Companies braced for rising geopolitical risk exposure

Ruby Hamid:

Hello and welcome to this Ashurst podcast. Today, we are considering the litigation, financial crime, and compliance risks arising from the current conflict in the Middle East. And we will share with you some practical considerations and actions. This discussion will be of particular interest to those operating in the construction, energy, and infrastructure sectors, or those who finance those sectors.

I'm Ruby Hamid. I lead the global investigations Practice here at Ashurst, and I'm delighted to be joined by some brilliant experts for you today. Cameron Cuffe is a dispute resolution partner based in Dubai, Philip Chong is an international arbitration partner based in London, and Neil Donovan is a partner in our corporate crime and investigations team. Thank you all very much for joining me.

Today, we are going to think a little bit about what the practical implications are of the current dispute and how those are playing out in terms of legal risks and financial crime compliance in particular. We are seeing really interesting and difficult litigation risks, contractual issues, force majeure, disruption to supply chains, and, of course, those potential disputes over pricing and price volatility.

And I think before we start, Cameron, I wanted to recognise the efforts that are being made in the region to restore business operations and infrastructure, and really to support residents who are now able to begin to go about their daily routines. It seems to us that that speed of recovery and that ability to return to normal as quickly as possible has had a great deal to do with the resilience of those living and working in the region, the input of governments, and also the business community, which is really pulling together here. And I think that's an important theme, isn't it, for how we are advising clients in terms of their legal risk?

Cameron Cuffe:

No, that's certainly the case, Ruby.

Ruby Hamid:

What issues, Cameron, are you seeing on the ground for clients in the construction, energy, and infrastructure sectors?

Cameron Cuffe:

Let me start with the headline observation. We are seeing a very significant uptick in force majeure notices across the construction and infrastructure sectors in the region. This is not surprising, but the scale and complexity of what is coming through is notable.

The Iranian conflict has introduced a layer of disruption that touches virtually every major project in the Gulf and the wider Middle East. We're talking about supply chain interruptions, which are delays to the importation of materials, equipment, and specialist components driven by shipping disruptions in the Strait of Hormuz and the Red Sea corridor. We're seeing insurance markets tighten with war risk premiums increasing substantially, and in some cases, cover being withdrawn altogether from certain transit routes. And on top of that, we've had a succession of extreme weather events in late March with flooding hitting parts of the UAE, Oman, and Saudi Arabia causing physical damage to project sites and some logistic networks.

And what is particularly challenging for our clients is that compounding effect. You might have a contractor who was already behind programme, and then a flood event causes further delay, or conversely, a project that had weathered the geopolitical disruption reasonably well who suddenly faces lost productivity due to adverse weather. The interaction between these distinct causes of delay is where the real legal complexity lies. And I think practically, as you'd expect, given what we're seeing in the region, the volume of claims and formal notifications has increased dramatically.

And it's encouraging that we've been working closely with Ashurst Advance, our legal technology and managed services platform, assisting clients in managing this influx at scale. Ashurst Advance has been instrumental in helping our clients triage and track the volume of force majeure notices, extension of time claims, and associated correspondence. And when you are an employer or a developer in this environment with a portfolio of projects across the region, you might be receiving dozens, if not hundreds, of contractor notices simultaneously. So having a structured technology-enabled process for logging, categorising, and responding to those notices in a timely manner is absolutely critical because, as I'm sure we'll no doubt discuss, the contractual time bars and procedural requirements can be unforgiving.

Now, I did want to flag one thing which is certainly on our radar, and should be on the radar of every employer and project company in the region, and that is the risk of opportunistic or inflated claims. And let me be direct. We are seeing instances where contractors and subcontractors are seeking to use the current conflict and weather events to excuse delays and performance failures that, in reality, predate these events. A contractor who was behind programme by six months before the first force majeure event does not suddenly acquire an entitlement to an extension of time for those preexisting delays simply because a new disrupting event has supervened. This is a point of real forensic importance. Employers need to carefully analyse programmes, project reports, and contemporaneous documentation to distinguish between genuine force majeure delay and what I would call legacy delay that is being retrospectively attributed to the current event.

Interestingly also, a foreseeability argument is beginning to emerge. Some parties are contending, and I suspect we'll see this argument more forcefully made in arbitration proceedings in the future, that the regional instability arising from the Iranian conflict was foreseeable 12 to 18 months ago. The argument runs that if the event was foreseeable, it cannot properly be characterised as force majeure. Now, that is a nuanced argument and its success will depend heavily on the specific contractual wording, the governing law, and the factual matrix.

And moving on in a bit more detail to force majeure and the regional laws which apply, I'll just spend a moment looking at the legal architecture because it is important to understand the tools that the contracts and the law provide. Most major construction and infrastructure projects in the Middle East are procured on FIDIC forms of bespoke contracts or heavily influenced contracts based on FIDIC.

Under the FIDIC '99 suite, clause 19 deals with force majeure. Under the FIDIC 2017 suite, this has been recast as clause 18, now entitled Exceptional Events. The substantive requirements are broadly similar. The event must be beyond the affected party's control, could not reasonably have been provided against before entering into the contract, could not reasonably have been avoided or overcome, and must not be substantially attributable to the other party.
Critically, the FIDIC conditions imposed strict notice requirements typically 28 days from the date the affected party became aware or should have become aware of the event. Failure to comply with that notice window can be fatal to a claim, regardless of the merits. We are advising clients in the strongest terms to diarize these deadlines and ensure notices are served in the correct form to the correct counterparty.

And finally, when it comes to delay and disruption, the claims we are seeing are complex. Many involve concurrent delay, that is multiple causes of delay operating simultaneously, some of which may be the contractor's responsibility, and some of which may be employer risk events or force majeure. The analytical methodology for apportioning concurrent delay is a perennial area of contention, and we expect it will feature heavily in arbitrations arising from this period.

Ruby Hamid:

Cameron, that's really interesting. In particular, what you've said about the forensic factual analysis that's going to be necessary and the risk of exploitation perhaps from contractors or subcontractors who are looking to take advantage here.

You talked about procedural time bars being unforgiving. Tell us what steps companies should consider taking now.

Cameron Cuffe:

Of course. And the starting point, and I cannot emphasise this strongly enough, is to go back to the contracts. The contracts governing these projects are in the main sophisticated instruments. They contain detailed provisions that address precisely the kinds of events we are now seeing. The answers in most cases are in the contract. That means reviewing force majeure clauses, extension of time provisions, changing law provisions, and any suspension or termination rights that may be triggered. It also means understanding the applicable governing law and how it supplements or modifies the contractual regimes.

Notice compliance is absolutely key. I would say that the single most common source of avoidable prejudice in construction claims is the failure to serve timely and compliant notices. Companies should be auditing their notice processes now. Have all required notices been served? Were they served on the correct party, at the correct address, in the correct form? Are the underlying particulars being updated as the situation evolves? These are basic points but they are the points which can make or break a claim in the future.

So this really is the era of contemporaneous records. Companies must be meticulously documenting the impact of these events on their projects. That means daily site records, photographs, drone videos, correspondence logs, programme updates, cost records, and importantly, records of mitigation efforts undertaken. When these matters come before an arbitral tribunal in two or three years' time, the quality of the contemporaneous record will be decisive.
And finally, this is a point that is often overlooked and it can have significant impact on project participants. And that is, in all large construction projects, there is a contractual chain from employer to main contractor, from main contractor to subcontractor, and potentially further down to subcontractors and suppliers. And for energy and transport projects, there's often an off-taker or an end user sitting above the employer. Where a party receives a force majeure notice or claim notice from below, say from a subcontractor, for example, there is typically an obligation or, at the very least, a strong practical imperative to pass that notice up the chain to the employer or the engineer. Failure to do so can result in a party being time-barred from recovering upstream, the very costs and delays it is being asked to bear downstream. And we are working with our clients and advising them to map their contractual chains to establish clear protocols for the upward and downward transmission of notices and claims.

Ruby Hamid:

You mentioned force majeure, Cameron, as a basis for concerns. And Philip, I wonder if you could tell us a little bit more about the key points that parties need to have in mind when dealing with force majeure clauses.

Philip Chong:

Yeah, sure. Thanks, Ruby. I entirely endorse what Cameron has just said. And the key point to bear in mind is that force majeure is very contract dependent. And as Cameron said, the answers are in the contract. You always need to check that the force majeure event is covered by the contract. We saw that during the COVID times when clauses were examined to check that pandemic was covered. And here, there may be debate about whether war, and in particular, undeclared war, is covered by the particular force majeure event.

There also needs to be, and this is important to bear in mind, a causal link between the force majeure event and the impediment on contractual performance. So the two must be causally linked. And as Cameron said, notice deadlines are often very strict. Missing them can forfeit right. Notice is often required, and there may be indeed arguments that those notice requirements are conditions precedent to a valid force majeure claim. And the same goes actually for ongoing reporting and mitigation obligations.

Now, what we're seeing in the Gulf at the moment is a on-and-off situation where there's discussions about ceasefires, and those can complicate the force majeure position. So counterparties could argue that the impediment to performance has been removed, at least for a period of time, and so the exact impact of that will need to be explored in terms of performance.

It's also important to bear in mind that force majeure gives time and performance relief. It doesn't of itself give cost relief, and that extended force majeure may give rise to termination rights, and that's often provided for in the contract. So ongoing reporting and mitigation obligations must be observed throughout. If performance is suspended in reliance on the force majeure clause and the contractual requirements are subsequently found not to have been met, the consequences of that can be really serious.

So the key point to bear in mind is that if an issue is crystallising now around force majeure, it's really critical to understand the contractual and procedural requirements. Understanding that now and acting correctly early can very significantly affect your outcome.

Ruby Hamid:

Philip, what remedies at law and contractual mechanisms might be available in the event that force majeure is not the right outcome or it's not available for all the reasons that you've described? Are there other routes?

Philip Chong:

Yes, there are. Under civil law jurisdictions, there are impossibility and hardship doctrines. Those tend to have very high thresholds. And it's important actually to bear in mind that in civil law jurisdictions such as the Middle East, and the GCC countries, they provide their own remedies for those doctrines, impossibility and hardship, but it's common for contracts in those jurisdictions also to have force majeure provisions. So you need to consider both the contractual position and the hardship doctrines in those countries.

So in, for example, GCC countries, hardship and impossibility protections are mandatory. They can't be contracted out of, so they sit alongside FM provisions. In England, there is frustration, the doctrine of frustration, but that's very narrow as a doctrine. Performance has to be essentially impossible or radically different from that envisaged. So the FM clause, if there is one, will be more relevant easily than the doctrine of frustration always.

In addition to those, the other contractual provisions to consider are the variation mechanisms that are provided for in the contract, whether the contract provides for material adverse change, and also limitation of liability provisions. Those could come into play depending on the severity of the situation. And many of these immediately impacted contracts are likely to have compulsory arbitration provisions. So if a dispute arises, it is likely to be resolved if there is an arbitration agreement in that manner.

Ruby Hamid:

Philip, Cameron, could you tell us a bit about how you expect things to develop in the coming months? So we've had the immediate response, but how do you think things are going to unfold? Philip, do you want to start us off?

Philip Chong:

Sure. Thanks. I think, as Cameron said, there's been a wave of force majeure notices. And I think right now, what we're seeing is companies tending to focus on working together to mitigate those impacts, the FM impacts. But I would say that especially if the situation persists and the contractual impacts become more severe, then you'll start to see claims and disputes about the true extent of the impact. As Cameron said earlier, some impacts that were felt earlier are being swept up into the force majeure claim. So you'll have disputes as to the true extent of the force majeure impact, and also who should bear the risk of that particular event. And those are issues that are likely to be fought over for some time to come. An additional impact could be that if the disruption and energy price increases are prolonged, that may trigger gas price reviews, or at least be a relevant factor in such reviews for some time to come as well.

Ruby Hamid:

Cameron, what do you see coming down the track?

Cameron Cuffe:

For me, it's the practical realities of the supply chain risk. I think that is going to take some time to play out, I think, and that will have a real practical impact of what can be built on the ground, how quickly in the Gulf. So what I mean by that, how quickly can you get key supplies such as rebar and aggregate for concrete into the region? How can you get specialist materials and componentry and partner equipment into the region? And even with strides being made now to open up shipping lanes into the Middle East and other transportation corridors, it will take some time for the supply chain efficiency to go back to the levels which we were seeing before the conflict commenced.

Ruby Hamid:

Cameron, it's so interesting that you have talked about supply chain and particularly that question of how quickly you can get things done, whether that's supplies or equipment or people. That question of speed is something that we are seeing very heavily reflected on the compliance side. Disruption to supply chains and how that is to be managed is likely to be the biggest and most immediate compliance risk for companies at the moment, and that's because that effort to get things done unusually and quickly is where exposure begins to appear in terms of, for example, downstream financial crime, which might pass through the chain and impact the client, modern slavery risk associated with standing up a workforce very quickly, and even just getting things through port and through transportation. All of those things create risk around bribery and corruption, around the movement of people, the appropriate treatment of people, and even sanctions. And I think we'll come on to talk about those concerns a little bit more in detail.

Neil, one of the things we're seeing is questions from compliance teams who feel that they may be pressured into quickly onboarding untested or unusual suppliers, and perhaps not using the BAU systems that would keep the organisation safe. Do you want to talk to us a little bit about what that operational and business continuity looks like in Practice for compliance risk?

Neil Donovan:

Yeah, sure. Thanks, Ruby. So as you say, companies have understandably been focusing on contingency planning, on operational continuity, and are now looking to resume business as quickly as possible. That whole process, of course, meant really intense demands on the workforce. There's been a lot of pressure that companies are receiving from their customers, inbound pressure from stakeholders, from commercial counterparties. And what that means, of course, is that the compliance systems and controls, the processes and frameworks that are in place are really being stretched and are subject to a lot of stress in this environment. And what this creates is this environment of instability of weak governance, and that can very much increase these financial crime risks, including bribery and corruption.

And one risk that companies should be very mindful of at present are the risk of requests for facilitation payments, to move cargo or goods through borders or ports. So these are small informal payments to public officials, usually in cash, which are used to expedite or secure a routine function. And given where we are at the moment with the blockage of goods in the region, there's obviously a real heightened risk that these payments are requested. They're prohibited under the UK Bribery Act, but they're also typically a breach of provisions of most company's ABC compliance policies and procedures.

Another real risk at present then is the risk of illicit payment flows. So you may have counterparties who are making sudden changes to payment terms or are requesting that funds are diverted through unfamiliar channels through third parties with whom you don't have an existing business relationship, that payments are made in cash, for example, as opposed to through the banking system. These are all red flags.

And I think a very timely reminder of the risks that can crystallise from these types of situations is earlier this month, the French court found a major multinational guilty of financing terrorism in Syria. This was during the Syrian conflict in 2013. The business was found to have paid over $5 million to militant groups, including the Islamic State, to keep its operations in Syria running during the civil conflict during that time. That was subsequently detected and eight former employees have now been found guilty of financing terrorism, including the former CEO, who has been given a custodial sentence for six years. So as I mentioned, a really good example there of how conduct occurring in real time during the conflict can result in quite significant liability further down the line.

I just wanted to mention a couple of other compliance areas to really be mindful of during this period. The first is fraud, because as we all know, fraud is the most commonly experienced crime for so many businesses, and it does tend to spike in periods and regions where there is economic turbulence and uncertainty. So companies here need to be vigilant for the increased risk of fraudulent schemes impacting their business, the use of fake vendors, invoice fraud, payment interception. That very much spikes, as they say, during this period.

As does trade-based money laundering, it's been well-reported that there's significant use of ghost ships, ghost vessels in the region. Again, doing your diligence around the documentation, trying to identify and spot false documentation. It's critical that compliance teams are on the lookout for those red flags.

And I should mention economic sanctions, of course. Iran itself remains subject to extensive sanctions under US, EU, UK, and UN sanctions. But the region more generally does carry a heightened exposure to sanctions risk. There are individuals and entities in the region targeted under regimes linked to Lebanon and Russia, of course. And so again, it's an area that companies will already be familiar with and will have systems and controls in place to screen counterparties and to mitigate the sanctions risk.

But since the outbreak of the conflict, we have now seen the UN impose new sanctions targeting individuals, companies, and networks tied to the proliferation of weapons in Iran. The EU and UK have not responded as yet. There, we've already got a potential divergence in the regime, and divergence causes complexity for those businesses operating on a cross-border basis. And sanctions is, of course, always a key issue to consider during M&A transaction. And Ruby, I know you've got some thoughts on that and the enquiries we have seen from clients.

Ruby Hamid:

Absolutely, because all the areas you've just described so interestingly are areas which companies will want to examine and explore when they are considering whether to make a new acquisition. And what was fit for purpose six months or a year ago in terms of M&A due diligence is no longer fit for purpose because all of the changes you've just described have taken place in the last few months. And the types of questions companies need to ask when they're considering acquisitions are now quite different. What have those emergency measures been for companies who are being targeted? How have they responded to the difficult situations that Cameron and Philip and Neil have described?

So what we're looking at with clients is whether due diligence questions and information requests need to be enhanced, whether they need to ensure that there is appropriate scrutiny of a target compliance programme, and in particular, the adaptions and amendments that that compliance programme will necessarily have undergone in the last few months. We're also talking a lot about post-closing remediation and a much bigger programme around uplift and remediation after a deal so that the deal can go through, because, of course, commercial certainty needs to happen around specific dates.

We're talking, Neil, about reps and warranties, whether they are robust enough, whether we need additional contractual protections, some of the ones that we've seen in the past around sanctions compliance with Iran under the old sanctions regime. And we've actually seen an uptick in the use of intelligence firms to map, for example, beneficial ownership across complex structures or to trace supply chain exposure and to be looking at money flows. And we are thinking quite carefully with the intelligence firms we work with as to how they can support M&A transactions to happen in a timely fashion at the moment.

One of the other areas in which acquisitions are being impacted, Neil, is financing arrangements. And we very often see the pressures that the banks and financiers will bring on projects and transactions through their own compliance lens. Do you want to tell us a bit about what you're seeing there?

Neil Donovan:

Yes, I think certainly in an M&A context, but companies also going through refinancings or looking to secure new financing, or just through their day-to-day interactions with their account banks, I think companies really need to be wary of the heightened banks' scrutiny at present. You can expect more requests for enhanced KYC checks, questions around beneficial ownership of parties who you might be making payments, and also critically longer processing times for making routine cross-border transactions. These enquiries are common, they're usual, they're part of largely informed by bank's risk appetite and, of course, very strict financial crime obligations that they are subject to, but they do take some careful navigation. And it's important to just build in that lead time into your payments and into any transactions that you're planning so that you can accommodate these further requests from your financing counterparty.

Ruby Hamid:

And moving away from an M&A context, Neil, to a more holistic compliance approach, what steps do you think in-house legal and compliance teams need to be taking now to mitigate those risks?

Neil Donovan:

So I think, given what we've discussed, that clients should really be analysing their supply chains to identify those higher-risk counterparties. And it may be that they're not direct counterparties, but that they're further downstream in the chain, and considering if some form of enhanced checks need to be conducted and, indeed, if further controls need to be put in place even temporarily during this period while there is this increased compliance risk.

I think it's also worth considering in the supply chain context whether disruption in one part of the supply chain could create a broader contractual risk across the project or the transaction structure. And that brings us back to the force majeure implications that we discussed earlier with Philip.

But what's really very important is to ensure that your front office staff, that the parts of the business that are interacting with customers, with investors, with counterparties, that they're just aware of the red flags and they know when to spot the warning signs and to whom those warning signs should be escalated, and that they're just aware there needs to be a heightened vigilance during this period. Ensuring that your whistleblowing channels, your reporting channels, are working effectively and the issues are being escalated and investigated is just going to be really critical to preventing those issues crystallising into something worse at a later date.

Ruby Hamid:

It's so interesting that really it's communication, isn't it, between the first line of defence, the business, and the second line of defence, which is going to be key here. Cameron talked to us about mapping the supply chain and the advice he's giving to clients about that in terms of identifying force majeure issues, but that idea that the mapping and the record keeping has multiple purposes and everybody, first and second line, can be drawing on that to protect the company against a whole range of risks. I think that's a really key takeaway from our discussion.

That brings our discussion to an end. Cameron, Philip, Neil, thank you so much for joining me to provide your insights and to answer my questions. And thank you to all of you for listening to our podcast. If you have any questions that weren't covered but you would like to ask, please don't hesitate to get in touch with us. And do share the podcast with colleagues of yours you think will be interested.
Goodbye for now. Thank you.