International business travel can throw up all sorts of dramatic situations. Good job then, says Amon Cohen, that there are people around like Richard Stanley, security chief of PwC
In some lines of business, a rough estimate of numbers will suffice to get a job done. Where lives may depend on it, however, a little more precision is required, and few come more precise than the security department at PricewaterhouseCoopers (PwC). "There are 11,214 PwC people travelling today," says head of UK security Richard Stanley. "From the UK business, there are 1,232 people travelling, of which 52 are in medium-risk destinations, nine in high-risk destinations, and none in extreme-risk destinations."
Well, quite. Stanley's statement reveals a number of important facts about PwC, one of the world's largest professional service firms. Firstly, it shows PwC has some smart technology to help it pinpoint travellers. Secondly, it implies there is a well-planned process for looking after personnel when they journey to unconventional destinations, as a business with offices in 152 countries inevitably requires.
Finally, it proves the travel and security departments work hand in hand at PwC, something that has not always been the case. "Ten years ago, the involvement of security in travel was the exception," says Stanley. "Two or three times a year, we would get a call from a traveller saying: 'I'm going to Lagos. What do I need to do?' We realised that security considerations needed flagging at the point of booking rather than putting information on the portal and telling travellers they should read it."
Stanley and PwC's chief UK travel person, head of business services Mark Avery, discovered they shared similar concerns about improving duty of care to travellers. As a result, the two have worked steadily together throughout the decade to build a comprehensive process for briefing travellers on security issues and fishing them out of trouble on the rare occasions it arises.
The end result is highly automated and that has proved to be not only effective but efficient. One of Stanley's in-house team of five spends about 20 per cent of his time managing travel-related issues. "Travel is not a time-consuming issue," he says. "It is the system which does the work, not us."
There are two major elements to the process. One is an automated system that ensures travellers are adequately prepared for trips to any destination with a medium risk rating or higher. The other is the traveller tracking tool.
The process starts at point of booking. PwC awards one (or sometimes more, if security conditions vary dramatically) of four risk ratings to every country in the world: normal, medium, high or extreme. The ratings are determined by the security team based on information from security consultancies Control Risks Group and International SOS, as well as the Foreign & Commonwealth Office (FCO).
Ratings are updated monthly or more urgently if an emergency arises. Stanley's team also takes advice from colleagues in other countries. "After there was trouble in Kenya over the New Year, we spoke to a partner on the ground and he assured us things had got back to business as usual," he says. "We were able to lower our categorisation two days before the information sources we use made a similar move."
If a traveller makes a reservation through appointed TMC Hogg Robinson Group (HRG) to one of the 81 countries not rated as normal, then the booking is parked without being ticketed. An alert is sent to the security department, which in turn contacts the traveller to advise them of the risk level and gives them a risk assessment, a list of mitigating actions and an additional approval process.
The mitigating actions and approval process vary according to the risk rating. Travel to a medium-risk destination requires approval from a business unit leader - usually the traveller's direct line manager - and the mitigating actions may include a written security briefing and the hiring of a driver.
Travellers usually receive two briefings: a countrywide assessment of political, travel and security risks; and information on the specific location being visited within the country, including a lists of dos and don'ts.
A high-risk destination requires approval from a head of one of PwC UK's three lines of service: tax, assurance and advisory. High-risk destinations, which include Angola, Colombia, Georgia and parts of Thailand, also require a greater level of preparation, including face-to-face briefings. Extreme-risk destinations, which include Afghanistan and Sudan, involve far more extensive preparations, such as the recruitment of bodyguards. Approval for these trips can only be given at board level.
Once the security team has sent all the relevant information, the traveller is required to decide whether or not to proceed with the trip. The system is designed to strike a balance that will allow them to travel with mitigated risk if the trip is important, but also not to pressurise them if they are reluctant to make the journey.
"We get a fair mix of people saying yes and no," says Stanley, "but the travellers are not working in isolation. Nine times out of ten, they will ring the security department to discuss the situation. However, we see our role as identifying the risk and providing mitigating actions, not to make the decision whether or not to travel. Only the business can decide whether it is critical."
Once individuals decide they will travel, the relevant approval is sought and, if granted, the tickets are issued. Both the travel and security teams are then able to keep tabs on travellers using the International SOS travel tracker. Stanley has found the system incredibly useful. "I can filter the search just to look for PwC UK travellers in Nigeria," he says. "I can see who went there last week or who is flying there today, tomorrow or next week."
Stanley finds he needs to consult the tracking system three to four times a month. The results can be most effective. "There was an explosion outside Colombo recently, so I used the system to contact two of our people who were visiting Sri Lanka and ask them if they were safe. The travellers were surprised that we had the technology to trace them and very pleased that we showed we cared."
There is one potential weakness to PwC's comprehensive security arrangements: they can only kick-in if the traveller books through the appointed TMC. As a result, in February 2008 PwC made it mandatory for travellers to book either through HRG or its booking tool, KDS. This was a highly unusual move, since mandating does not sit easily with the prevailing autonomous culture of PwC, but the duty-of-care imperative was considered strong enough to override other considerations. "We explain we can't fulfil our duty-of-care obligations if they don't book through HRG," says Stanley.
As a result, bookings through approved channels have risen from 88 per cent to 94 per cent, which creates additional advantages, such as improved management information and leverage in supplier negotiations. It is, therefore, not only PwC's travellers who benefit, but the travel team as well.