Torsten Kriedt
BCD Travel's consulting arm Advito recently issued a white paper explaining why and how a company should approach business travel risk management. It laid out a six-step program, including: assigning management responsibilities to a key individual, determining the risk types for an individual organization, assessing risk exposure, mitigating and managing the risk, communicating the program to the travelers and conducting audits. Advito vice president of innovation and intelligence Torsten Kriedt recently spoke with The Transnationalto further discuss effective risk management programs. An excerpt of the conversation follows.
Are the risks increasing or just corporate awareness to them?
It is actually both. The risks are getting greater, but these are not the risks from a travel management perspective. We are suggesting that one should focus on, be aware of and really manage and mitigate risks, but, at the same time, it is often those areas that are not that apparent--a terrorist attack or plane crash--that are occurring more frequently. These are the items we are suggesting that you also put into a structured program, because these are most often overlooked. The processes on the corporate side typically are not [offering] an easy process for the traveler. The awareness is definitely increasing because of those high-profile incidents that shake up the board-level executives to say, "Well, if we actually had someone on the plane or had someone in that specific hotel ..." But then after two or three months, the interest fades again and if you are actually trying to push through an initiative, you might not get the backing anymore because it is not that high in awareness at that moment.
Is corporate awareness of risk management rising simply because of high-profile incidents?
When we annually ask travel management executives what their top priorities are, the first is always to reduce cost and the second or third is to maintain travel security and safety. From an objective perspective, it was always high up on the agenda. Unfortunately, some companies never really carried through on the initiative. For others, there will always suddenly be more important items to tackle, so, unfortunately, even this year the cost-reduction focus will cloud the efforts around travel risk and it requires yet another high-profile incident to again start the discussion on what we can do.
When starting from scratch, which individuals within a company do you recommend be involved in the creation of a risk management program?
That depends on the company. From a role perspective, it probably should include someone from human resources or the department that looks after the employees. If they have a security unit or risk management unit, then definitely a representative from that department [should be involved], even though they often look after operational risks only. Reach out to the travel manager and understand their responsibilities--they are the experts and really understand the complexities of the program. Also, [involve the] internal legal department, because all the risks that might occur that are specific to travel might also incur a liability for the organization--especially when it comes to traveling to the U.K.The corporate travel manager might have to take a closer look at the duty of care legislation that is out in the world, and the legal department might help to understand the complexity around that. Often, companies need to get the corporate communications department involved--especially when it comes to the communication of an educational piece. I list a lot of different departments, but it might well be that there are only two or three different people that happen to have those functionalities. Even though their roles are something completely different, it might be the assistant to the CEO that oversees the specific area(s) because you don't have a department. If there is no one else out there that officially bears the title, someone in the company still has the responsibility to do that. As long as you work with your board, anyone on the board could be the executive sponsor for the exercise. [The executive sponsor] should also be the one helping you if you are the one trying to initiate the program to really point it to the right people that should be involved, based on their responsibilities and what they could do for you. It might well be that the investor relations department is involved because they are so concerned with what the outside stakeholders might think.
How can a company's suppliers be involved in risk management?
If you have someone in a company in charge of travel risk, then they should be doing work with the various suppliers to understand their risk management processes. It can be easy to work with the travel management company around contingency plans--stress-testing the agency setup, so everyone really knows what to do if something happens. Risk could even be if something happens on the agency side rather than waiting for an incident with the travelers. It is crucial to understand how to get tickets from A to B if something happens with the agency systems. For top destinations, [some companies] send auditors to hotels and work with security managers in those hotels to understand their setup and to help them improve safety. Some companies are doing that, which is a very costly and labor-intensive process, but it is well worth it, especially in areas where you need to know every single detail around the providers. From the airline perspective, there are some blacklists out there corporations look at to educate themselves and to get their own bases covered, but if they have preferred airlines, it is worthwhile to understand from them what their procedures are, especially when it comes to the travel agent understanding how reliable the information from the airlines is.
Should corporations look to outsource their risk management programs?
We are not suggesting they outsource the full program, especially the bigger corporations. We are suggesting they look internally to see what kinds of resources, skills and responsibilities their own people have already and then complement that with specialist providers. That is going beyond the iJets and International SOSs of the world and technically includes the travel management company. The travel management company, in an ideal world, has the data that empowers the analytical systems and brings together the data of tracking the traveler. There are companies out there that have outsourced completely to the travel management company. Others have outsourced it to a travel security expert. It always depends on the focus. Some companies actually have it internally, because they have enough resources with the right skills; the only things they need are the tools and the travel-specific expertise.