Travel security is the responsibility of us all, and new legislation makes it more difficult for employers to shy away from their obligations, says Bob Papworth
IN TRAVEL the weaselest word of all is - or has been up to now - "policy". In the real world, a policy is nothing more than a general pointer towards an ambition; in travel, it is a brutally-mandated diktat. An Economy Class-only "policy" is, in truth, an Economy Class-only edict.
Then along comes Matthew Judge, from the Anvil Group, one of the world's leading travel security organisations. He insists that "a travel safety policy is always a work in progress, which must allow for variations in day-to-day business".
His argument is that inflexible travel policies should be enlarged to become - or even be replaced by - totally flexible travel safety policies. If they're not, then there's trouble ahead.
"The whole point of `security' is to allow business to be conducted in a safe and secure manner," he says. "It's an enabler, not an inhibitor.
"Companies overall tend to under-estimate the importance of safety and security policies, partly because they are so difficult to get in place. The biggest barrier to having a travel safety policy is that people don't know how to create one. There are a lot of people involved, and they all need to buy into the creation, design and implementation - and that can be tough."
And just because your employee happens to be out of the office doesn't make him or her any less of a responsibility.
In the past, when all one had to worry about was the Health and Safety At Work (HASAW) Act, if something unfortunate happened, the employee or his or her dependents - had to prove that an individual within the employing organisation had failed to take reasonable steps to avert or avoid the "something".
Since pinning the blame on one person within an organisation was nigh on impossible, nobody sued.
Under CM&H, the employing company as a whole can be held responsible. As Mark Hanna, corporate security manager at Nomura International, put it at a recent Institute of Travel Management workshop: "Traveller security is not the responsibility of the travel manager, or of human resources, or even of the travel security manager - it's the responsibility of all of us."
Speaking at the same workshop, Julian Hunt, of law firm Greenwoods, said the very existence of the CM&H Act suggests that the judiciary is about to take a tougher line with miscreant employers.
Companies have to take "reasonably practicable" steps to ensure the health, safety and well-being of their people at work. It is up to the courts to decide what is "reasonably practicable", but there is no debate about that phrase "at work" - it covers any and all time that an employee is "in the course of his or her employment".
In theory, that could encompass mobile workers and even home workers; it certainly covers those who are on a business trip, even if the "incident" happens in the dead of night whilst the staff member is tucked up in a hotel bed.
PlanetWise director, Mark Hide, says: "Ninety-five per cent of travel policies are about money - what you can spend, where you can spend it, and what you can claim back. Why not start by inserting the word `safety', and making it a `travel safety policy'?"
Difficult though that might be in practice, it's still not enough. Christian Collett, of the Control Risks group, says: "Create a travel security policy, and communicate that policy. If things go wrong, you need to be able to put your hand on your heart" - and on the Bible in the witness box - "and say `This happened despite our best efforts.' "
Creating the policy in the first place is fraught with enough difficulties to last a lifetime. Quite apart from winning buy-in from a vast array of individuals within an organisation, Anvil's Judge warns: "You cannot put in a regional safety and security policy because you cannot show one level of `duty of care' to one community, and a different level for another - it has to be global."
Already, some good has come out of the CM&H Act, he says. "The `it'll never happen to me' mentality is changing because of the Act, which has been a fantastic catalyst in drawing attention to the risks to travelling employees, and highlighting the corporate's need to mitigate those risks.
"No organisation can discharge its legal responsibilities to a third party, but what they can do is work with people like us. We see it as our job to centralise and consolidate multiple streams of information to allow people to make informed decisions on the basis of that information.
"We don't see it as our job to interpret that information, however - how will an analyst know how it directly affects your particular business?
"There isn't one shoe that fits all, and never will be. A policy for an oil, gas and mining organisation will be very different to one for a banking institution because those people will be doing business in very different areas - and the risks will be very different, too.
"The corporations have a responsibility to monitor the circumstances themselves."
All the experts agree that employees don't have to be travelling to known hotspots - Nigeria and Mexico are the most frequently-cited examples - to get into trouble.
"The real killers overseas are road accidents," says Hide, "followed by falling off balconies, and then by diving into pools that are too shallow. The last two are almost always alcohol-related."
Mike Penrose, of International SOS - which last month forged a joint venture with Control Risks - says the top three reasons for medical evacuation are heart attacks, blunt trauma - "that's those road accidents, and falling off those balconies" - and transmittable diseases, usually malaria.
One doesn't have to be in Basra to run into trouble - there are plenty of balconies in Beijing, Brussels, or even Birmingham for that matter.
Because of that, Penrose says, people as well as places need to be vetted. "As part of a risk assessment programme, you need to assess the people you are sending, not just the places you are sending them to. HR needs to do a lot of background screening - go as far as you can into your travellers' backgrounds. Don't assume that just because someone is experienced, they are necessarily the best people for the job. If you haven't done any screening, you could come up against problems." In other words, if you house a heavy-drinking staffer with a history of heart disease in a high-rise hotel, it's not going to look good in court.
"You need to ensure that you have suitable people, that you are sending them to an environment that is appropriate to them, and that they have been properly briefed."
As ever, communication is key. Legal eagle Hunt warns: "Employers have a legal duty not just to have a HASAW policy, but to bring it to the attention of all employees."
Hide goes farther. "You need to write a travel safety policy, train staff to adhere to the policy, and train staff to look after themselves. And then you need to audit compliance."
Speaking at the ITM workshop, Sue Seaby, head of global security at Barclays, confesses that even with stringent security policies in force, compliance is still an issue.
"Our system provides a consistent approach to all our travellers, but it only applies to those [travel] arrangements we know about. We have a travel and security policy, and we try to ensure that our travellers stick to that policy, but we do have some `entrepreneurs'."
Even if a company can boast no rogue travellers, Matthew Judge warns that the current vogue for traveller tracking systems is not in itself enough. Companies not only need to know where their employees are at any given time, they also need to have very clear and communicable plans to get them to safety in the event of trouble.
As Penrose says: "It's very easy to say how many people you have in Kinshasa at any given time, but how many have you got in, and travelling through, London?" And if, as happened during 7/7, the emergency services switch off the mobile phone networks, and they cannot be contacted, will they know what to do?
For example, Judge says: "If something big happens, people's first reaction is to head for the airport - and that's usually one of the first places to be targeted. More often than not, it's not a question of getting people out, it's a question of getting them to a place of safety."
Hide and Hanna both stress the importance of staff training -
And, as Judge says: "Duty of care is something that is bandied about from the employer's perspective, but every employee has an equal duty of care to his or her employer. If the employee doesn't act within the policy, is the employer liable? I'm no lawyer, but I would say 'no'."
Julian Hunt, who is a lawyer, is inclined to agree. He points to what he insists is a genuine legal term "a frolic of your own". Business travellers who take time out on a business trip and get into trouble as a result can be deemed to have gone on "a frolic of their own" and, at the very least, contributed to their own misfortunes.
You have been warned: there is a potentially heavy price to pay for going on a frolic of your own.
New corporate killing law sends a message to all
The Corporate Manslaughter and Corporate Homicide Act 2007 finally came into force across the UK on 6 April 2008, establishing a new offence of corporate manslaughter ("corporate homicide" in Scotland). But, while the new law only covers deaths in the UK, it could be a costly mistake for those businesses sending people overseas to assume they will escape the health and safety spotlight.
Under the new law, companies will be guilty of corporate manslaughter where there has been a fatality caused by a gross breach of a relevant duty of care and where the conduct of senior management can be shown to have played a substantial part in the breach. The fines will be huge - current proposals would put them at 2.5-10 per cent of gross annual turnover - and the new law will cover a wide range of fatalities, rather than being restricted to high-profile public disasters.
The Act only applies to situations where harm that leads to death has taken place in the UK - there are some exceptions to this.
It may well be that the local criminal law in the country where the death occurs is far more punitive than UK corporate manslaughter law. In addition, a death abroad can often trigger a civil claim in the UK by the family and dependents, if the defendant company is UK registered. The new Act will have a direct impact on business travel within the UK and driving at work is one of the most obvious areas of risk. There are currently around 1000 fatalities a year in the UK.
The Health and Safety Executive issued clear guidance on driving at work several years ago and companies that do not follow this could be at risk of a corporate manslaughter investigation, where it can be shown their breach caused a fatality. Under the guidance, employers should carry out a written risk assessment of everybody who drives within the organisation, dealing with issues such as driver competency and fatigue management.
Businesses arranging international travel should also take note. Take a situation where a busy executive gets off a flight from New York at Heathrow. He has had little or no sleep and, on arrival, goes into the office, then has to drive to a meeting in Bristol. Depending on the circumstances, if this journey leads to a fatal car crash, it could well trigger a police corporate manslaughter investigation.
Other scenarios where business travel could be caught by the provisions of the Act could include situations where employees are sent within the UK to meetings on dangerous premises, such as construction sites or oil installations. In such cases, a full written risk assessment must be carried out and all necessary safeguards taken.
Written by David Leckie, who is a partner at Maclay Murray & Spens LLP, and specialises in health and safety