Global Bank — Geopolitical Shock: From Incident to Board-Owned Resilience

November 2025

A top-30 global systemic bank, was hit by a fast-moving geopolitical shock following Russia’s full-scale invasion of Ukraine. Sanctions arrived in waves and were not aligned across jurisdictions. Blocking statutes clashed with secondary sanctions, and correspondent and custody exposures, data sovereignty limits, and export control overlays compounded risk. Public pressure, cyber/disinformation noise, and operational stress simultaneously increased. The chair, along with the audit and risk chairs and the company secretary, needed immediate board control to protect Material Nonpublic Information, de-conflict demands from multiple regulators, implement sanctions controls, stabilize critical services, and shift the investor narrative from “incident” to “resilience.” The board mandated RefineValue to stand up the Geopolitical board resilience operating system to take clean control of the first 72 hours and embed a durable geopolitics program.

Geopolitical Shock: Outcomes at a Glance

Board control ≤ 4 hours: Incident special committee convened, interim decision-rights charter adopted, counsel-privileged bridge
72-hour protocol executed: Time-stamped completion ≥ 90%; Sanctions Operating System live ≤ 8h (safe/deny, exceptions/kill, attestations); 0 breach events.
Service continuity protected: Payments/custody stabilized ≤ 24–48h; reject rate < 0.5%; digital/branch uptime ≥ 99.5%.
Regulators & public view aligned: 100% on-time notifications across US/EU/UK/Asia; leak → confirm/deny → full disclosure in 24–48h; 0 correction filings; counsel-privileged bridge maintained
Prudential hygiene: Daily board dashboard LCR ≥ 130%, NSFR ≥ 115% (first 10 trading days); clean-team logs complete; 0 cross-contamination.
Structural reset landed: One public position by weeks 2–3 (no contradictions); Risk appetite model transformation ≤ 45 days; scenarios/EWIs live (100% coverage); ~30% faster decisions on new list changes.
Geopolitical shock preparedness: Faster decisions and clear roles through board-owned horizon scanning and scenario planning.

Mandate & Constraints

Mandate. Stand up a 72-hour incident protocol the board owns and management executes—within a counsel-privileged perimeter.

Board control in ≤ 4 hours: constitute an incident special committee, adopt an decision-rights charter (non-delegable items, escalation ladders, emergency powers), and open a privileged crisis bridge.
Sanctions & regulators: implement sanctions (OFAC/EU/OFSI) measures ≤ 6 hours from publication with an attestations chain; sequence all notifications (US/EU/UK/Asia prudential, market, and exchange rules) on a single timetable; maintain a contemporaneous evidence trail.
Operational resilience: stabilize payments/custody ≤ 24–48h (reject rate < 0.5%; digital/branch uptime ≥ 99.5%); light up a daily prudential dashboard (LCR ≥ 130%, NSFR ≥ 115% for 10 trading days); run DORA/UK/US control checks; coordinate workforce safety (evacuation, payroll, vendors) without MNPI leakage.
Public-view discipline: enforce parity of information and a leak → confirm/deny → full-disclosure ladder within 24–48h; align IR Q&A and rating-agency cadence to the legal safe harbors.
Beyond 72 hours: deliver public-positioning coherence (one voice across filings/press/CEO letters), a geopolitics horizon-scan & scenario architecture (12–24 months with triggers/EWIs and pre-framed options), and an approved Risk Appetite v2.0 (limits, red lines, triggers, oversight cadence) tied to audit actions and compensation risk modifiers.

Constraints.

Conflict of laws: EU blocking statutes vs. US secondary sanctions; export-control regimes; data-/cloud-sovereignty and bank-secrecy limits; cross-border discovery risk.
Multi-regulator choreography: OFAC, EU Council/Commission, OFSI; prudential supervisors (ECB/SSM, PRA, Fed/OCC/FDIC, FINMA, MAS, HKMA); market rules (MAR/Reg FD, exchange disclosure).
Operational stressors: resilience frameworks (DORA/UK PRA/US) while cyber and disinformation risks spike; correspondent and custody dependencies; market-holiday/time-zone gaps.
Public view & investor expectations: zero corrective correspondence/filings; coherent narrative by the next earnings cycle.
Independence boundary: RefineValue acts as the board’s independent counsel—we design the operating system (charters, gates, rules, evidence tests) and verify at gates.

What We Did

T+0–4 hours— take command, define liability.
Under Geopolitical Board Resilience Operating System, we convened an incident special committee, adopted an interim charter (non-delegable board items, escalation ladders, emergency powers), and moved onto a counsel-privileged bridge. Market-facing comms paused pending scripts. A clean room for material nonpublic information and a centralized sanctions desk became the single source of truth. Each director received a one-page personal liability brief detailing who decides what, by when, and with which evidence.

T+2–24 hours — sanctions first, money moves safely.
We enforced payments gating, including safe/deny lists, reviewer–approver separation, and channel rules, and ring-fenced correspondent routes. A bank-wide exposure map (including clients, instruments, custody, collateral, derivatives, and TSAs) guided close-out and novation playbooks. Freeze, block, and license filings went through a jurisdiction-mapped counsel matrix. We issued frontline scripts for KYC/KYCC, client notices, prospect handling, and whistleblowing. In parallel, we activated a prudential dashboard with daily LCR/NSFR thresholds and established a people and vendors cell for evacuation, payroll, and critical vendor coverage to maintain service without material nonpublic information leakage.

T+24–72 hours — de-conflict supervisors, control the tape.
We sequenced all notifications (US, EU, UK, and Asia prudential and market rules), logged acknowledgments, and captured director attestations. Disclosures followed a disciplined leak-confirm/deny-full disclosure ladder within 24–48 hours, synchronized with an IR deck and Q&A under safe harbors. Operational resilience dashboards (DORA mapping, cyber posture, branch/ATM, and data center redundancy) were activated. We established a cadence with regulators and rating agencies and began top-20 investor briefings from a single fact sheet, ensuring that filings, board communications, and investor dialogue remained consistent.

Day 4–30 — stabilize, remediate, and evidence.
Operational backlogs were cleared, sanctions rules were embedded into business-as-usual controls, and root-cause and lessons-learned analyses were closed. Liquidity and capital stress inputs were updated, and the LCR and NSFR were tracked at or above 130% and 115%, respectively, on a daily board dashboard for the first ten trading days. We linked remediation to audit actions and compensation risk modifiers, and we provided the board with an evidence pack containing a time-stamped action log, minutes, decisions, a disclosure trail, and legal attestations, as well as a regulator-ready one-truth file.

Weeks 2–3 — one public position, many channels.
A public-positioning audit aligned the following: CEO letters, earnings scripts, press releases, the website, CSR/ESG reports, testimonies, and filings. A speak/don’t-speak matrix (board versus management; CoSec/GC sign-offs) and a single disclosure ladder were used to eliminate contradictions. Investor relations and rating agency messaging were rehearsed to shift the narrative from “incident” to resilience KPIs by the next cycle.

Weeks 4–6 — from incident to structural geopolitics.
We developed a board-owned horizon scan and scenario planning program with a 12–24-month outlook covering potential geopolitical shocks, sanctions trajectories, export controls, data/cloud sovereignty, energy, cybersecurity, shipping, and capital controls. We quantified P&L, capital, and liquidity impacts by country, segment, and product. Early-warning indicators and scenario triggers were tied to pre-framed option sets (A/B/C)—including regulatory consequences, balance-sheet impact, personnel moves, and cloud/data-residency choices—so when lists changed, time to decision fell by ~30%.

Weeks 3–5 (approval ≤ Day-45) — governance & risk appetite reset.
We rewrote the decision-rights charter for geopolitical and sanctions events, delivering a new risk appetite model that includes country, sector, and counterparty limits; sanctions appetite; client acceptance (including SOEs and PEPs); and data and tech sovereignty thresholds. Triggers, such as list changes, capital control moves, and cyber severity, were hardwired into board gates with evidence requirements and an exceptions/kill register with sunset dates. We synced Audit & Comp so that breaches would have consequences and closures would be verified.

Results

Operating under the Geopolitical Board Resilience Operating System, the bank reestablished control within four hours. An incident special committee convened under counsel privilege, and an interim ISC decision-rights charter (v0.9) was adopted. This charter included non-delegable items, escalation ladders, and emergency powers, and it was fully ratified before close of business. A privileged bridge went live, and a material nonpublic information clean room and centralized sanctions desk became the single source of truth. Within eight hours of each sanctions release, the bank enforced OFAC/EU/OFSI measures with zero breach events and a complete attestation chain. Payments and custody stabilized within 24–48 hours (rejection rate <0.5%; digital and branch uptime ≥99.5%).

Between T+24 and T+72 hours, all supervisory and market notifications across the US, EU, UK, and Asia were filed on time, and there was no corrective correspondence. Disclosures followed a disciplined leak-confirm/deny-full disclosure ladder within 24–48 hours with no correction or clarification filings. Operational resilience dashboards (DORA mapping, cyber posture, branch status, and data center redundancy) were live, and a cadence with regulators and rating agencies was in place.

For the first ten trading days, a daily board dashboard tracked prudential buffers at LCR ≥ 130% and NSFR ≥ 115%. Material nonpublic information hygiene was maintained with complete clean-team logs and no cross-contamination incidents.

By weeks 2–3, the bank held one public position. CEO letters, earnings scripts, press releases, the website, CSR/ESG materials, testimony, and filings were coherent with no contradictions. Weekly rating agency briefings and top-20 investor updates were based on a single fact sheet. Investor dialogue normalized within one to two earnings cycles around resilience KPIs.

By weeks 3–6, the Risk Appetite model transformation was approved, quantitative limits were reset in 10 business days, and audit actions were initiated and monitored. A geopolitical scenario architecture with 100% coverage of material geographies and segments went live; triggers and early warning indicators were linked to pre-framed options, reducing the time to make decisions by ~30% on new list changes and yielding zero unlicensed exposures on subsequent sanctions rounds.

Finally, the board received a discovery-ready evidence pack containing a time-stamped action log, minutes, decisions, disclosure trail, and counsel attestations. Sanctions gating and exception/kill registers transitioned to business as usual, and the supervisor and rating agency cadence was maintained.

Why it Worked

Geopolitical board resilience operating system put time under board control: counsel-privileged ISC, non-delegable decisions, clear escalations—no drift into “management by audit.
Regulatory de-confliction by design: One timetable, one factsheet, one evidence trail—notifications sequenced across US/EU/UK/Asia with zero corrective correspondence.
Sanctions as an operating system: Rules → payments gating → exceptions/kill register → attestations delivered inside 8 hours of list changes, yielding zero breach events.
Public-view discipline that holds at speed: A rehearsed leak → confirm/deny → full-disclosure ladder in 24–48h kept filings, board voice, and investor Q&A perfectly aligned.
Resilience proven, not asserted: LCR/NSFR dashboards daily, service continuity 24–48h, MNPI hygiene intact, and a discovery-ready evidence pack—assurance the chair can rely on.
From incident to steerable geopolitics: A 12–24-month scenario architecture wired to new risk appetite model (triggers, limits, red lines) cut time-to-decision ~30% on new geopolitical shocks and made consequences explicit.