Managing travel risk for mobile employees

White Papers 28 Sep 2015

Managing travel risk for mobile employees

PART A - Travel risk management and Australian legislation 
Business travel, whether international or domestic, exposes employees to higher levels of risk. Away from the familiarity of home travellers can be put into situations that expose them to a range of health, safety and security hazards. This increased level of risk for travelling employees, heightens the corporate liability of employers that have a legal and moral duty of care to their staff. Faced with the pressure to comply with industry guidelines, legislation, budgets and client expectations, corporate leaders are being urged to take a company-wide and strategic approach to travel risk management. 
Many countries including Australia, Belgium, Canada, France, Germany, Netherlands, Spain, UK and the USA have some form of employer duty of care legislation in place. Complying with Duty of Care obligations at a basic level means that employers must protect the health, safety and security of an employee wherever they work, so far as practically possible.
In Australia there is harmonised Work Health and Safety (WHS) legislation in place across most Australian jurisdictions. WHS legislation makes managers accountable for the health and safety of their employees regardless of whether they are working in Australia or overseas. This legislation provides for civil and criminal penalties for non-compliance and is the reason why companies must have adequate travel risk management plans and procedures in place. 
In recent times liability has shifted from just that of a business or organisation, to that of its managers and decision makers. In practical terms, this has meant that there is less latitude for managers or decision makers to hide behind the line of 'company policy' as they now have a shared obligation to ensure the health, safety, security of their corporate travellers.


Summary of Legislation Requirements

Under the Work Health and Safety Act 2011 (WHS Act) and Work Health and Safety Regulations 2011 (WHS Regulations), the duties of a person conducting business or undertaking (PCBU) and an officer’s due diligence obligations in respect to managing workers overseas are identical to those onshore. A ‘workplace’ is defined under Section 8 of the WHS Act, to be a place where work is carried out for a PCBU and includes any place where a worker goes or is likely to be, while at work.

Under section 19 of the WHS Act, a PCBU must do what is 'reasonably practicable' to ensure a worker’s health and safety. The level of influence or direction a PCBU has over a worker will affect what they can practically do to meet this duty of care in any given situation. In addition, a PCBU must ensure that work carried out as part of the business or undertaking does not put other people at risk.

What does 'reasonably practicable' mean?

The term ‘reasonably practicable’ is used as the legislatively required Work Health and Safety standard for duty holders to meet in WHS jurisdictions.
The term ‘reasonably practicable’ is defined in the WHS Act (section 18) to mean that which is or was reasonably able to be done, taking into account and weighing up all matters relevant to the circumstances in which the risk was considered, including:
  • the likelihood of the relevant hazards or risk occurring
  • the degree of harm that might result from the hazard or risk
  • what the person knows about the hazard or risk and the ways of eliminating or minimising the risk
  • the availability and suitability of ways to eliminate or minimise the risk.

After assessing the extent of the risk and ways to eliminate or minimise the risk, duty holders must also consider whether the cost of eliminating or minimising is grossly disproportionate to the risk.

 Part B - Key process areas for travel risk management analysis



In 2008 the Global Business Travel Association (GBTA) partnered with iJET Intelligent Risk Systems to develop the Travel Risk Management Maturity Model™ (TRM3™).  According to iJET these key process areas (KPAs) are the main components of any TRM program. At the lower levels of program maturity, these KPAs would be implemented within the travel program. At the higher levels, these processes are integrated into broader organisational risk management and business resilience programs.
To begin managing travel related risks, employers need to review these KPAs in relation to their own TRM program. This structured analysis will help to identify where the gaps are in any given travel risk management plan. Below is a brief summary of each KPA and what its relevance is to a TRM program.


1. Policy/Procedures

This KPA refers not only to your company's travel policy but also to a travel risk management (TRM) policy. Your TRM policy should address mitigation steps for 'general' risks as well as risks that are specific to your operation or travelling employees.

2. Training

Training is an essential part of employee professional development and ensures staff can perform their roles efficiently, effectively and as safely as possible. iJET has defined three specific areas of training including traveller training, travel advisor training and crisis management training. 

3. Risk Assessment

Assessing risk is the foundation of any TRM program. Every assignment, travel journey or  event should be assessed for the potential threat of risk. When reviewing risk, companies  need to think about what technology or processes are required to assess risk and  incorporate these elements into their overall decision making process for developing an effective TRM program.

4. Risk Disclosure

The purpose of risk disclosure is to be able to produce relevant and timely information  related to your risk assessment so that all stakeholders are aware of the potential threats that may be encountered. 

Companies need to look at TRM products that provide intelligence and information that is relevant to their travellers' booked itineraries. In addition, disclosure goes beyond the traveller to people in your organisation that need know, including security, travel, HR, risk and insurance personnel as well as those employees that need to act on a particular risk.

5. Risk Mitigation

By proactively monitoring incident alerts, disclosing potential risks and advising travellers on how to stay safe or get help via training and or services such as emergency hotlines, employers can better mitigate risks in conjunction with their company policies and procedures. iJET reasons that the purpose of risk mitigation is to 'develop strategies and solutions that will result in a level of risk that is acceptable to all parties such as the employee, the manager and the company.

6. Risk Monitoring

Every organisation that has employees travelling domestically or internationally must have access to 24/7 real time, global risk monitoring resources and intelligence. Effective risk monitoring ensures your company has visibility and the intelligence to drive TRM processes that provide the best level of support for your staff.  

7. Response

Having clear and easy to understand processes for employees to request the right level of support is vital for any TRM program. TRM programs must have guidelines for travellers to access travel advice and booking support, medical services, evacuation help and security related services.

8. Notification

This KPA ensures that the appropriate people are informed of any relevant travel risk  information before, during or after a trip to make rapid and thoughtful risk-related decisions.

9. Data management

Data management is critical for TRM processes. Companies need to have the right technology and systems in place to be able to use traveller data for a range of activities such as identification, collection, storage, accessing, monitoring and notification. Companies that have a consolidated travel program with a single TMC are in the best position to leverage data collection and utilisation for online TRM automation.

10. Communication

Communication of your TRM program - including aspects such as the processes, policies, roles and responsibilities, must be clearly communicated to all levels of staff. Effective communication of your program ensure that everyone understands what is expected of them at all times.


PART C - FCm Secure – a helping hand for your travel risk management program

With support from global risk intelligence company iJET International, FCm has developed a leading TRM solution for customers - FCm Secure. FCm Secure utilises iJET’s risk intelligence and global response hotline, in conjunction with FCm’s technology and operations, to provide clients with a comprehensive suite of cost effective solutions. FCm Secure is a triple-tiered program delivering free and paid options as part of FCm's Secure Start, Secure Protect and Secure Outreach services.
Secure Start is a no cost program for FCm customers. It is a starting point for building your individual TRM program and includes:
  • Itinerary based traveller tracking
  • Color coded, ‘risk map’ dashboard (powered by iJET International)
  • GPS/mobile based traveller tracking (traveller opt in)
  • FCm Travel Solutions Global Crisis Communications process (email)
  • Subscription-based security alerts for travel and security managers (powered by iJET) 

While Secure Start provides companies with reactive travel risk management support via itinerary and GPS-based traveller tracking, risk based reports and dashboards, Secure Protect provides proactivetraveller risk management, which addresses risk assessment, disclosure, mitigation, notification and communication. Collectively, FCm Secure and iJET can help you to address all of the key process areas (KPAs) for travel risk management as mentioned in Part B of this whitepaper.

Below is a summary of Secure Protect's features and how they can help you address the KPAs of travel risk management.

Protect A - Communication

This provides two-way email and SMS text messaging and provides automatic alerts to travellers. This functionality means it can be incorporated into your crisis response processes to alert travellers to flight delays or cancellations or more serious situations.

Protect B - Trip briefings and trip alerts

This feature provides the traveller with information that is relevant to their trip via trip briefings (KPAs: Risk Disclosure, Mitigation and Training). Additionally, the traveller will be receiving trip related alerts and communications, such as flight delays, disruptions, security concerns (KPAs: Communication, Risk Disclosure, Mitigation). All of this communication is based on iJET's intelligence and what you will receive daily as part of your company's subscription-based alerts.

Protect C - Customised Content

This feature allows users to add customised content to the 'trip briefings' that are issued to travellers. This functionality is based on a set of pre-defined user rules, such as a specific set of instructions for certain countries or only for countries with a risk rating of 3 and above (KPAs: Policy/Procedures, Training and Risk Mitigation). This functionality could also be used to communicate key policy messages that can be included in each trip briefing, which outlines expected behavior, such as the use of the GPS check-in feature (via the FCm Mobile app).

Protect D - Report generation and distribution

This feature is designed to support your company's Chief Risk Officer, Risk Manager or internal management team. Protect D allows users to send automated reports according to specific travel policy criteria such as - report generation and distribution of key personnel when more than 5 managers are travelling on one aircraft or if there are travellers expected to be in countries with a risk rating of 3 or above in the next 30 days, or a report that details if there any travellers affected by alerts that have been issued in the last hour (KPAs: Notification, Data Management, Communication, Risk Monitoring, Response).

Protect E - Alert full control upgrade

This offering enhances the alerts received by your travellers prior and during their trip to include more detailed content (KPAs: Communication, Risk Disclosure, Mitigation).

Secure Outreach

Secure Outreach is designed to simplify and streamline your crisis response procedures, with your travellers only having to know one number to call in the case of an emergency. Secure Outreach offers highly trained iJET personnel who will expertly co-ordinate on-the-ground rescue and recovery services, and also provide documented case management of all incoming calls to the hotline. This may include organising a medivac supplier to initiate medical evacuation, arranging a  translator or consular support, security advice and intellectual property theft. Secure Outreach can incorporate your policies, procedures and insurance providers into a crisis response program that is aligned with your company's requirements.


Are you meeting your duty of care obligations?

Take our free travel risk management assessment now, simply fill in the enquiry form below and one of our travel experts will be in touch.


MktoForms2.loadForm("//", "049-NHE-370", 2271);

For further information on FCm Secure or travel risk management please contact your FCm team or call FCm on 1300 557 854.