After hitting a pause button several years ago, companies are back to sending employees on the road. Global business travel is on track to grow 6.5 percent in 2015 and should hit a record $1.25 trillion, according to a forecast released in July by the Global Business Travel Association. Business travel will continue to spike in the years ahead, the group predicts, with growth between 5.8 and 6.9 percent through 2019.
Retailers are central to this surge in employee travel. As they look to become more nimble, many are focused on maximizing global sourcing opportunities, seeking new customers in emerging markets, and sending employees to comb the globe for the next jungle superfood or local fashion to turn into a trend on Brooklyn streets.
Of course, opportunity—as it often does—runs headlong into risk. More workers on international assignments puts more workers outside of the protective shield that companies try to place around their workforce, and it’s tempting to let the prospect of capitalizing on the next hot global marketplace overwhelm security concerns. In a survey of clients, International SOS, a provider of medical and security assistance, found that of 3.5 million international trips taken by employees, 25 percent were to what the firm identifies as high- or extreme-risk destinations.
Companies aren’t blind to the security and safety risks of international travel, of course. In a world where luxury hotels have become recognized terrorist targets, most organizations appreciate the importance of helping traveling workers stay safe. So why do companies struggle to make security central to corporate travel programs?
The Coordination Challenge
Communicating with traveling employees, tracking their whereabouts, and extending help to them if necessary are important parts of an organization’s effort to protect employees from harm. However, a survey of 300 corporate security directors by Security Director’s Report (SDR) found that many international trips that employees take go without a security review (see chart above). Without sufficient advanced notification of employees’ travel plans, threat assessment and logistical planning to support safe travel are impossible.
The SDR survey points to another difficult challenge—goal alignment. Employers may fail to meet their responsibilities for protecting traveling workers because responsibilities fall to different business areas and functions, which often have very different objectives. Individuals with responsibilities often such diverse roles as corporate security managers, risk managers, travel managers, medical directors, insurance managers, legal managers, heads of HR, global HR, and line managers.
Improving the security of traveling workers overall relies on the extent to which the different players fill the security aspects of their broader assignment. For example, a corporate travel manager may issue a request for proposal (RFP) to develop a preferred list of hotel properties, with the ultimate goal of improving efficiency and reducing the cost of travel. Within the RFP, hotel properties will be asked a range of questions on which their suitability will be judged, from services and amenities, available technology, rate proposal, to whether or not they will provide a traveler with free transportation to a new hotel if they are oversold.
A safety and security module will typically be part of this RFP, but the extent to which security criteria is examined in the selection of preferred properties can vary. A travel manager, whose primary objective is to please workers who want convenient and quality accommodations and heed management’s desire to trim expenses, may not let something like incomplete responses on safety issues interfere with property selection.
So what is the key? In a word—coordination. With the amount of corporate travel ramping up, security executives might start by mapping out the security roles that different function areas are expected to play in the protection of traveling associates and ensuring that the responsibility for those roles are assigned to specific employees.
Security leaders might also want to review how well information is being shared among departments. It can be helpful to use a comprehensive database that houses all travel-related information, including employee profiles, corporate and employee contact information, and risk intelligence information on travel destinations. Through a centralized data collection point, security, HR, and the corporate travel department can better coordinate their activities and responsibilities with respect to ensuring the safety of traveling employees.
Finally, security leaders might find it helpful to determine whether individuals who provide security advice to traveling employees are sufficiently informed and knowledgeable, and get them up to speed if they’re not.
A Good Foundation
There are challenges beyond coordination to keeping a travel safety program operating effectively—including cost and management complacency—and Scott McBride knows them well. As vice president of loss prevention, safety, and security for American Eagle, his security team regularly assesses the risk of international travel by staff in sourcing, design, business, and compliance, among others. In all, McBride and his American Eagle security team assess and manage more than 2,000 international employee trips annually.
In a presentation at the recent National Retail Federation (NRF) Protect loss prevention conference in Long Beach, California, McBride described how his company’s travel safety program has, over time, built out to include a complete compendium of traveler safety information.
A travel safety program typically includes the following items:
- Risk ratings for travel locations,
- A traveler tracking system,
- Pre-trip assessments, training, and awareness briefings,
- A travel safety website, and
- Emergency response procedures in the event a traveling worker runs into trouble.
It should also define a process for examining employee travel itineraries, comparing them against the unique risks and availability of services in the destination region, and concluding if additional security steps need be taken before travel, such as specialized traveler education or equipping the employee with tracking technology.
But a travel safety program starts, of course, with a company travel policy, which McBride says to write with your duty of care in mind. To demonstrate a company’s due diligence, it should cover and include the following elements:
- A statement from management that employees’ personal safety is a primary concern of the organization and that it does not want business interests to put workers at undue risk.
- How the company will determine which destinations are unsafe for travel, such as prohibiting employees to travel to countries or regions the US State Department has declared as unsafe.
- Responsibilities related to business travel for both employees and those in charge of monitoring the safety of travel destinations.
- Special action employees should take if they are traveling to high-risk locations.
- The individuals who are responsible for the daily monitoring for notices about travel to high-risk countries to ensure the safety of employees during their travel out of the country.
- Procedures for communicating warnings to employees and for locating and communicating with employees in a crisis event.
- Actions employees must take before departure, such as leaving their supervisors with a detailed itinerary, flight information, destination contact information, contact numbers, and updated emergency contact information.
As he built off the company’s core travel policy, McBride said his team realized that ancillary policies are also an important part of a robust travel safety program. Data security, for example, has become an integral part of minimizing a company’s risk with respect to workers traveling abroad. Some of the ancillary policies his team identified included the following:
- Travel Code of Conduct.“We have a travel code of conduct policy in addition to an ethics policy,” McBride explained. More than just keeping workers in line, American Eagle strives to provide traveling workers with information that will prevent them from unwittingly getting into sticky situations, which can result when local laws or customs differ from the United States, such as on the treatment of homosexuality or alcohol consumption. “What about people living in a hotel overseas for two months? What are the acceptable behaviors? You need to spell those out in a policy so you have evidence you told people about them,” McBride warned.
- Foreign Ground Transportation Policy.
- “With us, you’re not permitted to rent a car if you can’t read the language,” said McBride.
- Foreign Corrupt Practices Policy.Traveling workers need to be aware of actions they might take—to smooth out a travel snafu, for example—that could violate the FCPA.
Beyond the Basics
McBride and other security pros SDR interviewed offered additional tips for enhancing the value of a travel safety program—without breaking the bank.
Extend a Personal Touch. McBride says he tries to do at least one in-person safety briefing with each employee who travels internationally for work. “That way, you’re able to get a read on them,” he said. “Some people clearly have a handle on it and are capable of getting themselves out of a jam and some people are scared to death.” After an in-person briefing, a travel safety department should have a good sense of who will need hand-holding in the future.
It’s Not Just “Where” That Matters, But “Who.” In line with its personal touch, American Eagle doesn’t just assess a trip’s risk based on danger at the destination, but also on who the employee is that is traveling. The Excel-based matrix it uses to grade the risk of each international trip includes a “traveler rating” category.
For example, for Employee X’s trip to Mexico, the trip’s risk score goes up if he or she has never before traveled to a “Level 4” country or has expressed nervousness about traveling to Mexico. A trip for a more experienced traveler, expat, or a Mexican native would be scored lower. A trip’s risk rating is also influenced by the length of the trip, the frequency of the employee’s travel to the location, whether he or she is traveling alone or with others, and the level of direct support they’ll have available once they arrive.
Based on this overall assessment of a trip’s risk, McBride’s team will provide the level of protection that is needed to keep the worker safe. For example, the level of risk will indicate whether the security team will ask the worker to consent to install a GPS app on their phone, so the company can keep track of them.
Share Responsibility. When employees travel internationally for work their mindset of protection needs to change, from having security provided for them to playing a primary role in their own security and safety. Bruce McIndoe is the CEO of iJET International, a firm that offers myriad services to keep workers safe worldwide, from daily intelligence briefings to worldwide emergency evacuations. He told SDR that “the most important thing a company do to keep traveling workers safe is to provide employee training.” He said every employee needs general instruction on staying healthy, avoiding danger, and accident avoidance. “It will have the largest impact on the outcome [of dealing with global workers] than anything else a company can do,” he said.
Look for Help—You Might Already Have It. The loss prevention director for a midsize grocery chain said he discovered by accident that their medical insurance company had available many of the services they were looking to extend to traveling workers. They also learned that their security company had developed an app that they could use to check in on traveling workers. In both cases, the helpful tools were always available (and free). They just weren’t aware they existed. “So in two days I already had a workable program,” he said.
Be Practical. Terrorism, international crime, regional unrest, environmental disasters, and political upheaval may drive a company to start a travel safety program, but the problems it manages are typically more mundane. “In recent years, most of the needs of our travelers have been medical,” said McBride. And even then, he explained, it’s typically not medical emergencies, but things like employees losing their prescription medicines. McBride said a travel safety program should include spelling out how it will enable the “little things” that make travel smoother, such as procedures for when an employee loses his or her phone while traveling abroad.
Scott Shaw, CPP, CBCP, director of corporate security, transportation, and emergency preparedness for Aflac, says he is always careful to stress the practical in travel safety training. To impress upon workers what they don’t know—employees who travel extensively often assume there is nothing for them to learn in travel training—”I like to throw out scenarios and have them break out into teams to discuss the best course of action,” said Shaw.
For example, what happens if it’s 10 p.m. and you’re eating alone in a Cairo cafe, and you realize your wallet and passport are missing? What would you do?
What would you do if you suspect someone tampered with your laptop while you were out of your hotel room?
What if you had a personal home emergency? Who could you call?
If you lost your cell phone, would you know the actual phone numbers of your emergency contacts?
Shaw thinks it’s a good idea to give workers plenty of time to share their own travel safety stories during training. “It always provides new scenario ideas,” he said.
“Hide” Security. To encourage workers to do their part, such as entering all their travel itineraries and information into a tracking system, provide them with security tools that help—rather than hinder—their work routine. For example, the same intelligence monitoring and alert systems that inform workers of developing security situations can also warn workers of weather events and transportation strikes, assist with trip planning, and notify them of immunization and other health requirements of countries they visit. So rather than security blocking their work, international travelers can perceive travel safety protocols as a way to make trips easier and more productive.
Workers can quickly become advocates for the travel safety program if they see it as a tool for avoiding two days stuck in an airport by finding an alternate route to their destination, offered D. Jerry Rubino, CPP, senior security advisor at Creative Associates International, an international development organization.
Stay Visible. McBride said it’s not uncommon for a travel safety program to fight complacency and for management to take a view of “why are we doing all this when nothing ever happens?” His team pushes out a daily report that accounts for every American Eagle worker traveling outside the country and issues a weekly report with a watch list of “developments we’re tracking that could impact our company’s travelers.” In addition to helping keep workers safe, McBride said the frequent touch points help advertise the value of the travel safety program. A program can also gain support by extending it to the personal travel of members of the board of directors.
Finally, to pitch the ROI of his travel safety program, one security director told SDR he tracks business trips that the program enables. If a company relies on sensationalized general media reports about violence overseas, it can be easy to make snap decisions to restrict business travel. But a robust travel program—one that debriefs traveling workers and puts travel threat information in context for the organization—often helps workers stay on the road and productive.
Join OSAC. The Department of State’s Overseas Security Advisory Council (OSAC) has been aggressively recruiting member organizations. SDR bumped into an OSAC representative at the ISC conference in April and then again at the NRF conference in June. The representatives provided several good reasons to join:
- First, it’s free.
- OSAC provides businesses with information on threats abroad. They monitor and pass threat information to named U.S. organizations and issue topical and country-specific reports.
- They have a deep repository of travel safety information that can supplement a company’s program or get an organization’s new program off the ground quickly. For example, they just released Driving Overseas: Best Practices.
- They hold domestic and in-country meetings to facilitate exchange of security information and best practices.
- They created sector-specific councils, such as for academia, aviation, and energy, to facilitate targeted information sharing.
OSAC can’t replace the 24/7 monitoring and real-time alerts from commercial travel threat information services, but with security budgets tight, it makes sense for companies to exploit all the free local resources available to them. For information on joining, visit OSAC online at osac.gov.
SIDEBAR: Security Director’s Report Now Part of LP Magazine
Since 1998, Security Director’s Report (SDR) has been helping security professionals manage their departments, boost their careers, and keep current with trends in security management. SDR is published monthly in a quick-read, printed newsletter format with additional source materials available online.
SDR is a subscription-based publication comprised of original content with a singular focus—to help security, loss prevention, crisis management, and other corporate professionals across all industry segments do their jobs better and more cost-effectively.
SDR disseminates best practices, provides updates on security regulations, and offers news and independent analysis on topics such as security budgets and ROI, contract security, crime prevention, emergency preparedness, information security, risk and threat analysis, workplace violence, and much more.
SDR regularly conducts original research, which allows corporate executives to benchmark their operations and is included in the annual subscription. Readers of SDR enjoy unrestricted access to the subscription website, with complete access to the publication archives as well as SDRÕs online toolkit consisting of 100-plus sample policies, checklists, and forms to simplify security directors’ most time-consuming chores. New time-saving tools are added weekly.
For a limited time, LP Magazine readers can subscribe to SDR for the discounted rate of $295 for fifteen monthly issues by going to SDRsubscription.com and using the discount code SDRLPM.