It’s not just a feeling: risk across the geopolitical spectrum has been higher than usual in recent years. For businesses with supply chain operations across the world, these risks are hard to avoid. Issues of resiliency and avoiding sanctions are top of mind when it comes to planning out the coming months and years.

Working with suppliers in or near unstable countries creates significant risk for companies, as business continuity grows ever more uncertain as risk increases. That holds true for a supplier’s own supply chain (what we call “subsuppliers”) as well. For most companies, it’s impossible to identify all the subcontractors and subsuppliers they’re connected with across multiple degrees of separation.

Instead of spending inordinate amounts of resources tracking down every subsupplier, businesses should identify which of their vendors can be labeled “critical” to their business continuity. Then, they should focus on tracking and monitoring those vendors’ own critical suppliers and contractors. That will provide an accurate enough snapshot that can be used to more accurately weigh the geopolitical risk of critical suppliers.

Where wars and international conflicts go, sanctions likely follow. As the rapidly evolving situation in Ukraine has proven, the international sanctions landscape can change practically overnight, with new businesses and individuals regularly being designated as “blocked” entities. A company in the U.S. that continues to do business with someone on that list is at risk of significant fines as well as damage to its reputation.

It’s crucial to check who the owners of businesses are in such situations, as the “ultimate beneficial owners” who are sanctioned might not be flagged if a company simply checks for their suppliers on sanction by the name of the company. In my experience, less than 30% of the firms out there are screening beneficial owners against sanctions lists, despite due diligence being required by OFAC.

A lack of transparency in many supply chains is exacerbating these risks. A Deloitte survey found that less than three-quarters of procurement officers report they have good visibility into their critical-tier suppliers, and just 26% said they were able to predict risks among those suppliers. Only 15% of respondents reported visibility into second- and third-tier suppliers.

Businesses need value-driven policies and systems in place to enforce them across the supply chain. A mission-based rubric can govern policies and rules, specifying what actions to take when risks are detected. Supplier management systems to evaluate suppliers based on this rubric and rate their level of risk should be rolled out.