Safety first – the risks to hospitality

On the morning of 22 March 2016, two bombs ripped through Brussels Airport, killing 17 people at the scene – with a further four later dying of their wounds – and injuring 81. Within minutes of the explosion, as panic reigned, the lobby of the nearby Sheraton Brussels Airport Hotel was turned into a makeshift triage unit, with hotel staff tending to the wounded while the emergency services made their way to the scene.

This vignette highlights not only the risks faced by cities that, not long ago, were considered among the safest in the world for travellers but also the fact that hoteliers are, reluctantly, on the front line. According to the 2016 Terrorism and Political Violence Risk Map, published by insurance company Aon, there were 644 deaths and injuries as a result of terrorist violence in Europe during 2015, 63% of which occurred in attacks on private citizens and public spaces, as opposed to security services or political targets. This figure alone is a significant increase from the combined number of deaths and injuries for 2010–14.

While the risk profile of Western European destinations has undoubtedly been raised, recent research by STR, a hotel market data and benchmarking firm, does provide some crumbs of comfort for hoteliers. The company studied four cases in which a major European market was attacked by terrorists – Madrid in 2004, London in 2005, Paris in 2015 and Brussels in 2016 – and found that, while occupancy and RevPAR dropped dramatically in the months after the attacks, it didn’t take long for the markets to stabilise.

“Everybody knows that terrorist attacks are bad for the hotel sector,” says Robin Rossman, managing director of STR. “I think the thing that was surprising for me was how robust hotel performance has been in the months after these attacks.

“We found that it took three months on average for the markets to stabilise and start to climb. The second thing was around the fact that, in general, the hotel markets didn’t drop rates during that period: there were no discounts to try to drive value.”

There are various reasons for this, and it is difficult to ascribe weight to each one. London saw a smaller decline in the month after the 2005 bombings than Paris and Brussels, and also recovered more quickly, but this could just be because many business travellers, who make up a higher proportion of London’s hotel guests, had no choice but to come anyway.

As the tragedy at Brussels Airport shows, however, well-trained staff and the right operational measures might not just help ensure the safety of guests, but also allow hotels to be part of a community’s response to terror and play an important role in its recovery.

Known unknowns

At the core of a good security strategy is comprehensive risk management – the ability to judge the nature and seriousness of a likely incident before it occurs. There are a number of ways of doing this, some top-down and others bottom-up. At Carlson Rezidor, the risk management programme is based on the initialism ‘TRIC=S’, which stands for ‘Threat assessment + Risk mitigation + Incident response + Crisis management, communications and continuity = Safe, secure, sellable hotel rooms’.

There is an online self-assessment programme that all the company’s hotels, whether franchise-managed, owned or leased, must participate in. Selected parts of these self-assessments are added to a database of good practice that allows general managers to look at the innovative ways hotels are meeting their security objectives. This knowledge is combined with the assessments of third-party risk specialists, such as insurance companies, and disseminated to operations teams in a monthly meeting, as well as through a computer system that issues warnings, alarms and market-specific information.

“We don’t dictate [to individual hotels] what they should be doing – we always say if a general manager doesn’t know better than us what’s going on outside their front door, it’s probably going to be too late by the time we get involved,” says Paul Moxness, Carlson Rezidor’s vice-president safety and security.

“We have them do the self-assessments, and then they can always come to us for training or support, or to ask any other questions on things they may have seen in the press, and we try to follow it up with internal resources or the risk intelligence companies that we work with.” 

At Starwood, which owns the Brussels Airport Sheraton that found itself in the spotlight in March, the risk management strategy is similar but with a slightly more centralised structure. Each hotel fills out a detailed self-assessment survey, the results of which are triangulated with the research of an internal risk-analysis team and that of third-party analysts. Based on these findings, each hotel is then given a risk rating. This brings with it a set of mandatory guidelines that, with sufficient training, should be possible to implement at short notice.

“We have specific operating and policy procedures, by risk level and by type of risk, that the hotels will need to implement,” says Even Frydenberg, Starwood’s senior vice-president operations for Western Europe. “For example, after the attacks in March in Brussels, all of our hotels in all major cities in Europe went to high alert. We can do that the same day – just an hour or so after the attacks in Brussels – because the hotels are trained [in measures commensurate with different risk ratings] and should be able to implement them pretty much immediately.”

Practice makes perfect

Even with the most comprehensive risk analysis, the occasional incident is inevitable, and hoteliers face the delicate task of preparing their employees for all eventualities without causing them undue anxiety or stress. According to Frydenberg, the key is to incorporate the importance of risk awareness in the basic job training, whether that is to become a housekeeper, concierge or bartender, and then to repeat the right behaviours until they become second nature, even under the severe stress of a terrorist incident.

“It all starts with awareness of what’s happening around you and the people around you,” he says. “Anything out of place, you notify your manager immediately. You have some standard awareness training and some that is more tailored to the individual market.

“Over the past decade and a half, in every single hotel, we have also run safety and security crisis simulations. We call these ‘tabletop exercises’ and, every year, a hotel will go through at least one. This is really hands-on training that teaches them to think on their feet and make sure they don't forget anything in case they are faced with a situation like that in real life.” 

It’s also vital that the hotel sees itself as part of the community, exchanging information with other hotels and local security services. The UK is a leader when it comes to carving out channels of communication between law enforcement, intelligence services and the private sector, while the French authorities also upped their game in the lead up to the UEFA Euro 2016 Championship. According to Moxness at Carlson Rezidor, general managers should be proactive in building such relationships and may want to look to emerging markets for examples of best practice.

While not terror related, Sierra Leone offers up a good case study for this practice: when the ebola epidemic hit West Africa, the Radisson Blu in Freetown reached out to the Centers for Disease Control and Prevention (CDC), a US Government organisation that was in the country helping combat the disease.

CDC provided monthly training for the hotel staff, allowing it to stay open for the duration of the crisis and become a safe base for VIPs visiting the country, such as the regional director of the World Health Organization and Bent Høie, Norway’s health minister.

The partnership was beneficial not just to the hotel but to the city as well as it tried hard to maintain some semblance of ‘business as usual’.

“There are quite a few examples of direct engagement that really help the whole market improve its safety and security,” says Moxness. “We don’t view this as a competitive thing: it’s important for every hotel and destination to be as safe as possible. If something happens, it’s usually the destination that suffers more than the brand itself.