How We Assess Jurisdiction Risk
Every jurisdiction in the ESG Stress Free guide library carries a risk rating — Low, Medium, High, or Critical. This page explains the methodology behind those ratings, the frameworks we draw on, and what each level means for your CSRD and CSDDD compliance obligations.
Important: These risk ratings are designed to guide due diligence intensity under the EU Corporate Sustainability Due Diligence Directive (CSDDD) and EU Corporate Sustainability Reporting Directive (CSRD). They are not legal advice and should not be used as the sole basis for compliance decisions. The risk level of a specific supplier relationship may differ from the jurisdiction-level rating — a supplier in a Critical-rated jurisdiction may have strong ESG practices, and a supplier in a Low-rated jurisdiction may have specific ESG risks. Always conduct supplier-specific due diligence.
Methodology Basis
Our jurisdiction risk ratings are based on a composite assessment drawing on internationally recognised frameworks and indices. The primary inputs are:
Sanctions status
Whether the jurisdiction is subject to comprehensive sanctions (US OFAC, EU, UN Security Council, UK OFIS) — the single most important factor for Critical ratings.
CSDDD conflict-affected designation
Whether the jurisdiction is designated as a conflict-affected and high-risk area (CAHRA) under the EU CSDDD, which triggers enhanced due diligence requirements.
FATF designation
Whether the jurisdiction is on the FATF grey list (enhanced monitoring) or black list (call for action) — a proxy for governance and financial crime risks.
Forced labour indicators
The Global Slavery Index, US Department of Labor List of Goods Produced by Child Labor or Forced Labor, and UFLPA Entity List — key inputs for High and Critical ratings.
Governance quality
The Mo Ibrahim Index of African Governance, World Bank Governance Indicators, and Freedom House scores — key inputs for Medium and High ratings.
Labour rights
The ITUC Global Rights Index, which rates countries from 1 (best) to 5+ (no guarantee of rights) — a key input for High ratings in garment and agricultural supply chains.
Risk Level Definitions
Jurisdictions with strong rule of law, functioning regulatory frameworks, and no significant forced labour, conflict mineral, or sanctions risks. Standard CSRD supply chain reporting applies. CSDDD standard due diligence is sufficient.
Key indicators:
- OECD member or equivalent governance standard
- No active sanctions or arms embargoes
- Functioning independent judiciary and labour enforcement
- No significant conflict mineral exposure
- No FATF grey or black list designation
Examples: UK, Germany, Australia, Japan, Canada, Singapore, New Zealand
Jurisdictions with some governance weaknesses, sector-specific ESG risks, or developing regulatory frameworks. CSRD supply chain reporting requires sector-specific attention. CSDDD standard due diligence with enhanced sector focus.
Key indicators:
- Developing country with improving governance trajectory
- Sector-specific ESG risks (e.g. garment labour rights, agricultural land rights)
- Climate physical risk exposure (e.g. Pacific islands, low-lying coastal nations)
- Some FATF monitoring but not grey-listed
- No active comprehensive sanctions
Examples: Vietnam, Bangladesh, Indonesia, Ukraine, Fiji, Samoa, Cabo Verde, Bhutan
Jurisdictions with significant governance deficits, documented human rights concerns, or sector-specific forced labour risks. CSDDD enhanced due diligence is required. CSRD supply chain reporting must address specific ESG risks identified.
Key indicators:
- Significant governance deficits or authoritarian governance
- Documented forced labour risks in specific sectors
- FATF grey list designation
- Conflict mineral exposure (OECD Annex II)
- Significant environmental degradation risks
- Active targeted sanctions on individuals or entities
Examples: Cambodia, Myanmar, Uzbekistan, Guinea, Angola, Togo, Equatorial Guinea
Jurisdictions subject to comprehensive sanctions, active armed conflict, or with the most severe human rights and forced labour risks. CSDDD requires enhanced due diligence or responsible disengagement. Comprehensive sanctions compliance is mandatory.
Key indicators:
- Comprehensive international sanctions (US OFAC, EU, UN, UK)
- Active armed conflict or civil war
- Designated conflict-affected and high-risk area (CAHRA)
- Systematic forced labour (state-sponsored or sector-wide)
- FATF black list designation
- Documented genocide, war crimes, or crimes against humanity
Examples: Russia, Belarus, Iran, North Korea, Myanmar, DRC (conflict zones), South Sudan, CAR, Eritrea, Sudan
What the Risk Level Means for Your Compliance
| Risk Level | CSRD Supply Chain Reporting | CSDDD Due Diligence | Sanctions Screening |
|---|---|---|---|
| Low | Standard supply chain data collection | Standard due diligence — questionnaire and self-assessment | Routine screening |
| Medium | Sector-specific data collection (e.g. climate physical risk, labour rights in garments) | Standard due diligence with sector-specific focus areas | Routine screening |
| High | Enhanced disclosure — specific ESG risks must be named and quantified | Enhanced due diligence — third-party audit, on-site assessment, or certification required | Enhanced screening — beneficial ownership verification |
| Critical | Material risk disclosure — must be addressed in principal adverse impacts reporting | Enhanced due diligence or responsible disengagement — legal advice recommended | Mandatory comprehensive screening — zero tolerance for violations |