Factoring travel risk into trip approvals

Travel News 27 Dec 2017

Now that duty of care is high on the corporate agenda, trip-approval systems need to factor it in. Focusing purely on the budget aspects of corporate travel could put business travellers and, in turn, their organizations at serious risk.

Plus, a risk-based trip-approval system can do far more than just accept or reject trips. It can:

• capture trips to high-risk zones and alert the necessary stakeholders, who then can direct a trip to be cancelled or rescheduled; approve the trip but only with additional support, security and training; or take some other course of action
• ensure the correct workflow of approval by the relevant individuals
• act as an audit trail, allowing corporates to demonstrate their fulfilment of duty of care

Budgets that are set at the beginning of the year can be tied into travel policy guidelines, and similarly, companies can define risk policies in order to give corporate travellers and travel managers guidance. However, the risk landscape can change on a daily or even hourly basis. You can’t set risk levels for every global region and expect them to remain static for a whole 12 months.

Even countries deemed low risk can fall prey to dynamic threats like attacks and natural catastrophes with scant notice. Within any country, region or area, risks may also vary considerably.

Under duty of care and health and safety legislation, it can be illegal to put the onus on the individual business traveller to take a view on the complex global risk landscape armed only with the company travel policy and a list of approved safe areas. Organizations have a duty not just to set clear policies for employees and others who are traveling on company business under their care but to do due diligence to mitigate risk prior to travel.

But trip approvals are such an admin burden

In order for a trip-approval system that factors in risk management to work, it must be as easy as possible for both the traveller and the travel approver, with high levels of automation.

The ideal solution automatically will cross-match trip details against dynamic risk data from a reliable risk management platform. A trip to a higher-risk area would trigger an alert to the relevant manager.

Managers then could approve, reject or request changes based on organizational policies and other mitigating factors. For approved trips, the company could brief the traveller on additional precautions or order pre-trip training. Trips booked to lower-risk areas would pass through the approval system automatically, freeing approvers’ time to focus on the higher-risk exceptions.

Pre- or post-booking trip approval?

Some companies require trip approvals to occur pre-booking in order to avoid potential cancellation fees. However, pre-booking travel authorization can be painful for the traveller and laborious for travel and security managers, adding administration and potential delays, all of which have their own cost implications.

The post-booking approach, though, doesn’t hold up the process, but the downside is that a booked trip must be cancelled if it is not approved. In reality, though, the number of trips needing to be cancelled or amended is extremely low.

The post-booking method also allows for far greater automation. By connecting directly with global distribution systems, a post-booking trip-approval tool can pick up a traveller’s trip data without any additional data entry by the traveller. It also ensures that the approval is based on actual booking data, providing far greater accuracy and far less likelihood that details will change.

Ultimately, the pre- versus post-booking authorization decision will depend on the type and size of the individual organization. Based on internal studies with Anvil clients, the post-booking method does appear to be more effective for larger organizations.

Regardless, one thing is clear: While budget control will certainly continue to be critical for business travel, the security of people is a fundamental component of operational resilience, and risk assessment and mitigation must be key elements in any travel-authorization process.

Source: Business Travel News