The Practice of Workplace Threat Assessment in Europe:

Similarities & Differences from North America

Stephen White, Ph.D.
Winter, 2023

How similar and how different are issues of workplace targeted violence in Europe as compared to North America? How does the practice of threat assessment in work and campus contexts need adjusting when applied in Europe, or other Western countries for that matter?

My longtime colleague, Bram van der Meer and I will conduct a workshop in Amsterdam this coming April entitled, The WAVR-21 in Europe.[*] Bram is a threat assessment psychologist based in The Netherlands. Our intent is to focus on applying the WAVR  in European contexts. In an article last year, Bram and his business partner, Cornelis van Putten, had this to say about their consulting in European countries:

What is considered common sense in the United States is often received in Europe with skepticism, resistance, and, in some situations, even disdain. A U.S. company’s workplace violence training programs and approaches can fail to find fertile soil in its European branches. Developing and setting up a threat management program to work internationally needs restructuring and reframing to make it more acceptable (Van Putten & Van der Meer, 2022).

What are the reasons for this? There are several, and to some degree they interact with each other: the much lower probability of mass attacks, the absence of clear legal obligations on employers to maintain a violence free workplace, a strong emphasis on the protection of personal privacy, and a tendency to perceive targeted attacks as rare occurrences stemming from an individual’s unaddressed mental health problems. Advocating for preventive measures to detect potential attacks is often regarded as overly intrusive and “fear mongering.” The attitude in America of entitlement to gun ownership and the problems it creates for us does not exist in Europe. Managers there are less open to the terminology and dark narratives that we typically include in our USA-based training – terms like perpetrator, active shooter, pathway to violence, warrior mentality, or threat management teams. Given the infrequency of homicidal attacks, who can blame them? It’s a little like urging people in Nebraska to prepare for a Tsunami. The problem is you can miss the signs for that very low probability catastrophic event.

Sadly for us in the United States, we are the world leader in targeted attacks in public venues – workplaces, campuses, houses of worship and other places where people go or gather for various purposes. In the last 30-plus years we have learned a great deal on how to implement preventive, efficient protocols in response to our more deadly circumstances, knowledge we have shared with other nations. European threat managers and program implementers have benefitted from our collective experiences, but a one-to-one transfer of expertise and protocol principles can run into problems.

It’s not that the fundamental risk factors for targeted violence are any different in Europe, or that targeted attacks do not occur in European workplaces. Cases of mass attacks reflect the same risk factors and warning behaviors as in North America, with some variation in factor relevance across cases or violence-prone sub-populations of concern. The WAVR-21 and other SPJs – such as the HCR-20, SARA, SRP, and TRAP-18 – have all demonstrated their applicability in Western countries (Meloy & Hoffmann, 2021). Violence motivated by revenge, hatred, to achieve notoriety or attention to a cause, to overcome felt humiliation with dominance and pride is as old as time.

In Europe, it is more about the nature and severity of violence, and the means for violence that differ from the USA. Historically, the literature on “workplace violence” in Europe usually refers to such issues as verbal abuse, harassment, sexual harassment, bullying and intimidation, threats, and assaults. In an earlier large sample survey, 2% of  European workers reported being exposed to threats of physical violence by colleagues, and 4% by others (Milczarek, (2010). This is more so the case in healthcare, not unlike the United States. Findings from the European Survey on Working Conditions (Parent-Thirion, 2020) show that more than 20% of the health sector workforce in the European Union has experienced some form of “negative social behaviour” as described above during the last 12 months of work. Van der Meer states that the majority of his caseload, not unlike ours in the USA, involves stalking, harassment, threats and intimidation (personal communication, December, 2023). But cases involving weapons are exceptional. In Western Europe knives are the most common weapon in serious attacks. A growing concern is young people carrying knives.

Surveys and case experience show these harmful behaviors are underreported, even more so than in the USA, where employees are increasingly encouraged if not required to report such serious misconduct. What are the contributing factors?

The Absence of a Culture of Litigation and an Emphasis on Privacy Rights

Van Putten and Van der Meer point out that there is no strong legal imperative for implementing TAM programs in European organizations. Taking action against one’s employer does not resonate with broad European cultural values. A company or its officials being held accountable for workplace violence is not commonplace in many European countries (Van Putten & Van der Meer, 2022).

Coupled with lesser safety obligations on the part of employers is the strong support for the right to privacy in the European Union. In my own consulting experience, the withholding of risk-relevant information by European clinicians in cases involving mental illness has been the most common issue, and a difficult one.

In 2018 the protection of personal identifying data received increased support with the passing of the General Data Protection Regulation (GDPR) law. The GDPR requires organizations to safeguard personal data and uphold the privacy rights of anyone in EU territory (GDPR, 2018). Threat assessors and their legal advisors have always had to deal with the balance of “security versus privacy.” In the USA we have witnessed continuous progress in the employment law profession’s recognition that if the case data warrants it, security does indeed trump privacy. Claims of employer negligence for failure to identify and manage “reasonably foreseeable” risk scenarios are on the rise.

An important component of the GDPR is the creation of a new position: the “privacy officer,” who advises TAMs on what information can be shared from case to case. Van Putten and Van der Meer recommend that threat assessment consultants and their clients include their own legal expert when consulting on cases, to explain why many aspects of the TAM approach do not need to conflict with privacy rights. This is especially important for American-based corporations with European sites, and is inherent to a multi-disciplinary model. Global organizations have local legal resources to help them with the vast and differing laws they must comply with from country to country. In cases of concern for violence risk in European settings, threat assessors often have to work more diligently to explain the issue of information silos, and the importance of disclosing risk-relevant information in order to assess current behavior. Our threat management goal is to identify and manage behaviors of concern in the present. Our development of sound inferences about potential further escalations depends on the quality of our risk-relevant data.

A Focus on the Individual versus a Contextual, Interactive View of Risk

Europeans are more comfortable framing a homicidal attack as an individual mental health problem that was not properly addressed, especially with younger perpetrators. Although this could be true or partially true in some cases, the understanding and analysis can stop there, short of consideration that such attacks have knowable detectable precursors, and that preventive processes can be implemented. The focus tends to be on offender care, not the safety of possible targets. In 2018 in The Netherlands, a school announced its plan to test preparedness for an “active shooter” scenario, only to be met with public outrage and strong resistance. To be fair, such reactions have occurred in the USA and the longer-term benefit of such drills are legitimately debatable. But the reaction in Holland was one of total shock and anger – “It can’t happen here.”

All of these factors combine to reinforce denial and thus the under-reporting of incidents of harm and the fear of harm.

Guidelines for Practice

The key to prevention efforts is to enter where there is concern about “problematic behavior” – unwanted, disruptive behavior that is generating concern or discomfort, and may be provoking counterproductive responses within the organization. Do not push for a “threat assessment team.” Meld threat assessment principles under a larger umbrella of “employee support and social safety;” be part of a larger “care team,” for example, where “behavioral expertise” may be more acceptable. Violence prevention fits in as just one function of such teams. Focus on lower-level concerns. If starting with problematic behaviors, indicators of “problematic escalation” can then be detected and are more easily acknowledged.

Van Putten and van der Meer note that adaptations are needed in the use of SPJs and the language associated with them, at least when consulting with clients. They have created what they refer to as SACWI – the “Structured Approach to Concerning Workplace Incidents.” This has enabled them to gain more acceptance from organizations. Instead of being perceived as corporate “police psychologists,” they have become more appreciated as specialists able to help with concerning behavior and workplace social safety. The principles of threat assessment, however, are in place, adapted to European organizations.

The WAVR-21 is still entirely relevant in these contexts. Besides the ”red flags” for targeted attacks the WAVR is intentionally broader in scope, as it includes many other aggressive or otherwise concerning behaviors, such as bullying, stalking, menacing behavior, threats, anger problems, negative coping with stress or loss, and organizational contributors and enabling of problematic patterns of conduct.

The model developed by Van Putten and Van der Meer reflects a fundamental principle of organizational consulting: you have to offer something useful to clients and you have to earn their trust. Understand their values, especially their good intentions and develop a relationship. Your show of respect and understanding will open them up to new learning. This does not mean you are complicit with denial and its implicit dangers. We must speak our truth about serious risk. These principles are true whether you are an external consultant or internal subject matter expert on violence risk and safety practices.


General Data Protection Regulation (2018). Retrieved from

Meloy, J. R., & Hoffmann, J. (Eds.). (2021). International handbook of threat assessment. Oxford University Press.

Milczarek M.  (2010).  Workplace violence and harassment: A European picture. Bruxelles: Publications Office of the European Union.

Parent-Thirion, A. (2020). European Working Conditions Survey. Eurofound. Retrieved from https://

Van Putten, C., & Van der Meer, B. (2022). Translating your threat assessment approach. Security Management.

[*] For more information, email