The Family Office Needs a Publication Doctrine

A family office needs explicit rules for biographies, photographs, appointments, portfolio news, events and third-party mentions.

The answer

A family office publishes more than it thinks. It publishes through portfolio websites, foundation reports, event pages, recruitment advertisements, adviser biographies, property filings, guest photographs and the posts of people who work nearby.

A family office publishes more than it thinks. It publishes through portfolio websites, foundation reports, event pages, recruitment advertisements, adviser biographies, property filings, guest photographs and the posts of people who work nearby.

Without a doctrine, every release becomes a local judgement. Local judgements accumulate into an intelligence picture.

1. Define the protected outcomes

Do not begin with channels. Begin with consequences. The doctrine should protect physical safety, negotiating position, family boundaries, transaction confidentiality, authority structures and recovery routes. A fact is sensitive because of what it enables, not because it feels personal.

2. Create four publication classes

- Public by design: approved facts intended for broad, durable distribution.

- Public with conditions: facts that require timing, jurisdiction or audience controls.

- Private operational: information shared only to perform a defined task.

- Restricted: information whose publication would create a material safety, authority or legal consequence.

3. Assign release authority

The person who creates content should not automatically approve it. Name release owners for family identity, investments, philanthropy, employment, property and incidents. Give them a fast escalation path; otherwise the organisation will bypass the doctrine when speed matters.

4. Govern combinations

Review the package, not only each fact. A name, city and photograph may each be approved while their combination reveals a residence. A portfolio announcement and a job advertisement may expose an integration plan. The reviewer must ask what a capable outsider can infer from the full release plus existing public material.

5. Control third parties

Contracts and instructions should cover naming, imagery, tagging, event listings, case studies, subcontractors, retention and removal. “Please be discreet” is not a control. A vendor needs a defined boundary and a named approval route.

6. Build an expiry mechanism

Publication decisions should expire. Review biographies, event pages, adviser lists and downloadable documents on a schedule. Remove stale material that no longer serves a purpose but still reveals relationships or routines.

The doctrine on one page

For each proposed publication, capture: business purpose, audience, exact facts, combined inference, release owner, permitted date, expiry date and removal contact. Add one final question: would we still publish this if a hostile analyst connected it to everything already public?

A publication doctrine is not a ban on visibility. It is how a private organisation becomes visible on purpose.

Sources

  1. Swiss FDPIC — Data securitySwiss FDPIC

    Primary authority

  2. Swiss NCSC — Social engineeringSwiss NCSC

    Primary authority

Jonathan P. De CollibusFounding Partner, Svperior / Cyber

Ross Belhomme

Ross leads Legal within Svperior GmbH. His work draws on more than two decades across international fiduciary, wealth-structuring, and private-client environments, combining legal, financial, and technical judgment around governance, privacy, assets, authority, and cross-border operating conditions.

Legal strategy / Governance / Private-client structuring / Digital assets

Need to apply this to a specific situation?

Send us the initial context. If the matter fits, we will respond directly.

Send private inquiry