Often the role of a Company Secretary is substituted with compliances and hence this write up is a small effort to compile the compliances which a hotel industry is bound to adhere with respect to a role of a cs. Having worked with this sector as a whole time company secretary, I have tried to compile a small write up for the compliances which apart form the Companies Act compliances, a cs can work upon. Hospitality compliance is the process of ensuring your company’s management and employees follow the laws, regulations, standards and ethical practices that apply to your industry and company. Effective compliance covers governmental laws as well as internal policies. Failing to follow local, state and federal laws can result in fines, lawsuits and negative publicity, all of which can be disastrous to a hospitality firm. Hospitality sectors can be termed as the face of any country as it boosts tourism industry too and hence effective compliance to laws and bye laws is a mandate which reflects the integrity of the country as a whole. It is similar to a guest arriving at ones home and showing a hospitable nature towards the guest reflects the integrity of the family hosting the guest.
Hotel Industry being into the hospitality sector is one of the most expanding activities and prominent sector in the overall growth of the economy and its nation. Hotel industry consists of restaurants, lodging places, theme parks, event planning, etc. and includes activities such as facility maintenance and direct operations including servers, porters, housekeepers, bartenders, kitchen keepers, etc. Such services that are provided by the hotels constitute to be the subject matter of laws that regulate the hotel industry. These industry demands association that govern the working and regulation in India.
In order to operate a hotel there are a number of licenses required to be obtained for its smooth functioning:
The licenses are a must for any hotel and a cs must act as a interface between the management and the industry as a whole for brand building and image of the hotel.
The laws that govern the Hotel Industry can be classified into the following broad categories.
The first head of laws that govern the hotel industry include the laws regarding commissioning and construction of hotels, restaurants, guest houses and other establishments of such kind. These laws also include laws such as Foreign Exchange Management Act, Industrial Licensing Policies, and land laws, etc. Hotel insurance policies, especially the customized ones can fulfil the growing needs of the hotel industry. It can cover all its establishments ranging from spa to guest houses and apartments, bed and breakfasts, etc. Other insurance policies such as the standard insurance policy would cover risks and damages arising from accidents, fire, natural calamity, etc.
The second head of laws that govern the working of hotel industry is related to matters such as management, maintenance and the operational activities of hotels. Such laws include insurance laws, laws regarding safety and security of workers, food and hygiene standards, obtaining licenses, Food and Drug Administration Act, Shops and Establishment Act, etc. For example, Acts such as the Food Adulteration Act would prohibit the sale of substandard food items thereby protecting the customers from the potential harm caused by poisonous food and protecting their interest by eliminating the fraudulent practices. The Food Safety and Standards Act would set up criteria for manufacture, storage, distribution and sale and trade of food substances so that they remain fit for human consumption for a considerable period. The Legal Metrology Act would regulate the use of standards of weights and measures. The Copyright Act would protect the rights relating to expression in the form of literature, drama, music, art or architectural works. In fact, hotels are required to take such copyright licenses before they organize any event such as plays or musical shows, etc.
The third set of laws that govern the working of a hotel are related to the contracts that it enters into with other enterprises or employment contracts, for example, the Apprentice Act, Employees State Insurance Act, etc. These laws also include the manner in which such entities are taxed. Taxes may include income tax, goods and services tax in the present era as it subsumes various taxes of earlier times .Legislations such as the Shops and Establishment Act or the Employees State Insurance Act would aim at regulating the relationship between employers and employees in the hotel. The former would lay certain statutory obligations on the employers in matters related to wages, work hours, holidays, paid leaves, provision for payment for overtime work, etc. The latter is a social security scheme that would mandate the employers to protect the interest of the workers in times of contingencies such as sickness, maternity leaves, physical impairment or injuries occurring from the workplace, subsequent medical care. The Provident Fund Act mandates the creation of provident fund schemes for the employees. The Apprentices Act shall govern the working of apprentices in the Hotel Industry.
Other laws that may govern the working of hotels may include local law norms or other local land norms or guidelines issued by the tourism industry such as approval of hotels at project stage and classification & reclassification of hotels, guidelines for classification of heritage hotels, Time Share Resorts (TSR), Stand Alone Restaurants, guidelines for apartment hotels, guidelines for approval of guest houses, Hospitality Development and Promotion Board, implementing a transparent system for the effective monitoring of hotel projects, ensuring timely accrual of approvals / clearances / NOCs by the multiple agencies and facilitating the implementation of hotel projects, expeditious clearances, etc. will enable completion of hotel projects in time leading to enhancement of room availability for the tourists.
As a global industry that generates an overwhelming revenue of 550 billion dollars annually, the hospitality industry seems to be one of the most attractive segments for credit card breaches and data theft. According to the HTFP Journal, it was the most affected vertical in the previous years, obtaining an entire 40% of all data breaches that happen worldwide. The growing contribution of the hotel segment to the GDP of many countries worldwide, among with the increase in revenue and data theft, made credit card security a top concern. As a result, the PCI-DSS security standard became an essential consideration for hotels, becoming absolutely obligatory from 2018.
PCI-DSS, or the Payment Card Industry Data Security Standard, is a set of safety regulations created by the major credit card associations to protect card data. It defines the best practices for card security that every company should implement, affecting all hotels independently from their size or location. The purpose is to reduce as much as possible the risk for fraud, data theft, identity theft, and other threats.
POS Compliance – if you are currently using a POS terminal, whether it is physical or digital, that doesn’t meet the security standards, you will have to change it. Not all POS Terminals that are sold on the market are PCI Compliant, which may require a change in your hotel’s systems in order to provide full customer data protection.
PMS Compliance – The same will apply to your Property Management System and your Channel Manager. If you are using a PMS to store the credit card data of your customers, you will have to adapt the whole network architecture of your hotel in order to meet the regulations.
Access – restrict the access of your employees to view the full credit card numbers of your customers. Only the ones who need this information for hotel room management purposes should be able to do that.
Credit card storage – many hotel managers are under the wrong impression that only digitally stored credit card information must be protected, but this is not true. In fact, under PCI Compliance and privacy laws, all paper documents containing personal data must be physically secured and adequately restricted at all times.
Unique user IDs – to have a greater control over specific card incidents, you should assign a unique user ID to every member of the staff who was an access to credit card information.
Security area – all forms, documents, folders, and machines that store private credit card data, and are easily accessible at the reception desk, must be moved to a restricted area with security cameras. All cardholder information should be secured and kept out of hotel visitors’ reach.
Note papers – take a look around your hotel’s front reception desk. Do you have credit card information written down on sticky notes, torn out pieces of paper, or any other random paper note? PCI Compliance doesn’t only regulate official documentation. Storage of private information in any written form without protection is prohibited.
Digital storage of data – private data from all electronic systems, such as Virtual POS and catering systems, must be encrypted. Otherwise, it becomes extremely vulnerable to hackers and cybercriminals.
These are only a few of the changes that will occur under the standards of PCI Compliance for hotels. Zooming in the hotel segment of the Hospitality industry, we can see why it seems so attractive for cyber criminals.
A cs can keep a track of such misfeasance and working in collaboration with the operation department guide them in this matter and also from time to time keep updating them about the cyber crimes and importance of cyber laws and keeping a track and strict adherence to cyber laws in true letter and spirit.
Crimatrix allows registered hotels and guest houses to submit their guest records in real time: As per the Sarais Act 1867, all hotels and guest houses are required to submit their guest lists to the nearest police station everyday. Crimatrix allows registered hotels and guest houses to submit the guest record in real-time from an internet connected computer instead of written reports. Crimatrix then cross checks the data immediately with available crime records and alerts the nearest police station if any match is found. Concerned officer will then alert the manager and provide further instructions. This helps in crime prevention and detection
Department wise framing of bye laws for smooth conduct of the overall hospitality business and coordinating with a set roadmap and setting up of internal control mechanism and time to time internal audit in respective departments is sure to bring 100 % compliance in this sector as hotel industry is more prone to public interface which also brings maximum revenue and GDP growth rate in any country, attracting the tourism sector too. Hospitality sector is a very sensitive sector and hence strict compliance to laws in its true letter and spirit can bring success to this sector. Also it is to be noted that government subsidies, schemes and other benefits should be provided not only to the five star category hotels but also the budgeted hotels and lodges too for attracting maximum number of tourists from around the corners of the world which again boosts the tourism industry as well.
The above discussion entails the mechanism of a hotel industry where a CS can work as a guiding channel and effective adherence for the success of this sector. An indepth analysis can also bring an enormous scope to this profession which brings an edge to the overall fraternity.
Disclaimer: This is only a knowledge sharing initiative and author does not intend to solicit any business or profession. I assume no responsibility for the consequences of use of such information.
About the author: Miss Suman Gupta is a Company secretary from Guwahati region of India. She is into whole time employment in a company with a post qualification experience of three plus years. She can be reached out at [email protected]. Any suggestions or queries can be mailed.