Why Your Company Needs a Travel Risk Assessment
What is the best money you will ever spend when it comes to travel? While a good case could be made for the value of many aspects, KesselRun’s answer to that question would be clear: the implementation of a travel risk management program.
Companies have an ethical, moral, fiduciary, and legal obligation to their employees in the workplace. For corporate travelers, when the workplace is movable, so too are their employer’s obligations. Far too many organizations with sound structures in place to manage risks in the physical work space overlook the necessary protections for both company and traveler during business trips. Now more than ever, corporate travel programs need to be mindful of travelers facing extreme weather, geo-political, physical, personal, and data related risks.
Do you know where your travelers are?
Whatever the hour on the clock: do you know where your travelers are? Particularly for companies that do not have a travel management company in place, where records of employees’ flight numbers or lodging details can be easily pulled, or for organizations aware of high leakage/direct bookings, having a strategy for travel risk management is key.
In today’s information age, travel risk management is also twofold: not only looking out for the physical risk to your travels, but ensuring data security. Everything from a traveler’s personal data, i.e., credit cards, passport numbers, contact information, to company-confidential information has to be fully secured. Your travelers should be educated on how to protect their data both when booking and when traveling, assured that the systems your organization has place are secure, and informed how and when to respond should a data breach of any form occur.
Travel Risk Policy or Program Implementation
Duty of Care and Risk Management Programs are not only critical to your organizational well-being but also yield considerable return on investment (more than 5 to 1) when properly implemented. Failure of a policy or program to protect your travelers, and your company, in the event of an emergency, illness, or injury, on the contrary, could cost millions – and more importantly result in unnecessary harm to your company’s people.
Travel Risk Assessments’ Key Elements
KesselRun has worked with companies of all sizes to facilitate travel risk assessments, evaluate existing travel risk management programs, develop new programs from start to finish, and facilitate traveler education and training. Drawing from our experience, here are a few elements we find key:
- Policy. Risk management should be written right into any sound travel policy. Defining internal roles and responsibilities in regards to duty of care, and providing appropriate guidelines and lines of communication for unexpected events during travel, are all aspects KesselRun considers when helping our clients develop policy/policy language.
- Systems. Ensure processes, systems and technologies are leveraged to support your duty of care and travel risk management initiatives. Work with partners to implement right-sized solutions for your culture, travel patterns and travel policy.
- Training. Managing a duty of care program is an ongoing process, from new employee orientations to continuous improvement methodologies. KesselRun strongly advises training include the rationale behind policy, not just the requirements themselves – travelers who understand their actions impact duty of care are more likely to be compliant.
- Communication. Make sure the crisis-event lines of communication between your internal travel management, your agency, and your travelers are clearly delineated—when are reports run to determine traveler impact? Who reaches out to your travelers? Are you receiving appropriate alerts? Travel risk management is rarely a siloed initiative. Make sure all of your internal stakeholders are onboard and engaged in the communication strategy for when emergency support is required.
- Information. Ensuring the appropriate parties within your organization are receiving and able to act on real-time alert information is key to travel risk management. On a more day-to-day level, though, capturing travel information is perhaps the most fundamental aspect of duty of care. While a TMC may not be the right fit for every company due to size, needs, or culture, companies without the data aggregation of a TMC in place, or even those with a TMC confronting the common issue of leakage, face this concern: not having a traveler’s location information. A crisis may range from inclement weather to a more serious world event, but for companies interested in explore information-capture solutions, KesselRun has confronted this problem with the invention of CapTrav.
- Oversight. For companies with strong internal security presence, oversight may be as simple as ensuring booked travel data is reaching the appropriate parties. However, especially for companies without this internal piece in place, a travel risk assessment should look at whether there are hard stop approvals for travel to at-risk countries, a clear company definition of which countries constitute traveler risk, that travelers have proper vaccinations and key destination information prior to travel, and making sure nothing and no one slips through the cracks.
- Readiness. Don’t be afraid to run “emergency preparedness drills” to test your travel risk management program. Tweaking portions of your plan and process that aren’t working is a lot easier to do when you’re not in the middle of a real crisis. This is how best-in-class travel risk management programs for each individual company’s circumstances and culture are fine tuned.
If unsure where to begin with implementing travel risk management, KesselRun’s familiarity with travel risk’s issues and challenges, and more importantly the best solutions available to addressing them, can be your starting point.