Executive Protection for Family Office Principals: The Discretion Gap No Policy Covers
By Kenneth Wilson, CPO, EPS, PPS · Wilson Global Protection Group
The principal is traveling to Lagos for a private investment site visit. The hotel is a five-star property. The driver was arranged by the local contact. The meetings are confirmed. From a logistics standpoint, the itinerary looks complete — and the family office director who assembled it has every reason to believe the trip is well-organized. What’s missing doesn’t show up on the travel document: no vetted protection provider, no written risk assessment for the operating environment, no escalation protocol if something goes sideways between the airport and the hotel. The trip proceeds. Most of the time, nothing happens. But when something does happen, the liability question doesn’t go to the principal’s attorney. It doesn’t go to the CFO. It goes to the person who signed off on the itinerary.
This is the accountability gap that no family office job description formally covers — and it’s the gap that creates real personal exposure for the directors and managing directors who coordinate principal travel, manage service providers, and operate as the functional center of gravity for everything the principal needs.
The accountability gap no job description covers
The family office model is built on consolidated trust. The principal delegates everything — investment oversight, legal coordination, estate management, household operations, travel, philanthropy — to a director or small senior team that is expected to handle it all with institutional competence and total discretion. That model works extremely well for most of what family offices do. Where it breaks down is physical security.
Security doesn’t arrive at the family office with a framework attached. There is no internal security department to hand it off to, no corporate security director who owns the function, no institutional procurement process for vetted providers. Physical risk management gets absorbed into the director’s stack alongside everything else — not because the director is a security professional, but because the director is the person who handles things. The result is that physical risk decisions get made the same way logistics decisions get made: based on familiarity, referrals, and the absence of a formal framework.
When an incident occurs, the accountability question is not ambiguous. Courts, insurance adjusters, and the principal’s own advisors will trace the chain of coordination and find the person who arranged the trip, selected the driver, chose the hotel, and sent the itinerary. That person is typically the family office director. The absence of a documented security framework is not a defense in that context — it is the problem.
Why standard travel insurance isn’t the answer
Most family offices have some combination of travel insurance, medical evacuation coverage, and kidnap-and-ransom policies in place. These are reasonable products, and they should be part of any risk management program. But they share a fundamental characteristic: they pay after the incident. They are reactive instruments in an environment where the goal is prevention.
The executive protection services layer is different in kind, not just degree. EP is the threat assessment before the trip that identifies whether the operating environment is stable, which areas carry elevated risk, and whether the planned logistics actually hold up under scrutiny. It is the vetted driver with a documented background, not the hotel concierge recommendation. It is the route plan that avoids the predictable chokepoints. It is the communications protocol that specifies who gets contacted, in what order, and with what authority if the principal becomes unreachable. None of this is captured by an insurance policy, and none of it can be improvised after the fact.
A family office that relies on insurance coverage in place of operational security preparation has made a category error. The insurance responds to the outcome. Executive protection is the work that changes the probability of the outcome occurring in the first place.
Three scenarios where family offices are most exposed
Across family office engagements, three situations produce the most consistent and predictable exposure. They are not exotic threat environments — they are the ordinary circumstances of how principals live and operate.
The first is international principal travel to emerging markets. Site visits to Sub-Saharan Africa, Southeast Asia, Eastern Europe, and Latin America for deal-related purposes are increasingly common among principals with diversified investment portfolios. The logistics in these environments are typically managed through local contacts with no formal vetting, no security screening, and no documented relationship with a protection provider. The family office arranges the flights and accommodations; the local partner handles the ground. That division of responsibility is where the accountability gap opens widest. If anything goes wrong between the airport and the meeting, the family office has no documented protocol and no named responsible party.
The second is high-profile life events: estate sales, private auctions, philanthropic galas, destination weddings, and similar occasions where the principal’s movements and schedule are known in advance to a wide audience. These events are not unusual — they are a standard feature of how ultra-high-net-worth families live. But they share a characteristic that creates security exposure: the principal’s presence at a specific time and location is predictable, and the guest list is large enough that pre-screening is impractical. Most family offices have no protocol for these events beyond the standard event coordination process.
The third is domestic sensitive situations: contentious estate disputes, highly public family profiles, and security concerns that the principal has mentioned informally but hasn’t wanted escalated through formal legal or family channels. These situations are handled with particular delicacy in the family office context because discretion is the institutional value. The risk is that the concern gets managed as a relationship matter rather than a security matter — and the escalation protocol that should exist doesn’t get documented until after an incident makes the absence visible.
What a proper program looks like for a family office
A family office does not need a security department. It needs a documented, defensible framework that the director can point to — and activate — when the situation requires it.
That framework has three components. The first is a written threat and vulnerability assessment scoped to the principal’s actual travel patterns, lifestyle, and operational footprint. Not a generic risk category report — a document that reflects how this principal actually moves, where the exposure points are in their specific schedule, and what the threat environment looks like for someone at their level of wealth visibility. This assessment is the foundation. Without it, the family office is making security decisions without a map.
The second component is a vetted close protection provider that the family office can activate on a retainer or on-call basis. Not a referral from a prior client and not a search conducted under time pressure before a specific trip — a relationship established in advance with a provider whose credentials, methodology, and discretion standards have been evaluated before they are needed. The value of this relationship is not just operational competence. It is the ability of the director to document, in any subsequent review, that a qualified provider was identified and available.
The third component is an escalation protocol embedded in the director’s standard operating procedures — a written document that specifies under what circumstances security support is deployed, who makes that determination, and what the chain of communication looks like. This is not complicated to produce, but it has to exist before it is needed. A verbal understanding that “we can call someone” if an issue arises is not a protocol. It is the absence of one.
Kenneth Wilson’s role in a family office context
The way I work with family offices is not as a security vendor. It is as a practitioner-level resource who functions as the operational EP layer the office doesn’t have on staff. Credentials: CPO, EPS, PPS, SPI, CPS. The engagement is structured to sit alongside the advisors the family office already has in place — legal, financial, estate management — without creating a new coordination burden or a visible security presence the principal hasn’t asked for.
Depending on what the assessment reveals, the engagement can take several forms. I can produce the written TVA that gives the director a documented security baseline. I can field a close protection detail for a specific trip or event. Or I can serve as the named on-call resource in the escalation protocol — the person the director contacts when a situation requires a security assessment or operational response, with an established relationship already in place. These are not mutually exclusive, and most long-term family office relationships involve all three over time.
The emphasis on working alongside existing advisors is deliberate. Family offices function on trust networks, and the introduction of a new service provider has to fit within that structure rather than disrupt it. The goal is a security framework that the director can defend, the principal doesn’t have to think about, and the existing advisory team doesn’t have to coordinate around.
Next Step
$500 Threat Environment Review
Before the next international trip. Before the next high-exposure event. Before the question of “who was supposed to think of this” gets asked. A structured 60-minute assessment of the principal’s threat environment, current security posture, and the gaps in the existing framework — with Kenneth Wilson. This is how the family office director gets a documented baseline.
Book the $500 Threat Environment ReviewKenneth Wilson · CPO · EPS · PPS · SPI · CPS · New York