A User-Centric Approach to Business Travel Policy Compliance

A User-Centric Approach to Business Travel Policy Compliance

Compliance can be painful and a bottleneck — but approaching it from the user’s perspective can improve adoption and buy-in

Every executive wants good, reliable business processes — but building those reliable business processes, and getting employees to follow them, is actually quite hard.

First, the business process must do what you want it to do; that is, it has to work. Second, it has to comply with the law, regulations, or even internal policies you set for your business. Third, employees have to, ya know, use it. That can be the trickiest part of all.

Let’s be honest: lots of business processes can achieve the result you want and comply with the law, but they’re a hassle for your employees. Then employees have a funny habit of developing their own processes to do an end-run around whatever “official” business process you spent time and money perfecting. Employees have a lot on their plate already, and the last thing they want to do is jump through unnecessary hoops to follow business processes they don’t understand or deem necessary.

That’s what corporate executives need to consider as they grow their businesses. Putting necessary structure around your business activity is great, but structure for the sake of structure can be a huge waste of time and actually end up being counterproductive — leading to shortcuts and/or leakage.

The smart move is to design business processes that work with your company’s most important resource: its people. Yes, you still need to consider compliance obligations and business objectives as well, but those are satellites that orbit around the employee — who should always sit at the center of your thinking here.

One perfect example of this issue is your company’s travel policy. Most companies default to a “hard approval” policy, which requires official approval for any booking (flight, hotel, and so forth) that exceeds a company’s predetermined spending limit. This approach, however, can have some serious downsides: unnecessary back and forth, rising fares, leakage. Companies may want to reconsider that conventional wisdom about hard approvals for corporate travel.

Lola.com (which is designed to make travel management as lightweight and streamlined as possible) understands the downsides of traditional approaches. It designed a travel management platform that bypasses enforced hard approvals, in favor of allowing users to book travel outside corporate policy without prior approval.

So how does that idea fit into the user-centric approach to business processes I just outlined above?

What ‘User-Centric’ Really Does

At first glance, the booking-outside-policy idea might seem counter-intuitive. We’re letting employees deviate from the standard company policy. Isn’t that unwise?

Not really, when you consider the realities of booking travel and getting business done in the modern era — which is what employees consider every time they need to take a trip.

From their perspective, airfares and hotel rates change constantly. So do personal schedules and other business needs also clamoring for their attention.

So even while employees generally want to do right by the company and follow the travel policy you’ve outlined, they may struggle to balance that objective with numerous other practical challenges.

They might need to make a quick choice: “Do I book this flight now because I’m leaving in less than 48 hours? Or do I risk all my plans while waiting for approval from the boss?” Last-minute flights are more expensive (and likely out of policy) but sometimes they’re necessary. And delayed approval from the boss may mean missing out on one of the last seats on a flight to a crucial meeting.

That’s a very plausible scenario employees might encounter. It pits the company’s policy directives (“no flights over $500 without approval”) against the employee’s business and personal needs (“if I don’t get this flight for $550 now, I might have to take the red-eye home”).

A user-centric approach seeks to shift that conflict, as much as reasonably possible, off the employee and onto the company.

The key word in all of this is reasonable. An employee might want a slightly more expensive flight that leaves earlier, or a hotel where he or she is a preferred customer and can collect loyalty points. Or a fare might be available only today, so book now while it’s $12 more expensive, rather than tomorrow when the price goes up $200.

Most employers will approve those requests the majority of the time. So what’s the harm in letting the employee go ahead and make the booking? How would it change any behavior?

From the employer’s perspective, the crucial element is having an ability to approve or deny out-of-policy requests — but not necessarily having prior approval ability. So long as the company has a window where it can exercise that ability, it can still balance the two business objectives at play here: empowering your employees as much as possible, and staying within policy as much as possible.

Serving Multiple Interests at Once

So when Lola allows users to book out-of-policy right away, and then gives supervisors 24 hours to approve or deny the booking, the interests of both sides (employer and employee) are served. It builds the process of booking travel around the user’s real-world experience, while preserving the control supervisors need.

That’s how a user-centric approach should work — for booking travel or any other business process, frankly.

Consider the converse, where the employer’s approval and control always comes first. That can change employee behavior substantially. They might book out of policy anyway and stick you with the bill by surprise. They might not take that trip to an important client at all. Or maybe they follow the policy to the letter, but are uncomfortable and disgruntled the whole way.

Worst, employees might slip into ethical fading. That’s the habit of thinking, “I worked so hard to follow this rule, that I’m entitled to overlook this other rule.” (Remember this the next time you hit three red lights in a row, and then floor it through a yellow light at the fourth intersection.) Nothing good comes from that mindset.

A user-centric approach is about serving all parties’ needs as best as possible, while working within the reality that users face. It’s miles better than developing business processes in a vacuum, with no consideration for users’ reality at all.

Matt Kelly is the editor of RadicalCompliance.com, a website and newsletter that explores corporate compliance issues. He can be reached at mkelly@radicalcompliance.com.

About the Author: Matt Kelly
Matt Kelly is a long-time writer and observer of the corporate compliance and GRC scene. Today, he runs Radical Compliance, a website devoted to corporate compliance, audit, and risk management issues, striving to make the GRC world a better place. Matt honed his writing skills prior to starting Radical Compliance as a writer, editor, and publisher at Compliance Week for 12 years. He’s passionate about compliance and loves to share his thoughts through blogging, speaking at conferences, and chatting with anyone who asks.