Wednesday 24 January 2018

GUEST BLOG: Making risk part of the business travel approval process

Although the use of business travel approval systems has now become the accepted norm for many, these predominantly focus on controlling costs and managing ever tighter travel budgets. But with growing concerns re safety and security, there’s a far greater requirement for the risk landscape to now also form a fundamental part of the travel approval process.

The best of both worlds in global business travel
When it comes to budget control and risk management, can you really have the best of both worlds without creating an unnecessary admin burden?
In this post, Matthew Judge, Managing Director of The Anvil Group, explains why risk management can – and should – form an integral part of your travel approval process and looks at the questions you should be asking when considering whether an authorisation system is right for you.

Why is travel risk authorisation so important?
The global nature of business today understandably requires frequent staff travel. While such movement is undoubtedly essential for business growth, the risks to employees can be considerable, especially if travel involves visiting areas of political, social and economic instability.

Simply providing travellers with general policy guidelines and then trusting them to make the right decisions is not enough. In order to fulfil your duty of care requirements, you need to demonstrate that you have done everything reasonable to keep your personnel safe from harm.

Travel approval systems need to factor this in. Focusing purely on the budget aspects of corporate travel  and failing to consider risk as part of the approval process could be putting your business travellers and in turn, your organisation, at serious risk.

We have a travel risk policy… surely that’s enough?
A clearly defined travel risk policy is essential and will certainly go some way to helping fulfil the necessary duty of care requirements. Like budgets, which can be set at the beginning of the year and tied into policy guidelines, risk policies can and should also be defined and assimilated, providing general guidance and parameters within which corporate travellers and travel managers can operate.

However, the risk landscape itself is dynamic and can change on a daily or even hourly basis. You cannot and should not rely on setting global risk levels and expecting these to remain static for the foreseeable future. Even countries officially deemed low risk can fall prey to dynamic threats such as man-made attacks or natural catastrophes with scant notice. Within any defined territory, there may also be risk nuances between different areas. Risk is rarely black and white.  

Under Duty of Care and Health & Safety legislation, it’s illegal to put the onus on the individual business traveller to take a view on the complex global risk landscape, armed only with the company travel policy and a list of approved safe areas. Your organisation has a duty to not just set clear policies for employees and others travelling on company business but also to ensure that relevant due diligence is taken to mitigate risk prior to travel.

How should a risk authorisation solution work?
The ideal risk authorisation solution should be able to form an integral part of your organisations’ existing travel approval processes. Driving travel approval via policy can already pose challenges, so an authorisation solution should require no real change to existing business processes, systems or cultural behaviours. It should be made as easy as possible for both the traveller and the travel approver to use, with high levels of automation. In fact, for the majority of trips that fall within agreed parameters, it should almost go unnoticed.

Trips booked to lower risk areas should pass through the approval system automatically, freeing time to focus on the higher risk exceptions.

A proposed trip to a higher risk area should automatically trigger an alert to a relevant manager who can then approve, reject or request changes based on organisational policies and other mitigating factors. For approved trips, the traveller can be briefed on additional precautions to adopt or be directed to undertake pre-travel training.

Should we opt for for pre- or post-booking authorisation?
Unlike cost approval, which can be done pre- or post-trip, it goes without saying that risk approval definitely needs to take place pre-trip. However, the argument then becomes whether risk should be considered before or after making travel and accommodation bookings, in other words, pre- or post-booking? This really comes down to individual corporate preferences and to some extent, the size of the organisation (or more specifically, the amount of travel that is undertaken).

Some corporates choose the pre-booking approach, as they feel this ensures no trips are booked unless approved, hence avoiding cancellation fees.

However, obtaining pre-booking travel authorisation can be painful for the traveller and laborious for the travel or security manager with additional form filling required, adding administration and potential delays, all of which have their own cost implication.

The benefit of the post-booking approach is that it doesn’t hold up the process. The potential downside is that a booked trip may be cancelled if unapproved. In reality though, the number of trips needing to be cancelled or amended due to them breaching accepted risk parameters is extremely low.

The post-booking method also allows for far greater automation. By connecting directly with the Global Distribution Systems (GDSs), a post-booking tool can pick up the trip data without the traveller submitting any additional forms or requests, thus removing a whole tranche of manual data entry. It also ensures that the approval decision process is based on actual booking information, providing far greater accuracy and far less likelihood of details changing.

Ultimately, the decision on whether to go down the pre- or post-booking authorisation route will vary depending on the type and size of your individual organisation. Although benefits can be demonstrated for both options, the post-booking method does appear to be the most effective option for organisations with a higher volume of travel.

When evaluating your options, make sure that you talk to potential providers about your organisation's current policies, processes and attitudes to risk. A good provider will be able to discuss all of the options with you and help you come to a decision that's right for you.

In summary
Regardless of individual preferences re pre- or post-booking authorisation, the safety and security of your people is non-negotiable. You need to understand the risks you could be exposing your travellers to and be able to properly assess those risks prior to any trip. You then need to ensure that the appropriate risk mitigation measures are in place and are adhered to. This hasn’t always been easy but with the right authorisation system in place, traveller safety can now be factored into standard travel approval processes, whilst keeping the end-to-end process simple for travel managers, approvers and travellers alike. 

When it comes to budget control and risk management, can you really have the best of both worlds without creating an unnecessary admin burden? Choose wisely and the answer is most definitely yes.

This post was written by Matthew Judge, Managing Director of The Anvil GroupAnvil will be exhibiting at The Business Travel Show taking place 21-22 February 2018 at London Olympia.


  1. Great post as usual. I would not live without travelling. Wherever you go becomes a part of you somehow.
    Travel early and travel often. Live abroad, if you can. Understand cultures other than your own. As your understanding of other cultures increases, your understanding of yourself and your own culture will increase exponentially.
    Did you know that you can print favorite photos of your work and hang them on the wall as canvas prints?