If you were to draw a blueprint for a consultant, they might have broad shoulders, thick skin, and a flat nose from having doors shut in their face (metaphorically, we hope).
Take a retailer suffering robberies. The retailer may say to the consultant, ‘give me a camera’, but the consultant may look beyond the physical security issues to the people ones: what is the good of CCTV if there is only one member of staff on duty, in say an off-licence with long trading hours ‘A cost analysis may find that it’s too risky to even keep the store open. Then there’s the question of how to put its politely to the retailer that he does not have a clue. And then there’s the question of who to say it to – the chief executive, or the person actually doing the job on the ground’
<br><br>
Crux decision
<br><br>
The London meeting room of the Institute of Directors is a grand place to do business – you look up and the eyes of some military hero of the British Empire are staring at you from a painting on the wall. Every portrait is of a man. While times have changed, most of those doing business inside the IoD are men too. Not Caroline Waddicor, a director of fraud consultants Hibis Europe, and a member of the Guild of Security Professionals. After 12 years in the Greater Manchester Police, she made a crux decision – that although she enjoyed policing, it was not something she wanted to do all her life. So she went into retail security, working for various retailers across sectors – B & Q, Next, Iceland. Then she went into consultancy. At the risk of making a sexist analogy, a consultant is like a soccer manager – they are never called in when a firm or club is doing great. The consultant – who might be checking for the corporate equivalent of a pulse – has to be sympathetic to the company’s staff, and approachable, but not allow sympathies to sway any judgements. A consultant has to be brave to say what is going wrong, and suggest what to do to put it right – and if it fails, you fail.
<br><br>
Retail in the sky
<br><br>
Take the airline that brought in Hibis. Did you know that a fair chunk of an airline’s profits come from retail sales 30,000 feet up ‘Yet the products were sold in the sky without EPOS (electronic point of sale) or security measures common on the high street. The airline could tell that it was not making the profit on in-flight retail that it should. Yet retail was an orphan department; nobody in the company took ownership of what was seen as an add-on (yet it was quite a money-spinner!). Controls on the ground were bad too. The consultants pointed out that bonded warehouses making deliveries were a problem – the airline was not making checks on what the warehouse said it was delivering. So Hibis developed a loss prevention function that reported to the retail operation. The consultants analysed data and could compare the Gatwick side of the retail operation (say) with Manchester, one bonded warehouse with another, and ask; why is one so much better than another ‘The airline retailer director got a call from another airline, asking: what have you done this season?! Because the other airline’s profits had plummeted. The Hibis-helped airline was able to show – to the day – that by putting controls in place displaced the fraud: a bonded warehouse made up its loss at a softer touch airline. The consultants reviewed also the airline’s cash counting; options were put to the board, which decided it was cost-effective to outsource. This case highlights a couple of things – that a consultant has to be ready to give bad news; and, as Caroline sees it, her job is not so much purely fraud prevention but profit enhancement – spotting where the business is not doing as well as managers know it should be doing, and suggesting ways to put it right. For a loss prevention team to be unaware of sales figures the latest stock promotions, and margins, and to deal only with robberies and burglaries, is to be isolated, in her view. A comfort zone, if you like. She cannot understand wearing security-only blinkers – ‘because the buzz from working in retail is phenomenal’. For instance, that high-value product that has so far been kept behind a glass partition – do you have the courage to take the product from behind the glass, and to protect it perhaps with electronic article surveillance; or by increasing the overall number of staff on the sales floor ‘Because it is known that people are more inclined to buy a product they can touch. Also, if you are a security person and feeling comfortable, you are not doing your job properly, because it is your job to poke your nose into everyone’s business, because no business is totally clean of problems. To investigate it could be hard work, quite lonely at times, and you will not be everybody’s friend: ‘If everybody likes you, you aren’t doing your job.’
<br><br>
Sweat shop
<br><br>
Given the global supply chain of a retailer, the problem may stem from a Walter Mitty character on a UK shop floor, whose references have not been taken up because the employer takes people at face value and does not do proper vetting. Or, the problem could be in an Indonesian factory. Does the supplier use sweat-shop labour ‘Are those products counterfeit’ Loss prevention, as Caroline sees it, has a responsibility as much as the rest of the business to ensure that the company is always acting in the best interests of the business. She says: ‘When I am recruiting people, I always say that in loss prevention, profit enhancement, you are the conscience of the business. You have to be able to say to people: ‘that isn’t right – have you considered this’ and it comes back once again to delivering bad news.’She puts it another way: say the chief executive comes up with a (to him) brilliant merchandising idea – that the high-value goods are at the front of the store, or whatever. The boss has spent maybe hours on that idea, at board meetings, and gaining the backing of his operations team. How does loss prevention say – and at a late stage, probably – ‘brilliant idea, but have you thought of the consequences of this’ You will win some battles and lose some, Caroline adds, but you have to be able to point out risks and likely costs to the business, and have the strength of conviction to make a good argument and find mutual ground. (To go back to that Indonesia sweat-shop – yes, maybe the company is happy with goods from sweated labour, but the board has to be ready for the damage to reputation if it gets reported.)
<br><br>
Know your way around
<br><br>
To get to the bottom of a fraud, often the loss prevention manager or consultant has to know their way around a company, the organisational tree and the personnel. Who is putting together tender processes’ Who is signing off the details of the tender? Caroline tells the story of a company that did not know where the problem was, but knew there was a problem – because the company was under-performing compared to competitors. Hibis called a meeting of heads of department, including the heads of procurement and catering: ‘Everybody was called in and we had this very nice ‘get to know you’ meeting; and one of the last people to come into the meeting was a guy from the procurement department. He bounded in and said, ‘I can only spare you ten minutes – this is total nonsense’. Two and a half hours later, this man was the last person to leave our meeting, and 12 months later he was dismissed from the business for dishonesty.’ Hibis made this man, who was to do with procurement back-handers, a member of the profit enhancement team – on the principle of ‘keep your friends close, but your enemies closer’. Generally, when called in as a consultant, Caroline will form a profit enhancement team with representatives from human resources, finance, even, because change will come about from within the company, employees spreading the word, not Hibis. By bringing the dishonest man into the team, he felt uncomfortable, and it took eight months to get copies of the contracts he was responsible for. It turned out that money was not going into the right bank account. Yet such frauds may have been in the company for a long time, and it can be difficult for a chief executive to learn that his right-hand man is bent, and has duped him. More bad news, in fact, for the consultant to deliver! Caroline says: ‘And you need to be able to manage that because it is their [the chief exec’s] reputation, their judgement, being called into question. But what you have to be able to show is that these people are very good at what they do. Any fraud will have been going on for a minimum of two years.’Someone hell-bent on fraud will find holes in controls; they may ‘preen’ a situation until they have moved about staff, until they have a weak team around them: ‘And then they will go for the kill. And that is what you have to be able to challenge.’ It’s difficult to carry out proper vetting, Caroline continues, when companies will give references to people they have sacked. That said, a company can ask for references and be prepared to take them up. She says: ‘I worked in one business for three years and I found out when I had left they had never taken references for me, and I had access to keys, and crucial business information; and the loss prevention team had got it wrong.’ She speaks of having the basics in place – such as asking for references with every application – as something you can build upon, if necessary calling in an outside specialist to carry out vetting, of (say) managers and cash-handlers. And, once again, the business has to be prepared for bad news as a result of vetting.
<br><br>
Off-licences
<br><br>
Caroline regards incidents in off-licences as a most challenging area of retail security. She sees a way forward as ranking a chain’s stores as red, amber and green. ‘Red’ store are agreed by Caroline and the chain’s operations team to be a risk – whether because of catchment area, high turnover of staff, or poor trading. The whole company- not only loss prevention but operations, HR and finance – will seek to support those stores. Any capital investment available, the red branches will get it. The chances are that crime will be displaced – maybe to the competitor down the road. But, significantly, Caroline adds that she does not think a company can work alone. When working for an airline, she set up a discussion group to tackle the common problem of fraud, with travel agents. In the off-licence sector, too, the crime problems are held in common by the big chains; the robbers may go from one shop to the next, stealing a bottle of champagne or a jar of coffee to afford their drug habit, and rival chains are none the wiser. They can share good practice, without giving away sales figures and the like. The challenge is to convince a chief executive to give permission for such talks; for you cannot bring about change unless people recognise that they have a problem on their hands. If store staff are being threatened with knives, it may take a consultant from outside to ask: are things so bad that you cannot continue trading here (more bad news)’ Or is it possible to change the position of the till, install CCTV, or increase the number of staff, to deter violent thefts’
<br><br>
Caroline spoke earlier of the buzz of retail and how security people within retail should not isolate themselves from the selling part of the business; can then a retail person do security’ It’s the old question – does security come as second nature to someone (or not), suggesting training is inherent in someone, or can someone be trained to do security’ Caroline answers that you are asking for trouble if you ask a mouse-like person to work in a store at 10pm. But you can train retail staff for eventualities, so that they have more confidence that they can do what the company expects of them. And if someone says, ‘give me the money’ or otherwise threatens them, there is no dishonour in following company policy and handing over the money. You can train staff in defusing conflict, knowing how to speak to customers. That might involve a male member of staff saying sorry rather than fronting up to someone, however aggressive. Training should also be in security equipment – it’s great if a store has a product that when activated cloaks a room in dense smoke, effectively blinding the intruder. But it’s no use if the lone member of staff does not know how to use it – or even that it is there! Retail tends to see a high turnover of staff, so that training has to be never-ending.
<br><br>
Caroline recalls how as a police officer she might write in a crime report: ‘advice given’. That would refer to attending a retailer after a theft and recommending that the manager bring in a security guard, or CCTV. Looking back, she realises now what a chain of decision-making in a large organisation has to happen for that ‘advice’ to bear fruit. In her view, if a retailer wishes to take a theft case down the criminal court route these days, the retailer has to prepare the whole case ‘with a pink bow on’, because police do not have the time or the resources. Given the red tape and the hurdles to jump to get the Crown Prosecution Service to even take a case to court, she believes that a greater return on investment is offered by going down the civil recovery route. – with the previso that a civil recovery scheme is only as good as the scheme members and the intelligence gathered.
<br><br>
Finally, there is the question faced by all consultants and indeed security managers who wish to get things done, by spending money – how in a hard-nosed business do you get your plan backed by the board’ A chief executive may have had a bad experience with past consultants (the CCTV installed did not work – maybe simply because the tape is no longer clean). Take the case of baby abductions from hospitals, when it turns out all too often that CCTV is broken – or, Caroline adds, an access control system is not working, staff do not wear nor enforce the wearing of identity cards; and there is no contingency planning. She says: ‘One of the first things I do when I go into a business is put together an emergency scenario and not many businesses can last two weeks after a scenario,’ maybe a flood or a fire. After all the serious incidents of recent years, that to Caroline is damning. And that is something to take to the chief executive – who maybe is in something of a comfort zone himself’!
