Increasingly, these choke points are being turned into political weapons by governments, and companies are getting caught in the cross fire. The stakes are high: Firms can go out of business if they’re cut off from critical networks. They need to analyze their exposure and develop a strategy to protect themselves.

To conduct international commerce, businesses have built an intricate system of networks that move money, information, and components around the world. These networks may look decentralized, but all too frequently, they have major choke points. The majority of global finance transactions, for instance, are relayed through a single organization in Belgium. Many global tech firms depend heavily on the chips Qualcomm makes for Android devices. A huge proportion of global communications are routed through private servers on U.S. soil.

Idea in Brief The Vulnerability To keep the global economy working smoothly, crucial resources such as money, information, and components pass through an intricate system of conduits. But while this critical invisible infrastructure may seem to be decentralized and have multiple redundancies, it has significant choke points. The New Risk A new political risk comes from powerful, wealthy states—especially the United States—that use legal authority or coercion to turn economic networks into tools of domination, ensnaring businesses in the process. The Response Multinational businesses should analyze their exposure to network choke points. Lobbying government officials and teaming up with industry peers to resist coercion can mitigate the risks.

Since the end of the Cold War, businesses have built an awe-inspiring global infrastructure. Digital pipelines move vast amounts of capital and data around the world, and supply chains crisscross international boundaries in a spider web of commerce. An intricate system of networks keeps the global economy running smoothly, but it’s easy to take for granted, because it remains largely hidden from view.

Though these networks appear to have multiple redundancies and to be decentralized, many have significant choke points. Global finance relies on a single organization in Belgium to relay the majority of transactions between banks. Cloud computing’s information storage facilities are often located in the United States. Complex supply chains can be dependent on a handful of components, like the chips Qualcomm makes for devices with the Android operating system.

About the art: UN Room XXIV, Geneva 2013

These choke points allow seemingly neutral infrastructure to be manipulated by governments to further their national strategic goals. China’s push into 5G equipment has raised concerns in the West precisely because it might give the Chinese access to key parts of emerging communications networks. Japan recently restricted the export to South Korea of three chemicals crucial to the production of semiconductors, because of a political spat with Seoul. And the United States has aggressively exploited its control of a variety of seemingly technical structures that make global trade possible; it now appears increasingly willing to turn those structures into a machinery of domination.

This new reality was summed up by former NSA director Michael Hayden in describing why the U.S. government coerced tech companies to help its surveillance efforts by sharing confidential information routed through private servers on U.S. soil: “This is a home game for us….Why would we not turn the most powerful telecommunications and computing management structure on the planet to our use?”

Today the political risk businesses face doesn’t come just from developing countries that might abruptly change market rules or nationalize assets. It comes from powerful, wealthy states that are turning economic networks into political weapons. The stakes are high. Companies that are isolated from critical networks can go out of business. A global bank blocked by the United States from accessing a secure interbank communication system because it provides financial services to an American adversary is not going to be a global bank for long. A technology manufacturer that can’t buy sophisticated chips is in big trouble. Businesses that control digital hubs and are pressed into service by states can suffer reputational damage. U.S. tech giants like Google and Facebook, for example, took a hit in foreign markets after Edward Snowden revealed that they had cooperated with U.S. surveillance activities.

What can global firms do to protect themselves? The key is to understand the specifics of the networks your organization depends on and then create a strategy to address the possibility that they will become weaponized. But to start with, executives need to accept that the world—and specifically, America’s role in it—has changed.

America’s New Role

As political scientists, we’ve been studying the United States’ use of economic networks to achieve its national objectives for close to two decades, and we feel that the corporate world consistently underestimates the risks from this form of political muscle flexing. In large part that’s because the country has long been a proponent and guarantor of global business, so it’s hard to conceive of it as a potential threat. It’s equally hard to imagine that the networks that have been the driving force of globalization could be used to chain and entangle companies. But we believe that the “America first” approach, which treats international business infrastructure as a political tool, is profoundly reshaping the world economy.

Note that this isn’t a new strategy for the United States; Hayden’s remarks were made in 2013. Indeed, the George W. Bush and Obama administrations both used U.S. Treasury controls and the dollar-clearing system—which converts foreign currencies into dollars, the lingua franca of international trade—to try to prevent financial institutions from providing services to Iran and North Korea. America’s intelligence services pressed U.S.-based internet-communications firms not only to provide data on suspected terrorists but also to help spy on U.S. adversaries, rivals, and even partners.

However, what started as an aggressive and coordinated response after 9/11 has been supercharged by the Trump administration, which at times has replaced diplomacy with the raw exercise of power. The president has increasingly been weaponizing economic networks and has rarely coordinated with businesses or allies when doing so. And his administration has targeted developed nations and economic powers like China rather than rogue regimes and terrorists, which has emboldened China and other countries to retaliate or even mimic America’s tactics to further their own interests.

To understand how things have changed, consider America’s sanctions against Iran. The Society for Worldwide Interbank Financial Telecommunication (SWIFT), based in Belgium, runs a secure financial-messaging service that is used for most global financial transactions. In 2012 the Obama administration and the European Union used this choke point to press Tehran for concessions on its nuclear program. They cut Iranian financial institutions out of SWIFT in 2012 but then restored access after a nuclear deal was struck in 2015.

During the presidential campaign, Trump railed against the agreement with Iran. Despite desperate attempts by European politicians to save it, the United States withdrew from it in 2018 and then unilaterally reinstated sanctions that made it illegal to buy Iranian oil. Any banks—including foreign banks—that facilitate such transactions could face U.S. fines. BNP Paribas and others had already paid billions of dollars in penalties for violating the previous round of sanctions. Citing the risk that new fines associated with Iranian trades could destabilize the financial system, SWIFT felt it had no choice but to cut off Iranian banks’ access in 2018. This time the Europeans were apoplectic. French finance minister Bruno Le Maire said that European countries should not accept the United States as the “economic policeman of the planet” and allow themselves to become its “vassals.”

The Trump administration has also exploited its de facto control of the flow of crucial tech components to target both China and rogue states like Iran and North Korea. From 2010 to 2016 the Chinese telecommunications manufacturer ZTE sold restricted technologies to Iran and North Korea, violating U.S. export controls. It was forced to agree to an expensive settlement with U.S. authorities. When ZTE flouted that settlement, the U.S. government banned American firms from supplying ZTE with parts, including the Qualcomm chips it needs. This might have driven ZTE out of business if President Trump had not swapped a lighter penalty for concessions in his trade fight with China.

More recently, the U.S. government blacklisted the Chinese telecommunications giant Huawei. Corporate America had expected the United States to ban Huawei from selling to domestic markets. Many in the business community, however, didn’t anticipate the decision to restrict the export of U.S. technology to Huawei, putting the firm’s very existence in danger and injecting uncertainty into global supply chains. Huawei estimated that more than 1,200 U.S. firms would lose contracts with it. Google has warned that it will not provide Android to new Huawei phones, and Microsoft temporarily stopped selling Huawei laptops in its online store. This has led China to threaten to constrain its sales of essential rare-earth metals to U.S. technology companies and to start building its own blacklist of foreign firms. FedEx is at risk of being put on that list, because the Chinese government claims that the company knowingly rerouted Huawei packages destined for China from other countries in Asia to the United States. U.S. manufacturers are frantically checking their supply chains to identify Chinese partners that might be subject to the new economic tensions, while financial firms are asking whether they want to orient themselves toward the United States or China. Everyone fears the worst is yet to come, because Trump has “ordered” U.S. companies to immediately find alternatives to Chinese suppliers, and other U.S. policy makers are asking whether America needs to “decouple” its economy from China’s. In October 2019 the U.S. government blacklisted an additional 28 Chinese firms for their role in human rights violations against Muslim minorities in China. As of this writing, the U.S. Justice Department was trying to block the completion of a $300 million submarine cable that would connect Hong Kong and Los Angeles—and had already mostly been laid by Google, Facebook, and Dr. Peng Telecom & Media Group, a Chinese company—on the grounds of national security.

A New Game

As other powerful states respond to and even model the U.S. strategy, a war is quietly being waged through manufacturing ties and business relationships. U.S. officials are concerned that Chinese-produced components could be compromised and then deployed in surveillance activities or even sabotage. Chinese leaders fear that the United States will use the ZTE playbook against more Chinese firms. They worry that America sees Chinese economic strength as a security threat and will do everything it can to hamper and even cripple the Chinese economy. This is one reason they’re trying to accelerate their ability to develop and manufacture advanced chips: so that they won’t be at the mercy of the U.S. government.

Although the European Union has officially identified China as a rival and begun to pay much closer attention to Chinese acquisitions, it is still far less belligerent toward China than the United States is. Indeed, it’s beginning to create ways to work around U.S. economic power and perhaps even oppose it. For instance, Europeans have started to experiment with alternative financial channels that are less exposed to U.S. pressure. In 2019 the governments of France, Germany, and the United Kingdom jointly created an international barter system, known as Instex, which offers an alternative payment method that circumvents U.S. sanctions on Iran. Instex has had teething problems, and trade between Iran and Europe is negligible, but Europe’s experiment may give it the tools to counteract future U.S. sanctions against much more economically important countries, like Russia.

Disputes can quickly escalate. When Japan pushed back against South Korean claims for World War II reparations by blocking the export to Korea of key chemicals needed by the semiconductor and manufacturing industries, it sent chills through the boardrooms at Samsung and LG. South Korea, in turn, has threatened to retaliate by cutting off supplies of heating oil to Japan. Businesses are being forced into involuntary service in purely political disputes.

Understanding Your Exposure

The firms located at choke points are the most directly at risk. Google’s Android operating system, Visa’s payment channel, FedEx’s courier and logistics services, and Qualcomm’s chips are all hugely profitable because they sit at the center of vast global networks everyone wants access to. Their market control has always been a gold mine. It’s now also a political vulnerability, creating dependencies that powerful governments may want to exploit for national security purposes.

Companies that lie at emerging choke points are likely to also come under pressure. Behind the U.S. case against Huawei is a straightforward fear: that America will lose control over 5G networks and the internet of things. U.S. security would be threatened in a world where everyone depends on Chinese communications technology. Building a choke point, knowingly or not, puts you in the crosshairs.

When governments target choke-point companies, other businesses can get caught in the crossfire. The U.S. ban on Huawei reverberated throughout the firm’s supply chain. The U.S. chipmaker Skyworks, which got 12% of its sales from Huawei, was blindsided; its stock fell sharply and took weeks to recover. Upstream, political uncertainty is leading all telecommunications firms to delay 5G investments. The CEO of Sweden’s Tele2, Anders Nilsson, put it bluntly: “Decisions are postponed. This is not only Huawei; this is all vendors.”

As China retaliates, the economic fallout is likely to spread. Cisco’s CEO, Chuck Robbins, says the anti-American backlash in China is hurting his company: “We’re being uninvited to bid. We are not even being allowed to participate anymore.” Tertiary companies that are neither choke-point providers nor directly up- or downstream will also be affected. A slowdown in 5G’s rollout will reshape entire markets for mobile equipment, audiovisual offerings, and smart, connected products.

Can’t diversification help companies avoid this new form of risk? Firms don’t like relying on a single supplier anyway, since that supplier might raise prices, defect to competitors, or go bust. But diversification won’t mitigate political risk if all the suppliers of, say, a critical component are in the same country or dependent on the same choke point. Instead, executives should think about developing alternative network hubs or in-house or in-country capabilities that allow them to minimize vulnerabilities. After the ZTE incident, Huawei saw that it was at risk and stockpiled its U.S.-made components. Increased redundancy may also reduce vulnerability.

Doing an analysis of the risk your specific sector faces is helpful too. The Trump administration (and, ultimately, its successors) will probably weaponize a host of networks, but some sectors are more exposed than others are. In recent disputes with China, the United States has focused on technologies like telecommunications, drones, and surveillance systems, all of which are viewed as having both commercial and military applications. But less-obvious sectors are increasingly vulnerable. It is unlikely that Beijing Kunlun Tech expected the United States to request that it divest Grindr, a gay dating network, but if it had thought about how personal information could be used for blackmail, it might have foreseen the possibility. Companies that did not think of their sectors as politically risky—perhaps because they were producing relatively innocuous products such as camera-enabled doorbells—should have paid attention when U.S. defense legislation targeted Hikvision and its surveillance technology in early 2018. The U.S. intelligence community has also been issuing warnings about Huawei for several years. Executives dismiss these “weak signals” at their own peril.

Mitigating the Risk

Identifying risks is only the first step. As the global economy moves away from open trade, companies need new strategies and relationships that balance economic efficiency with security. Firms essentially have three choices: collaborate, resist, or educate.

After the terrorist attacks on 9/11, the U.S. government sought private sector help. A group of firms running network choke points, most notably FedEx, volunteered to work with it. FedEx CEO Fred Smith argued at the time, “All we are trying to do is to protect our assets and not have our assets be used for bad purposes.” This approach can have great benefits, but it may pose problems in a world where cooperating with one government may provoke another government to target you. HSBC, for instance, complied with U.S. authorities’ demand for financial information on Huawei, and now it is at risk of being blacklisted by the Chinese government.

Some firms may be less enthusiastic about cooperation and decide to push back. Apple, for example, is a tempting target. The iPhone operating system is potentially a key hub for surveillance, allowing governments to learn what people are saying to one another. This is one reason Apple tried to design the system to make it impossible for anyone—even Apple itself—to access the phones without user passwords. Microsoft, which faces similar pressures from governments that want its data, has responded in a more directly political way. It is spearheading a global initiative known as the Digital Geneva Convention to develop core norms of cybersecurity. The goal is to persuade private companies to collectively commit to limiting offensive cyberattacks—including those by the U.S. government. Already over 100 firms have signed the initiative’s Cybersecurity Tech Accord. As tensions heat up between the United States and China and Russia, businesses with control of economic choke points will need to consider how they can work together to depoliticize their roles.

Businesses can also reduce some of the potential fallout of network attacks by educating government officials. Network connections are so complex that policy makers often don’t understand how interventions could produce unexpected consequences. When the United States announced sanctions against the Russian metals giant Rusal, it did not anticipate that they might bring the European auto industry to a halt, and it had to modify them swiftly. The more businesses’ government-relations offices can do to educate policy makers, the better. Firms also can push back directly against the most disruptive policies. In the wake of the initial Huawei ban, the U.S. semiconductor industry quietly lobbied the Commerce Department and the White House to ease it.

Once it was the places that globalization hadn’t yet reached that were politically dangerous. Now new political risks are found right at the heart of the global economy. They’re coming from the very infrastructure that facilitates global business, which powerful states are weaponizing. Executives who fail to understand this new world are likely to run into serious trouble.