The Oxfam scandal: a case against practical security

March 23, 2018

Today I want to devote a few words on the Oxfam scandal. Many,  many words have already been dedicated to it and I don’t need or want to repeat them here. What I do want to talk about is what allowed it to happen in first place. This is a lesson that is relevant for all organisations, big and small. It has to do with what we call ‘practical security’, a security policy based on individual experience.


Many organisations we speak to utilise this model of security. It is based on the experience of its employees. Often seasoned travellers, they know all the ins and outs of operating beyond the organisation’s headquarters. They know the risks, the possible dangers and how to handle themselves in a pinch. They have confidence abroad and can support less-experienced co-workers. Logically, they are an important cornerstone of many organisation’ security policy.


This is often also a reason for declining to invest in a more expansive security policy. With all the available experience, a security policy seems redundant and will just get in the way. The belief is sometimes that it will limit the effectiveness of the organisation.


We find there are a few serious flaws with practical security. Flaws that made the Oxfam scandal possible. The first flaw is that if your security is reliant on an individual, it is reliant on an individual. And an individual can’t always be vigilant or present. What if the travelling expert is sick? Or gets hurt in a car crash? Or if the individual leaves your organisation? Then you don’t have a security policy at all.


The second problem is that that confidence can also be a liability. The knowledge that it went well 99 times, can make an individual think that it will go well the 100th time. Unfortunately, there is no guarantee for that. Being overly confident about experience can make people ignore common sense or, worse, their danger sense.  


The third flaw is that you have to rely on the character of the individual. We often believe that everyone who works to help others are all saints. Unfortunately, we’re all still human: not everyone is a saint.


Oxfam, although they mostly have a comprehensive security policy, relied too much on practical security in their code of conduct. The rules prohibiting these kinds of excess weren’t strict enough, instead relying on the personal qualifications and experience of their aid workers. In a 2010 review  Oxfam acknowledged the lack of strict enough policy.


The negative results can’t be understated. Not just on a personal level with those involved, but also on an organisational level. Oxfam’s image has taken a big hit and lost many donors and famous ambassadors. Even their funding by the UK government is being questioned.



What should we, or you, do?


While this is a very extreme example in extreme surroundings, it still shows the weakness of being too reliant on practical security. Whether your organisation is big or small, the weaknesses of practical security are the same. While it is easy, it has big flaws that can create big problems. Combined with results like the Dennis v NRC verdict, it shows that security is something that needs to be taken seriously.


We always advise organising security. The easiest place to start is to codify the practical experience you have in-house in a security policy. Second, it is important to realise that a security policy isn’t a limiter, but an enhancer. By codifying experience, streamlining preparation and preparing emergency responses you provide increased security, increased confidence and less worry in your work abroad. It allows you to focus more on your mission, not less.



How can we help you?


We understand it can seem daunting at the beginning. If you need advice or help with creating a security policy, send us a message!




Please reload

Recent Posts

October 11, 2018

Please reload


Phone: +316 159 411 53​

Based in Amsterdam, available everywhere

Dispatch Risk & Security consulting

Dutch chamber of commerce: 69243344

VAT: NL048759946B01

Bank: NL12 RABO 0321 3555 04

© 2018 Dispatch Risk & Security consulting