Shop theft is changing. Today, employees are in the frame. Last year thefts by staff shot up 68%, while overall offences fell. So how can retailers combat the threat from within and the crooks’ increasing sophistication? Nick Hughes reports

To colleagues, James Stevenson was a model citizen.

The well respected father-of-two had racked up 20 years' service in the IT department at Sainsbury's HQ and was considered a trusted employee. Yet the 45-year-old IT manager held a dark secret.

Over a seven-year period he illegally added 17 million points - worth more than £81,000 - to his collection of Nectar cards after discovering a loophole in the system. Stevenson's crime was detected in 2009 and he was jailed earlier this year, for 20 months.

While this case may be an extreme example of employee theft, it's by no means an isolated one if figures revealed in the BRC's 2010 Retail Crime Report are anything to go by. Although retailers reported an overall 11% reduction in the number of recorded offences in 2010 compared with the previous year, recorded cases of employee theft increased by a colossal 68% year-on-year.

The BRC claims the reason for the surge in cases of employee theft is an improvement in detection systems that allow retailers to identify offences sooner and more accurately and take the necessary preventative action against would-be criminals. The consortium estimates about £210m was invested into combating this type of loss prevention by retailers last year alone. But are retailers really winning the war against the enemy within, and if not, what more could they be doing to combat the five-finger discount?

Employee theft has always been a tough nut to crack, but many problems surrounding the issue today are a legacy of mistakes in the past, according to Richard Paterson, business development manager at software consultancy Hicom. He believes retailers have all too often been guilty of capturing data on theft but then failing to use the information effectively. "Perhaps this is because the systems used are old, take too long to yield meaningful data, or have difficulty differentiating between data on serious robberies versus single thefts," he suggests.

However, Paterson argues that the latest data-mining software offers a level of granularity that has previously been unachievable. This software allows retailers to tackle internal loss by analysing large volumes of data from different sources, such as sales information, sales history data and on-hand inventory, from which they can extract information on suspicious transactions.

"The loss prevention arm can then sift through the data quickly and efficiently, enabling it to get to the root of the problem," says Khuram Kirmani, CEO of IDM Software.

In theory this tech-speak all sounds very impressive but the problem retailers face is that scams take on many different guises, from the more sophisticated transfer of loyalty card points through to the more bogstandard theft of items on the shop floor.

One of the most common forms of employee abuse surrounds refunds, according to Stuart Dean, product manager at Torex. The employee may do a refund that doesn't really exist back to his own credit card or refund singly a product that was bought as part of a multibuy promotion. "To an onlooker that would look like a reasonable transaction but that is defrauding the company out of money," says Dean.

Another common scam is known as 'sweethearting' where the employee passes something over a scanner without it actually being scanned, or scans a lower-priced item in place of a higher-priced item.

The key to deciphering where these crimes may have taken place is to look at what the norm is for the business and then look at those transactions outside the norm, says Dean.

"Across the business, you might do 4% on discount, and then there's one store that stands out because it's doing a lot more than that, or one individual who seems to be doing more than their fair share of discounting," he explains.

Of course, sophisticated thieves change their modus operandi all the time, so loss prevention experts need to change the patterns they are looking for with equal fluidity to remain one step ahead.

"Traditional data warehouses tend to aggregate things up, so you lose that level of granularity. But it's very important when you're designing a data warehouse for loss prevention to keep all the lowest level data you've got things like scan rates, number of items that have been voided, how much they've been voided by, who the operator was and indeed the sequence of transactions," says Dean.

In order to determine when an incident requires follow-up action, most retailers will use a scorecard approach, where every potentially fraudulent transaction scores a point until a threshold is reached. At that point the employee is flagged for further investigation.

Torex also offers a visualisation tool that shows all of the transactions for a particular store and highlights them in a bold colour when they become suspicious. "We've built an engine that allows you, once you've identified a suspicious member of staff, to capture information about every single transaction they do that is out of the norm," says Dean.

The payback from the investment in loss prevention software is in the retailer's ability to identify the bad eggs at an early stage and remove them from the system, saving them money in the long term. Indeed, the BRC report found that the average value of goods stolen by employees fell 67% to £290 last year; proof that investment in loss prevention is successfully reducing high-value cases of fraud.

While transaction-based fraud may appeal to the more cultured thief, straightforward shoplifting is still common among employees, be it direct from the shelves or from the stockroom.

By applying retail intelligence processes, data mining tools will be able to flag up what is known as phantom inventory inventory that has been shown to exist in the system but physically doesn't appear on the shelves.

But this still requires the retailer to investigate who is responsible for the theft and where in the chain it occurred, so, in addition to data mining, retailers are increasingly using intelligent RFID devices to track the movement of stock through the store.

Although primarily used as a tool for managing stock levels and availability, RFID tagging has significant applications for security. Traditionally, retailers have used metal tag security on high-value items, which trigger an alarm on an EAS gate when an unpaid-for item leaves the store. The problem with such tags is that there's no verification of what has come into the store in the first place, so goods going out the back door through employee theft go unnoticed.

With second-generation RFID now being adopted, items are tagged at source (with clothing the tag is often sewn into the garment itself) with a unique code that stores information on exactly what the item is, from the size and shape to the colour and weight. As stock moves from the back to the front of store, it can be read automatically by door readers and again as it leaves the store by RFID detectors, giving full view of the flow of goods coming in, going through and then going out of the store.

RFID also allows retailers to gain a greater understanding of who is managing stock at any stage of its movement. "If someone is wearing a badge, which most employees do, we could RFID-enable that badge, so you could actually see which individual person is dealing with each particular transaction at any one time," says Keith Sherry, head of supply chain solutions at BT.

RFID costs
Currently the cost of a tag is about 10p, making it prohibitively expensive for low-value items. Sherry says the current threshold for most retailers is about £5, below which the cost cannot be justified at an item level, although whole pallets of stock can still be tagged in a cost-effective manner.

Longer term, however, the development of printed RFID, which will be stamped on a product in the same way as a barcode, could bring the cost down to a fraction of a penny, making it more viable for low-cost items, and making even the pettiest of crimes difficult to commit without attracting attention.

Despite the advances in loss prevention technology, experts admit that employee theft will never be completely eliminated, but, by using the technology at their disposal, retailers can give themselves a head start in the fight against crime.

"It's a bit like putting a burglar alarm in your house and saying it's never going to get raided," says Sherry. "We all know that the thieves get more and more sophisticated but what it does do is slow it down and make theft more difficult."

Case study: it was the cleaners!

By using a data mining system provided by Agentrics that flags up where sales fall short of an average daily figure, Unilever identified that sales of some household products were consistently lower than they should be at one particular Carrefour store.

On closer inspection, they found that the inventory did not match the stock passing through the checkout and so began an investigation. Studying closed circuit TV cameras, Carrefour found that rather than using their own supplies, the cleaners at the store were taking stock off the shelves to use.

"While it is not strictly theft, it could easily have been and we were able to use the data to detect it and allow the store to put a stop to it," said Agentrics CEO Wellington Machado.