Buyers guide: 8 tips for effective risk management

LESLEY FORD IS BOTH AN EXPERIENCED TRAVEL BUYER and co-founder of travel and expense consultancy 3Sixty Global. She works mainly with multinational companies on travel risk, implementing expense systems, consolidation and programme optimisation. Her background covers work in the City (banking), travel management companies (TMCs) and procurement for corporations in varying sectors, providing a good base for many of the projects she handles now.

“Due diligence, risk management and duty-of-care overlap and, over the last two years, we have been working with many big corporates who are looking at it, especially with regard to travel risk management [TRM],” says Ford. “An employer has to be able to demonstrate there are protocols in place to cover duty-of-care, both legally and morally, across the board, and that includes business travel. To do that, protocols must be documented and auditable. We have done three due diligence assessments in the last four months, which shows how it is moving up the agenda, and that is due to the increase in terrorist activity.”

1. COMPANIES NEED TO BE ABLE TO PROVE that they have pro­cesses in place to support travellers, and this no longer just applies to people travelling to high risk areas – it encompasses anybody that travels, and not just internationally but domesti­cally, too. A lot of large companies have strict protocols in place surrounding entering their factories or working on their sites, but when it comes to travel, they do very little.

2. RISK ASSESSMENT INCLUDES CRISIS MANAGEMENT – employ­ers need to be able to provide crisis support. This usually comes in the form of an emergency number and most companies use either their insur­ance providers, or third parties such as International SOS or Anvil.

3. IT IS ESSENTIAL THAT COMPANIES AND RELEVANT SUPPLIERS are to be able to contact travellers, either en mass or individually. Traveller tracking is not enough – that often says what the traveller is scheduled to do but that does not mean they have done it. Data protection regulations may make it difficult for organisations to ask for personal details – personal and business mobile number, location, next of kin – but if employers explain to travellers it is for their own protec­tion and ask them to keep their profiles up-to-date, they will see the point. And ensure people book through authorised channels – open booking is a high risk if the data is not captured – again, explain why.

4. WHEN WE DO ASSESSMENTS, WE INTERVIEW PEOPLE at all levels – travel bookers, travellers, management and so on – to see what their view is. Most of those who feel that none of this applies to them are senior management, who think, if anything happens, they are capable of sorting things out themselves. The volcanic ash cloud crisis of 2010 illustrates that is not the case – it almost brought the world to a standstill.

5. OFTEN, WHEN I ASK BOOKERS AND TRAVELLERS about risk assess­ment, they have never seen one. The process has to be joined up. Security is usually in charge of risk management, but they don’t always communicate with travellers to advise them of decisions that have been made, and nothing has been written down. A holistic approach should involve security, health and safety, occupational health, HR and travel – travel manager and TMC – so that policies are decided, documented and communicated.

6. COMMUNICATION IS THE HARDEST THING, because if people receive too many communications they stop reading them. Some companies brand their TRM programme separately, such as ‘Travel Safely with xxx…’, so when travellers receive something branded like that they know it is important and they should read it.

7. GETTING TRAVELLERS TO SIGN UP TO THESE THINGS is more common in the US than here. One oil company I was working with asked all travellers who were going to areas that required vaccinations to sign a confirmation that they’d received them. This is sometimes referred to as ‘duty-of-loyalty’. It is a really important part of due diligence and risk management, but most of the companies I have spoken to do not have a process for ensuring employees have been inoculated or are taking malaria tablets. They think that’s up to the individual, but it’s the company’s duty-of-care. I do think travellers should be responsible for themselves – we don’t all want to be nannied – but if someone is travelling on business for your company, you are responsible for making sure their health is looked after.

8. A LOT OF COMPANIES OVERLOOK OCCUPATIONAL HEALTH assess­ments as well. Employees may use medication that is legal and available in the UK, but it may be banned or unavailable in the country they are visit­ing, and they may not be allowed to take it when there. And regarding LGBT issues, how to ‘behave’ also has to be addressed because not all countries have the broader tolerance of Western Europe. All these things need to be tied up in the process.

Sign up to BBT’s twice-weekly newsletter

Subscribe to the BBT Newsletter

Join the Buying Business Travel newsletter for the latest business travel news.

Thank you for signing up!