The critical importance of Provision 29 in an uncertain world
· Posted on: March 27th 2026 · read
Provision 29 of the UK Corporate Governance Code focuses on risk management and internal controls. During periods of geopolitical instability, including trade conflicts, sanctions, tariffs, or regional armed conflicts, ignoring Provision 29 can expose businesses to serious operational and financial risks.
The Provision applies to companies with premium listing on the London Stock Exchange (including those in the commercial companies or closed-end investment fund categories).
Currently, many of these businesses are facing a plethora geopolitically-driven and climate-driven challenges as a result of numerous armed conflicts (there are more than 100 in the world currently), trade disruption due to sanctions, tariffs and other mechanisms, climate impact on supply chains, and more.
During uncertain times, investors, lenders, stakeholders and customers seek certainty. Provision 29 can help.
Under Provision 29, boards are required to monitor and review the effectiveness of their company’s risk management and internal control systems. Provision 29 also expects companies to provide a clear explanation in the annual report covering how the systems operate and how principal risks are managed. The provision ensures that boards actively oversee risks rather than simply reacting when issues arise.
Geopolitical tensions can rapidly disrupt supply chains, international trade flows, energy and commodity prices, and currency stability. Strong risk oversight ensures companies identify and respond to these threats sooner rather than later.
Governments will often also introduce rapid regulatory changes during geopolitical crises. Businesses must ensure compliance with sanctions, export controls, and new trade rules. Effective internal controls help prevent legal breaches, fines, and reputational damage.
When it comes to corporate reputation, failures in risk management during turbulent times, such as supply failures or compliance breaches, can significantly damage a company’s reputation. Effective oversight ensures that emerging threats are monitored and mitigated before they can escalate and cause harm.
Independent audit and assurance functions help boards evaluate whether internal controls and risk management frameworks are operating effectively. They provide objective insight into vulnerabilities and control gaps, enabling companies to strengthen governance and resilience. In a volatile geopolitical environment, the expectations of Provision 29 become even more critical.
Businesses that fail to maintain strong risk management and internal controls risk breaching regulations, financial instability, and loss of stakeholder trust. These are essential areas to avoid during troubled times when the simple act of running a sustainable business is challenging enough. Ignoring Provision 29 when geopolitical and trading conditions are uncertain, can expose companies to significant and potentially irreversible harm. Companies ignore it at their peril.
