As the year came to a close, the Kharon Brief asked a range of industry leaders to assess 2025’s biggest storylines and what’s coming in 2026 in sanctions, risk and compliance.
Jackson Wood is director of industry strategy at Descartes Systems Group.
When I look back at 2025, the defining storyline in risk and compliance wasn’t a single enforcement action or a headline-grabbing policy change. It was the moment when companies recognized that the underlying structure of risk itself had changed.
In the context of global trade, that realization came into sharp focus through the battles over IEEPA tariffs and the Supreme Court arguments that followed. Seeing brands like Costco, Revlon, EssilorLuxottica, and others line up in federal court to challenge the tariffs’ legality was a turning point in how industry views the relationship between executive power, statutory authority and trade policy.
The question being tested—whether the executive branch can unilaterally impose long-running tariffs based on emergency powers—forced compliance leaders and boards to grapple with a broader theme: Volatility is no longer episodic. It’s structural. If regulatory instruments like tariffs can become retroactively questionable, then the compliance mandate expands to include not only “manage today’s rules” but also “anticipate tomorrow’s changes.”
That storyline shaped the rest of the year. It pushed trade compliance out of its traditional back-office lane and squarely into strategic risk management. It accelerated investment in supply-chain transparency, ownership mapping and scenario modeling. And it drove home a lesson many organizations had been slow to internalize, which is that you can’t build a resilient business without making compliance a core competency.
Looking ahead: Economic security now is national security, and global trade is the primary domain of conflict. The policy language may be different across Washington, Brussels, Beijing, Ottawa and Tokyo, but the underlying shift is consistent—supply chains are now seen as core strategic assets, and governments expect the private sector to adapt accordingly.
For industry, this translates into a new operational reality. Success will depend not just on efficiency and growth but on your ability to map, monitor and govern the full depth of your value chain. The recent wave of semiconductor restrictions, ownership-based rules from BIS and intensified scrutiny of dual-use technologies all point in the same direction: Compliance programs built for yesterday’s linear supply chains simply will not get the job done in an era of more diffuse and broadly-networked risk.
For governments, the challenge is equally urgent. They must modernize regulatory frameworks that weren’t designed for an era of AI-accelerated production, distributed manufacturing and complex, multi-jurisdictional ownership networks. And they must do it without suffocating the very innovation they hope to protect.
Jackson Wood is director of industry strategy at Descartes Systems Group.
When I look back at 2025, the defining storyline in risk and compliance wasn’t a single enforcement action or a headline-grabbing policy change. It was the moment when companies recognized that the underlying structure of risk itself had changed.
In the context of global trade, that realization came into sharp focus through the battles over IEEPA tariffs and the Supreme Court arguments that followed. Seeing brands like Costco, Revlon, EssilorLuxottica, and others line up in federal court to challenge the tariffs’ legality was a turning point in how industry views the relationship between executive power, statutory authority and trade policy.
The question being tested—whether the executive branch can unilaterally impose long-running tariffs based on emergency powers—forced compliance leaders and boards to grapple with a broader theme: Volatility is no longer episodic. It’s structural. If regulatory instruments like tariffs can become retroactively questionable, then the compliance mandate expands to include not only “manage today’s rules” but also “anticipate tomorrow’s changes.”
That storyline shaped the rest of the year. It pushed trade compliance out of its traditional back-office lane and squarely into strategic risk management. It accelerated investment in supply-chain transparency, ownership mapping and scenario modeling. And it drove home a lesson many organizations had been slow to internalize, which is that you can’t build a resilient business without making compliance a core competency.
Looking ahead: Economic security now is national security, and global trade is the primary domain of conflict. The policy language may be different across Washington, Brussels, Beijing, Ottawa and Tokyo, but the underlying shift is consistent—supply chains are now seen as core strategic assets, and governments expect the private sector to adapt accordingly.
For industry, this translates into a new operational reality. Success will depend not just on efficiency and growth but on your ability to map, monitor and govern the full depth of your value chain. The recent wave of semiconductor restrictions, ownership-based rules from BIS and intensified scrutiny of dual-use technologies all point in the same direction: Compliance programs built for yesterday’s linear supply chains simply will not get the job done in an era of more diffuse and broadly-networked risk.
For governments, the challenge is equally urgent. They must modernize regulatory frameworks that weren’t designed for an era of AI-accelerated production, distributed manufacturing and complex, multi-jurisdictional ownership networks. And they must do it without suffocating the very innovation they hope to protect.
