Iran War: A Geopolitical Shock is the Operating Model Test Most Firms Underestimated

Before I turn to the professional analysis in this article, I want to be honest about the context. The conflict that began on 28 February 2026 has cost thousands of lives. But its consequences have reached into the daily lives of people far beyond the conflict zone. Fuel rationing has returned to parts of Europe for the first time in decades. Flights are being cancelled or diverted. Families are making choices at the petrol station and the supermarket that they were not making six weeks ago. Energy bills are rising faster than wages can absorb. Mortgage holders are opening letters with numbers they did not budget for. The anxiety is not abstract — it is felt by people who have nothing to do with geopolitics but are living its consequences every day. Financial services firms did not cause any of this. But they are part of the infrastructure through which people experience it — in their claims, their savings, their loans, their retirement portfolios. That is why the operating model question matters here: not to reduce a human crisis to a management problem, but to ask whether the institutions people depend on are genuinely equipped to serve them through it.

With that said, the events since February have become the most significant test of UK financial services operating models since COVID. And unlike COVID, firms had less warning, less precedent, and — in many cases — resilience frameworks that were not designed for this type of shock.

To be precise about what I mean: large reinsurers, specialist insurers, and the Bank of England all have geopolitical scenario libraries. Post-Ukraine in 2022, many firms updated their thinking on energy price risk. Geopolitical risk was not absent from the risk lexicon. The specific gap is narrower and more important: most firms’ Important Business Service resilience plans were not designed for a correlated, multi-speed, externally-driven shock that hits customer vulnerability, claims volumes, investment portfolios, and operational capacity simultaneously — without any single operational component of the firm failing.

That distinction — between ‘we thought about geopolitical risk’ and ‘we designed our IBS plans for it’ — is where the real work needs to happen.

Two Frameworks. One Crisis. An Important Distinction.

Before going further, it is worth being precise about the regulatory terrain, because this crisis is activating two different frameworks simultaneously and conflating them creates confusion.

The first is financial stability — the Bank of England’s domain. The BoE has formally flagged the conflict as a material threat to UK financial stability. This covers firms’ capital positions, credit quality, market exposures, and the macro transmission of energy price inflation into household and corporate balance sheets. The repricing of two-year fixed mortgages by 80 basis points, the withdrawal of 21% of available mortgage products, the OECD’s revised UK inflation forecast of 4%, and the 1.3 million households now facing higher mortgage costs — these are financial stability concerns.

The second is operational resilience — the FCA and PRA’s domain under PS21/3. This asks a different question: can the firm continue to deliver its Important Business Services within its pre-agreed impact tolerances? A firm’s investment portfolio falling does not automatically mean its payments service or claims handling IBS has been disrupted.

Both frameworks matter. But the more searching question — and the one most relevant to operating model design — is this: was the operational resilience framework actually built for a scenario where financial stability stress and demand spikes arrive together, sustained, from outside the firm’s direct perimeter? For most firms, the honest answer is: not fully.

PS21/3 is deliberately non-prescriptive. It does not give firms a checklist of five scenarios to test. It asks for ‘severe but plausible’ disruptions of the firm’s own choosing. The unintended consequence is that many firms defaulted to an acute, operationally-focused mental model — a cyber attack, a data centre outage, a supplier failure. Not a sustained macro shock that reshapes the environment the firm operates in.

What the Shock is Revealing by Sector

The impacts are live and evidenced. Here is what the shock is exposing across the three sectors.

Four Operating Model Failure Patterns Being Exposed

Across all three sectors, the same structural weaknesses are surfacing. They are fixable — but only if named precisely.

IBS scenario design defaulted to single-cause, acute events. The PS21/3 framework is intentionally non-prescriptive. That is a strength — it prevents firms from gaming a checklist. But the unintended consequence is visible now: firms gravitating toward the scenarios they could model most easily. An IT outage has a start, a duration, and a recovery. A geopolitical shock that takes five weeks to fully transmit into mortgage books and claims pipelines does not. The gap is not that firms ignored geopolitical risk at the enterprise level. It is that their IBS-level plans were not stress-tested against a scenario where the operating environment itself deteriorates for months, rather than recovering within a defined window.

Third-party risk assessments captured direct exposure, not indirect transmission. Standard third-party risk frameworks ask whether a supplier has operations in a conflict zone. They rarely ask: how does a 50% rise in energy costs affect this supplier’s cost base, pricing, and SLA performance? The answer is beginning to emerge. Data centres, logistics providers, and facilities management suppliers with no Iran footprint whatsoever are facing rising input costs that flow directly into their service model. This indirect geopolitical transmission was not in most third-party risk assessments. It should be in the next ones.

Consumer Duty obligations scale with vulnerability — but the infrastructure to respond does not. The FCA’s Consumer Duty requires firms to deliver good outcomes for customers, with heightened care for vulnerable customers. The challenge is operational: identifying which customers are now vulnerable, communicating with them appropriately, and adjusting product and service delivery — at scale, quickly. Most firms have Customer Vulnerability Frameworks built for case-by-case identification. A macro shock that makes 1.3 million mortgage holders financially vulnerable in five weeks is not a case-by-case problem. It is an operating model problem — and most firms’ frameworks were not designed for it at that scale.

Governance speed is being tested and found wanting in too many places. Firms that had embedded decision rights into their operating model — who can approve a product withdrawal, who communicates to clients in a market move, what the escalation path is for an unusual claims pattern — have moved quickly. Firms where governance still requires a formal committee paper and five sign-offs have been slow. The Christmas Operating Model Test I wrote about in December described this pattern in the context of peak season. Geopolitical shock compresses the timeline further and removes the luxury of a predictable calendar. The outcome is the same: organisations designed for rigour without pace pay the cost in slow decisions at the worst possible moment.

What to Do in the Next 30 Days

This article is published in April 2026. The shock is live, not historical. A post-mortem framing is premature. Here is the practical work for each sector right now.

For insurers

• Conduct an immediate BI trigger audit across your marine, aviation, energy and political violence books. War exclusion language and contingent BI triggers are under active legal dispute. Know your exposure before you receive the claims, not after.
• Convene a multi-line stress scenario review. Your claims handling IBS was almost certainly calibrated one line at a time. Run a cross-line capacity model: what happens to your handling capacity if marine, aviation and energy claims all spike in the same quarter?
• Review your war risk reinsurance coverage. Several cedants have discovered capacity gaps only after primary insurers withdrew. The time to find those gaps is now.

For banks

• Segment your mortgage book by vulnerability exposure immediately: those on trackers or facing fixed-rate resets in the next six months. This is the cohort Consumer Duty requires proactive engagement with — not reactive case management.
• Review the scalability of your customer communication infrastructure. Bulk personalised outreach at the scale this situation requires is an operational capability, not just a marketing one. If you cannot send a meaningful, individually-relevant message to 50,000 customers in 48 hours, that is a gap to address this month.
• Brief your Board Risk Committee on the indirect geopolitical transmission in your credit book. Rising energy costs are a lagging indicator of SME and household stress. The credit quality deterioration is coming. The question is whether your early warning indicators are calibrated to see it.

For wealth managers

• Pre-approve standard rebalancing playbooks for defined market scenarios so advisers can act without individual sign-off for routine responses. The fiduciary obligation to act in clients’ best interests cannot be discharged if the approval process takes longer than the market move.
• Prioritise client contact by vulnerability, not by AUM. The clients most likely to make value-destructive decisions — panic selling, inappropriate defensive repositioning — are not always your largest. Segment by behavioural risk, not just portfolio size.
• Review your safe-haven assumptions with clients explicitly. Standard bond/equity correlation assumptions did not hold in the opening weeks of this shock. Clients whose portfolios were constructed on those assumptions deserve an honest conversation about what that means for their risk profile.

What to Build for the Next Shock

The three structural changes that would make UK financial services operating models genuinely more resilient to this class of event are more specific than ‘update your scenario library.’

For insurers — design IBS scenarios for multi-line correlated stress. Model what happens when three or four lines face simultaneous volume pressure. Calibrate your claims handling impact tolerance against that scenario, not just a single-line outage. The scenario does not need to name Iran specifically. It needs to be honest about the transmission mechanisms: geopolitical event → capacity withdrawal → correlated claims → reinsurance pressure → handling strain.

For banks — build a portfolio-level vulnerability response capability. Consumer Duty was written for individual customer outcomes. The operating model infrastructure to deliver it needs to work at portfolio scale when a macro shock expands the vulnerable cohort rapidly. That means automated segmentation, scalable communications, and pre-defined product and service responses — not just a case management framework.

For wealth managers — pre-design your surge capacity model. Advice businesses are capacity-constrained by their adviser headcount. A correlated client anxiety event will always outrun that capacity in the short term. Pre-design the triage: which client cohorts get proactive outreach, which get self-serve digital tools, which get adviser time. That design decision should be made in a planning cycle, not during a crisis.

Where Business Architecture Earns Its Place Here

The practical reason Business Architecture matters in this conversation is specific, not general.

The capability model tells you where your handling capacity lives across each IBS and at what level it is currently resourced. When a correlated shock spikes demand across multiple value streams simultaneously, that is where you see the capacity constraint first — not in a financial model, but in the capability map.

The value stream model shows you the exact hand-off points where multi-line demand spikes create gridlock. In a single-line stress, the constraint is usually predictable. In a correlated shock, constraints appear simultaneously at different stages of different value streams, often because shared capabilities — fraud triage, compliance review, customer contact — serve multiple streams at once.

The scenario library, properly maintained as a living business architecture artefact rather than an annual compliance exercise, is the instrument that prevents the next scenario set from defaulting to the acute, single-cause mental model. It should be owned by the Business Architect alongside the Risk function, not produced for them by them.

None of this requires the organisation to predict the next geopolitical event. It requires the organisation to have a map of itself that is honest enough to answer one question: if the environment becomes hostile for six months, which of our Important Business Services will hold, and which will not?

The transition period for operational resilience ended a year ago. Firms are now expected to be resilient, not just compliant. The Iran war is the first sustained test of that expectation — and it is a test designed by neither regulator nor firm.

The practical challenge I leave with every CRO, COO and Chief Architect reading this: open your IBS documentation and ask whether your most demanding scenario includes a sustained, correlated, externally-driven stress that simultaneously hits customer vulnerability, revenue, and operational capacity. Then ask who owns the answer to that question as a standing governance responsibility, not just a programme deliverable.

If you cannot name that person, you have a design gap. And design gaps are the ones we can actually fix.