinet appointments in finance, energy, and justice ministries; early administrative actions affecting foreign-held licenses; rhetorical shifts on contracts signed by predecessors; the staffing of regulatory bodies that touch your operations. What to decide: which positions warrant pre-transition restructuring, which counterparties require diversification, and what contingencies belong in the crisis response framework.

2. The Sanctions Regime as an Active, Not Static, Environment

The sanctions environment that corporates managed in 2024 is not the one they are managing in 2026. Designations are being added and removed at a pace that has outrun many compliance programs. Secondary sanctions, sectoral sanctions, and counter-sanctions interact in ways that produce exposure for organizations that believed they were comfortably outside the affected zones. Counterparty due diligence conducted nine months ago may already be obsolete.

The corporate failure mode here is to treat sanctions as a periodic compliance check rather than a continuous intelligence-driven monitoring requirement. The organizations getting this right have integrated sanctions monitoring with their broader enhanced due diligence and counterparty intelligence — running both as continuous functions, not annual exercises.

What to watch: designation tempo at OFAC, EU, UK, and other principal regimes; secondary-sanctions enforcement actions; counter-sanctions promulgated by jurisdictions where you have exposure; changes in licensing and general-license policy. What to decide: which counterparties require active re-screening, which contractual provisions require updating, and which positions should be unwound while licenses remain available.

3. Strategic Commodity and Supply Chain Disruption

Several categories of commodities and inputs that corporates have treated as commodity-priced background — semiconductors, certain critical minerals, refined fuel logistics, fertilizer, fertilizer feedstocks, and high-value pharmaceutical precursors — are now strategic, contested, and concentrated in ways that ordinary procurement risk management was never designed for. A single political decision in a producing or transit jurisdiction can convert an annual cost line into a quarterly-headline operational crisis.

The mistake is to assume that diversification has been done. Most corporate diversification efforts have addressed visible concentration; the second-tier dependencies — sub-suppliers, refining capacity, transit routes, energy inputs at the point of production — remain concentrated. Organizations with operations or revenues that depend on any of the contested input categories should be conducting structural supply-chain intelligence — not procurement audits, intelligence — in 2026.

What to watch: export-control announcements, sub-tier consolidation, transit-jurisdiction political conditions, energy and water conditions at the point of refining. What to decide: which sub-tier dependencies are unacceptable, which inputs justify strategic inventory, and which supplier relationships need parallel arrangements before the next disruption rather than after it.

4. Maritime and Logistics Chokepoint Vulnerability

The set of maritime chokepoints that move world commerce — Bab el-Mandeb, the Strait of Hormuz, the South China Sea, the Bosphorus, the Panama Canal — is a small set of geographically concentrated nodes where political and security conditions in 2026 are materially less stable than corporate logistics planning typically assumes. Insurance markets have already repriced. Shipping availability and routing have already shifted. Most corporate budgets have not.

For organizations with seaborne supply chains, the question for 2026 is not whether disruption is likely. It is which scenarios the operating model can absorb and which it cannot, and what pre-positioned alternatives — air, alternate routing, regional inventory, contractual force-majeure positioning — are ready to execute when the next event hits.

What to watch: insurance-market rate moves, war-risk premium areas, shipping company route changes, naval positioning patterns. What to decide: which routes to route around now rather than during a disruption, which inventory positions to maintain, and which contractual provisions to revisit.

5. State-Linked Cyber and Influence Operations Against Corporates

Corporate targets — not government targets, corporate targets — are increasingly the operational priority for state-affiliated cyber and influence services. The targeting includes intellectual property, M&A intelligence, executive communications, regulatory positioning, and the increasingly important class of operations designed to shape corporate decisions through targeted information environments rather than steal data outright.

The same intelligence services that previously focused on government and defense industrial base targets have material capacity directed at energy, technology, life sciences, finance, professional services, and any corporate sector where strategic value or political exposure justifies it. Most corporate security programs are not calibrated for this. The implications cross counterintelligence, operational security, and AI-amplified threat capability.

What to watch: targeting patterns disclosed by sector ISACs and government advisories, indicators of access reconnaissance against executives and outside counsel, anomalous third-party diligence inquiries that may indicate adversarial collection. What to decide: which executive accounts, communications, and decisions warrant counterintelligence-grade protection; which sensitive transactions require pre-event OPSEC discipline rather than post-event response.

6. Litigation and Regulatory Weaponization Across Jurisdictions

Litigation and regulatory action are increasingly used as instruments of geopolitical and competitive pressure, not just legal process. The corporate that finds itself targeted by a foreign regulator, sued in a jurisdiction it had not anticipated, or subject to a coordinated multi-forum action will increasingly find that the matter is not, at its core, a legal dispute. It is a strategic operation conducted through legal mechanisms.

Organizations exposed to this category of risk — anything with international footprint, contested transactions, or sensitive counterparties — should treat their litigation posture as a strategic intelligence function, not solely a legal function. The methodology that supports intelligence-driven legal matters is increasingly the difference between absorbing the strategic damage and limiting it.

What to watch: filings in non-obvious jurisdictions, regulatory inquiries that bear hallmarks of competitive sponsorship, coordinated media activity that precedes legal action. What to decide: which matters require intelligence support to litigation strategy, where standard legal-defense posture is insufficient.

7. Energy Transition Frictions and Stranded Strategic Assets

The energy transition is creating, in 2026, two simultaneous risk categories that cut across geographies. First, the political contestation of transition policy itself — incoming administrations reversing predecessors' commitments, regulatory whiplash, contract uncertainty for assets that look stranded under one scenario and essential under another. Second, the geopolitics of the inputs to the transition — critical minerals, processing capacity, and the technology supply chain that will determine which jurisdictions hold leverage over the energy transformation in the next decade.

For energy investors, industrial corporates with energy-intensive operations, and any organization with capital deployed against assumptions about the trajectory of the transition, this is a material 2026 risk. What to watch: policy reversal patterns, processing-capacity buildout in contested jurisdictions, off-take agreement terms that imply strategic positioning. What to decide: which positions warrant scenario-based hedging rather than directional commitment.

8. Civil Unrest, Migration Pressure, and Operational Environment Degradation

A material number of jurisdictions where corporates operate are experiencing civil unrest, migration pressure, public health stress, and operational-environment degradation that affects personnel safety, regulatory predictability, and the practical conduct of business. The conditions are not always headline-driven. They show up first as personnel security incidents, second as regulatory unpredictability, and third — often after material damage has accumulated — as media attention.

Organizations with operations or personnel in affected environments should be conducting active country-condition monitoring, travel and personnel security planning, and scenario-based crisis preparedness calibrated to the specific environments. The cost of doing this proactively is a fraction of the cost of doing it reactively.

What to watch: personnel incident reports, migration-corridor conditions, public-health indicator trends, regulatory predictability degradation. What to decide: which deployments warrant elevated security posture, which warrant withdrawal, and which require pre-positioned evacuation capability.

9. Information-Environment Operations Against Reputations

The cost and time required to conduct coordinated reputational operations against corporates and their executives — through synthetic media, cross-platform amplification, planted narratives in target audiences, and the targeted weaponization of legitimate media — is at the lowest point in modern history. The operations are increasingly originated by competitors, opposing parties in litigation, and state-aligned actors who recognize reputational damage as a low-cost mechanism to shift outcomes.

Most corporate communications and crisis functions are not equipped to detect, attribute, and respond to this category of attack at the operational tempo required. The organizations getting this right have integrated information-environment monitoring with their broader crisis response framework and treat synthetic-media and influence-operation defense as a continuous function, not an incident-response capability.

What to watch: anomalous activity around executive names, unusual narrative emergence ahead of regulatory or legal milestones, cross-platform coordination indicators. What to decide: which executives, transactions, and matters require continuous information-environment monitoring; what response capability is pre-positioned.

10. The Risk Most Boards Are Not Tracking: Strategic Decision-Making Capacity

The risk that determines whether an organization absorbs or amplifies the consequences of any of the above is internal: the executive team's capacity to decide well, fast, and coherently when geopolitical events compress decision windows. The organizations that came through 2024 and 2025 best — across sanctions resets, supply shocks, election surprises, and security incidents — were the ones whose leadership had built the conditions for good crisis decision-making before they were needed.

This is not a geopolitical risk in the conventional sense. It is the meta-risk that determines how every other risk on this list manifests. Boards that take 2026 seriously should be asking not only "what are the external risks?" but "is our decision-making capability calibrated to the speed and consequence of the environment we now operate in?" The organizations that get this right will see opportunity where less prepared peers see only damage.

What Leadership Should Do This Year

Across the ten risks above, the actions are consistent and the discipline is the same:

Translate the environment into specific organizational exposures. Not "geopolitical risk is elevated" but the specific positions, counterparties, supply nodes, personnel, and decisions that the environment touches.

Run scenario-based planning. Build the plausible scenarios, define their indicators, and pre-position the decisions and capabilities each would require.

Establish intelligence relationships before they are needed. Ground-truth analysis for the regions and topics where exposure is material. Not headlines and dashboards.

Integrate with existing governance. Geopolitical risk is not a separate program. It is a lens that belongs inside due diligence, security risk assessment, crisis preparedness, and strategic decision-making.

Decide. Then revisit. Conditions in 2026 will change faster than any plan written today will assume. The plan is the starting point. The discipline of revisiting it on a defined cadence is what keeps it useful.

The organizations that approach this year with this discipline will not avoid every event. They will, however, be the ones that absorb the events with materially less damage than less prepared peers — and, in some cases, will find that what looked like risk was, in fact, opportunity for those who were positioned to act.

---

Benjamin House is the founder and principal of Veritas Intelligence, a global intelligence and risk advisory firm headquartered in Orlando, Florida. A retired CIA Senior Operations Officer, two-time Chief of Station, and former Fortune 500 Global Safety & Security executive, he advises corporations, law firms, investors, and boards on geopolitical risk, strategic intelligence, and crisis preparedness. Florida Private Investigator License A3400174.