Roach Resilience

Geopolitical scenario intelligence for Dutch financial institutions. Nine specialised AI agents model how compound shocks propagate through an institution's specific dependency network, producing probabilistic, decision-ready resilience assessments aligned with DORA and DNB expectations.

The intelligence gap

Dutch financial institutions operate in a threat environment that has fundamentally changed. Geopolitical shocks no longer arrive in isolation. They cascade. An energy supply disruption ripples into outsourced IT service continuity. A sovereign debt crisis amplifies funding cost pressures. A coordinated cyber campaign targets payment infrastructure precisely when other defences are stretched.

Yet the tools most institutions use to assess resilience have not kept pace. Annual scenario exercises, static risk registers, and siloed IT continuity plans were designed for a slower, more predictable world. They were not built for compound shocks, probabilistic transmission paths, or the analytical depth that modern geopolitical complexity demands.

DORA, now in force across the EU, has elevated operational resilience from a technical IT matter to a board-level strategic obligation. But institutions reading DORA as a compliance checklist are missing its deeper signal: regulators have acknowledged that the threat environment is dynamic, adversarial, and interconnected. DORA is not a ceiling. It is a floor.

Roach closes this gap through causal scenario intelligence. Rather than correlating historical data or running deterministic stress tests, it maps the actual transmission mechanisms through which external shocks propagate to an institution's internal resilience dimensions. It then simulates thousands of compound scenarios to produce probabilistic, decision-ready outputs.

Causal, not correlational

Most risk models work by identifying statistical correlations between adverse events and outcomes. This approach breaks down precisely in the stress scenarios where it matters most. A causal approach asks a different question: through what mechanism would shock A propagate to outcome B, and how strong and fast is that transmission?

A Middle East escalation does not directly affect a Dutch bank's IT continuity. It affects LNG prices, which affect energy costs in India, which affect operating margins of outsourced IT vendors, which affects service quality. That cascades further into core banking systems, SWIFT connectivity, and payment processing. Each link in this chain has a named mechanism, a transmission strength, and a time lag. Modelling the chain rather than the correlation produces insights that are both more accurate and more actionable.

Probabilistic, not binary

Risk matrices express uncertainty as categories: high, medium, low. Stress tests ask whether the institution survives a specified adverse scenario. Both approaches suppress the distributional information that matters most for decision-making. The question is not whether the institution survives a single point estimate. It is what the full distribution of outcomes looks like, and where the critical threshold probabilities sit.

Monte Carlo simulation, applied to a causal graph with probabilistically specified transmission paths, produces exactly this. Thousands of iterations sample from probability distributions on each path, producing fan charts, threshold breach probabilities, and sensitivity analysis showing which external factors drive the most outcome variance. The tail risks, those events beyond the 95th percentile that no deterministic stress test models, are where institutions are most vulnerable and least prepared.

Multi-perspective, with structured disagreement

Single-analyst assessments, however expert, are systematically vulnerable to blind spots. The geopolitical analyst underweights the cyber transmission path. The cyber specialist underestimates the macroeconomic amplification. The regulatory expert misses the supply chain dimension. These are not failures of individual competence. They are structural consequences of analytical specialisation.

Roach subjects each scenario to assessment by eight specialised agents operating in full isolation: geopolitical and conflict, macroeconomic and monetary policy, supply chain and outsourcing, cyber threat, regulatory compliance, financial contagion, adversarial red team, and AI developments risk. Each agent names its reasoning explicitly. Disagreements surface naturally, and those disagreements reveal genuine uncertainty that consensus-seeking processes would suppress.

Continuous intelligence, not annual review

A scenario exercise conducted in February and reviewed in November cannot inform decision-making in May when the geopolitical environment has shifted materially. The intelligence cycle of conventional tooling is simply too slow for the threat environment.

Roach's scenario engine processes events continuously. Each new data point (an ECB rate decision, a vendor bankruptcy, a regulatory enforcement action, a cyber incident) feeds into the causal graph and shifts predicted threshold breach timelines in real time. An outsourcing relationship that has experienced zero incidents in ten years carries different evidence than one that experienced a two-day disruption last quarter. The model updates, and the decision-maker sees the shift before the cascade begins.

Disagreement as signal

When a Financial Contagion agent assesses liquidity stress at 78% and a Macroeconomic agent assesses it at 42%, most systems would average to 60%, destroying the signal entirely. The contagion analyst sees a sovereign-bank nexus creating a correlation spiral. The monetary policy analyst sees an ECB backstop that capped contagion within 72 hours in the Draghi precedent. Both are reasoning correctly from their frameworks. The 36-point spread is the most valuable output the system produces.

In Deep Mode, agents operate in parallel with no access to each other's outputs, following the SGEPT Lab's agent isolation architecture applied to financial resilience. An adversarial Red Team agent then challenges both positions, probing for the assumptions neither side examined. The debate, not the average, is what reaches the decision-maker.

What eight experts missed

Specialist expertise creates blind spots. Eight domain experts each see their piece clearly, but nobody sees the pattern across all pieces. The Peripheral Scanner, a ninth meta-agent using Ansoff's weak signal detection, reviews all eight outputs simultaneously and searches for four specific types of intelligence that individual experts structurally cannot detect.

Uncited evidence that no agent referenced despite clear relevance. Cross-domain convergence where individually low-probability risks compound into significant exposure. Framework blind spots where no agent's analytical toolkit covers a plausible scenario. And temporal clusters where independent risks converge on the same window, creating compounding pressure on the same teams and systems.

Entity-specific, not generic

A bank with 35% of IT outsourced to vendors in India, significant EUR bond portfolio exposure, SWIFT dependency for international payments, and domestic reliance on Equens/Worldline faces a materially different compound shock profile than one with fully insourced IT and primarily cash-based retail operations. Roach is configured to the actual entity: its outsourcing geography, payment infrastructure dependencies, technology stack, energy exposure, and regulatory obligations. The causal graph is not a generic template. It is a model of this institution's specific vulnerability network.

Every parameter in the model carries a source tag (expert elicitation, document extraction, historical incident, agent assessment, or literature prior) with a confidence classification and review date. When a DNB examiner asks why a transmission strength is 0.65, the answer traces to a specific register entry, a specific contract, a specific incident. That is what transforms a model parameter from an inference into evidence.

The cockroach has survived five mass extinction events. Not because it is the strongest organism on earth, but because it is the most adaptive. That is the model for operational resilience in the current era. Not fortification. Intelligence.