Looking ahead
The next 12–18 months will bring sharper and faster threats. AI-driven impersonation and misinformation will become more convincing, making it harder to separate fact from fabrication in real time. OSINT-to-exploit attacks will increasingly be automated, with public data feeding directly into targeting tools without human intervention. Regulatory scrutiny will expand, particularly in the US and UK, as family offices are treated more like financial institutions and subjected to tighter compliance expectations.
Geopolitical instability will continue to shape supply chains, asset security, and even physical safety in jurisdictions once considered stable. As Philip Mirande of Control Risks has cautioned, “A country where the family have assets for many years may not be stable in three to five years,” underscoring the need for horizon scanning and contingency planning.
The risk landscape will also be shaped by the growing use of drones for both surveillance and disruption, and by increasingly aggressive use of litigation — often funded by third parties — as a reputational attack vector. Global intelligence providers such as Crisis24 are already tracking how geopolitical, cyber, and reputational risks converge at greater speed than families anticipate, helping offices move from reactive awareness to proactive readiness.
Michael Macfarlane sums it up: “The real battleground is no longer the courtroom, but the online world — where narratives can take hold before the facts do.” In practice, risk readiness must become a core investment, integrating governance, intelligence, and narrative control into a unified strategy.
You don’t need to do everything. But you do need to do something. The families who lead in 2025 will not be the ones with the most tools, but those with the clearest priorities, the most rehearsed teams, and the courage to close the gap between trust and readiness.
..
See below some key FAQs.