AI is reshaping how businesses navigate risk

Artificial intelligence is maturing so fast that it can be hard to keep up. But forward-looking procurement teams are using the frontier tech to crunch massive amounts of data, automate risk, manage compliance and gain visibility over their supply chains. With continuously working AI agents promising to significantly cut time and resource spend, the benefits may soon be too numerous to ignore.

“[AI agents] are purpose-built for this type of activity,” says Christopher Sawchuk, principal of global procurement advisory at The Hackett Group during CIPS AI Webinar Week 2026. “They can constantly monitor what’s going on in supply markets, and even ideate and rethink the structure and architecture of entire supply networks.”

Risk management is one of the most sought-after skills procurement and supply chain professionals in the year ahead, with 47% of respondents to the CIPS 2026 Global State of Supply survey saying they want to develop expertise in this area. But expectations on AI as a risk management tool are tempering, with the number of respondents seeing AI as capable of identifying supply chain risks halving in the last year. So, what can AI realistically do aid risk management today?

AI as a supply chain visibility tool

Global supply chains have evolved to be deeply interconnected, their many moving parts constituting vast, complex systems. These knotty arrangements have compounded even further in the digital era due to the proliferation of data and software. With all this noise, visibility can be a challenge, and without a clear picture of relationships between contractors and sub-contractors, it’s much harder to gain clarity about risk.

“Beyond tier-one, you're flying blind. That’s the sense most folks have,” says Lucas Videla, head of product marketing at Integrity Next. “Complex supply chains are structurally invisible. All of the upstream dependencies, the sub-suppliers, the raw materials going into products, all of those risks and opportunities can't be mapped manually.” Videla spoke on a panel called How AI-driven screening, multi-tier visibility and insight is removing supply chain blind spots as part of AI Webinar Week, which is available to watch on demand.

The potential for continuous AI-powered monitoring promises to reshape risk intelligence to ultimately bring about better decision-making. For instance, vendor scorecards are changing: traditionally, data is gathered at a certain point in time (point-in-time analysis). But in an age where cyber-attacks or geopolitical events can devastate supplier capabilities overnight, these scorecards simply will not contain the most up-to-date information. By automating scorecards against real-time databases, procurement teams can more easily view the very latest risk data.

This is a timely development for the software supply chain too. Automating supply chain intelligence means one vendor’s relationship to another vendor can be more easily mapped out – essential when, for instance, a cyber incident at a supplier leads to a cascading chain of attacks on others, or if the weak point is buried somewhere deep in the supply chain.

“Cyber security is a volatile, fast-evolving space,” notes Sayan Debroy, head of supplier risk solutions at WNS Procurement and a speaker on our Beyond scorecards: how AI is redefining supplier risk visibility and control panel. “That’s something that needs very clear monitoring.” Vulnerabilities, he adds, often appear in unexpected places rather than with core tier-one vendors, such as in software plug-ins or certain tools used in the creation of apps.

“Monitoring these critical sub-components in the digital supply chain is essential to be able to see risk coming,” Debroy says. “If you just focus on core vendors, vulnerabilities can creep in, and you’ll only know when your system has been breached.”

AI in a new age of supply chain compliance

Real-time data capture, at a scale that’s near impossible for humans to reach, is also easing the regulatory burden for strict, expansive new frameworks, such as the EU Corporate Sustainability Due Diligence Directive (CSDDD), which will be phased into force between 2027 and 2029. The landmark regulation mandates that large enterprises regain visibility over their supply chains, no matter their complexity, tracking key due diligence metrics for all suppliers on areas such as ESG.
Not only will they have to conduct impact assessments for Tier-1 partners, but also demonstrably evaluate the risks of Tier 2 and Tier 3 suppliers. Failure to do so can result in significant financial penalties.

With all this complexity at play, procurement teams have two options: exhaust precious time and resources on chasing down sub-contractors, or turn to technology. Many are choosing option B, using generative AI to map their tier-N suppliers against enormous databases of real trade and shipment data, to reduce the pain from this otherwise laborious task.

Many regulations, such as CSDDD or Uyghur Forced Labor Prevention Act (UFLPA) or Carbon Border Adjustment Mechanism (CBAM), are nationally driven. Achieving compliance can differ by the slightest nuances depending on territories and requirements, so it is therefore critical that procurement teams monitor the ever-changing state of play.

While the ability to capture constant snapshots of information is immensely important, this data can also be leveraged, predictively, to get ahead of potential outcomes. After AI tooling has ingested real-world scenarios, it can then automate reporting or create resilience plans from that data, taking into account details at a granular, material level.

AI is only as good as the data – and the people – behind it

Yet as encouraging as these capabilities are, AI is not a silver bullet; it’s only ever going to be as good as its foundational data. For gaining visibility across supply chains, that means bringing in first-party supplier data from trading partners, as well as supplementary, verifiable third-party data, including from trusted public sources and proprietary datasets. “The foundation really matters enormously,” says Videla. 

Once this data is obtained, cleaned, and maintained, the effective use of AI will also require a more strategic human approach. Users must understand what it is they’re working with, setting their expectations appropriately and against clear governance. “It's not about simply sticking AI on top of what you currently have,” says David Loseby, a professor of supply chain research at Leeds University who shared his expertise during our How agentic AI is transforming intake to outcomes for savings, compliance and resilience session. “We have to set up very clear understanding about what the new roles and responsibilities will be, thinking about what the collaborative model looks like and how it’s going to operate in practice.”

If the future of procurement looks like teams of agentic ‘individuals’ working alongside real human beings, Loseby adds, it’s vital that organisations “work out how to bring those two together, so their skills and capabilities become complementary.

How do you think AI will affect the future of the profession? As part of The Great Conversation, a global dialogue about the capabilities we will need in a world defined by rapid change, new technologies, shifting demographics, geopolitical pressure, and rising environmental risk, we invite you to take our survey on the future of the profession or write to us at thegreatconversation@cips.org.