Supplier Risk Scoring: What’s new in 2025 and moving into 2026?

The current landscape

In an era of global uncertainty, Finance and Procurement professionals are increasingly expected to do more than just negotiate good deals and deliver return on investment - they must also equally safeguard their organisation against supplier-related risks.

Supplier risk scoring, once a back-office process and compliance tool, has become a strategic lever for protecting business margins, ensuring continuity and safeguarding organisation reputation.

Moving into 2026, the landscape of supplier risk management continues to evolve rapidly with supplier risk scoring no longer a static checklist but a dynamic, data-driven discipline.

So, what has been newly developing this year, and should be a focus for 2026, and how can Finance and Procurement teams remain on the front foot.

1. AI-Powered Risk Management

Artificial intelligence (here we go again with AI!) has been transforming supplier risk scoring from reactive to predictive. Modern platforms now ingest and analyse vast datasets from financial statements and regulatory filings to social media sentiment and news coverage in order to flag early signs of supplier distress.

For Finance teams, this means greater and quicker visibility into potential liabilities and exposure. For Procurement, it enables proactive supplier engagement and contingency planning. A supplier with declining credit or ESG ratings, non-compliance to public regulations or organisation specific policies, company news (like share price or leadership changes), or negative ESG press, can all now be flagged to relevant business leads for review and mitigation before contracts are signed or renewed.

Gone are the days of static risk matrices. Maturing functions and modern platforms now utilise machine learning to predict supplier risk based on:

• Real-time financial data
• News sentiment analysis
• ESG compliance trends
• Cybersecurity posture
• Extraction of data and word search from public information

These enabling tools don’t just flag risk, they create a traffic light type risk profiling and help identify and forecast exposure.

2. Geopolitical Risks

Global instability from trade disputes to sanctions and political unrest is now a core factor in supplier risk scoring. Procurement platforms increasingly integrate real-time geopolitical data, including:

• Country risk indices
• Sanctions lists
• Trade policy changes
• Political stability scores

Finance leaders benefit from clearer risk-adjusted cost models, while Procurement teams can reroute sourcing strategies to avoid disruption. A supplier operating in a politically unstable region may be flagged as a risk, even if their financials are solid.

3. ESG and Ethical risk scoring

Environmental, Social, and Governance (ESG) metrics are no longer just a compliance checkbox – they can be a financial and reputational imperative. Modern supplier risk scoring includes:

• Carbon footprint and emissions data
• Labour practices and human rights compliance
• Diversity and inclusion metrics
• Ethical sourcing and transparency

Finance teams are increasingly factoring ESG risk into investment decisions and cost of capital. Procurement teams are increasingly held accountable for the sustainability and ethics of their supply chains and asked to source from suppliers who align with corporate sustainability goals, including within a circular design supply chain for the more mature.

Ignorance, and future mitigation, to supplier tiered ESG risks is no longer a valid excuse. Non-compliance to ESG can lead to significant reputational damage, regulatory penalties, and even loss of business.  

4. Cybersecurity Risk is a core metric

FCyber threats are now considered one of, if not the no.1, top risk in global supply chains. Supplier risk scoring includes cybersecurity assessments such as:

• Data protection policies
• History of breaches or incidents
• Use of secure technologies
• Compliance with standards like ISO 27001 or NIST

For Finance, a supplier breach can mean financial liability and regulatory exposure. For Procurement, it’s about ensuring that suppliers do not become a weak link in the organisation’s digital infrastructure and ensuring continued supply of service at market acceptable cost.

With increasing reliance on digital platforms and cloud-based services, a supplier’s cyber hygiene can directly impact the organisation’s security. Procurement teams must now collaborate closely with IT and security departments to evaluate, monitor and manage the supply chain cyber risk and ensure adherence to regulations and company standards.

5. Composite Risk Dashboards

Say goodbye to individual siloed risk assessments. Today’s best-in-class systems offer composite dashboards that combine multiple risk dimensions into a single, actionable view. These dashboards typically include:

• Financial health scores
• Operational performance metrics
• Compliance history
• Delivery reliability
• ESG and cyber risk indicators

Finance teams can use these dashboards to assess supplier exposure across portfolios. Procurement teams use them to prioritise sourcing decisions and supplier development efforts. Dashboards can be customised by category, geography, or business unit, allowing tailored risk views by category (IT, FM, professional services, etc. suppliers). For example, IT suppliers may be scored more heavily on cybersecurity, while FM and Logistics suppliers may be evaluated on delivery performance and geopolitical exposure.

Final Thought: Risk as a Strategic Lever

In 2025, supplier risk scoring is no longer just about avoiding failure. It is about building strategic RESILIENCE. The shift from reactive to proactive risk management is being enabled and driven by technology, regulation, and stakeholder and investor expectations.

Finance and Procurement leaders who collaborate with Operations and Business leads on the business risk strategy by sharing data, aligning metrics, and integrating tools will be better positioned to protect margins, maintain continuity, and unlock long-term value.

Whether you're an Executive in charge of business strategy, a business leader in charge of budgets, a Procurement, IT, FM or Operations leader managing the supply chain, a Legal representative overseeing contract compliance, the message is overwhelming:

Supplier risk is no longer just a back-office supply chain issue – it is a business-critical priority.

If interested how a business can create P&L impactful savings, read our short blog Commercial thinking Procurement – is your function creating enough P&L value?