The Hormuz Closure Is No Longer a Crisis, it’s an Operating Condition.

The Strait of Hormuz story has entered a new phase, and it is one that most companies’ risk playbooks were never written for. More than 400 vessels are stranded, freight rates are up 75%, and analysts warn Brent crude could reach $150 a barrel if the closure holds through September. What began as a geopolitical shock that companies expected to wait out has become a sustained operational reality they now have to run their businesses inside of, and the organizations still treating it as temporary are the ones quietly accumulating the most risk.
The distinction matters because a crisis and an operating condition demand different responses. A crisis gets a task force, a war room, and a countdown to normal. An operating condition gets absorbed into how a company plans, sources, prices, and reports, and the Hormuz closure has crossed that line. Freight rerouted around the Cape of Good Hope, war-risk premiums layered onto every Gulf-linked lane, and fuel costs feeding into every mode of transport are no longer disruptions to the plan. They are the plan.
For risk leaders, the defining feature of this event is not any single exposure but the way exposures are stacking. Jim Wetekamp, CEO of Riskonnect, argues that the standard framing already undersells what is happening.
“This isn’t just a supply chain or geopolitical risk conversation,” Wetekamp said. “Multiple risk exposures are colliding in real time – supplier financial stability, cost volatility, sanctions compliance, cash flow pressure, and more. And the economic impacts are still expanding.”
That collision is exactly the scenario most corporate risk functions were not designed for, because those functions grew up in silos, with supply chain risk owned by operations, sanctions exposure owned by compliance, and cost volatility owned by finance, each looking at its own piece of the same event.
“This is a classic example of compounding risk, and siloed risk management was never built to handle it,” Wetekamp said. “The organizations navigating what’s unfolding in the Strait of Hormuz well are working from a connected view of their risk landscape that lets them see how risks interrelate, anticipate threats, and make better decisions faster to reduce their exposure and protect the business.”
The compounding problem gets harder still when a company cannot see where its exposure actually sits. Dave Rusher, chief customer officer at Aravo, makes the counterintuitive case that the companies most exposed to the closure are often the ones with no idea they are exposed at all, because the risk lives in supplier tiers they have never mapped.
“The most alarming exposure sits several tiers below the suppliers companies actually have visibility into: a regional sub-supplier in the Gulf that’s never been formally assessed, sitting two or three layers beneath a direct vendor relationship nobody mapped that deep,” Rusher said.
The danger is not just that these suppliers are invisible. It is that they tend to be invisible together.
“And it rarely stops at one supplier,” Rusher said. “Trace the network down far enough and a lot of it leans on the same region, the same shipping lane, or the same dependence on oil – so one closure can take out everything tied to that single point at once, including suppliers a company assumed were independent.”
Fixing that, Rusher argues, is less about heroic crisis response than about infrastructure built before the crisis arrives. “Getting that visibility starts with a centralized system of record covering every tier of third-party relationships, including who’s actually moving product through the Strait and which vessels and routes those shipments depend on,” he said. “Most companies have visibility into first-tier vendors and nothing below that, which is exactly where regional concentration hides. That system of record only works through continuous monitoring, not a point-in-time assessment, since exposure here shifts week to week. The payoff is lead time, enough for leadership to diversify sourcing or renegotiate terms before this turns from a six-week event into a multi-quarter cost problem.”
Taken together, the two arguments describe the same shift from opposite ends. Wetekamp is describing what it takes to manage risks once they are visible and colliding; Rusher is describing what it takes to make them visible in the first place. Both point to the same conclusion: trade through the strait will not normalize overnight, the risk landscape will stay fluid, and the companies best positioned for the rest of 2026 are the ones treating connected, continuously monitored risk visibility as core infrastructure rather than a project to fund after the next disruption. As Wetekamp put it, “The organizations with a connected view of their risks are better equipped to prepare for and handle future events and impacts.”
