Locking Out Loss

May 01, 2007 9:30 PM  By

When $200,000 worth of baby formula went missing several months ago from a Wakefern warehouse in Upper Macungie, PA, company officials and police tapped warehouse records and security cameras seeking clues. They discovered that a truck driver and at least one supervisor for Wakefern, the distribution arm for ShopRite supermarkets, were stealing the formula, using unauthorized stickers and codes to get the truck past security guards.

That’s an example of collusive theft, which Barry Brandman, president of Danbee Investigations, an investigative and security consulting firm in Midland Park, NJ, says is the most difficult type of loss to prevent and detect in the distribution center. “A catalog warehouse is the perfect environment for a theft to take place,” says Brandman. “There is significant throughput every day, a chaotic pace — it’s the perfect smokescreen to camouflage dishonesty.”

Collusion joins internal theft, trucker theft, and administrative/accuracy errors as leading sources of shrinkage in the DC, according to Mark Doyle, president of Jack L. Hayes International, a Fruitland Park, FL-based loss-prevention and shrinkage-control firm. DC theft is something many companies don’t want to own up to; incidents often go unreported, and surveys capturing the true extent of losses in DCs just don’t exist.

Indeed, attitude is a major reason theft occurs in the first place. Often, says Brandman, “company supervisors are shocked. They never imagine they could lose that quantity or value right under their noses” and that long-term, trusted workers could be responsible.

But awareness and prevention can curb such losses. Enacting appropriate checks and balances from beginning to end can go a long way toward keeping shrinkage to a minimum. “Sound security doesn’t require a lot of money,” says Brandman. “It’s a matter of strategically spending that money.”

Step one: Assess the risk. The first step of any DC loss-prevention program is accurately assessing the risk. Where is the facility located? The state of Vermont, for example, consistently reports one of the lowest crime rates in the nation. Does the merchandise have high street value? While its merchandise certainly has appeal, Vermont Teddy Bear Co.’s product line — primarily stuffed bears — lacks the street value of, say, consumer electronics or high-end purses. So the company’s 120,000-sq.-ft. distribution center in Shelburne, VT, has enviably low shrinkage and relatively light security. What policies, processes, and technologies are in place, and do you know that they’re working?

Many DCs hire outside firms to cast an unbiased eye on their operations. Danbee’s Brandman recommends re-evaluating your warehouse security every three or four years, since business processes change.

Step two: Begin your loss-prevention efforts at the point of entry. “If something is wrong at the point of receipt, it is wrong throughout the process, unless identified and corrected,” says Hayes International’s Doyle.

For that reason, Katie Camardo, Vermont Teddy Bear Co.’s vice president of operations, and her staff conduct “a 100% receiving check when material comes in, and check again at the [purchase order] by style and quantity,” she says. That’s in addition to a quality control check. “One of the major sources of shrink is errors in shipping not caught in receiving.” Outbound trucks are sealed once orders are complete.

Point of entry refers not just to merchandise but to employees as well. Many consultants advocate conducting background checks on prospective hires before making a job offer. “When we run background checks, about 18% come back positive for criminal records,” says Barry Wilkins, vice president of homeland security for Pinkerton Consulting and Investigations in Parsippany, NJ. Ideally you’d run repeated, random checks every three years or so, though for many that can be cost-prohibitive — $85-$200 per check, depending on the scope. Still, Wilkins says that one $40 million company went out of business because organized crime had infiltrated all the way up to management; the company conducted background checks only in its headquarters state, not in the state where the warehouse was located.

Step three: Create a traceable chain of custody, and separate duties. Best warehouse practices such as tight inventory control, frequent cycle counts, random audits, and two- or even three-party sign-off on documents for high-value goods act as both a deterrent and a paper trail to detect and prove theft.

But if you have the same person handle the cycle counts and the random audits, for instance, you’re defeating the purpose of instituting the multiple checks. “Don’t have one person do conflicting tasks,” advises Wilkins, a rule that at times gets violated when staffing runs short.

Step four: Limit access. Warehouse employee, driver, and visitor movement must be restricted. Truck drivers, for example, should not be permitted in the warehouse but instead should have a separate, comfortable waiting area. Employee parking should be separate from docks. “Visitors should be escorted and issued a badge, verified with a picture ID,” says Wilkins. Picture IDs and access control should also limit employee movement.

For PFSweb, a third-party logistics provider in Plano, TX, “the focus is perimeter control,” says Scott Talley, vice president of global logistics. “Even though there is a small number of people with criminal intent, if the perimeter of the facility is controlled, nobody can get out” with purloined product.

Among PFSweb’s strongest deterrent is the armed, certified law-enforcement personnel it hires for security. “You don’t get fired, you get arrested,” Talley adds.

Around peak times such as Valentine’s Day, Vermont Teddy Bear may recruit as many as 1,000 seasonal employees to fulfill the crush of orders. Those workers are limited to pick/pack areas, and the company hires workers for trusted long-term positions from the best of that group. The company recently deployed an access control system (Keyscan by Royal Technologies) to ensure that only authorized personnel enter designated areas, with a database to record that movement. Equipping two buildings cost Vermont Teddy Bear nearly $30,000.

Vermont Teddy Bear workers are also barred from carrying personal effects into work areas. At PFSweb, they wear scrubs-like uniforms with no pockets and no metal pieces.

Step five: Seek patterns and unusual activities. Scrutinize cycle counts and inventory data for patterns of loss among particular SKUs, says Danbee’s Brandman. Systemic problems will appear across the board, while pilferage will be concentrated in specific SKUs. One Danbee investigation found an increased number of carrier-loss reports at one of the company’s hubs rather than across the network — a red flag for fraud.

Step six: Consider hotlines and undercover investigators. “Most people want to do the right thing but don’t want to put themselves in jeopardy,” says Brandman. “The employee workforce is the best source of information.” While some DCs route theft hotline calls internally, “an outside 800-number dramatically increases the likelihood of use,” he says. Anonymity and rewards are key elements in encouraging workers to report theft.

Danbee also makes use of undercover investigators to detect illegal acts, violation of policies, drug use, and other questionable activities. “Inside intelligence gives a unique perspective you’re otherwise not able to see,” though it can cost $26,000-$28,000 per investigation.

Step seven: Apply technology as a problem-specific solution, not as a panacea. Opinions vary on the value of particular technologies, but most agree that each serves to alleviate a specific problem; none are a complete solution. Pinkerton’s Wilkins, for example, advocates Web-based cameras throughout a facility, starting with the areas that house high-value goods and employee entrances and exits, for their deterrent and forensic value.

But Brandman contends that cameras are often placebos. “Most inside theft looks like standard operating procedure,” he warns. What’s more, “after the novelty wears off, not many have the patience to use the cameras.” Similarly, guards are great for searches, ID checks, and entrances/exits from facilities and yards, but they won’t prevent collusion.

Other technologies that can be effective in the right setting are biometrics, barcode scanning, RFID, metal detectors, truck seals, and perhaps surprisingly, air conditioning. “A lot of problems in the DC come when it’s hot and the doors are wide open,” says PFSweb’s Talley. In fact, PFSweb is considering adding a dock management system to remotely control door openings.

PFSweb also tracks goods as they leave facilities, using X-ray equipment, truck seals, and global positioning systems to ensure that trucks reach destinations at expected times with shipments intact.

Step eight: Employ a layered approach. It’s important that your company’s security efforts check, but not impede, processes. A layered, comprehensive security effort can not only prevent shrinkage but also boost employee satisfaction and productivity.

At PFSweb, “we integrate security with the operational workflow,” says Talley. “That allows us to validate what operations is doing.” Following implementation of some of its security measures, “as time went on, employees felt more valued, safer, with no horseplay, no bad language, and no one can come in with a weapon. Warehouse turn is probably lower because they like the way the business is managed.”

The right technology integrated with business processes is as close to ideal as DC security can get. “There is no silver bullet,” says Pinkerton’s Wilkins, but layering policies, processes, and technologies “makes it much more difficult” to steal.

While the initial cost of implementing a security solution may seem high, “the cost per theft can put you out of business,” says Talley. “There can be a couple of hundred thousand dollars worth of product value on a single pallet. You can’t be too careful.”


Allendale, NJ-based Lisa Terry has written for Chief Supply Chain Officer and RIS News, among other publications.