Retailers Face Higher Risk as Cyber Threats Increase
Retail shrink—the loss of inventory due to theft, fraud, shoplifting or other errors—totaled $50.6 billion in 2018, up from $46.8 billion in the year-before period, according to the annual National Retail Security Survey, which was released by the National Retail Federation (NRF) and the University of Florida.
“We are seeing dramatic changes in the risks faced by retailers, and loss prevention practices and priorities are evolving to meet those challenges,” said Bob Moraca, vice president for loss prevention at NRF. “As criminals find new ways to steal, loss prevention teams are finding new ways to stop them. Increasingly, this is a battle focused on technology.”
Retail shrink averaged 1.38 percent of sales during 2018, up slightly from 1.33 percent in 2017, but has held steady around 1.4 percent over the past few years, according to the report. With the percentage largely unchanged, the increase in the dollar amount is due primarily to growth in retail sales, the report further indicated.
The largest losses per incident came from robberies at an average $2,885.15 (down from $4,237.02 in 2017), followed by employee theft at $1,264.10 (up from $1,203.16) and shoplifting/organized retail crime (ORC) at $546.67 (up from $543.28). Robberies are comparatively rare, however, while shoplifting/ORC and employee theft together typically account for about two-thirds of shrink each year, with most of the remainder coming from vendor or paperwork errors, according to the report.
While 43 percent of those surveyed said the largest increase in fraud is occurring in stores, 30 percent said it is happening online and 22 percent said it is coming in multichannel sales, such as those where the purchase is made online but the merchandise is picked up in store, according to the report.
Of challenges that have grown in priority for loss prevention teams over the past five years, cyber-related incidents were found to be the top issue (68 percent), with e-commerce crimes (65 percent) and return fraud (51 percent) following. Return fraud includes incidents involving purchases made online but picked up in stores. ORC was cited by 65 percent of survey respondents, and internal theft by 60 percent.
A total of 89 percent said there is increasing overlap between retail loss prevention teams and cybersecurity teams, but only 30 percent of loss prevention executives said they were regularly involved in cybersecurity issues, the report revealed. Most of the time, loss prevention is brought in after the fact on cyber issues, with 60 percent saying they are called in for incident response with only 26 percent involved in threat analysis.
Loss prevention executives are preparing for increased involvement in cyber issues, with 62 percent seeking analytical skills in new hires and 40 percent seeking cybersecurity skills, according to the report.
“These are changing times in retail and that means changes in loss prevention,” said Richard Hollinger, a criminology professor at the University of Florida. “As always, the challenge is for the honest to stay ahead of the dishonest.”
The National Retail Security Survey, now in its 28th year, included responses from 63 loss prevention and asset protection executives from a variety of retail sectors. The study is a partnership between Hollinger and the NRF and is sponsored by Appriss Retail.