The Airlines Reporting Corporation (ARC) has approved several changes to the Agent Reporting Agreement (ARA). Parallel changes were made to the Corporate Travel Department Reporting Agreement (CTDRA). The revisions will be effective November 14, 2022. In my judgment, they are no cause for concern by travel advisors.
I have consulted both ARC and the American Society of Travel Advisors (ASTA) about these. ARC consulted with ASTA, among others, during the approval process, as it normally does.
The amendments address two concerns: (1) aligning the text with the reality that paper tickets have been displaced; references to them are largely excess baggage (sorry!); (2) clarifying that in a security breach, the advisor must act promptly to advise not only ARC but also all involved carriers and the System Provider. There are other details regarding provision of relevant documents.
The nature of agencies’ security concerns has changed dramatically in the past decade. Securing physical ticket stock was simple compared to the challenges of avoiding victimization by phishing and other electronic intrusions. The new rules make clear that the business must be that sure that current and former third-party vendors, service providers and employees access to the Agent’s systems is properly maintained and properly terminated when relationships change.
The risks of security breaches are an issue for every employee and independent contractor associated with an agency business. Stories are legion about the horrible consequences of a distracted employee, for example, clicking on an innocent-looking link in a phishing email. ARC sends notices of events they observe so phished tickets can be voided within acceptable windows & timely outreach to airlines and GDSs can occur. Such steps can be business-saving but it’s clearly better to avoid the problem entirely.
These issues lead me to recommend two courses of action for every agency business. First, take advantage of the available resources ARC has provided to educate about these risks. ARC has produced an extensive video treatment on risk avoidance in the electronic age. Your entire staff should watch it.
Beyond that, every business should have a detailed emergency plan that informs everyone associated with the business about what to do in the case of a “business interruption.” I’m not here to debate climate change, but I note the following from a recent Washington Post article on emergency preparedness:
More than 4 in 10 Americans live in a county that was struck by climate-related extreme weather last year, according to a Washington Post analysis of federal disaster declarations. The World Disasters Report found that climate-related disasters have increased by nearly 35% since the 1990s. And during the past few years, we’ve all learned that health emergencies can happen at any time.
When a natural or other disaster strikes, it may be too late to plan and communicate effectively. Planning should be done in advance when everyone is calm. Some of the many questions that should be addressed in such a plan include:
- What to do if communications with clients/suppliers/others are disrupted by a power outage?
- Where should employees/contractors go if the agency’s office is closed suddenly?
- What emergency resources are available in the community and how can they be contacted?
Many helpful resources are available online. Try, for example, Googling “emergency preparedness.”
It’s often hard to think much, let alone spend time on, emergencies that may seem remote. But this is one subject that should not be overlooked until it’s too late. Early preparation leads to better sleep and a more effective business.