NGOs operate in some of the most complex and volatile environments in the world. Effective NGO travel risk management has long been central to humanitarian and advocacy work. However, the nature, speed, and scrutiny of that risk has fundamentally changed.

With this in mind, a recent panel discussion hosted by GSA Global brought together Thomas de Lacoste, (Amnesty International), Zoe Betts (Pinsent Mason), Luke Powis (Aviva), Jacob Painter (Healix) and Brian Moore (GSA Global) to examine what ISO 31030:2021 (‘Travel risk management: Guidance for organizations’) and ISO 31031 (‘Managing risk for youth and school trips’) mean in practice for NGOs. Overall, the conversation highlighted several critical areas that organisations should be paying attention to now and can be summarised below:

Risk is no longer static, and travel programmes must adapt

One of the strongest themes from the discussion was the collapse of traditional risk categorisation models. Country risk ratings that once remained stable for years are now shifting rapidly due to geopolitics, conflict escalation, regulatory change, and social unrest.

For NGOs, this creates real operational tension:

  • travel decisions must be made quickly,
  • approval frameworks must remain proportionate,
  • insurers often require notification for “high-risk” travel even when risk status changes mid-trip.

Key takeaway – NGOs should move away from static country lists and towards dynamic, trip-specific risk assessments that can be updated in near real time. Travel risk management needs to be a continuous process, not an annual policy review.

Criminalisation of NGO activity is now a core travel risk

Beyond physical safety concerns, the panel highlighted a growing and under-recognised threat, the criminalisation of NGO presence itself.

In many regions, NGOs are no longer simply working in challenging environments, they are being:

  • banned through legislation,
  • labelled as foreign agents,
  • subjected to asset seizures,
  • denied visas or entry based on organisational affiliation.

This shifts travel risk management beyond traditional safety and security concerns into legal, political, and reputational territory.

Key takeaway – Travel risk assessments must consider:

  • how the organisation is perceived locally,
  • whether staff could be targeted purely due to their employer,
  • digital exposure (including social media and public advocacy),
  • legal risks linked to local NGO regulations.

Therefore, security, legal, IT, and communications teams need to work far more closely than they traditionally have.

Duty of care is not lighter for NGOs, and it extends further than expected

A recurring message was that NGOs are held to the same legal duty of care as commercial organisations. There is no reduced standard simply because work is humanitarian or mission driven.

Importantly, duty of care does NOT ONLY apply to:

  • expatriate staff,
  • senior employees,
  • international travellers.

It extends to:

  • local staff,
  • volunteers,
  • contractors,
  • young people,
  • and, in some circumstances, even family members affected during crises.

In addition, the panel also highlighted the “ripple effect” of incidents on duty of care, where harm can extend to families, headquarters’ staff handling emergencies, and colleagues exposed to traumatic events indirectly.

Key takeaway – NGOs should clearly define:

  • who they owe duty of care to,
  • where that duty begins and ends,
  • how responsibility is shared across federated or decentralised structures.

Ambiguity in this area is one of the most common weaknesses identified during NGO risk assessments.

You can outsource support but not responsibility

Many NGOs rely on third-party providers for travel security, medical assistance, and evacuation support. However, the panel made an important legal distinction:

  • Organisations can outsource the performance of travel risk management activities.
  • They cannot outsource the duty of care itself.

Even when a competent third party is engaged, NGOs remain responsible for:

  • selecting appropriate providers,
  • understanding what services are (and are not) covered,
  • monitoring delivery,
  • and ensuring that arrangements remain suitable as risks change.

Key takeaway – NGOs should be able to evidence why they selected specific providers and how those providers are governed. Contracting support does not remove legal accountability.

Volunteers and young people require enhanced consideration

In many cases, volunteers may fall squarely within duty of care obligations, despite not being employees. For young people, legal expectations are higher still.

The panel emphasised that organisations must apply:

  • enhanced risk assessments,
  • appropriate supervision and safeguarding measures,
  • clear parental consent processes,
  • explicit insurance cover for under-18s.

Key takeaway – Volunteer travel particularly involving young people should not be treated informally. It requires structured governance aligned with ISO 31031 principles.

Insurance is critical but often misunderstood

From an insurance perspective, the discussion highlighted a gap between expectation and reality. Since COVID-19, NGOs increasingly expect policies to cover every conceivable scenario. In practice:

  • coverage is defined by policy wording,
  • exclusions are common for high-risk locations or activities,
  • insurers must understand and price risk accurately.

Additionally, the panel highlighted increased risk around “work and leisure” travel, where personal activities during trips can materially increase exposure.

Key takeaway – NGOs must ensure their operational plans align with what insurance policies actually cover particularly around evacuation triggers, leisure activities, and coverage for local staff and volunteers.

Medical planning must assume limited infrastructure

In high-threat or resource-poor environments, assumptions about emergency response can be dangerously optimistic. The panel stressed that NGOs should plan for scenarios where:

  • emergency services are limited or non-existent,
  • evacuation may need to be self-led,
  • airspace may be closed,
  • medical stabilisation must occur on-site.

Many NGOs already do this well through hostile environment training and local partnerships, but this capability should be clearly documented and tested.

Key takeaway – Medical emergency response planning must be realistic, location-specific, and aligned with insurance and evacuation capabilities.

Mental wellbeing is now a core duty of care obligation

Mental health was repeatedly highlighted as an area that requires the same serious consideration as physical safety. NGO staff may be exposed to:

  • traumatic environments,
  • distressing testimony,
  • graphic material,
  • prolonged stress during deployments.

Support should exist:

  • before deployment,
  • during travel or crisis,
  • and after return.

Key takeaway – Mental wellbeing should be embedded into travel risk management, not treated as a post-incident add-on.

Why ISO 31030 matters even though it isn’t certifiable (yet)

In the context of NGO travel risk management, although ISO 31030 is currently a guidance standard rather than a certifiable one, the panel was clear on its value:

  • it provides a common language across security, legal, HR, and leadership,
  • it defines what “good” looks like,
  • it offers a defensible benchmark if incidents are later scrutinised.

Importantly, ISO alignment work often delivers value before any external assessment by forcing organisations to clarify ownership, processes, and gaps.

Key takeaway – ISO 31030 should be viewed as a governance framework and decision-support tool, not a compliance exercise.

Final thought

The overarching message from the webinar was clear:

NGOs must professionalise travel risk management at the same pace that risk itself is accelerating. Good intentions, experience, and moral purpose remain vital however, they must now be supported by:

  • clear governance,
  • adaptable systems,
  • cross-functional collaboration,
  • and evidence-based decision making.

ISO-aligned travel risk management is not about stopping NGO work it is about making sure that work can continue safely, legally, and sustainably in an increasingly uncertain world.

Click here to access the full webinar on travel risk management for NGOs