This document summarizes presentations from the ASIS International seminar on organized retail crime. It discusses the large financial impact of organized retail crime, with common targets being large retailers in major cities. Surveys found that ORC activities involve fencing stolen goods and theft rings. The document outlines various tools and strategies retailers use to combat ORC, such as security cameras, license plate readers, and dedicated ORC investigation teams. It also discusses preventing internal theft, protecting personally identifiable information, and crisis management procedures.

1. ASIS International
Seminar & Exhibits
September 28-October 1, 2015
Anaheim, California

2. Core Elements of Retail
Loss Prevention
Sponsored by:The Retail Loss Prevention Council
September 28, 2015

3. Organized Retail Crime (ORC)
Survey Summary
– $30 Billion/Year problem!
– ORC Fencing Operations
– 8 of 10 retailers-victimized
– Need for Federal Laws for ORC-interstate
transport
– Retailers’ financial investment in fighting
organized retail crime tops $400,000 on
average
– Concerns over store merchandise credit
and gift card fraud schemes remain high

4. Survey Summary
– Top Cities for ORC:
Houston, Los Angeles, New
York and Miami and new –
Detroit
– Impact of Cargo Theft:
24% of retailers reported
store-level theft
– 33% of retailers noticed a
reduction in ORC activity
where state laws exist

5. ORC Actions
• Law Enforcement Collaboration
• Federal
• State
• Local
• Legislative Activity/ Capitol Hill
• State Legislative Activity
• Retail Relationships
• Industry ORD Groups

6. Example ORC Law
• Michigan enacted in 2013 (5 year felony)
– Knowingly commits organized retail crime – steals with intent
to sell or redistribute
– Assists another in committing – organizes, finances, manages
– Affecting anti-theft device from activating
– Knowingly purchasing cell phone with intent to defraud or
break service contract

7. Tools For Battle
• Aforementioned Industry
Collaboration
• CCTV Analytics
• Facial Recognition
• Anti-Shelf SweepingTechnology
• License Plate Recognition
• RFIDTools
• Greeters
• Shopping Cart Lockdown Devices
Today many retailers have established and
dedicatedORCTeams that are
focused on stemmingORC’s foothold

8. Organized Retail Crime
• Triangulation Fraud Schemes
• Ranked 9th in 2012; now #1 in impactful and
frequency fraud type by the Merchant Risk
Council and Cybersource
• Fraudster buys stolen credit cards, advertises
phantom product and orders product with stolen
credit card
• Three victims: person whose card is stolen,
person who orders product and merchant who
drop ships the goods
• Combating theTriangulation Scheme
• Use screening algorithm to identify red flags
• Shipping address differs from billing address
• First time card used on this site?
• First and last names capitalization
• Possible language from high-fraud foreign
country
• Originate from proxy address
• Device fingerprinting analysis
• Transfer transaction over to human fraud analyst
E-Commerce Fraud

9. Crisis Management and Response
• Undesired and unexpected event
• Disrupts the business and/or jeopardizes
employee and customer safety
• Likely to last for an extended period
• Requires unplanned commitment of
resources
'CRISIS' DEFINED

10. Crisis Examples
• Natural disaster (fire; tornado; flood;
earthquake)
• Political event (riot; demonstration; civil
unrest)
• Product tampering
• Kidnapping (abduction; hostage event)
• Criminal event (mass murder; drive-by
shooting; active shooter)
• Terrorist event (bombing;WMD)
• Network breach/sabotage

11. Objectives of the Crisis ManagementTeam
 Effective and efficient resolution
 Centralizes authority and responsibility
 Minimizes organizational impact
 Provides structure and discipline to the effort

12. Crisis ManagementTeam (CMT)
• Wrong:
o Reactive not proactive
o Just select some 'good people' and turn them
loose
• Right:
o Identify needed area of coverage
o Select appropriate personnel

13. Important Characteristics of a CMT
•Temporary task force
• Fewest members possible (only those needed)
• Diversity of members
• Members present a unified 'front'
• It is the only part of the business working on
the crisis

14. Responsibilities of the CMT
 Assessing the crisis
o Ensuring the situation is
sufficiently understood to
begin resolution
 Containing the crisis
o Protecting the company’s
employees and assets
 Planning the response
 Resolving the crisis
Case Study- Baltimore Riots

15. Protecting PII
(Privately Identifiable Information)
• 66% Of Respondent named malware attacks as
number one threat
• Based on the 2014 survey viruses, worms, Trojans, and
other malware were problems for 61% of respondents
• About 12% of respondents had run ins with targeted
attacks
• The protection of confidential data against leakage is
now the top priority of most companies (38%)
• Damages from one data security incident were
estimated at an average $720,000
• Damages from one successful targeted attack could
cost a company as much as $2.54 million.
• As Loss Prevention and
Asset Protection leaders, we
have responsibility to
protect our business from
these types of attacks-
where we have ability and
controls.
Kaspersky Lab IT Security Risks
Survey 2014:

16. Protecting PII
An estimated 39%
of incidents
involving data
breaches and
systems failures
come from inside
an organization.

17. Questions We Should Ask Of Our IT Security
Partners In Retail Organizations
• What’s the status of the PCI audit or IT
security audit?
• Who has access to your company’s
Technology
• Do third parties access your equipment and
or information?
• What Control Mechanisms are in place?
• Can we audit session activity?
• What are the loose ends?

18. The Cost of a Security Incident
oLoss of faith in the retailer
oDamage to the brand
oLoss in sales revenue
oCost of PR Firms, Lawyers
oCost of lost time your executive
spend meeting about breach
restoration efforts
oScramble to satisfy States
Attorneys General
oCost of identity theft
monitoring and restorative
services to all customers
effected

19. Are Our Employees ProperlyTrained?
• Malware can be installed by
insiders; your Employees
• Clicking on malicious links/
attachments
• Sensitive Customer Data
• No password sharing
• Control password changes
• If point of sale software is installed
on computer, ensure no web
browsing or email

20. What does the physical Loss Prevention professional
bring to the table?
Security RiskAssessment
Access Control Audits to all controlled area doors
Camera coverage to all server room, electrical,
mechanical and telecommunications rooms
Minimum of 90 days video retention
Visitor & lobby controls
Management of physical technology security
(laptop locks) especially after hours
Mobile POS device lock down and usage logging
Incident Reporting Management
Investigations Expertise
Training on handling PII

21. InternalTheft Controls
• Retailers have reported to
researchers that internal theft tops
their list of drains on profitability;
up to 42% of what makes up retail
shrinkage dollars nationally.
• Internal theft is most serious
because employees have far wider
access and longer access to
company assets once they decide to
steal.Thefts can go on for years if
undetected and cause hundreds of
thousands, even millions of dollars.

22. Preventing InternalTheft
 CBT Application Process
Screens Applicants Early
Prevents Bad Hires
Pre – Employment Screening
Trust, ButVerify - Ronald Reagan

23. Preventing InternalTheft
Background Checks
• Sensitive Positions
• Day Care
• Pharmacy
• Finance
• Manager Positions andAbove
• Loss PreventionAgents
• Mandatory Pre-hire DrugTesting
• Testing for Cause
• Post Accident Injury
Drug Screening

24. InternalTheft Controls
• Employee Orientation and
Employee Handbook Statements
about Integrity and Ethics in the
Workplace
• Employee Package Checks (On the
Clock)
• Camera Surveillance
• Store Level Loss Prevention
Presence
• Point of Sale Data Mining
• Solid Employee Management

25. InternalTheft Controls
Metrics
• Relationship between audit scores
& shrink
• Measure performance not
compliance
• Are your programs working ?
• Root Causes
• Operational
• Systemic
Computer BasedTraining
• Consistent Message
• ReoccurringTraining
• Waste & Loss
• Integrity
• Satisfies certain regulatory
requirements
• Ability to track progress &
participation

26. InternalTheft Controls
• Pay EmployeesWell
• Performance Recognition
• Employee Coaching as Needed
• Ensure Management is Fair and
Free of Harassment and
Retaliation

27. Preventing InternalTheft
GPS-Group Problem Solving
• Facilitates Team Atmosphere
• Provides “Buy In” forAssociates
• Ideas to Implementation

28. Preventing InternalTheft
Open Door Policy
• Encourage an Open Door Policy
Where Employees Have a Hotline,
or Many Phone Numbers and
Email Addresses for Reporting
Violations
Gather Feedback and Act on it
• Employee Engagement Annual
Survey