Keeping Parades and Events Safe for Businesses and Employees


Holiday parades will be marching down many U.S. city streets during the next six weeks, with millions of revelers expected to attend. And while these are historically joyous occasions, safety is a top concern for businesses located near the festivities—especially considering the high-profile violence that has recently dominated headlines. Rezwan Ali, risk solutions group head of security at Falck Global Assistance, which advises companies about security, safety and travel risks, spoke about the challenges and best practices faced by businesses and employees located near parade routes.

Risk Management Monitor: How are companies responding to the rise in low-tech terrorism and violence?

Rezwan Ali: Companies have become more aware of the need for crisis management. Recent terror events in cities such as Paris, London, Las Vegas and New York have shown companies that duty of care is much more than just health and safety – it is knowing where your employees are traveling and aiding them if affected by terror or violent events. As companies become more globally oriented, their employees are required to travel more, which expands the company’s duty of care responsibility and creates a need for travel risk management. In recent years, there has been an increase in the demand for travel risk management, which originates in a company’s acknowledgement of providing duty of care services to travelling employees to mitigate the possible impact of attacks on the business, its reputation and employees.

RMM: What steps can businesses take to prevent disruption?

RA: The best way to mitigate disruption caused by terrorism is to be prepared at both the business and individual level. On a business level, companies should implement a crisis management process and a contingency plan. A crisis management process includes appointing a crisis management team and training the organization using various scenarios. The contingency plan provides guidelines on how to maintain business as usual when a crisis occurs and works in parallel with the crisis management process. On an individual level, training can provide employees with tools to cope with stressful situations and alleviate the impact of an incident. When employees know how to manage demanding situations, the effect on the company will also be minimized.

RMM: How can businesses located near a parade route or major event protect their employees?

RA: All businesses should have emergency and evacuation plans, which can be applied in the event of emergency. These plans should cover procedures for evacuating the office, safe areas and roles and responsibilities. Businesses located in areas identified as potential targets for terror attacks should incorporate specific emergency measures related to terrorism into their plans. They should also ensure that all employees know and understand that the emergency plans exist. These plans could include guidelines for what to do should a terror attack take place outside the office, as well how to react in the event of an active shooter. It is crucial that these plans and procedures are trained, exercised and tested.

Having an office in an area prone to various incidents requires the company to be informed of relevant developments. Sound intelligence can alert the company of an event, enabling quick initiation of applicable plans. Many companies use their network to provide intelligence or rely on local media to provide alerts. Regardless of the information, it is important to use trustworthy sources to ensure validity. The company can choose to develop a trigger system that determines whether the alert should activate any emergency procedures.

RMM: How likely is it that someone will be a victim of terrorism or violence during a large event?

RA: Although terrorism has severe consequences, the likelihood of being a victim of terror is low when compared to other risks such as traffic accidents and illness. The impact of a traffic accident on the individual can still be high, while the impact on the business will be minimal, in most cases. What makes terror so dangerous is not likelihood, but the fear of it happening. Terror literally means “fear,” and it is the uncertainty and severity of terror that is pivotal for how we perceive it. Employees may express a somewhat irrational fear that must be addressed and taken seriously by the company, as it affects the employee and his/her work.

Critical Infrastructure, Security and Resilience Highlighted in November

National Critical Infrastructure Security and Resilience Month (CISRM) kicked off on Nov. 1. The month’s initiatives address risks such as extreme weather, aging infrastructure, cyber threats and acts of terrorism. Its timing is certainly appropriate, as the effects of recent hurricanes on infrastructures in southern states and Puerto Rico continue to be assessed, as well as Northern California’s devastating wildfires and the deadliest shooting massacre in modern U.S. history.

The month was created by the Obama administration and the Department of Homeland Security (DHS) hosts CISRM in an effort to promote education and awareness of the 16 critical infrastructure sectors that are vital to public safety and national security. Its page reads:

The evolving nature of the threat to critical infrastructure—as well as the maturation of our work and partnership with the private sector—has necessitated a shift from a focus on asset protection to an overarching system that builds resilience from all threats and hazards.

A CISRM toolkit provides companies with templates and drafts of newsletter articles, blogs, and other collateral material for use in outreach efforts. Activities geared toward business owners, public entities and private citizens focus on several key themes to enhance security and resilience, including:

  • Highlighting interdependencies between cyber and physical infrastructure
  • Pointing small and medium-sized businesses to the free tools and resources available to them to increase their security and resilience through Hometown Security and the four steps of “Connect, Plan, Train, and Report”
  • Promoting public-private partnerships
  • Fostering innovation and investments in infrastructure resilience

In his proclamation of CISRM earlier this week, President Trump further committed to helping businesses invest in “needed capital and research and development by reducing burdensome regulations and enacting comprehensive tax reform.” The proclamation states:

We will also renew our Nation’s focus on ensuring that the next generation has the education and training, particularly in science, technology, engineering, and math, required to meet the known and unknown threats of the future.

Overall the United States’ infrastructure is among the top 18 in the world, according to the 2017 FM Global Resilience Index, which aggregates data to help companies identify their key supply chain risks. The U.S. continued to hold high rankings among 130 countries based on drivers in three categories: economic, risk quality and supply chain factors. The U.S. is segmented into three regions to reflect disparate natural hazards exposure:

  • Region 1, encompasses much of the East Coast, is ranked #10 in the index (a one-spot upgrade from last year)
  • Region 2, primarily the Western U.S., is ranked #18 (a three-spot upgrade)
  • Region 3, which includes most of the central portion of the country, is ranked #9 (down three places)

Although the federal government is less focused on asset protection, business owners can still get involved by safeguarding workplaces. In its October 2017 edition, CLM magazine noted that another path toward resilience involves reducing property damage caused by extreme weather and natural disasters. Literally looking to the sky is one suggestion; business and property owners should pay particular attention to their roofs in order to prevent degradation and enable them to withstand high winds.

“Property owners need to have maintenance personnel adopt and implement preventative maintenance and roof inspection programs that alert them to potential and active degradation,” wrote the authors of the article, “Time For Resilience.” “Weak links such as roof detachment, corrosion, or other damage could tear off roofing during an enhanced wind event. Such risks need to be mitigated before an event occurs.”

Ready.gov provides resources on disaster planning and management, and also has this section on Business Continuity.

Marsh Tracks Top Captive Trends

The number of captive insurers continues to increase globally, from 5,000 in 2006 to more than 7,000 in 2016. Once formed primarily by large companies, the captive market has opened up to mid-size and small businesses. The industry is also seeing a trend in companies forming more than one captive, using them for cyber, political risk and other exposures, according to a recent Marsh report, Captives at the Core: The Foundation of a Risk Financing Strategy.

Organizations are seeing disruptions in a number of areas and are relying more on their existing captives, Marsh said. Because of their flexibility, captives are also being used to respond to market cycles and organizational changes such as mergers and acquisitions.

While North America and Europe still dominate in numbers of captives, other regions have shown more interest in the past three years. In Latin America, captive formation increased 11% in 2016, the study found.

Within the United States, there is more competition among domiciles and some of the newer domiciles are experiencing growth. The top-growing U.S. domiciles in 2016 were Texas, Connecticut, Nevada, New Jersey, Tennessee, and New York. Domiciles outside the U.S. seeing the most growth include Sweden, Guernsey, Singapore, Malta, and the Cayman Islands.
As organizations’ exposures increase in number, complexity and severity, shareholder funds generated by captives are becoming more important. According to Marsh:

For many clients, captives are at the core of their risk management strategy, going beyond the financing of traditional property/casualty risks.

Specifically, we are seeing an increase in parent companies using captive shareholder funds to underwrite an influx of new and non-traditional risks, including cyber, supply chain, employee benefits, and terrorism, as well as to develop analytics associated with these risks and fund other risk management initiatives.

Risk management projects funded by captive shareholder funds in 2016 included initiatives to determine capital efficiency and optimal risk retention levels in the form of risk-finance optimization; quantify cyber business-interruption exposures; accelerate the closure of legacy claims; and improve workforce and fleet safety/loss control policies.

For example, Marsh-managed captives used to address cyber liability increased by 19% from 2015 to 2016. Since 2012, in fact, cyber liability programs in captives have skyrocketed 210%.
“We expect to see a continued increase, driven in part by companies that are already strong captive users and by those that may have difficulty insuring their professional liability risks,” Marsh said.

Large Venues Reviewing Security Measures

Venues that attract crowds, such as large sports events and concerts are reviewing their security measures, both inside and out, to prevent an attack such as the suicide bombing after an Ariana Grande concert in Manchester, England, that killed at least 22 people.

Most venues have strict rules about bags, backpacks and coolers. Some check items thoroughly before allowing them inside an arena and others do not permit them at all. Venues also employ security detail to check those attending events as well as plainclothes detail to monitor the crowd. In the Unites States, the Department of Homeland Security warned that the U.S. public may experience increased security at public events.

Hong Kong’s AsiaWorld Expo, where Ariana Grande is scheduled to hold a concert in September, said it plans to improve security at all concerts and events. Besides baggage inspection, there will also be metal detectors and search dogs, it said in a statement.

According to the South China Morning Post, the Hong Kong venue said it will begin using metal detectors to screen for potential threats, in addition to its usual backpack and baggage inspections. It also said it would consider using search dogs for any suspicious items or requiring visitors to wear security straps to track them while in the venue.

One mega event, the annual Indianapolis 500 over Memorial Day weekend, took to heart the task of keeping attendees safe. Adding to security planning measures for more than 300,000 attendees was the safety of Vice President Mike Pence, who was expected to attend—and arrived on Sunday morning.

Indy 500 crowd, May 26, 2017. Photo by Dana Garrett

Reuters reported that the Indy 500 has a Homeland Security SEAR 2 (Special Event Assessment Rating) designation, which means federal assets can be brought in to enhance security efforts during the event.

The Indy 500 is regarded as the world’s largest single day sporting event. Only venues on par with the Super Bowl and the Democratic and Republican conventions are given higher security ratings. Local, state and federal agencies contributed to security efforts at the Indy 500, including sniffer dogs, license plate recognition equipment and multiple security checkpoints to enforce restrictions.

There are those who believe, however, that even with enhanced measures, terrorist acts cannot be completely anticipated or stopped.

“Whatever is done—and in this case it’s British intelligence which is considered among the best in the world—it won’t prevent such incidents happening,” Jean-Charles Brisard, president of the Centre for the Analysis of Terrorism told Reuters. “You can bring back the perimeter, add security gates and as many controls as you want, but that will not change the fact that a determined individual will carry out his act if he is not caught before.”