Financial firms face geopolitical, sanctions, third-party and market shocks that rarely show up in a cyber script. Force Majeure exercises those on your real footprint, on the cadence supervisors now expect, and writes the result up for the board.
A bank or insurer carries exposures a standard tabletop barely touches: sanctions regime changes that strand a counterparty overnight, concentration in a handful of critical ICT and cloud providers, a host-country political shift that freezes a lending book, a market or liquidity shock that lands at the same time as a reputational event. Each one tests decision-making under pressure across functions, and each one is exactly the kind of scenario regulators now ask financial entities to rehearse.
Scenarios are built against your trading and lending geographies, your critical third parties and ICT concentrations, not a generic outage drill.
Refresh the scenario set at low marginal cost as sanctions, markets and counterparty exposures move through the year.
Every exercise is scored on a published rubric and written up as a board-ready after-action report you can put in front of supervisors.
The Digital Operational Resilience Act now puts scenario-based testing in force for EU financial entities, requiring firms to test their ability to withstand severe but plausible disruption. In the UK, the FCA and PRA operational-resilience regime requires firms to identify important business services, set impact tolerances and test their ability to remain within them. NIS2 adds management-body duties and accountability for resilience across critical operators. Force Majeure runs as an operational-resilience exercise mapped to whichever of these your firm answers to, and the judgment inside it was pressure-tested in the hardest markets on earth, calibrated to a 2021 Harvard Business Review study by the authors that found community-embedded firms were about three times more likely to stay profitable and nine times more likely to survive a crisis.
We are glad to map the exercise against your existing resilience and testing programme.
See the enterprise briefing →The exercise is designed to support DORA scenario-based testing for EU financial entities and impact-tolerance testing under the UK FCA and PRA operational-resilience regime. We map each exercise to the framework your committee reports against, so the after-action record sits alongside your wider resilience evidence. We do not replace a mandated threat-led penetration test.
Yes. A short discovery captures your trading and lending geographies, your critical third parties and ICT concentrations, and the scenarios your board worries about. Those become a scenario set generated against your real footprint and refreshed each quarter as sanctions, markets and counterparty exposures move.
A facilitated exercise on your footprint, scored on a published rubric, and a board-ready after-action report on the cadence regulators now expect. The report documents decisions, gaps and follow-up actions in a form your risk committee and supervisors can use.
See the full FAQ, or the wider case for geopolitical risk training and board crisis readiness.
Tell us your markets, counterparties and the resilience regime you report against. We reply with a scoped brief.
Tell us your sector, footprint, and objective.
Thanks, your request is on its way to the Force Majeure team and we will be in touch shortly. If you would rather email us directly, use this link.