iscover
“Deter, detect and delay”: Undertaking a security risk assessment and implementing reasonably practicable controls in the event of unpredictable violent incidents will enhance the ability of companies to keep their corporate executives safe this year, writes Paul O’Halloran.
The subject of corporate executive protection has struck a global chord recently following the shocking assassination of the CEO of UnitedHealthcare, Brian Thompson, in Manhattan in December 2024. On 19 December, Luigi Mangione was charged with stalking and murder offences, which can lead to the death penalty, and has pleaded not guilty.
While no employer in Australia wants to imagine a similar scenario, the question for Australian employers is: could a murder of a kind that occurred in Manhattan also occur to an Australian CEO? Unsurprisingly, most employers in Australia would be woefully unprepared for a violent incident of this magnitude.
Work-related violence driven by disenfranchised stakeholders is not unknown in Australia. In 1984, the Family Court in Sydney was subjected to a series of attacks, which included bombings of the homes of judges and of the court’s buildings. The 1984 bombings left one person dead and several injured. During an earlier incident in 1980, Family Court judge David Opas was shot dead by an aggrieved family law litigant outside his home in Sydney.
We are lucky in Australia that there is limited access to firearms. Unlike in the United States, weapons are more difficult to obtain in Australia due to gun control laws introduced by the Howard government following the Port Arthur massacre in 1996, but this does not eliminate the risk that crimes, similar to the UnitedHealthcare one, cannot ever occur in Australia.
Part of the issue with mitigating the unexpected risks of work-related crime is understanding motive. According to a paper titled Mass shootings and firearm control: comparing Australia and the United States by the Australian Institute of Criminology, it is very difficult to determine what factors lead to acts of violence such as targeted shootings because the motives are almost unknowable. Many of the offenders commit suicide or are killed by law enforcement before they are apprehended. The authors of the paper indicate that “broader examinations of discrete mass shooting incidents are increasingly focused on issues such as social isolation and disaffection, economic problems, mental health and the challenging setbacks [experienced by offenders] in important social, familial and vocational domains”.
A criminal trial into the allegations made against Luigi Mangione will be some time off, but in the interim, there is cause for reflection around the level of security protection CEOs of major companies should be afforded. Fortune magazine in the United States has recently reported that only 25 per cent of the companies it surveys spent money to protect their CEOs and other top executives. The median payment for such security has doubled over the last three years to US$98,000. Presumably, levels of security protection are much lower in Australia.
It is important for Australian employers and boards to recognise that C-suite executives of every ASX-listed company in Australia are valuable assets who need protection. While the risk of targeted criminal acts against such individuals is reduced in Australia, the risk cannot be eliminated. Work health and safety legislation in each state and territory impose a duty on employers, so far as reasonably practicable, to protect the health and safety of employees while the employees are at work. This would extend to ensuring the safety of company executives if it is reasonably foreseeable that they may be at risk of harm from external agents. This risk may be heightened if the executive works in a contentious or controversial industry, has received threats, or has been the subject of targeted social media criticism.
Anecdotal evidence suggests that most CEOs don’t want bodyguards, and they certainly don’t want to wear bulletproof vests to investor meetings and annual general meetings. There are, however, a range of simple and sensible steps companies can take to protect the safety and security of their top executives.
In an uncanny play on the words attributed to alleged assassin Luigi Mangione in the murder of UnitedHealthcare CEO (“Deny, defend, depose”), the security industry has a similar mantra aimed at protecting the physical safety of individuals – referred to as “deter, detect and delay”. This means an effective security plan should aim to “deter” adversaries; “detect” unauthorised measures or actions taken by adversaries; and “delay” or impede attacks or detrimental actions by those adversaries. Adopting this safety philosophy, there are a range of measures companies can consider as part of an executive protection policy:
- Ensure executives are registered as a silent elector with the Australian Electoral Commission to reduce the prospect that their addresses may be publicly available.
- Pay close attention to threats on social media and report serious threats to police.
- Send an advance team to scope out public locations, conference centres or public meeting areas before an executive arrives to give a public briefing or conference presentation.
- Consider the use of bodyguards during higher-profile corporate events, particularly if the company has been the subject of social media criticism in certain areas in recent times.
- Install bollards outside the company headquarters at any access points considered to be particularly vulnerable to unauthorised vehicles.
- Ensure management teams have a tactical and situational safety and lockdown plan in the event of an unpredictable violent incident with key response outcomes known and practised in advance. In high-risk industries, this could include practising active-shooter drills, evacuation plans, crisis management exercises, and rehearsed responses dealing with worst-case scenarios.
- In the event of an incident, is the company ready with a communications strategy for the workforce, shareholders, regulators, and the public?
Undertaking a security risk assessment and implementing reasonably practicable controls in the event of unpredictable violent incidents will enhance the ability of companies to keep their corporate executives safe in 2025.
Paul O’Halloran is an employment law partner at Dentons Australia.
