Brexit and the Hidden Risks in MedTech Supply Chains

Some of the biggest supply chain disruptions do not begin with a factory shutdown, a supplier failure, or a geopolitical event. They begin with details that appear administrative, routine, and low risk.

Brexit illustrated that lesson particularly well.

For many industries, the disruption was obvious and immediate: tariffs, border delays, customs complexity, and new regulatory requirements. In MedTech, however, some of the most significant challenges emerged from areas that initially appeared administrative in nature — and that is precisely what made them so easy to underestimate.

The Notified Body Challenge

For those unfamiliar with the term, a Notified Body is an organisation responsible for certifying medical devices for the European market. Without this certification, products cannot be legally sold within the European Union. As a result, who certifies your products — and under what conditions — is far more than a regulatory formality.

Following Brexit, BSI, one of the world's largest and most widely used Notified Bodies, relocated its EU operations from the United Kingdom to the Netherlands.

On the surface, many companies assumed the impact would be limited. It was the same organisation, the same relationship, and seemingly business as usual.

The reality proved more complex.

Even companies that continued working with BSI were required to update their CE certificate numbers. What appeared to be a simple administrative change quickly created a ripple effect across multiple areas of the business, including product labelling, technical documentation, product registrations, supply chain records, distributor agreements, and quality management systems.

A seemingly minor update became a significant operational challenge requiring coordination across regulatory affairs, quality, supply chain, legal, commercial teams, distributors, and external stakeholders.

For many smaller MedTech organisations, this was not merely a regulatory footnote. It became a substantial operational burden on top of the many other Brexit-related changes they were already managing.

The Real Lesson: Hidden Dependencies

The Notified Body situation was not an isolated issue. Rather, it highlighted a broader pattern that Brexit exposed across MedTech supply chains.

Many organisations discovered that changes they believed were contained to a single certificate, label, or registration were actually connected to far more processes and stakeholders than they had mapped.

A certificate number change required updates to distributor agreements. Updating distributor agreements triggered contract reviews. Contract reviews required legal assessment across multiple jurisdictions.

What initially appeared to be a local change became an enterprise-wide effort.

This is the nature of supply chain risk that exists within the administrative layer.

It rarely presents itself as risk. Instead, it presents itself as paperwork. And because it looks like paperwork, it is often assigned insufficient resources, underestimated in planning, and given unrealistic timelines.

Why Some Organisations Struggled More Than Others

Interestingly, the organisations that struggled most were not necessarily the smallest or least experienced.

Often, they were organisations that had mapped their supplier dependencies thoroughly but had never applied the same discipline to their regulatory dependencies.

They knew where their components originated. They did not always understand everything connected to their certifications.

As Brexit demonstrated, both forms of dependency can be equally important.

Looking Beyond Brexit

While Brexit provides a useful case study, the lesson extends far beyond a single geopolitical event.

In supply chain and regulatory operations, issues that appear administrative on paper are rarely administrative in practice. The detail is often where disruption lives.

A useful question for any organisation facing regulatory change, market expansion, restructuring, or compliance transformation is: do you truly understand your dependencies?

Not just your Tier 1 suppliers. Not just your primary certifications. But every downstream process, stakeholder, agreement, and system affected when one element changes.

The organisations that navigated Brexit most effectively were not necessarily those with the largest teams or budgets. They were the organisations that understood their dependencies early, recognised the implications, and planned accordingly.

Because in supply chain, the administrative is never just administrative. And the earlier that becomes part of an organisation's thinking, the better prepared it will be when the next disruption arrives — whatever form it takes.