Loss Prevention, Risk Analysis and
Crime Prevention with reference to the
Retail Sector
(Paper presented at IISSM-2005)

- Prof. Kris Pillay, Head of Department – Security Risk Management,
University of South Africa, South Africa.

Without crime risks, there would be no need for a security function within an organization. Unfortunately, given human behaviour, the potential for certain precipitating and predisposing factors motivating criminal tendencies will always be present. Hence criminal activities that are not properly managed have the potential to incapacitate organizations and drive them to bankruptcy as a result of losses. Risk analysis is process whereby crime risks are seriously studied for the first time. During the risk analysis phase several in-depth activities need to take place. These include identifying the assets, processes, crime risks, the probability that the crime will take place, the financial impact of such a loss and calculating the risk factor associated with the loss. This paper will elucidate on the risk analysis exercise and the concomitant effects on asset protection and loss prevention, with reference to the retail industry.

Retailers are in business for two reasons- Firstly to give a service to the public and secondly to sell goods at a profit. They are not in business to have their goods stolen by either members of their own staff or the shopping public. Neither are they in business to accumulate large stocks of merchandise or to be the victims of fraudulent or dishonest practices.

With this in mind one must start with the assumption that a retailer has every right to utilize any lawful means to safeguard life and property within his organization. The emphasis must be on the selling of goods, which means exchanging goods for money. In today’s highly competitive climate, it is absolutely vital for a retailer to have a sound understanding of the “ in built’ safeguards necessary to prevent an erosion of profits, particularly in such vulnerable areas as back door deliveries, stock control, correct pricing, cash register operating procedures, refunds, staff purchases, staff theft and fraud, shop stealing by customers, cash on premises, cash in transit, and the law relating to the right of searching customers and their legal apprehension, to mention but a few.

Then there are the risks associated with fire, bomb, physical security and protection of premises and the safeguarding of company records which, if destroyed, could mean complete and utter ruin to a retailer. It is obvious therefore that the modern retailer is subject to all manner of risks which must be identified and analysed. By providing an appropriate minimum standard of protection at a cost commensurate with the risk, action can be taken accordingly to reduce all risk to a safe and acceptable level

Loss prevention, or retail risk management, is not an isolated or insignificant part of a company ‘s activities, it pervades the entire retail organization and goes hand in glove with increased business efficiency.

As loss prevention is a function of management, the security system within any retail organization will be as good- or – bad – as management is prepared to make it. Only management can create the conditions where good, sound risk management and loss prevention system can prevail. It should be remembered, however that any loss prevention plan must be capable of being implemented, accepted and be seen to be cost effective. A sound and a simple loss prevention plan, properly executed and supervised, is far in advance of complicated theoretical genius. To implement and monitor an effective loss prevention strategy requires the total buy-in of the entire management structure.

The managerial Function

The role of top Management

In any retail organization there must be a positive approach at the highest level on all aspects of retail risk management and loss prevention if a business wishes to remain viable. Only management can create the conditions and provide the finance and training to ensure that sound and cost effective loss prevention principles prevail.

Therefore money spent on retail security and with the intention of preventing losses should be regarded as an investment and not a cost, because the object is to protect life and property, reduce losses and, in the final analysis, ensure continuity of the business as a sound, viable and profitable enterprise.

The first stage of a positive approach to retail loss prevention is to assess thoroughly the actual and potential arrears of loss to the entire organization. The degree of vulnerability to loss – both internal and external, and from all sources must be determined with accuracy. This risk analysis will provide the information from which new retail loss prevention systems and procedures can be developed and implemented to reduce such vulnerability to loss.

It is essential however that acceptable tests, preventative procedures and controls be devised, to ensure that the loss prevention systems that are advocated are being effectively implemented
One could also transfer those risks which cannot reasonably be prevented, or would be catastrophic, to an insurance company, but this should only be restored to after all other risk-reduction avenues have been explored to facilitate insurance negotiations:


The positive approach in any reasonably sized retail organization must be implemented by a risk management committee responsible to the highest level of authority. Its members must clearly understand that complacency, ignorance and carelessness are basic problems to retail operational efficiency. The difference between having and acceptable minimum standards of protection to safeguard cash, goods and reputation, and having inefficient system, or none at all , could be the difference between remaining viable or going bankrupt.

The ultimate responsibility for asset protection rests entirely on the shoulders of the chief executive officer, and management at all levels must be constantly aware of this responsibility. They must leave no stone unturned to ensure that theft, fraud or any form of retail dishonest practices, are virtually impossible.

‘In built’ system and procedures to combat retail losses must be developed in all areas of potential loss to enable management to maintain adequate surveillance and control. The manager must personally identify, analyse and evaluate risk exposure throughout the business and implement reasonable and acceptable safeguards against dishonesty, carelessness or ignorance.

If this responsibility is taken seriously it will have profound and lasting effect on every member of the staff. Once this attitude of continuous supervisory control permeates the entire retail organization, everyone will soon realize that the company has every intention of exercising those controls to ensure that dishonesty will not occur.

For a crime to be committed two ingredients are required – motive and opportunity. Two principal parties are also essential- the thief and the owner of the property, that is management, if , because of a lack of awareness or negligence a customer or employee commits a dishonest act, the manager has not only failed his company but society in general because, by an omission, albeit unintentionally, he facilitates human corruption.

Risk Management or Loss Prevention Committee

In this modern age, retail risk management is both an art and a science. Numerous risks and must be identified and analysed, such as how losses can occur through fire, flood, explosion and bombs, in addition to the conventional losses peculiar to the retail trade. It is therefore of paramount importance to form a risk management committee to appreciate the various problems, and decide on a common policy for the guidance of subordinate staff, in the identification, analysis and treatment of risks.

There are two types of Risks:

• the speculative risk
• the de facto or real risk

In the speculative risk, such as launching a new product or opening a new branch, there are two possible chances – the chance of gain and the chance of loss.
In the de facto or real risk , such as fire, flood, explosion, theft, fraud, etc, there is only one chance- the chance of loss, and never a chance of gain.

Risk management or retail loss prevention therefore is a modern concept whereby all apparent and potential risks are studied and identified under one jurisdiction. By providing an appropriate minimum standard of protection at a cost commensurate with risk, action is then taken accordingly to reduce all risk to a safe, acceptable level.

Committee Members

In a large retail organization with multiple branches a risk management or loss prevention committee could consist of:

• a member of the board of directors, for example, the general manager
• the chief financial officer or internal auditor,
• chief security officer or risk manager
• branch managers, if considered necessary
• any other person considered necessary, by invitation

The risk management committee should be kept to a minimum and confined to those executives who can initiate policy decisions and provide finance. As many of the decisions and discussions will be of a confidential nature the principle of the need to know and the need to attend should be adhered to.

Security and Loss Prevention as a total concept

In modern retail sector there are a multitude of risks involved, and to consider the various hazards in isolation could be catastrophic. Therefore retail security and loss prevention must be considered as a total concept within any retail organization and take into account all risks under one jurisdiction.

An analogy is a water bucket full of holes. If the bucket is filled leakage will not be prevented by merely stopping one to two holes. To save water all holes must plugged. So too then with the erosion of profits from the various risks all potential risks that result in loss must be carefully analysed and effective strategies need to be implemented.

Neil (1981:17) argues that ‘Band-aid’ treatment is simply useless in stemming the flow and it is not difficult to imagine the absurdity of having efficient safeguards against burglary and theft if the premises are destroyed through inadequate fire precautions, or, if there are efficient safeguards against shopstealing by customers, yet still an excessive erosion of profits because of a lack of preventative procedure against staff dishonesty or cash register manipulation and fraud”.

One can see then that in modern risk management or loss prevention, there is a logical chain of events which are interdependent. All aspects depend on each other and can be linked to a linked chain: Break one link in the chain and the entire structure could collapse. So it is absolutely essential for a retailer to be aware of all risks and reduce them to a safe, acceptable level, by providing appropriate standards of protection which is at the same time costs effective.

THE TOTAL SECURITY CHAIN OF EVENTS

As stated above,

Security is a total concept.

To consider the various components in isolation could be dangerous and even catastrophic.

Therefore if one link in the chain of events is broken the remainder will collapse.

This can be illustrated as follows:

• The best physical security of retail premises including warehouse, stockrooms etc.
  

  Coupled with

• The best fire precautions and means of escape of customers and staff to ultimate safety
  

  Coupled with

• The best safes and fire cabinets to protect cash, valuables and company records.
  

  Coupled with

• The best safety and accident prevention systems within the retail premises
  

  Coupled with

• The best alarm system, patrolling and surveillance during night, week-ends and public holidays
  

  Coupled with

• The best keying system with key registration and control.
  

  Coupled with

• The best retail staff training and education programmes
  

  Coupled with

• The best negotiated and efficient insurance coverage
  

  Coupled with

• The best managerial., supervisory and checking procedure

Contributes to a holistic and successful system (chain of events) if it is supported by all role players in the organization.

Employee dishonesty

Of all the categories of loss due to dishonesty, staff dishonesty is probably the hardest to prevent and the most difficult to detect. The natural loyalty of employers towards their staff often permits such crimes to go undetected. In most cases this loyalty is not misplaced, however, when it is, the consequential losses can be high for the simple reason that staff employees have easy access to goods, cash or other valuables.

In any retail organization the maintenance of good relations between staff and employer is of paramount importance, and good relations can be easily strained by the adoption of over-elaborate checking system and procedures which make the staff feel they are not trusted.

Therefore the need for careful and considerate public relations work between employer and employee is vital to produce in order for staff to cooperate and understand the reason for loss prevention procedures. Furthermore, any union representation should be taken into account and briefed on the reason for security measures, particularly those measures likely to offend, because they can be most helpful in getting the full cooperation of retail staff.

Security Against Internal Loss

Internal losses arising from staff theft or fraudulent manipulation require a far greater and detailed means of prevention, because the people suspected have a closer and more intimate relationship with the retail organization than a member of the public. Thus, if these relationships are not to be destroyed, the method of crime prevention and the manner in which it is handled is crucially important.

Apart from the fact that the culprits are within the premises and have an intimate knowledge of the shop layout and the general administration, are allowed to handle goods and money and are probably in positions of trust and responsibility, any loss preventative measures will have to do much more than merely isolate the suspect from the goods or valuables. Despite this, there should be certain ‘in built’ systems and procedures that can effectively reduce this type of staff dishonesty.

There are some major areas in retail store management which are relevant to the management of employee theft.

They are:

• internal layout of premises;
• loss prevention considerations in retail store management;
• staff selection and training
• dress and identification
• Photo and other identification systems (smart cards, etc.)
• Retail staff training

The Use of Store Detectives in Loss Prevention


Duties

Any retail who adopts the or open self-service method of merchandising, without the in-built safeguards that must accompany such system, has to realize that he or she is accepting a modern retail occupational hazard.

Such loss prevention system and procedure, combined with a well trained, efficient and courteous staff, and managed by people who know their business, add up to good house-keeping and loss prevention, and go hand-in-glove with increased business efficiency.

One well known loss prevention safeguard is the use of store detectives, whether they be trained members of the staff or hired professionals from an outside firm.

It is argued by many retail managers, and fully supported by many crime prevention officers, that the training of all retail staff in store detection and loss prevention should form an integral part of a company ‘s training policy.

Any trained professional police investigator will readily agree that they have three responsibilities to the public, namely:

• The prevention of crime;
• The detection of crime;
• The prosecution of offences through the courts.

In retail loss prevention, therefore, the accent must be on the prevention of loss so the effort of store detectives and retail staff must be directed towards achieving this end.

What is a store detective?

A store detective is a specially selected, screened and highly trained operative capable of preventing and detecting losses of cash, stock, time or reputation anywhere within the business, and reporting to nominated higher authority accordingly

What is the object of employing store detectives?

The object of employing store detectives is to reduce loss through dishonest behaviour, carelessness or wastage, and thus increase net profits

What in fact do store detectives do?

Although it is generally considered that the duties of store detectives are mainly concerned with the observance and apprehension of shopstealers, nothing could be further form the truth , important as this may be . The duties of a store detective are many and varied and include among others:

Conclusion

In recent years, retail and retail theft have experienced tremendous growth in terms of size and complexity. Due to the details involved with managing a successful retail operation, there is an urgent need for entrepreneurs not only to understand business and economics, but also to understand how retail loss occurs and how to prevent and control it.

Due to the size of this sector of the industry, billions are lost annually to dishonest employees, vendors and customers. Most retailers are aware of some of the loss threats which they face daily and many are familiar with effective methods and systems available for controlling those threats.

Finally, to be effective in controlling losses, retail security activities should be proactive rather than reactive and the concomitant risk analysis exercises need to be undertaken to reduce losses which ultimately contributes to the prevention of crime.

References

Fisher, R.J. and Green. G. (7th edition) 2004. Introduction to Security. Butterworth-Heinman. Boston.

Fennelly, L.J. (3rd edition) 1996. Handbook of Loss Prevention. Butterworth-Heinman. Boston.

Hayes, R. 1991. Retail Security and Loss Prevention. Butterworth-Heineman. Boston

Neill, W. 1981. Modern Retail Risk Management. Butterworths. Sydney.

Sennewald, C. A. (3rd edition) 2004. Security Consulting. Butterworth-Heineman. Paris.

Go Top

Loss Prevention through Security Technology
(Paper presented at IISSM-2005)

- Mr. Bhaskar Ganguly, Director, Security Solutions, Asia Pacific,
Tata Honeywell India Limited, India.

Introduction

The security industry has been growing as a professional and business area since post WW II. While many modern security concepts have their roots in medieval times, the world of security and loss prevention today, relies greatly upon technology and the application of technology in preventing loss.

In the case of a business enterprise investment in security technology boils down to assessments of risk to the business and of practical evaluations of the potential for loss. Very often, risk assessments and valuations are considered by businesses to be an unnecessary and avoidable cost. However, an investment in professional and internationally benchmarked processes can save major financial loss and/or increased insurance costs in the long term.

Losses and the Business World

Losses in the business world have come to be an accepted cost of doing business. But even though losses are expected, most businesses dedicate at least some portion of their efforts to towards reduction of losses. While losses in an organization may originate from a variety of threats, including natural disasters, many of our assets are threatened by man and may include terrorism, drug activity, violence, theft and fraud. For example, an industrial facility attracts a number of threats to its property causing loss. Some of them are mentioned below.

Terrorist or Motivated Attacks

Terrorist and similar motivated attacks are a relatively recent phenomenon and target businesses where the returns for their needs(such as publicity, damage to infrastructure etc.) would be highest. Expected losses reflect both the probability of attack (as jointly determined by the attractiveness of a target and its vulnerability) and the amount of damage that could occur. Losses may be associated with the incidental damage and loss of life that result from the destruction of facilities or the diversion of hazardous materials to attacks elsewhere. The risk of such attacks results in direct and indirect losses including trauma, injuries, loss to property, prestige etc. Of immediate concern in security are the physical assets that could be attacked (including factories, buildings, transmission lines, and the like) and the less-tangible assets (such as IPR, communication networks, computers and data banks, information etc.) that could be threatened.

Sabotage

Sabotage weakens an organisation through subversion, disruption etc. resulting in some destructive goal. For e.g.chemical storage facilities oil & gas pipelines, refineries, infrastructure, etc.can be of interest to saboteurs. In our own country we have seen such attacks by terrorist groups in the North East. Available evidence indicates that a number of such facilities lack adequate safeguards.

Theft

Theft is the taking or attempting to take anything of value from the care, custody, or control of a person or persons by force or threat of force or violence and/or by putting the victim in fear. Increasingly the world is witnessing sophisticated methods of theft that do not exhibit overt symptoms of violence. White collar theft, credit card fraud, complex schemes of money laundering are all becoming real threats to businesses.

Shrinkage, Internal Theft & Pilferage

Loss prevention in the industry is concerned with the disappearance of material, assets, proprietary information etc. Most establishments address this by physically matching inventories periodically. The difference obtained is sometimes referred to as ‘shrinkage’ and can be a result of theft, bad accounting, misappropriation etc. These losses amount to billions of dollars annually, but often go unreported.

Most industries employ people who are unsatisfied with their compensation packages or are unmotivated for other reasons. Whatever the reason, a certain percentage of workers would always succumb to temptation. Identification of these disgruntled employees through unobtrusive technology goes a long way in preventing such losses.

However, the only way to reach some employees is through a highly visible security program and a rigid company policy of prosecuting any employee caught stealing. Prevention of theft requires simple but sophisticated systems for handling inventory and currency, which not only deter but which leave a trail of documents when any stealing takes place.

Employee Unproductive Time

A major concern of most industries and business establishments is the reduction of ‘employee unproductive time’. According to some studies some companies can lose upto 40% of their productivity due to this factor alone. The application of technology to monitor entry and exit of the employee from his work place and monitor his movements during working hours would go a long way in reducing these losses.

Loss Management through the use of Technology

Technology incorporating automated systems improves our ability to prevent losses. Starting from internationally benchmarked systems for risk and vulnerability assessments of industries, to integrated security solutions Including modern surveillance techniques, recording and playback software to help in post event forensics, access control techniques, perimeter intrusion prevention etc., technology helps and aids in loss prevention. In short, losses from external and internal threats can be managed by using modern security technologies. Amongst these are:

Access Control

Access to various areas can be controlled on an individual basis according to the needs of an organisation – employee’s/visitor’s details can be loaded on smart cards and conditional access can be given to particular employees to only particular area. Alarms can be raised when unauthorized or unnecessary access is attempted. Identification can be established by simple access codes to complex biometric algorithms.

CCTV Surveillance

Both human and material movements can be tracked remotely using CCTV Camera Surveillance systems. Pro active surveillance of targets in crowds through use of sophisticated software is possible today. Also Visible CCTV System acts as a deterrent. Surveillance cameras monitoring sales work areas and warehouses can reduce incidents of employee theft. Recording for post event forensic analysis establishes a chain of events. The London bombings of 7th Jul 2005 were solved in the relative short time of 4 days and the perpetrators identified through the use of such techniques.

RFID

RFID makes it possible to identify unusual material movement almost as it occurs, RFID’s ability to provide item-level information extends its benefits far beyond loss prevention alone. It increases inventory visibility from the point of manufacture to the front door of the store. This enhances the technology’s value as a strategic profit building tool.

Electronic Perimeter Intrusion Defense

The use of both covert and overt systems for intrusion detection give valuable advance information and buys time for specialized teams to react. Where the facilities are large and there are many blind areas around the facility, electronic fencing detects intrusions and raises alarms without being obtrusive. Techniques include pressure sensors, electromagnetic and electric field fencing, audio and vibration sensing etc.

Go Top