LONDON—The risk to hotels from fraud is not merely a matter of damage to the bottom line but a cancer that can severely affect reputation, staffing and trustworthiness. In the case of brands, damage done to one property can ripple like a pebble in a pond to all its siblings.
Hoteliers can counter such threats by opening clear channels of communication, instigating more thorough staff vetting and checks, putting into place robust policies and alerts to detect wrong doing and empowering staff to raise concerns, said security and risk-management experts Tuesday during a panel at the Master Innholders’ 21st Annual Hotel General Managers’ Conference in London.
Another risk to reputation is how staff protects and safeguards guests’ data.
Chair of the panel Mark Child, partner at hotel consultancy Kingston Smith Consulting, said a pending European Union data-protection directive due to be law in the next year or so has the power to fine companies breaching data-protection legislation up to 5% of its global income.
The proposed maximum fine for infringement would be €100 million ($135 million), Child said.
The panelists pinpointed four main risk areas: reputation, staffing, cyber risk and supply chain.
Reputation
Arguably, a hotel’s reputation is its most valuable asset, said Helen Loughborough, VP of risk management for Europe, Asia, Middle East and Africa at InterContinental Hotels Group, who served in the British Army for 28 years.
“Risk is everyone’s business, not just the corporate office. One incident at one hotel can have a huge effect on the whole brand and an impact on revenue, both destroying stakeholder value and perception at one go,” Loughborough said.
Loughborough’s advice on increasing hotel and brand reputation included:
- building capital by doing good in the community;
- realizing that bad things can happen to good companies and that often the deciding factor is not the incident itself but how it is dealt with;
- and empowering staff to deal with situations so that guests do not immediately race toward TripAdvisor.
“A trusted company is more likely to be given the benefit of doubt,” Loughborough added.
Staffing
“We always judge fraud by its monetary aspect, but other aspects of malpractice are regrettably inevitable. Better management can have a major impact on profit and loss,” said Bob Dulieu, managing director of risk management consultancy Capcon, and who formerly had a career as a detective in London’s Metropolitan Police.
“Staff members need communication channels to exist so that they can report fraud, as without these your potential future star staff will feel insecure and feel that their jobs are insecure,” Dulieu said.
“And think how much more this will be the case if the fraud is being committed by senior staff. Managing fraud is a matter of managing people,” Dulieu added.
He said the most common fraud resulted from staff taking cash out of a business, but he also warned against gangs that sought out cash- and asset-rich companies to get their own people into those businesses during employment drives.
While criminal reference checks are available in many countries in Europe, the system is not foolproof, said Dulieu, who also urged hoteliers to make sure hotel policies were thorough and often checked.
“At one hotel, hotel policy did not say that the money in the till belonged to the hotel, so the ‘thief’ got acquitted at tribunal,” Dulieu said. “Check your policies!”
Cyber risk
Many consider cyber fraud the No. 1 risk facing hoteliers, and much time has been put into countering credit-card risk and being up to date with payment card industry data security standards, generally referred to as PCI compliancy.
“Cyber risk is less of a problem with big brands that are PCI-compliant, as information is no longer online, but there are threats to gift-card and loyalty programs,” said Paul Moxness, VP of safety and security for Carlson Rezidor Hotel Group.
“As points have been paid for before reaching the hotel, it’s easy for partners to cover their eyes to potential fraud, but cyber thieves can convert these points into something with monetary value, so when it looks odd, there needs to be someone who raises their hands. We do not need to be experts, but we need to have triggers that alert us to possible fraud,” Moxness added.
Supply chain
The good news is that the hotel industry is taking risk management more seriously.
“Risk management is about championing and protecting and realizing that risk increases with growth,” said Alexander Paraskevas, chair in hospitality management at the University of West London, who worked for Marriott Hotels & Resorts for more than a decade.
“Analyze the potential risk that comes with your supply chain, especially if parts of the business are outsourced. This also includes staff, especially if they move to a competitor,” Paraskevas said.
“The most important element is not to narrow down where risk might come from,” he said.