COVID-19 Case Study: Multinational Bank Grapples with Resuming Travel and Return to Work
Organization: A Canada-based multinational financial institution with global assets and facilities.
• Traveling staff
• Staff communications
14 May Update
Workers in Asia have begun to return to their offices in stages, though many continue to work from home. Corporate security is working with colleagues in legal, real estate, human resources, and other departments on a phased approach to return to offices around the world, considering issues such as ensuring safety and hygiene, communicating regularly and empathetically, and monitoring staff health without breaching privacy.
The privacy issue is especially tricky. “If a corporate executive is flagged by a reader for having a high temperature at the entrance and is pulled aside by a guard out in the open, that’s not sustainable, feasible, or private,” says the CSO.
The security department is exploring how it can do its part to facilitate the return to the office, such as separating workstations, staggering work hours, and monitoring social distancing. “This has changed the agile office paradigm,” the CSO says. “People didn’t want to work so close to others before COVID-19, and they really don’t want to afterwards.”
During outbreaks of SARS and Avian flu (H5N1), the bank stocked up on masks, so it has plenty for short-term needs. But it is looking closely at future needs at facilities around the world, based in part on when masks currently in stock reach their expiration date. The CSO says that masks will be available but not required for administrative staff.
The bank is also rethinking travel protocols when countries and regions start opening up. “At the beginning of COVID-19, countries locking down travel helped corporate security departments,” says the CSO, because they had no choice but to comply. Security is considering whether to require that all travel be approved by headquarters, rather than developing complicated charts including information on which countries have opened their borders and to whom, which areas are seeing declines in infections and deaths, which airlines are safe for travel, and so on. That is not only difficult to manage but difficult to communicate to staff.
The company’s HR department has proposed allowing travel but requiring that travelers self-quarantine for 14 days upon their return. The problem there, the CSO says, comes if a traveler gets quarantined away from home.
In the short term, most travel is being deferred. Changes in bank regulations to accommodate the pandemic are helping that cause. Regulations, such as having check identification in person for money laundering prevention, are being softened or suspended, the CSO says. Regulators are allowing for alternative modes of identification, such as biometrics and digital signatures.
An elevated standard for travel has yielded an interesting result: staff now have to prove that travel is critical, which is revealing that much travel that has been historically been considered essential is more accurately categorized as optional. Even such high-profile events as annual general meetings (AGMs) are no longer critical to attend. “All Canadian banks were able to have their AGMs virtually for the first time this year,” he says. “It’s a big deal.”
Outside of Asia, bank branches are mostly closed, though managers are available online to perform transactions virtually for customers, or they can arrange to meet in person when necessary for cash deliveries or other purposes. In Asia, branches limit occupancy, use tape lines to maintain distance between patrons, have created directional lines to improve customer flow, and deploy security officers to maintain order. Glass partitions that have protected tellers from armed robbers now serve double duty as transmission-prevention barriers.
With corporate campuses and city centers resembling ghost towns, the bank is wary of the rise in street crime such as muggings and smash and grab robberies. “The lack of crowds means there’s no eyes and ears on the street,” says the CSO. “When just a few staff show up on large campuses, it’s easier to become the target of a crime of opportunity.”
Security also spends time educating clients about avoiding COVID-19 scams by email, the Internet, and other means. But the bank is careful not to make it too difficult for technically unsophisticated customers to use their services. “If you make it too complicated to get money, by implementing biometrics or putting everything online,” he says, “it could confuse them” and deprive them of their own funds.
With executives now working from home, the role of executive protection has shifted from physical to virtual. EP practitioners have been partnering with cybersecurity staff to make sure senior managers understand proper cyber hygiene, know information protection protocols, use compliant shredders and safes, and conduct all activity on the corporate VPN. It has been another way for the EP team to show its value, says the CSO.
April 2020 Update
Because this Canada-based global financial institution has major operations in Asia, corporate security was alerted to the novel coronavirus early on. The CSO says that he “dusted off the pandemic crisis plans and gave them a once.” Business continuity, HR, legal, corporate security, real estate, and executives came together to sort out roles and responsibilities.
The team handled initial concerns as one-off responses, as if they were fire drills, the CSO says, before they realized that the crisis was prolonged, spreading, and ubiquitous. The bank distributed a global communication urging staff to stay at home if at all concerned and encouraging work from home when possible. A few staff were designated as critical, meaning they had to physically show up to the office as long as they felt well.
The bank initially locked down travel to and from high-risk regions, then expanded that policy to gradually include all regions. Staff were asked to report any medical concerns to HR while all facilities underwent deep cleaning.
Months later, other banks started retooling policies for visitors and contractors and instituted global travel bans. Because this bank had had exposure in Asia almost three months earlier, its preparation was well ahead of its peers.
Security is able to track staff and advise them if they need to stay at home. It issues letters to staff indicating that they are essential in case they get stopped by authorities on the way to work. They also receive personal protective equipment.
The bank created internal webpages dedicated to the virus and engaged all service providers specializing in that area and made their services available to the entire staff. Like many peers, the bank had to book special planes and work all channels to return people home.
Michael Gips, JD, CPP, CSyP, CAE, is the principal of Global Insights in Professional Security, LLC, a firm that helps security providers and executives develop cutting-edge content, assert thought leadership, and heighten brand awareness. Gips was previously Chief Global Knowledge Officer at ASIS International, with responsibility for Editorial Services, Learning, Certification, Standards & Guidelines, and the CSO Center for Leadership & Development. Before that, as an editor for ASIS’s Security Management magazine, he wrote close to 1,000 articles and columns on virtually every topic in security. In his early career he was an attorney who worked on death-penalty cases.