This paper explores duty of care legislation and what it means for employers with a mobile workforce. Sectioned into three parts, the document defines duty of care legislation as it applies to corporate travel, the key process areas for travel risk management (TRM) analysis and how TRM products can support your business in meeting its duty of care requirements.
PART A – Travel risk management and corporate liability
Business travel, whether international or domestic, exposes employees to higher levels of risk. Away from the familiarity of home travellers can be put into situations that expose them to a range of health, safety and security hazards. This increased level of risk for travelling employees, heightens the corporate liability of employers that have a legal and moral duty of care to their staff. Faced with the pressure to comply with industry guidelines, legislation, budgets and client expectations, corporate leaders are being urged to take a company-wide and strategic approach to travel risk management.
Many countries including Australia, Belgium, Canada, France, Germany, Netherlands, Spain, UK and the USA have some form of employer duty of care legislation in place. Complying with Duty of Care obligations at a basic level means that employers must protect the health, safety and security of an employee wherever they work, so far as practically possible.
The lack of a specific Duty of Care law in a jurisdiction does not necessarily mean there are no legal obligations for businesses in relation to employee health and safety while travelling. Organisations need to consider the laws of the jurisdictions where their employees are travelling to, and where they are a citizen of.
PART B – Key process areas for travel risk management review and analysis
In 2008 the Global Business Travel Association (GBTA) partnered with iJET Intelligent Risk Systems to develop the Travel Risk Management Maturity Model™ (TRM3™). According to iJET these key process areas (KPAs) are the main components of any TRM program. At the lower levels of program maturity, these KPAs would be implemented within the travel program. At the higher levels, these processes are integrated into broader organisational risk management and business resilience programs.
To begin managing travel related risks, employers need to review these KPAs in relation to their own TRM program. This structured analysis will help to identify where the gaps are in any given travel risk management plan. Below is a brief summary of each KPA and what its relevance is to a TRM program.
This KPA refers not only to your company's travel policy but also to a travel risk management (TRM) policy. Your TRM policy should address mitigation steps for 'general' risks as well as risks that are specific to your operation or travelling employees.
Training is an essential part of employee professional development and ensures staff can perform their roles efficiently, effectively and as safely as possible. iJET has defined three specific areas of training including traveller training, travel advisor training and crisis management training.
3. Risk assessment
Assessing risk is the foundation of any TRM program. Every assignment, travel journey or event should be assessed for the potential threat of risk. When reviewing risk, companies need to think about what technology or processes are required to assess risk and incorporate these elements into their overall decision making process for developing an effective TRM program.
4. Risk disclosure
The purpose of risk disclosure is to be able to produce relevant and timely information related to your risk assessment so that all stakeholders are aware of the potential threats that may be encountered.
Companies need to look at TRM products that provide intelligence and information that is relevant to their travellers' booked itineraries. In addition, disclosure goes beyond the traveller to people in your organisation that need know, including security, travel, HR, risk and insurance personnel as well as those employees that need to act on a particular risk.
5. Risk mitigation
By proactively monitoring incident alerts, disclosing potential risks and advising travellers on how to stay safe or get help via training and or services such as emergency hotlines, employers can better mitigate risks in conjunction with their company policies and procedures. iJET reasons that the purpose of risk mitigation is to 'develop strategies and solutions that will result in a level of risk that is acceptable to all parties such as the employee, the manager and the company'.
6. Risk monitoring
Every organisation that has employees travelling domestically or internationally must have access to 24/7 real time, global risk monitoring resources and intelligence. Effective risk monitoring ensures your company has visibility and the intelligence to drive TRM processes that provide the best level of support for your staff.
Having clear and easy to understand processes for employees to request the right level of support is vital for any TRM program. TRM programs must have guidelines for travellers to access travel advice and booking support, medical services, evacuation help and security related services.
This KPA ensures that the appropriate people are informed of any relevant travel risk information before, during or after a trip to make rapid and thoughtful risk-related decisions.
9. Data management
Data management is critical for TRM processes. Companies need to have the right technology and systems in place to be able to use traveller data for a range of activities such as identification, collection, storage, accessing, monitoring and notification. Companies that have a consolidated travel program with a single TMC are in the best position to leverage data collection and utilisation for online TRM automation.
Communication of your TRM program - including aspects such as the processes, policies, roles and responsibilities, must be clearly communicated to all levels of staff. Effective communication of your program ensure that everyone understands what is expected of them at all times.
PART C – FCm Secure – a helping hand for your travel risk management program
With support from global risk intelligence company iJET International, FCm has developed a leading TRM solution for customers - FCm Secure. FCm Secure utilises iJET’s risk intelligence and global response hotline, in conjunction with FCm’s technology and operations, to provide clients with a comprehensive suite of cost effective solutions. FCm Secure is a triple-tiered program delivering free and paid options as part of FCm's Secure Start, Secure Protect and Secure Outreach services.
Secure Start is a no cost program for FCm customers. It is a starting point for building your individual TRM program and includes:
- Itinerary based traveller tracking
- Color coded, ‘risk map’ dashboard (powered by iJET International)
- GPS/mobile based traveller tracking (traveller opt in)
- FCm Travel Solutions Global Crisis Communications process (email)
- Subscription-based security alerts for travel and security managers (powered by iJET)
While Secure Start provides companies with reactive travel risk management support via itinerary and GPS-based traveller tracking, risk based reports and dashboards, Secure Protect provides proactive traveller risk management, which addresses risk assessment, disclosure, mitigation, notification and communication. Collectively, FCm Secure and iJET can help you to address all of the key process areas (KPAs) for travel risk management as mentioned in Part B of this whitepaper.
Secure Protect: below is a summary of features and how they can help you address the KPAs of travel risk management.
Protect A – Communication
This provides two-way email and SMS text messaging and provides automatic alerts to travellers. This functionality means it can be incorporated into your crisis response processes to alert travellers to flight delays or cancellations or more serious situations.
Protect B – Trip briefings and trip alerts
This feature provides the traveller with information that is relevant to their trip via trip briefings (KPAs: Risk Disclosure, Mitigation and Training). Additionally, the traveller will be receiving trip related alerts and communications, such as flight delays, disruptions, security concerns (KPAs: Communication, Risk Disclosure, Mitigation). All of this communication is based on iJET's intelligence and what you will receive daily as part of your company's subscription-based alerts.
Protect C – Customised content
This feature allows users to add customised content to the 'trip briefings' that are issued to travellers. This functionality is based on a set of pre-defined user rules, such as a specific set of instructions for certain countries or only for countries with a risk rating of 3 and above (KPAs: Policy/Procedures, Training and Risk Mitigation). This functionality could also be used to communicate key policy messages that can be included in each trip briefing, which outlines expected behavior, such as the use of the GPS check-in feature (via the FCm Mobile app).
Protect D – Report generation and distribution
This feature is designed to support your company's Chief Risk Officer, Risk Manager or internal management team. Protect D allows users to send automated reports according to specific travel policy criteria such as - report generation and distribution of key personnel when more than 5 managers are travelling on one aircraft or if there are travellers expected to be in countries with a risk rating of 3 or above in the next 30 days, or a report that details if there any travellers affected by alerts that have been issued in the last hour (KPAs: Notification, Data Management, Communication, Risk Monitoring, Response).
Protect E - Alert full content upgrade
This offering enhances the alerts received by your travellers prior and during their trip to include more detailed content (KPAs: Communication, Risk Disclosure, Mitigation).
Secure Outreach is designed to simplify and streamline your crisis response procedures, with your travellers only having to know one number to call in the case of an emergency. Secure Outreach offers highly trained iJET personnel who will expertly co-ordinate on-the-ground rescue and recovery services, and also provide documented case management of all incoming calls to the hotline. This may include organising a medivac supplier to initiate medical evacuation, arranging a translator or consular support, security advice and intellectual property theft. Secure Outreach can incorporate your policies, procedures and insurance providers into a crisis response program that is aligned with your company's requirements.