This article reflects on security and health risks to people and operations within aviation. We review present day threats, the changing landscape as a result of the COVID-19 pandemic, and considerations for organizations to support their own risk management procedures.
It is unfortunate that recent history has demonstrated the myriad of security and health risks to people within aviation. Hijacking in the air, risks of traffic accidents, food poisoning, kidnapping, extortion, unlawful detainment, riots, protests, or civil war have long been concerns of the aviation industry. These risks threaten an employer’s ethical and legal care for the lives of their people and passengers.
For example, pilots and crews of private jet companies are perceived as wealthy beyond the hopes of many people in emerging and less developed economies now financially hampered by COVID-19. This increases their threat of kidnap for ransom or extortion, often harnessing ‘insider’ information from airport staff or the authorities to identify likely targets. Using traditional techniques of persuasion and entrapment, crews and staff may be parted from funds underpinned by the threat of violence. Inappropriate behaviours in hotels or entertainment venues can also expose individuals to extortion through shame and embarrassment at the prospect of having recordings of their activities online or otherwise revealed.
There are fortunately many ways in which these can be managed including the implementation and maintenance of tried-and-tested security measures and protocols. These measures go beyond baggage checks and passenger screening and include robust travel security policies (including compulsory e-learning modules for business travellers), comprehensive vetting of staff and suppliers, audited and benchmarked crisis management plans and regular scenario testing to evaluate resilience to critical security incidents. The risk has shifted over the past few years, as a result, of rapid technological advancements. Cyber extortion, ransomware and other breaches constitute a major threat to the operational integrity and reputation of the aviation industry and cyber security audits are a key pillar of effective risk identification and treatment.
The inevitable post-COVID fiscal tightening may see some populations protest and the possibility of an increase of civil disorder and a backlash to security forces due to the loss of jobs and livelihoods. This amplifies the likelihood of passengers and crews either becoming caught up in collateral violence or becoming a target of it if staying or walking around wealthy areas. Similarly, if the elite of the host country are viewed as corrupt, negligent, or ineffective in dealing with the COVID-19 crisis and its repercussions, the chances of coups and political turmoil increase. If private jet operators are seen as the facilitators of incumbent elites, they may become targets themselves and should take advice beyond any assurances of security made by their clients.
As funds dry up in the hardest-hit territories, the provision of public security, law- order and a functioning judiciary – may suffer. At a time of political change with associated unrest, this could result in wrongful detention by the security forces either for personal gain or political reasons. Threats, and extortion by state actors may become just as common as those from non-state criminals.
In this changing and increasingly uncertain environment, where many destinations or overflight countries may be increasingly unstable, and the wealth gap more pronounced, it is important that potential threats to crew and passengers are assessed at the flight planning stage. This does not solely entail a read-out from global security monitoring organisation (although they are a critical component in identifying trends and patterns) but the interpretation, where possible, of information sourced through impartial contacts on the ground.
It is for all these contributing reasons that security and health risks to people within aviation should not be managed through risk transfer alone but identified, monitored and avoided as far as is possible. The tools for businesses need to be real time, data rich and adaptable to global risks. The social, political and economic effects of the COVID-19 pandemic have reshaped these threats for the aviation industry. Robust risk management requires a multitude of resources, reinforcing existing risk management processes and ensuring that plans reflect business reality.
Effective communication channels and dispersion of intelligence are needed.
Crew and other travelling personnel should be informed regularly of the changing threats by destination (e.g., crime increases in certain hotels or areas of nearby towns) and by category (e.g., new and methods of cyber extortion). They should also be trained in the avoidance of violence, arrest or kidnap and behaviours to exhibit should these occur. At a corporate level it is recommended that threat identification and analysis systems are reviewed and refreshed allowing better informed risk mitigation controls to be conceived and implemented by all, not by the security department alone. Indeed, all staff should be expected and encouraged to report back or contribute to the understanding of the risk landscape in destination and overflight countries and towns.
Insurance is of course critical, and the response by the industry to these changing demands has been to ensure that sophisticated Special Risks and Accident and Health programmes are in place to provide 24/7 threat monitoring and crisis response, as well as the reimbursement of a diverse number of additional expenses incurred, including legal liability claims. A Special Risks policy, along with higher risk Accident & Health solutions, has increasingly become a ‘standard’ part of the aviation insurance portfolio and crisis management toolbox, reinforcing the policyholder’s duty of care commitments and demonstrating good corporate governance. We see excellent examples of this across the industry and role playing ‘stress testing’ training with employees. Where companies can add an extra layer of scrutiny is to invite a third-party specialist to audit and challenge procedures, information feeds and ensure that the risk management methodologies are fit for purpose.