In-flight purchases are an important revenue stream for airlines globally, with the function allowing passengers to purchase duty free items and on-board upgrades, as well as other services such as additional food, beverages, internet and telephone use. While such features are convenient for passengers, they can be susceptible to a number of risks, including staff pilferage, passenger theft of goods/services, counterfeit notes, counterfeit coupons/vouchers, counterfeit/stolen cards, declined transactions and issues relating to chain of custody of goods/inventory management system. Since ancillary revenues have become such an integral part of airline business models, it is important that appropriate measures are taken in order to protect these revenues and ensure profitability. There are many different models which can be utilised to manage risk, such as risk matrixes, diagrams, flow charts and standards. One such standard is HB167:2006 (see Figure 1), which outlines the necessary steps to manage and mitigate risk.
Figure 1: HB167:2004 Risk Management Process
This article focuses on system upgrades and technical solutions that can treat many of these risks simultaneously.
Risk Management Process
Establish the context
The first step in the risk management process is to establish context. In this stage of the process, risk criteria are defined and both the internal and external context are analysed, which will later be used to prioritise the risks and help decide the extent to which the risks should be treated (Bharathy & McShane, 2014).
During this step of the process, it is essential to first understand the external context, which could include legal and regulatory requirements, external stakeholders and the cultural, political and legal framework the organisation is operating within. In the context of commercial aviation in-flight revenue risk, this would include looking at any relevant International Civil Aviation Organization (ICAO) and International Air Transport Association (IATA) regulations, any international laws governing in-flight payments, examining the successes and failures of other airlines (although this can be difficult due to a reluctance in the industry to disclose sensitive information), and consideration of the needs and requirements of external stakeholders (such as merchant bank limitations and customer satisfaction).
The internal context must also be established, which will include internal stakeholders (for example, IT, investigations unit, payments team), organisational culture (for example, do cabin crew follow procedure correctly?), current organisational procedures and policies, expected outcomes, scope, framework, and acceptable methodologies of risk management (International Organization for Standardization [ISO], 2009).
In essence, establishing the internal and external context allows the risk manager a fuller picture of the limitations, expectations and minimum requirements of the organisation and its stakeholders.
At this point, it also critical to define the risk criteria. This will include elements such as causes and consequences of the risks, how likelihood will be ascertained, stakeholder views and tolerance levels, all of which help to define the risk criteria (Bharathy & McShane, 2014). For example, the risk assessment for in-flight revenue may only seek to include revenue lost by fraud, misdeed, theft and/or pilferage and exclude revenue lost by damage incurred to goods between the manufacturer and the aircraft, as this may be outside the scope of the risk assessment and within levels of acceptability for the organisation.
Identify the risks
Risk can be defined as the effect of uncertainty on objectives, and the purpose of risk management is to manage and mitigate that uncertainty (ISO, 2009). To accomplish this, the risk manager must first communicate and consult with relevant stakeholders and impacted business areas (see Figure 1), to identify what the risks are. The list must be comprehensive, as any risks that are not identified at this stage will not be evaluated and treated later in the process. The risk manager must identify all the potential risks to in-flight revenues, including:
- staff pilferage
- passenger theft of goods/services
- counterfeit notes
- counterfeit coupons/vouchers
- counterfeit/stolen cards
- declined transactions
- chain of custody/inventory management system
In this way, the risks and any knock-on effects to the business can be clearly laid out, ahead of the risk analysis. Most of the above are self-explanatory as to why they are a risk to revenue, except for the point about inventory management. If an organisation does not have an adequate system in place to monitor, review and manage the level of stock coming in, and match it against stock on-hand (minus any stock sold), then there is no way to accurately establish if anything is missing. Similarly, it means that there is no way to identify at which point in the chain of custody items are being stolen, unless they are fully accounted for from the moment they arrive from the supplier until they reach their final destination (customer/storage).
Solutions and recommendations
Technological advances have meant that there are now a number of options available to airlines to prevent in-flight fraud and reduce revenue risk. The most prevalent and costly risks in terms of revenue losses are the use of fraudulent cards and declined transactions, hence it is prudent to focus resources on treatment measures which would minimise or eliminate these risks. Increasingly, there are cases in which airlines have achieved this by upgrading their payment systems to a Wi-Fi-enabled system (Avanade, 2014; Hong Kong Airlines, 2015).
Research indicates that there are vast benefits for airlines that embrace such technologies. Hong Kong Airlines (2015) reported large increases in overall in-flight duty free sales (78 percent), increased sales per passenger (56 percent), as well as faster processing times, allowing better customer satisfaction. The use of real-time processing also allows for the elimination of loss both due to card fraud and declined transactions and, as a result, airlines can choose to remove payment limits, which in turn allows for an increase in sales volumes. Additionally, an upgrade in both hardware and software for payment processing allows for a number of procedural benefits.
Cabin crew could process purchases/upgrades using apps via smartphones or tablets. This eliminates storage problems associated with the cumbersome handsets currently required. Additionally, the use of app-based technology means that the upgraded system can provide an end-to-end inventory management system which can track the location of goods from suppliers, to the bond store, to the aircraft and back again. This means that there is more robust accountability for the location of goods in the supply chain. The use of an app to manage purchases and inventory also allows airlines to set up automatic alerts for re-ordering stock, reduce excessive inventory by using algorithms to determine which products are most popular with customers, and easily update the product catalogue. App-based technologies can also be easily customised to suit the needs of the business and adapted as needed if the revenue streams change.
In the short term, the system upgrades as mentioned above will be costly. They will require investment in hardware, software and training, as well as potential procedural changes for both the cabin crew and the bond store. However, in the medium to long term, the savings achieved from reduced fraud and declined transactions, coupled with increased revenue from in-flight sales, will prove to be a sound investment. In addition to this, system upgrades to the payments process will greatly reduce time spent by investigators on fraud cases and chargebacks, leaving them more time to perform other duties and therefore increase productivity. Another major benefit is that such an upgrade will better prepare the system for future technological advances; once an app-based system is in place, it will be much more adaptable and flexible to the needs of the business and responsive to the needs of the customer.
In summary, technological system upgrades and the use of app-based systems for payment processing will provide numerous benefits to airlines, in terms of both increased revenue and customer satisfaction, and by reducing the level of loss due to decreased risk.
For a full list of references, email firstname.lastname@example.org
David Foley is the 2015 winner of the Australian Security Medals Philip Ruddock International Security Study Fellowship. Currently in his final year of a Bachelor of Security, Intelligence & Counter-Terrorism (Criminology Major) at Edith Cowan University, his areas of interest include; Fraud & Investigations, Aviation Security, Organised Crime & Counter-Terrorism.
David has previously worked in; Fraud Investigation, Counter-Terrorism Financing & Anti-Money Laundering within the Finance Sector.