Worldwide Hospitality and Tourism Themes

Risk identification and analysis in the hospitality industry: Practitioners' perspectives

from India
Sonia Bharwani David Mathews
Article information:
To cite this document:
Sonia Bharwani David Mathews, (2012),"Risk identification and analysis in the hospitality industry",
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Worldwide Hospitality and Tourism Themes, Vol. 4 Iss 5 pp. 410 - 427
Permanent link to this document:
http://dx.doi.org/10.1108/17554211211277851
Downloaded on: 04 February 2016, At: 14:26 (PT)
References: this document contains references to 27 other documents.
To copy this document: [email protected]
The fulltext of this document has been downloaded 4688 times since 2012*
Users who downloaded this article also downloaded:
Amit Kapur, Kakoli Sen, (2012),"Key issues in setting up a hotel in India: a practitioner
perspective", Worldwide Hospitality and Tourism Themes, Vol. 4 Iss 5 pp. 428-437 http://
dx.doi.org/10.1108/17554211211277860
Lubka Tchankova, (2002),"Risk identification – basic stage in risk management", Environmental
Management and Health, Vol. 13 Iss 3 pp. 290-297 http://dx.doi.org/10.1108/09566160210431088
Nick Johns, Darren Lee-Ross, (1996),"Strategy, risk and decentralization in hospitality operations",
International Journal of Contemporary Hospitality Management, Vol. 8 Iss 2 pp. 14-16 http://
dx.doi.org/10.1108/09596119610111677

Access to this document was granted through an Emerald subscription provided by emerald-srm:172900 []
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for
Authors service information about how to choose which publication to write for and submission guidelines
are available for all. Please visit www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company
manages a portfolio of more than 290 journals and over 2,350 books and book series volumes, as well as
providing an extensive range of online products and additional customer resources and services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee
on Publication Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive
preservation.

*Related content and download information correct at time of download.

 The current issue and full text archive of this journal is available at
www.emeraldinsight.com/1755-4217.htm

WHATT
4,5 Risk identification and analysis in
the hospitality industry
Practitioners’ perspectives from India
410
Sonia Bharwani
Institute for International Management and Technology,
Gurgaon, India, and
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

David Mathews
Trident Gurgaon, Gurgaon, India

Abstract
Purpose – This paper aims to identify the key risks which are endemic to the hospitality industry
and considered as important by hoteliers in today’s growing global context, with particular reference
to the Indian context. It also seeks to propose a generic model for risk management.
Design/methodology/approach – Primary data collection using questionnaires and
semi-structured qualitative interviews with hospitality professionals was supplemented by
secondary research in the field of risk and uncertainty management.
Findings – To secure competitive advantage and develop business resilience, it is becoming
increasingly important for hospitality organisations to shift their focus from merely responding and
reacting to crises and emergency situations, to proactively identifying, analysing and assessing risks
while formulating their business strategies. The paper identifies the most commonly addressed areas
of risk in the Indian hospitality industry, which include competition, seasonality of business and
changes in customer preferences and demand.
Practical implications – Practitioners, researchers and educationists in the hospitality industry
will find the implications of this study useful in the context of the present complex business
environment which is fraught with risks.
Originality/value – Given the dearth of research in the field of risk and uncertainty management in
the hospitality industry, especially in the Indian context, the paper explores various aspects of
hospitality operations prone to risk and proposes a framework for identifying the key risks in
hospitality organisations. It also puts forward a generic model of the process of risk management.
Keywords Hospitality, Risk analysis, Risk identification, Uncertainty avoidance, Risk management,
India, Hospitality services, Hotel and catering industry
Paper type Research paper

Introduction
Hospitality and tourism is a key sector in the world economy today and accounts for
more than a third of the total global services trade. Over the past quarter of the century,
international tourist arrivals have increased about one percentage point faster than
global GDP in real terms (ILO, 2010). It is estimated that the tourism sector contributed
approximately US$5,991.9 billion or 9.1 per cent to the global gross domestic product
Worldwide Hospitality and Tourism (GDP) in 2011(HVS, 2012).
Themes The Indian hospitality and tourism sector has also been growing at a commendable
Vol. 4 No. 5, 2012
pp. 410-427 pace. Research undertaken by Tourism Satellite Accounting (TSA) predicts that
q Emerald Group Publishing Limited demand for travel and tourism in India will increase by an appreciable 8.1 per cent p.a.
1755-4217
DOI 10.1108/17554211211277851 in the coming decade making it the third fastest growing travel destination in the
 world. In consonance with this rise in demand, capital investment in India’s travel and Risk
tourism sector is expected to grow at 8.7 per cent p.a. between 2011 and 2021 (WTTC, identification
2011).
There has been a tectonic shift in the playing field of the Indian hospitality industry and analysis
especially over the last decade. A significant number of international brands have
either entered or are exploring the possibility of entering the Indian market. This has
presented myriad opportunities to a host of domestic players – both corporate firms 411
and entrepreneurs to tie up with experienced international players.
Though they operate in different domains, the hospitality sector shares a fairly
symbiotic relationship with the travel and tourism industry. As economic growth
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

gathers momentum, companies are increasing their spending on business travel.

Simultaneously, leisure travel is also experiencing a boost due to increasing levels of
importance being attributed to leisure time pursuits and greater amounts of
discretionary incomes at the disposable of the consumer. This two-pronged growth in
travel has had a salutary effect on demand levels in the hospitality industry. In light of
the above, the outlook for the hospitality sector the world-over and particularly in India
is very promising which has led to an expansion spree in the Indian hospitality sector
(Cushman & Wakefield, 2009).
However, while its long-term fundamentals remain strong, the hospitality sector is
highly dependent on external factors that could possibly mar its performance
(Equitymaster, 2012). Business in the hotel industry, much like any other sector, is
cyclical in nature. As a sector it has historically displayed a very high level of
sensitivity to any changes in the economic climate – with an immediate adverse effect
in occupancies and average rates being perceived when there is even an expected
downturn in the business scenario. The knock-on effect is also evident in the pace of
development of upcoming projects. Further, the direct impact of health scares, natural
disasters and terrorism on the hospitality business is but evident.
Thus, it has become imperative for hospitality organisations to take cognisance of
the internal and external risks inherent in the business in order to gain competitive
advantage and develop business resilience. It is becoming increasingly important for
hospitality organisations to shift their focus from merely responding and reacting to
crises and emergency situations, to proactively analysing and assessing risks while
formulating their business strategies. Thus, risk management has been receiving much
more attention and broader consideration in the Indian hotel industry over the past
decade.
This paper proposes a generic model for risk management, which can be used
across a range of industries. A crucial and a preliminary step in risk management, is
systematically identifying and classifying risks to which an organisation is exposed.
The research explores various aspects of hospitality operations prone to risk and aims
at creating a hospitality industry-specific framework for identifying the key risks
which are endemic to this industry. It also puts forward the perspective of practitioners
regarding the risks that are considered important by hoteliers in today’s growing
global context, with particular reference to the Indian hospitality sector.

Methodology
This research is based on data gathered using qualitative research methodology. An
in-depth literature review of relevant academic articles and other sources of secondary
 WHATT data such as reports of consultancy companies and industry reports was conducted to
4,5 ascertain the key risks in context of the hospitality sector with particular reference to
Indian luxury hotels.
Risk management and reporting is a statutory requirement for public limited
companies listed on the stock exchange as per securities and Exchange Board of India
(SEBI) regulations. Large luxury hotel chains – given the monetary investment
412 involved and the sensitive profile of their guests – have far more detailed Risk
Management Systems, often with dedicated resources to manage the processes. Hence,
a sample based on convenience sampling of a cross-section of senior practitioners from
leading public limited companies, operating luxury hotels in the Indian hospitality
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

industry, was used to gather primary data.

Primary data was collected through a questionnaire supplemented by
semi-structured interviews with select hospitality professionals including vice
presidents, general managers and directors of leading hospitality organisations in
India such as the Taj Group of Hotels, ITC-Welcomgroup, The Oberoi Hotels and
Resorts, The Leela Hotels and Resorts as well as international hospitality players such
as Starwood and IHG who have a presence in the Indian market.
The data, thus gathered from leading hotel chains, was used to build on the
secondary research data gathered from academic literature to gain an insight into the
key risks faced by hospitality organisations in each of the four categories of risks
identified i.e. Strategic Risks, Commercial and Financial Risks, Other External Risks
and Operational Risks with particular reference to the Indian milieu. The respondents
were also requested to rate the probability of occurrence of these risks and indicate
whether their organisation had strategies in place to mitigate these risks. The industry
viewpoints provided valuable inputs on industry perceptions, practical issues and the
ground realities in the field of risk management that could not otherwise be gained
from purely secondary document analysis.
The primary and secondary data collected, were triangulated with data gathered
from annual reports of leading hospitality organisations regarding the inherent risks
that they face in their day-to-day operations. On the basis of literature review and the
data collected a generic model for the process of risk assessment, mapping and
management was proposed. This was supplemented with a framework for identifying
the drivers of key risks in the context of the hospitality industry and discussions about
the perceptions senior practitioners from leading Indian hotel chains regarding the key
risks endemic to the Indian hospitality environment.

Risk and risk management

The constancy of change and the multiplicity of impacting variables from multiple
environments in today’s “global village”, all combine to provide any business with a
multitude of benevolent and malevolent opportunities. All businesses face risk.
Business Dictionary (n.d.) defines risk as “a probability or threat of a damage, injury,
liability, loss, or other negative occurrence that is caused by external or internal
vulnerabilities, and that may be neutralised through pre-emptive action.” Thus, risks
expose a business to potential advantage or disadvantage, the likelihood of occurrence
and consequence of which can be measured and managed.
The manner in which an organisation predicts, estimates and responds to these
opportunities and threats, often dictates the long-term success of the company. In order
 to cope effectively, an organisation must develop means and methods to evaluate the Risk
probability of the occurrence and the subsequent consequence or impact on the identification
organisation of such factors – both advantageous and disadvantageous. According to
the Australian/New Zealand Standard: AS/NZS, 2004 “Risk Management is the term and analysis
used for a logical and systematic method of identifying, analysing, treating and
monitoring the risks involved in any activity or process.”
The process of risk management – as an evaluation of both the positive and 413
negative aspects of risks – is increasingly seen as a central component of a company’s
strategic management arsenal. It is the process whereby organisations methodically
address the risks intrinsic to their activities with the goal of achieving sustained
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

benefit within each activity and across the gamut of all activities. Risk management,
thus, helps an organisation in minimising the obstacles in meeting its business
objectives. By setting up suitable internal processes, risk management fosters a deeper
understanding of the business processes and activities in order to identify potential
opportunities and threats, thereby, reducing volatility and optimising operations
efficiency. (IRM, 2002)
On the basis of a study of literature (IRM, 2002; Stoneburner et al., 2002; AS/NZS,
2004; Ernst & Young, 2008) a simplistic, generic model of risk management process
has been proposed. Figure 1 presents a diagrammatic representation of the model.
Risk management includes three main aspects:
(1) risk assessment;
(2) risk mitigation; and
(3) risk reporting.

Risk assessment
The first step in the risk management process is risk assessment, which consists of risk
analysis and risk evaluation. A systematic process has to be put in place for identifying
and classifying risks to which an organisation is exposed. An in-depth understanding
of the different aspects of the business has to be obtained through an internal and
external audit process. Intimate knowledge of the organisation’s day-to-day
functioning, its markets, its operating environment, its strengths and weaknesses,

Figure 1.
Risk management process
 WHATT the opportunities and threats that it faces as well as key success factors which are
4,5 critical in the attainment of its strategic and operational objectives is imperative. This
will help in identifying the different risks that are specific to that particular company.
This is the process of risk identification.
Thereafter, the resulting impact of the risk can be estimated by preparing a Risk
Level Matrix or a Risk Map on the basis of the probability of occurrence of the risk and
414 the severity of consequences of the risk. Probability or frequency or occurrence of a
risk can range from “almost certain” to “likely” to “unlikely”, while the impact or the
consequence of the risk could span the spectrum from “critical” to “insignificant”
(AS/NZS, 2004). In the illustrative example of a Risk Level Matrix given in Table I, 1, 2
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

and 3 represent the relative importance that should be accorded to each risk and
consequently the urgency with which it should be dealt. A rating of 1 indicates the
most important risk and 3 the least important.
Thus, Risk Estimation can be qualitative or quantitative. While quantitative impact
analysis helps in measuring the impact of risk in numerical terms and is useful in
conducting a cost benefit analysis of the recommended risk control measures,
qualitative impact analysis finds its utility in prioritising risks and figuring out where
immediate improvements can be made to reduce the vulnerabilities (Stoneburner et al.,
2002).
Any/many techniques can be used together or separately to identify and analyse
risks. Given below are examples of some such techniques for risk identification and
analysis (IRM, 2002):
.
risk assessment workshop;
.
scenario analysis;
.
industry benchmarking;
.
incident investigation;
.
auditing and investigation;
.
PESTLE analysis;
.
SWOT analysis;
.
business continuity analysis;
.
fault tree analysis; and
.
threat analysis.

The data gathered through the risk identification and risk estimation process is then
used to profile and group the risks into various categories based on the nature of the
risks and their estimated resultant impact. A risk taxonomy can then be created
through the Risk Profiling process which can prove to be very useful in prioritising the

Consequences of risk
Frequency of risk Critical Major Minor Insignificant

Almost certain 1 1 2 3
Table I. Likely 1 1 2 3
Risk level matrix Rare 2 2 3 3
 risks and help in setting up controls internal controls for risk mitigation. Thus, Risk Risk
Identification, Risk Estimation and Risk Profiling are the three main components of the identification
Risk Analysis process, which helps in understanding the nature of the risks that affect
an organisation. and analysis
To holistically carry out the risk assessment process it is imperative to evaluate the
risk after completing risk analysis. Risk Evaluation helps in determining the
significance of the risk in context of the strategic organisational goals and functioning 415
and the priorities of the management. Different criteria are used to evaluate the
importance of risks and may include the cost and benefits associated with risks, the
regulatory and legal requirements as well as concerns of the various stakeholders.
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Evaluating risks helps in deciding on the degree of attention and the level of effort that
should be directed towards managing and mitigating different risks in light of their
potential impact on the business as a whole.

Risk mitigation
Depending upon the significance and expected impact of the risk, a decision has to be
made about how the risk will be dealt with. Generally, the strategies to manage risk
typically include avoiding the risk, reducing the negative effect or probability of the risk,
planning for the risk, transferring the risk to another party or even accepting some or all
of the potential or actual consequences of a particular risk. Thus, risks can be treated by
using any of the Risk Mitigation options listed below (Stoneburner et al., 2002):
.
Risk elimination: Elimination of the risk cause so as to avoid the occurrence of the
risk would be the ideal way of dealing with a potential risk. For example to
eliminate the risk of default of payment by creditors, a cash only policy may be
adopted.
.
Risk limitation: Since complete elimination may be impractical or not be possible in
the case of each and every risk, steps can be taken to limit the risks by
implementing controls that minimise the adverse impact of a particular risk on the
business. For example, access to data on the IT systems within the organisation
can be password protected to limit the risk of theft of information data.
.
Risk planning: In order to manage risks that arise due to external volatility such
as change in prices of raw materials and fuel and fluctuation of foreign exchange
rates, hospitality organisations may mitigate the risks by planning for the risk.
This can be done by entering into annual rate contracts for raw materials,
advance purchasing of fuel or hedging the foreign exchange risks by entering
into forward contracts or having dual room tariff rates.
.
Risk transference: A risk which cannot be eliminated, limited or planned for can be
mitigated by transferring the risk to a third party through risk financing or
purchasing insurance. However, it must be borne in mind that not all risks can be
insured. For example, it is difficult to obtain an insurance cover for reputation risk.
.
Risk acceptance: Any pragmatic organisation is aware that certain present and
future risks which are unknown. The essential lack of knowledge of these risks
forces an organisation to just accept them and deal with their consequences as
and when they arise. Once any information about the risk is available to the
organisation it would be appropriately dealt with using any of the four preceding
risk mitigation strategies.
 WHATT The risk mitigation strategies and the proposed risk control measures need to be
4,5 chosen based on a trade-off between the potential economic impact if no action is taken,
vis-à-vis the cost of the proposed control measures. Thus, a cost-benefit analysis should
be conducted to check if the costs of implementing the mitigation strategy are justified
by the reduction in the level of the risk. Besides the operational impact of the risk
control strategy, for example, its effect on the existing systems and its feasibility in
416 terms of user acceptance, technical requirements etc. should also be considered
(Stoneburner et al., 2002).

Risk reporting
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Risk Reporting is an integral step in the risk management process. Different

stakeholders within the organisation require risk related information for different
purposes. The Board of Directors needs to be aware of the significant risks which the
organisation is exposed to, how the risks will be managed, the efficacy of the risk
management processes which have been put in place and with whom the responsibility
for managing the various risks lies. Individual departments within the company need
to be aware of the risks which fall under their purview, the possible impact of these
risks on other areas and the consequences of other risks on their working. Individual
employees also need to understand which risks they are accountable for and how they
are required to respond (IRM, 2002).
In India, risk reporting is a statutory disclosure which has to be made to the Board
of Directors of publicly-listed companies under the principles of corporate governance
as specified by the Securities and Exchange Board of India (SEBI) in Clause 49 of the
Listing Agreement. According to provisions of this clause, every quarter, the executive
management of a company has to inform the Board members about the risk
assessment and minimisation procedures that have been put in place to control these
risks within the organisation through a risk report certified by a compliance officer
(SEBI, 2004). Thus, risk reporting helps senior management to understand and assess
significant risks, make decisions regarding the risk policy to be adopted and allocate
resources to reduce and rectify potential losses and damages due to exposure and share
the information with external stakeholders too.
Risk reporting facilitates the Monitoring and Control of the risk management
process, too. A monitoring mechanism to review that the risk management process is
functioning effectively needs to be established. Regular checks should be made to
provide assurance that risks are effectively identified and analysed and suitable risk
control measures are being implemented. Audits of compliance with policies,
standards, procedures and regulatory requirements should also be done on a regular
basis (IRM, 2002). Any significant deficiencies in the risk management mechanisms
should be reported together with the steps taken to deal with them.

Drivers of key risks in the hospitality industry

Risks are endemic to businesses and their operations. In order to manage risks in an
effective and efficient manner it is imperative to have an understanding of the major
risks that an organisation is exposed to. Risk Assessment and within that Risk
Identification, thus plays a very vital role in the Risk Management Process described in
above model.
 An organisation and its operations face risks that arise, due to factors which could Risk
be either external or internal to the organisation. On the basis of review of literature identification
and industry interface, the authors have endeavoured to create a framework for
understanding the key categories of risks that affect hospitality businesses in and analysis
particular. The four broad risk categories are:
(1) strategic risks;
(2) commercial and financial risks; 417
(3) other external risks; and
(4) operational risks;
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

The first three categories of risks are largely extraneous to an organisation while the
Operations Risks largely stem from internal drivers within an organisation. Each of
these Risk Categories has a number of Risk Groups in them. An organisation could use
these categories and the groups as a broad map to indicate the key areas where they
would need to drill down and identify the specific risks they face in each of their units.
Figure 2 gives a diagrammatic representation of the proposed Risk Identification
Framework for identifying key risks endemic to the hospitality industry.
The ensuing exposition deals with each of the four Risk Categories and the key risks
in each category. This two-level framework was also used to structure the discussions
and questionnaires with the industry professionals.

Strategic risks
Strategic risks are those threats or opportunities that materially affect the ability of an
organisation to survive (Allan and Beer, 2006). They find their roots in the fundamental

Figure 2.
Risk identification
framework for hospitality
industry
 WHATT decisions taken by an organisation to face the dynamic changes in the business
4,5 environment caused by complex interactions of external processes and events related
to its products, customers and competition:
.
Reputation risk (brand burn). Reputation risk refers to the potential loss that
negative publicity regarding an institution’s business practices or brands,
whether true or not, will cause. It may manifest itself in a decline in the customer
418 base, in costly litigation, or result in revenue reductions (Board of Governors
Federal Reserve System, 2004).
.
New project viability assessment. A new hospitality project involves several risks
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

with regard to choice of location, viability of the proposed business model, ability
to raise capital finance, construction delays and cost overruns, governmental
permits and authorisations to name but a few.
.
Competition. These risks find their roots in the highly competitive environment
in which hospitality businesses operate. Competitive risks may arise due to
increase in supply of rooms in the market, or changes in the competitors’
strategies which may manifest in new or improved facilities and amenities at
significantly lower rates, greater brand recognition, wider marketing and
distribution networks, larger global spread of operations or stronger financial
position.
.
Business portfolio revenue contribution mix. The mix and composition of an
organisation’s business portfolio has an impact on its cost and revenue positions.
An excessive dependence on a specific market segment or geographic location
may mean that the business runs the risk of not maximising its potential returns.
It needs to effectively maintain a balance in its business portfolio from a strategic
perspective.
.
Seasonality of business. The business in the hospitality sector is seasonal in
nature, that is, hotels may face the risk of varying levels of revenue activities at
different time periods during the year. The peak season and the low periods vary
from property to property and depend mainly upon location.
.
Change in customer preferences and demand. The success of any business
depends on its ability to anticipate and respond effectively to consumer trends.
Customer preferences and demand for the services and products offered by a
hospitality organisation may change due to changes in social trends, changes in
travel, vacation or leisure activity patterns, weather, taxation, changing
demographics etc. Inability on part of a business organisation to predict or react
to such changes could result in reduced demand and erosion of its competitive
and financial position.
.
Management contracts and joint ventures. Hotel chains are increasingly seeking
to expand their portfolio using asset-light avenues of growth such as
management contracts and joint ventures. Such contracts come with their
inherent risks - they may not be renewed post-expiry or in some cases can even
be terminated mid-way. The management contracts and joint ventures also run
the risk of being subject to differing interpretations by the contracting parties
leading to risk of disagreement, conflict and, in some cases, even litigation and
damages.
 .
External reservation channels. The growing use of internet-based intermediaries Risk
to make hotel reservations exposes hospitality organisations to the risk of being identification
increasingly dependent on them. Some of the emerging business models and
intermediaries could have a telling impact on the organisations ability to and analysis
continue to drive reservations and rates. External intermediaries could
consolidate and demand higher commissions, which could lead to a higher
cost of distribution. 419
Perspectives of Indian hospitality practitioners on strategic risks
There was a high degree of consensus amongst the respondents in identifying
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Competition as a key strategic risk followed closely by Seasonality of Business and

Changes in Customer Preferences and Demand probably due to the direct impact of
these factors on the volume of business and revenues of the organisation.
The Indian hospitality industry has witnessed the entry of several well-known
international hospitality chains and an expansion in the domestic hospitality
companies, too, in wake of the high demand potential (Bharwani and Butt, 2012). This
has obviously exposed the hospitality players to the risks associated with increased
competition within the industry making it the foremost strategic risk of the opinion of
the respondents.
Competition Risk is also considered to be the one with the highest probability of
occurrence among the strategic risks. This observation mirrors the importance
accorded to this risk due to the exponentially increasing number of entrants in the
Indian hospitality market.
However, among strategic risks, the risk for which the strongest control measures
have been put in place by a majority of Indian hospitality chains is the exposure due to
Changing Customer Preferences and Demand. This could be because it may be
comparatively easy to mitigate this risk by making appropriate changes in the
hospitality products and services to adapt to the changing customer preferences. The
strength of organisational control measures was also relatively high for risks arising
due to Competition and Seasonality of Business echoing the significance accorded to
these risks by industry professionals in the first place.

Commercial and financial risks

Commercial and Financial risks are risks faced by business firms in the areas of their
fund flows and regulatory framework necessary for conducting business in a
particular location. These risks include credit risks, financing risks, hedging risks,
property risks as well as risks related to regulatory and tax compliance and
environmental laws:
.
Regulatory compliance. An organisation faces risks due to changes in
governmental laws and regulations, fiscal policies and incentives and the costs
of compliance which may have a material impact on its functioning. Hospitality
organisations also face risks of penalties or legal action in case of non-compliance
with laws related to preparation and sale of food and beverages, hygiene
standards and liquor license laws.
.
Legal risks. Legal risks arise from legal proceedings and lawsuits incidental to
business operations and potentially adverse judgments and unenforceable
contracts, which may negatively affect business operations.
 WHATT .
Credit/default risk. Hospitality organisations often extend business credit to
4,5 corporate, individuals and airline customers based on their respective profiles.
They, thus, run the risk of the companies or individuals defaulting on the
required payments to be made.
.
Foreign exchange risk. Hotels that operate internationally or have a significant
international customer base may earn revenues and incur costs in different
420 currencies, subjecting them to foreign exchange exposure.
.
Interest and cost of financing. Hospitality organisations, being asset-rich by the
very nature of their business, often have to often finance their capital expenditure
through external capital markets. Thus, they run the risks associated with
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

leveraging, including the risk of internal cash flows from operations being
insufficient to meet payments of principal and interest as well as changes in the
interest rates and in the availability, costs and terms of financing.
. Environmental law compliance. Hotels run the risk of liabilities and penalties in
case of non-compliance with environmental laws & regulations which may be
applicable in the geography in which they operate.
.
Taxation. Like other businesses, hospitality organisations have to deal to
changes in taxation rates in both direct and indirect that they pay as well as the
taxes they collect from their customers (e.g. luxury tax, service tax). An increase
in taxation rate could adversely impact the operating results through its impact
on the bottom line as well as on the volume of business. Further, the business
may be subject to income tax audits or similar proceedings, which may lead to
increased costs in terms of additional taxes, interest and penalties which may
negatively impact the profitability of the business.
.
Property title/ownership. Being real estate centric, hospitality organisations are
exposed to the risk of unclear property title or ownership. In India, property
records do not provide a guarantee of title to the land (Sinha, 2008). Hospitality
companies may not be able to assess or identify all risks and liabilities associated
with the land where their hotels may be located such as faulty title or
irregularities in title, including due to non-execution or non-registration or
inadequate stamping of conveyance deeds and other acquisition documents;
unregistered encumbrances; adverse possession rights; discrepancies between
the area mentioned in the revenue records, the area mentioned in the title deeds
and/or the actual physical area; or other defects.
. Illiquidity of real estate and assets. Hospitality organisations may have
substantial investments in real estate and immovable assets, which are relatively
liquid. This increases their exposure to risk since they may not be able respond
to changing economic, financial and investment conditions with alacrity, by
hiving off their assets. In addition, hotel properties also run the risk of not being
readily converted to alternative uses if they were to become unprofitable due to
competition, age of improvements, decreased demand or other factors.

Perspectives of Indian hospitality practitioners on commercial and financial risks

The area of Foreign Exchange fluctuations was deemed to be, by far, the most
significant risk amongst the Commercial and Financial Risks by the local industry
professionals. This stems, in part, from the profile of the specific companies surveyed
 – with all of them occupying the top end of the accommodations market in India. As a Risk
result, such hotels have close to 70 per cent of their business comprising of guests identification
travelling from outside the country. With the demise of the dual tariff regime (where
foreign guests were charged a US$ rate) the vagaries of the Indian Rupee can have a and analysis
significant adverse effect on earnings.
The second-most significant risk was found to be Regulatory Compliance – largely
due to the plethora of laws, agencies and bodies that govern the myriad aspects of the 421
hotel business. The magnitude of this risk is further compounded due to the constant
changes in precedent and applicability of the existing laws on account of ever-evolving
judicial interpretations of the laws, especially in the Indian bureaucratic context.
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Legal and Taxation risks were deemed to be the most frequently occurring. This
concern is lent credence to by the increasing proclivity of the authorities to resort to
litigation to ensure compliance with their directives and regulations.
In the context of evaluating the strength of the existent risk control measures, the
majority of the industry professionals consulted concurred that Foreign Exchange and
Credit/Default were the best controlled. The endless list of internal checks and controls
most hotel organisations have instituted ensconce them effectively from such risks.
What was of interest was the evident adaptability of the industry to the perception of
the increasing frequency of Legal Risks – with these risks also seen as one of the best
controlled risks. The very nature of the repeated risk control efficacy exercises most
hotel companies conduct has ensured a heightened level of compliance in daily
operations.

Other external risks

These risks arise due to macro-environmental factors extraneous to an organisation.
They are largely beyond the control of the organisation and include acts of terrorism,
natural disasters, war or any other force majeure, which may have a direct or indirect
impact on the business of an organisation. The following are the other important macro
risks that affect a hospitality organisation:
. Terrorist activities. Hotels, the world over, are becoming increasingly susceptible
to the risk of terrorists attacks because they are viewed as “soft targets” since
they have easy and multiple access points and a constant flow of traffic. Hotels
also lend themselves to pre-attack reconnaissance, with floor plans, photos,
visual clips of public areas, often available over the internet (Wernick and Von
Glinow, 2012). International hotels are symbolic targets of Western affluence and
influence that attract precisely the kind of people the militants seek to eliminate
foreign diplomats, business travellers, tourists, and the local elite. Targeting
hotels could result in scores of casualties, cause widespread panic, and attract
extensive media attention.
.
Pandemic diseases. The hospitality and tourism industry is often adversely
impacted by the effect of pandemic diseases such as avian flu, swine flu and
SARS, which lead to health and travel advisories being issued by government
authorities. This results in a drop in travel, both international and domestic, and
consequently negatively impacts demand in the hospitality sector.
.
Force majeure events including natural disasters. Force majeure events refer to
unusual and unforeseen circumstances that are beyond the control of the
 WHATT business organisation and the consequences of which cannot be avoided by
4,5 taking reasonable care. They include acts of God i.e. natural disasters like
tsunamis, earthquakes, hurricanes, floods, volcanic eruption ash clouds, as well
as political events like war, hostilities, invasion, act of foreign enemies, rebellion,
revolution, civil war, riots and contamination by radio-activity from any nuclear
fuel or radio-active toxic explosive, among others, all of which can adversely
422 affect tourism and hospitality businesses in a particular geography.
.
Political risks. Domestic and international political and geopolitical conditions
can have a significant influence on the functioning of the economy in general and
business in particular. Hospitality organisations, like other businesses, face risks
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

associated with changes in a country’s political structure or policies. Specific

examples of political risks include government instability, currency
inconvertibility, nationalisation, and expropriation, to name a few.
.
Economic cycles. The recurring and fluctuating levels of economic activity that an
economy experiences over an extended period of time exposes businesses to
cyclical risks as the economy moves through periods of peak performance
followed by a downturn, then a trough of low activity (Investopedia, n.d.).

Perspectives of Indian hospitality practitioners on other external risks

According to Indian hospitality professionals, risks due to fluctuations in economic
cycles were rated as the most significant of the five risks discussed. This was followed
by risks related to terrorist activities and force majeure events including natural
disasters. The recent recessionary trend in the world economy in 2008-2009, the 26/11
terrorist attacks on the luxury hotels in Mumbai in 2008, and the ash clouds resulting
from the volcanic eruption in Iceland which disrupted air travel in April 2010, all had a
severe adverse impact on the Indian hospitality industry, and could be significant
events which have increased the relative importance of these risks in the minds of
Indian hoteliers.
In the Indian perspective, the probability of occurrence of risks due to changes in the
economic cycles is the highest followed by force majeure events and then by terrorist
activities. However, with regard to risk mitigation, Indian hotels seem to have accorded
a higher priority to putting in place control measures for dealing with terrorism over
and above all other risks. This could be because of the severe consequences that the
industry faced in terms of casualties (both guests and employees) as well as the heavy
financial losses due damage to property and disruption of business post the 26/11
attacks. Also, the control measures for dealing with terrorism are more tangible in
nature and implementable at the unit levels of hotels as compared to those for dealing
with economic volatility and force majeure events, which are macro in nature.

Operational risks
Operational risks are risks that result in course of carrying out the normal business
activities in an organisation and are connected with its internal resources, systems,
processes and employees (Jobst, 2007):
Guest health and safety. The hospitality industry is in the business of providing its
guests with a “home away from home” – a safe haven. It thus becomes the
responsibility of the hotel to ensure the guest’s well-being and physical safety while
they are on hotel property. Hotel guests may be exposed to health risks due to lack of
 adherence to hygiene standards in food preparation or any other unhygienic practices. Risk
The physical safety of the guests also runs the risk of being compromised in the identification
process of their using the services and recreational facilities of the hotel such as
gymnasium, swimming pools, sauna, steam room, barber/beauty salon, spa or any and analysis
other personal services.
Employee health and safety. Hotel employees run the risk of becoming ill or injured
on the job, on a daily basis. The nature of their job makes them increasingly vulnerable 423
to risks of slipping and tripping, risks associated with heavy-duty cooking equipment,
knives and other kitchen equipment which can prove to be dangerous if handled
ineptly, musculoskeletal disorders (such as back injuries) due to lifting of heavy
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

furniture or equipment, contact related dermatitis (skin disorders) due to manual

contact with hazardous materials, to name just a few. (HSE, 2008)
Employee recruitment and retention. The hospitality industry is a human resource
centric industry where its employees play a crucial and strategic role since they are an
integral part of the service product and provide instrumental cues in projecting the
image of the organisation. With increasing global competition for skilled hospitality
employees and high rates of attrition, business success in hospitality organisations is
highly dependent on their ability to retain their key employees as well as recruit the
right quality of new employees (Bharwani and Butt, 2012).
Employee relations. Employee relations refer to the practices and policies deployed
to achieve staff commitment and to reconcile any possible conflicts in their terms and
conditions of employment. Poor employee relations can have an adverse impact on
employee recruitment and retention and can increase both litigation and reputation
risk (Bauer et al., 2009). This risk becomes more real in case of Indian hospitality
organisations where disputes with employee unions (which are still quite prevalent in
the Indian industry) may result in strikes or lockouts, which could adversely impact
the continuity of operations and hotel reputation.
Fraud and integrity risk. Hotel companies can be vulnerable to fraud and integrity
risks in many different forms. Theft, misappropriation of assets and embezzlement by
employees, manipulation of financial statements, illegal acts by the company or its
employees such as procurement frauds which involve collusion with outside vendors,
credit card frauds and other wrongdoings can result in major financial losses or
damage the reputation of the organisation (Flaig and Chang, 1999).
Information technology and communication security. In today’s digital era,
organisations are increasingly using automated information technology (IT) systems
to process their information for better support of their business objectives. They run
the risk of inappropriate choice of technology in terms of its cost effectiveness,
vulnerability to obsolescence and robustness from the security angle. They are, thus,
exposed to risks related to failure of these IT systems (in terms of hardware and
software), cyber-crimes like hacking and phishing leading to data thefts and accidental
disclosure of data or misuse of systems by employees.
Supply chain continuity. Supply chains typically involve a network of third party
suppliers, business partners, and service providers and are critical for the smooth
operation of the business. As they become more complex, the risk of disruption due to
failure anywhere along the supply chain grows (Kildow, 2011).
Operating costs. Changes in operating costs, including energy costs, labour costs
(for example, minimum wage increases, workers’ compensation and health-care related
 WHATT costs and employee insurance) and cost of raw materials/inputs (due to fluctuating
4,5 commodity prices) are some of the volatilities that the industry deals with. Hospitality
organisations run the risk of not being able to increase their tariffs and prices to offset
these increased costs to avoid suffering reduced volume, revenue and operating
income.
Automobile liability. A number of hotel companies, particularly airport hotels,
424 maintain their own automobile fleets for guest use and also own vehicles for employee
transportation. Increasing costs of automobiles, repairs, and insurance exposes the
hotel industry automobile related risks. If hotels offer valet services, it also exposes
garage-keepers to risks arising due to damage to guests’ vehicles (Rushmore, 2010).
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Fire and explosion. Hotels are exposed to the risks of fire and explosion which could
arise due to improper use of cooking facilities, defective gas installations,
defective/overloaded electrical installations or equipment, unsafe use of open fires,
improper storage or disposal of waste materials or any other unsafe practices which
may cause a fire hazard (Department of the Environment, Community and Local
Government, n.d.)
Property upkeep and damage repair. Since a hotel operates round the clock and
through the year, the building structure and the equipment and facilities that it houses
have to be well maintained to meet guests’ expectations and needs. The in-house
“infrastructures” like air-conditioning, mechanical ventilation, fire services,
lift/escalators, plumbing/drainage, lighting, laundry and catering installations, have
to be managed in an effective and efficient manner to deliver quality services and
mitigate any risks due to breakdown (Chan, 2008).
Security of property and physical assets. The property of the hospitality organisation
or its guests may be exposed to the risk of theft and/or vandalism by hotel employees,
co-guests or intruders from outside. It is important to identify all the potential
exposures and develop a risk management strategy to reduce the chance of an incident.

Perspectives of Indian hospitality practitioners on operating risks

It was heartening to note that hospitality practitioners were unanimous in evaluating
Guest Health and Safety as the most significant operating risk in terms of its potential
impact on the business as a whole. This clearly alludes to the service-orientation of
hospitality organisations since guest health and safety is the cornerstone on which the
edifice of superlative guest experience rests. Employee Health and Safety and volatility
in Operating Costs were also close contenders for the top position while prioritising
operating risks in terms of the degree of attention and the level of effort that should be
directed towards managing and mitigating them.
The highest probability of occurrence was accorded to the exposure faced by
hospitality organisations due to fluctuating Operating Costs. This could be attributed
to the fact that hotels, typically, have high operating costs and which can fluctuate
dramatically due to volatility in commodity prices of raw materials, energy fuel rates
as well as labour costs. Recruitment and Retention and Employee Relations related
risks were rated as the second- and third-most frequently occurring operating risk
possibly due to the escalating demand for trained hospitality staff (both within the
industry due to expanding capacity and in other emerging service sectors like ITES,
retail, aviation) (Bharwani and Butt, 2012).
 With regard to the strength of organisational controls for mitigating operating risks, Risk
Guest Health and Safety as well as Employee Health and Safety had the most stringent identification
controls in place. This corroborates with the fact that the frequency of occurrence of
these risks was relatively lower due to the existence of evolved control mechanisms to and analysis
mitigate health and safety risk exposure for both guests and employees.

Implications and limitations of the research 425

In their drive to deliver quality service to their customers and enhance value,
hospitality organisations face an array of risks as described above. In addition to the
traditional financial risks and other hazards that can be insured, the hotel industry also
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

faces strategic, operational, regulatory and even reputation risks which can have
significant impact on the performance of its players.
In the Indian context, risks such as terrorism, competition, foreign exchange rate
volatility and guest health and safety, have emerged as the most significant ones
according to the perceptions of senior hospitality practitioners. All the leading luxury
hospitality organisations which were surveyed had incorporated risk management as
an integral part of the company’s business processes. They had risk mapping and risk
control mechanisms in place, albeit of varying strengths for different risks, depending
on the individual company’s perception of importance of the risks. This was
corroborated by the risk related disclosures in the Management Discussion and
Analysis section of the Annual Reports of the respondent hotel companies.
The feedback from the practitioners in the industry clearly showed that there is
significant homogeneity in the drivers and types of risks at the assessment stage of the
risk management process. Thus, a framework for risk identification, which could be
used across the hospitality industry, has been proposed in this paper. However, a
marked divergence was noted in the outcomes of the evaluation of the risks and the
mitigation strategies adopted to deal with risks – not just between different companies,
but even at an individual hotel unit level within the same company. Further, the
respondents were not amenable to discussing the details of the risk mitigation strategies
adopted by their companies due to the highly sensitive and confidential nature of the
information since this could serve to exacerbate the risks faced by them.
The later stages of the risk management process such as Risk Mitigation Strategies
tend to be highly unit specific and confidential. This fact led the authors to realise that
an attempt to elaborate options, methods and outcomes at the Risk Mitigation level
would be too exhaustive for the scope of this paper.
Hence, it was thought best to focus on offering practitioners a comprehensive
template for risk identification for use with that part of the risk management process
that tends to be more commonly applicable across the industry. Based on this template,
hospitality professionals can further devise customised solutions to deal with the risks
they are likely to encounter.

Conclusion
To be successful, organisations have to proactively evaluate the opportunities and
threats before them in light of their strategic objectives and take calculated risks rather
than merely respond to crises situations as and when they arise (Queiroz, 2001).
Prudent risk management allows organisations to add value to their operations and
create sustainable competitive advantage while also addressing bottom-line
 WHATT efficiencies and redundancies. A good risk management program effectively
4,5 incorporates adequate measures and monitoring methods on a sustainable,
consistent, efficient, and transparent basis and includes risk reporting which is a
statutory requirement in many countries including India. It has, therefore, become
imperative for operators in the hospitality sector to adopt a holistic, long-range,
systemic and systematic approach to risk management, compliance and governance.
426 This would create an embedded culture of risk awareness and management within the
company and would go a long way in both reducing the likelihood and impact of
adverse events making hospitality organisations more resilient to unexpected or
unidentifiable risks.
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

References
Allan, N. and Beer, L. (2006), “Strategic risk: it’s all in your head”, Working Paper Series 2006:01,
University of Bath, (online), available at: www.bath.ac.uk/management/research/pdf/2006-
01.pdf
AS/NZS (2004), AS/NZS 4360:2004 Risk Management Standards, Standards Australia and
Standards New Zealand, Sydney.
Bauer, R., Derwall, J. and Hann, D. (2009), “Employee relations and credit risk”, SSRN Working
Paper Series, (online), available at: http://ssrn.com/abstract¼1483112
Bharwani, S. and Butt, N. (2012), “Challenges for the global hospitality industry: an HR
perspective”, Worldwide Hospitality and Tourism Themes, Vol. 4 No. 2, pp. 150-62.
Board of Governors Federal Reserve System (2004), Commercial Bank Examination Manual,
Division of Banking Supervision and Regulation, Washington, DC.
Business Dictionary (n.d.), “What is risk? Definition and Meaning”, (online), available at: www.
businessdictionary.com/definition/risk.html (accessed 4 January 2012).
Chan, K. (2008), “An empirical study of maintenance costs for hotels in Hong Kong”, Journal of
Retail and Leisure Property, Vol. 7, pp. 35-52.
Cushman & Wakefield (2009), India Report, The Voyage: An Exploration of the Key Hospitality
Markets in India, Cushman & Wakefield, Mumbai.
Department of the Environment, Community and Local Government (n.d.), Fire Safety in Guest
Accommodation, Government of Ireland, Dublin, available at: www.environ.ie/en/
Publications/LocalGovernment/FireandEmergencyServices/FileDownLoad,820,en.pdf
Equitymaster (2012), Hotels-Sector Research & Analysis (online), available at: www.
equitymaster.com/research-it/sector-info/hotels/ (accessed 14 February 2012).
Ernst & Young (2008), Managing Information Technology Risk – A Global Survey for Financial
Services Industry, Ernst & Young, London.
Flaig, A. and Chang, G. (1999), “Managing fraud and integrity risk . . . best practices offer key”
(online), available at: www.hotel-online.com/Trends/Andersen/1999_FraudRisk.html
(accessed 12 February 2012).
HSE (2008), Health and Safety in Catering – Key Risk Area, Health and Safety Executive, Suffolk.
HVS (2012), Hotel Room Supply, Capital Investment and Manpower Requirement by 2021, HVS
India, New Delhi.
ILO (2010), Developments and Challenges in the Hospitality and Tourism Sector, International
Labour Organization, Geneva.
Investopedia (n.d.), “Definition of cyclical risk” (online), available at: www.investopedia.com/
terms/c/cyclical-risk.asp#axzz1qFYSeAsL (accessed 11 February 2012).
 IRM (2002), A Risk Management Standard, The Institute of Risk Management, London. Risk
Jobst, A.A. (2007), “Operational risk - the sting is still in the tail but the poison depends on the identification
dose”, Journal of Operational Risk, Vol. 2 No. 2, available at: http://ssrn.com/abstract¼
944486 (accessed 12 February 2012). and analysis
Kildow, B.A. (2011), A Supply Chain Management Guide to Business Continuity, AMACOM, New
York, NY.
Queiroz, L. (2001), “Risk management strategies for the hospitality industry” (online), available 427
at: www.hotelinteractive.com/article.aspx?articleID¼1099
Rushmore, S. (2010), “Managing risks: part of managing hotels”, Lodging Hospitality, March.
SEBI (2004), Corporate Governance in Listed Companies – Clause 49 of the Listing Agreement,
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)

Securities and Exchange Board of India, Mumbai.

Sinha, R. (2008), “Moving toward clear land titles in India: potential benefits, a road-map and
remaining challenges”, paper presented at World Bank Conference, Washington, DC,
August.
Stoneburner, G., Goguen, A. and Feringa, A. (2002), Risk Management Guide for Information
Technology Systems, National Institute of Standards and Technology, Gaithersburg, MD.
Wernick, D.A. and Von Glinow, M. (2012), “Reflections on the evolving terrorist threat to luxury
hotels: a case study on Marriott International”, Thunderbird International Business
Review, Vol. 54.
World Travel & Tourism Council (2011), World Travel & Tourism Council India: Travel
& Tourism Economic Impact – 2011, WTTC, London.

Further reading
UNWTO (2011), UNWTO Tourism Highlights – 2011 Edition, UNWTO, available at: www.
unwto.org/pub (accessed 4 January 2012).

About the authors

Sonia Bharwani received her MBA in International Business from Manchester Business School
in the UK. She was an MBA Exchange Student at the Fuqua School of Business, Duke
University, North Carolina, USA. A university topper in MCom, Sonia has over nine years of
experience teaching management in premier colleges in Mumbai, Gurgaon, Ahmedabad and
Shimla and seven years’ industry experience in the area of finance in a Mumbai based private
trading organisation. She is currently pursuing a PhD in Business Administration from Aligarh
Muslim University. She has to her credit publications and research papers presented at
international forums. Her areas of interest include general management, human resource
management and marketing. Sonia Bharwani is the corresponding author and can be contacted
at: [email protected]
David Mathews has been a hospitality professional for the past 22 years, having worked with
leading organisations in the industry, both in India and abroad. A post graduate and Gold
Medallist from the Oberoi School of Hotel Management, he has also done his MSc in International
Hotel Management from the University of Buckingham. He has been a General Manager with
Oberoi Hotels and Resorts since 2004. He currently manages Trident, Gurgaon, which won
“Asia’s Leading Hotel” and “India’s Leading Hotel” at the World Travel Awards 2011. His
interests include food and beverage management, revenue management and human resource and
talent development.

To purchase reprints of this article please e-mail: [email protected]

Or visit our web site for further details: www.emeraldinsight.com/reprints
 This article has been cited by:

1. Vinnie Jauhari, Gunjan M. Sanjeev. 2012. Responding to the emerging strategic and financial issues in
the Indian hospitality industry. Worldwide Hospitality and Tourism Themes 4:5, 478-485. [Abstract] [Full
Text] [PDF]
Downloaded by LULEA UNIVERSITY OF TECHNOLOGY At 14:26 04 February 2016 (PT)