Travelers within the US often suffer from a false sense of security, thinking that dangerous events only happen “out there.” But tragically, disastrous events such as 9-11, the San Bernadino rampage, or the crimes in Orlando and Charleston, SC, clearly show that geography is no protection from acts of violence.
A proper travel risk management strategy can reveal the risks in travel and give your employee a more grounded sense of awareness; it can also clearly define threats – both to health and security – and also ensure your company is prepared to intervene on behalf of employees if necessary.
Nonetheless, many travel managers grapple with putting together a travel risk management policy that is broad, inclusive and cost-effective. What are the elements to consider when designing a risk management program for travelers in-country?
A Duty of Care Framework
According to the Global Business Travel Association, “US business travel volume growth will increase slightly in the first quarter of 2016 – growing 1.8 percent on a year-over-year basis due to a number of domestic and international factors that are causing global uncertainty and corporate caution.” These considerations include the US presidential election, terrorist attacks in places like Brussels and Istanbul, and Brexit.
In today’s unpredictable world, corporations must re-assess the lens through which they manage domestic risk policy. Nowadays, many corporations conceptualize business risk within a Duty of Care framework. Duty of Care is loosely defined as the “moral and legal obligation of a company to mitigate risks for their traveling employees.” Increasingly, we see that employers who fail to meet their duty of care obligations run the risk of money-draining lawsuits or even having criminal charges filed against them.
How does Duty of Care work? Let’s say that following an unpopular verdict in a criminal trial in one major US city, riots break out and your employee is stuck in them. First, it is your company’s Duty of Care to have provided the employee with information regarding the security status of that city prior to departure. Second, if the employee faces an imminent threat and must be extracted, the company should provide a reasonable way to do so. Third, if the employee is harmed, he or she could potentially sue the employer for not providing adequate means of protection.
So the first step in protecting employees before they travel (and therefore meet Duty of Care) is to provide an in-depth risk analysis, either via written briefings or during a live training. These briefings may be offered by a company’s human resources, legal or risk management department.
A live training gives the traveler the additional opportunity to ask questions and express any anxieties or concerns prior to travel. Topics covered can include travel logistics, hotel or meeting sites, security, severe weather and medical threats, and emergency contact information such as phone numbers of nearby hospitals, pharmacies and local first responders.
In some cases, employers can go beyond briefings/trainings and educate employees on the company’s emergency protocols through well-rehearsed crisis response exercises. As a sign of the times, for example, some companies now teach business travelers how to respond in an active shooter scenario, which some experts increasingly view as a growing threat for domestic travel.
Current Lapses and Holes
But there’s more to travel risk management (TRM) than briefings and trainings. “A major issue that domestic risk management travel managers face is that many companies do not track their domestic travelers due to added cost,” explains Bruce McIndoe, CEO of iJET International, a leading risk management company headquartered in Annapolis MD.
“For most US companies, domestic travel is the majority of their travel volume,” McIndoe explains. “As we know, issues and incidents can occur in the US too, such as the Boston Marathon bombing, Hurricane Sandy or even an incident like Flight 1549 that landed in the Hudson River in 2009 in New York City. Programs should be tracking all travelers and supporting all personnel in the area.”
McIndoe cautions, “Simply, if you don’t know where your people are going ahead of time, you don’t have a risk management program; you have an incident response program. It is only about $1 or more per trip to invest in a proactive risk management program.”
Another lapse in current domestic risk management programs is the lack of a communication capability in which all personnel are looped in. “When there may be a threat in a given area or a major incident, all your people may be impacted,” McIndoe continues. “While most companies are already pushing out messages to travelers, alerts should be pushed out to all staff in the area. For example, if there is a strike or a transportation threat, your local staff in the city should know about it too. It is wrong to assume that locals know everything on the ground and only the newcomers need information. In reality, information sharing helps everyone.”
Most importantly, travelers must remember that every major city has safety and security concerns. “Employees should be educated on areas of the city that should be avoided, especially at night. They should know the areas for pickpocketing or other criminal activity, whether to use or avoid public transit and where to go for medical or safety help,” McIndoe advises. “This awareness comes via having the right kind of intelligence, preferably in the palm of your hand.”
The traveler’s length of stay may also impact the risk management strategy suggests Steve Cocco, president of Security Strategies Today, a consultancy based in Phoenix, AZ, which specializes in critical infrastructure protection, crisis management, risk assessment and threat mitigation.
“Companies sending their employees to any city for an extended period of time may choose to make contact with local law enforcement in that city,” Cocco says. “Furthermore, travelers can be given crime trends in that city (e.g. are scams prevalent? Is petty theft a big problem?) which often can be found on police department websites or the FBI’s website.”
Additionally, under Duty of Care, companies should think about including medical provisions in their risk management policies. “For example, if you have a complex injury, and you need to get to a well-equipped hospital offering specialized treatment, do you have the option of a MediVac?” asks Cocco.
Another aspect to consider is how travelers can most effectively communicate with their company’s headquarters or risk manager while on the go. One of the best ways is to provide a 24/7 dedicated emergency hotline for travelers – since not knowing who to contact, especially within chaotic surroundings, can leave your domestic traveler vulnerable.
Forgetting the Obvious
Some argue that beyond piecemeal medical provisions there’s the need for a wide-ranging domestic health travel program within TRM, a program that includes information about things such as vaccinations and food/water safety.
“For example, in North America, we take it for granted that we have a robust vaccination rate, whereas other countries do not,” says Katherine Harmon, senior director of health intelligence at iJET. “We see that in certain areas of the US, there are larger immigrant populations present, and many of these immigrants have likely not received the childhood vaccinations that we have (for example, in Washington state). There is also a growing population of ‘anti-vaxxers’ or people who elect not to be vaccinated or not to have their children vaccinated due to a variety of reasons. A company has within its power to include in its travel policy anything that they believe will protect their employees under their Duty of Care. Thus, a domestic travel policy may include/enforce that employees maintain updated vaccinations,” she advises.
“Health intelligence can be broad or specialized depending on what you need,” Harmon continues. “It has a preventative care focus as well as crisis response. As an example, health intelligence can provide information on endemic risks, and push out alerts on outbreaks. Many employers do not realize that they are responsible for communicating infectious disease threats to their employees. For instance, recently it came to light that at a huge Justin Bieber concert in Japan, an attendee had the measles. If your employee was in contact with anyone who had attended the concert, he or she may be at risk. Health intelligence also pushes out alerts on whether or not there was an exposure on an aircraft. In this case the individual may be advised to watch for any developing symptoms up to 21 days after the flight.”
Preventative care education includes topics such as hygiene, social distancing, and simple tips such as coughing and sneezing into your sleeve (not your hand) so that you don’t touch your keyboard and contaminate others. “I personally drink bottled water whenever I go out of state,” says iJet’s Harmon. “If I cannot, I bring the tap water to a rolling boil for one minute. However, in altitudes over 3000 feet I boil for 3 minutes, and I may use chlorine tablets to disinfect water. Using purified water to clean fruits and vegetables at home or when traveling domestically can be important as well. Remember these fruits and vegetables are mostly imported to begin with.”
Modern Day Issues
“Domestic risk management often doesn’t think about health – and yet it’s a modern-day safety issue, not solely a medical issue,” cautions Harmon. In fact, understanding contemporary trends in business travel is crucial when designing a risk management policy. Beyond health trends, a case in point is the need to include information on the sharing economy and bleisure, something that travel managers didn’t worry about in the past.
When it comes to the sharing economy, Uber has been phenomenally successful. Yet, according to an On Call International survey, the vast majority (91 percent) of business travelers reported that their employers had not provided protocols for use of sharing economy services while on a work trip. This makes it even more important that employees are educated on how to safely use services like Uber.
Similarly, policies around bleisure – the idea of combining work and personal vacations – are vague at best. According to On Call, “employers should have specific travel risk management policies in place to protect the interests of employees and the company in the event of an emergency on (or off) the clock. For example, is there a clear distinction between business and personal expenses? Should staff use their earned time when adding days to a trip? How about traveling companions – who is financially and legally responsible for them if they get sick or injured?”
Whether it is present-day issues or traditional elements of a domestic risk management program, none of it may be of any use if the TRM policy is not presented in a clear and simple manner. In other words, if the domestic policy is full of complicated verbiage that is not communicated clearly to employees, the chances that the traveler will comply have been diminished already.
In fact, making sure your domestic travelers understand policy is one of the cornerstones of reducing in-country business travel risk.
