LPRC - Episode 25 – Preventing, Detecting, and Investigating In-store and Online Fraud ft. Tony Aloisio
Episode Date: May 30, 2019This week, co-hosts Dr. Read Hayes (LPRC) and Tom Meehan (CONTROLTEK) discuss detecting & investigating different types of fraud, and collaborating with other retail chains & law enforcement with ou...r featured guest, Floor & Decor LP Director Tony Aloisio. The post Episode 25 – Preventing, Detecting, and Investigating In-store and Online Fraud ft. Tony Aloisio appeared first on Loss Prevention Research Council.
Transcript
Discussion (0)
Hi, everyone. Welcome to Crime Science. In this podcast, we aim to explore the science
of crime and the practical application of the science for loss prevention and asset
protection practitioners, as well as other professionals. Co-host Dr. Reid Hayes of the
Loss Prevention Research Council and Tom Meehan of ControlTech discuss a wide range of topics
with industry experts, thought leaders, solution providers, and many more.
In this episode, LP director of Floor & Decor, Tony Aloisio, discusses detecting
and investigating different types of fraud, collaborating with other retail chains and
law enforcement, and much more. We would like to thank Bosch for making this episode possible.
Use Bosch Camera's onboard intelligent video analytics to quickly locate important recorded
incidents or events. Bosch's forensic search saves you time and money by searching through
hours or days of video within minutes to find and collect video evidence.
Learn more about intelligent video analytics from Bosch in zones 1 through 4 of LPRC's zones of influence by visiting Bosch online at BoschSecurity.com.
All right. So I want to welcome everybody again to another episode of Crime Science Podcast live here from Gainesville, Florida, the LPRC and the University of Florida.
Today, what we're going to do is talk a little bit about fraud.
As many of you know, the LPRC and the UF team,
we're charged with helping our members of the LPRC get better and better
at controlling and reducing theft and fraud and violence.
And I was just talking with our today's guest, Tony,
that I'm just not sure that we're doing enough justice to fraud, that that's such a vast growing
threat and real world problem for every retailer, every business, every person, every citizen out
there today. And I go back a lot with Tony. We've known each other for years
when he was at the Home Depot, of course, Walmart, and now Floor & Decor. So without further ado,
Tony Aloisio, I wanted to welcome you to Crime Science. And Tom, I wanted to welcome you, my
partner in crime here at Crime Science, Tom Meehan from Control Tech. Tony, if I could, maybe how did
you get into the LP, AP field? What was kind of your first entree into the business?
First of all, thank you for inviting me. Good afternoon, everybody. Yeah, it was kind of
strange. I was going to college. I was a chemistry major and some family situations changed and the
money dried up and I needed to start working.
So I started working for Kmart in Altamont Springs catching shoplifters, which I think is where I first met you as well back about 1984, 85.
Yes. Tom wasn't born then. Yes, go ahead.
Seminole County, Florida. Yeah, working in catching shoplifters. And, you know, it paid the bills.
And as I progressed through working for that company and then, you know,
a few others, I seemed to have some kind of knack for the internal side.
The AP field in general was just, at the time, it was catching shoplifters.
You went out the door after everybody.
You didn't get a stab if you didn't come back, you know, with somebody in tow.
I mean, it was a different attitude then, and it was fun for, you know,
a 20-something kid who didn't want to move back home anytime soon
and needed to support himself.
So I stayed with that and then got into the internal side of it as I progressed and really developed
a skill set and a like of the internal component of asset protection. So I stayed with Kmart for
some time, went to federated department stores, Burdine's in Florida.
And then Burdine's merged with an allied company, Moss Brothers in Florida,
and became one large group.
I stayed with them for about seven years.
A brief stint at Montgomery Wards for about three years, and then moved to Home Depot where I was for about 16 years.
Finally, at Walmart for about just under three years,
and then I've been at Florida Core for just over a year and a half. And the last probably 10 to 12
years have been a real high concentration on internal, in particular, and on investigative techniques and processes overall in that retail world.
It's a great summary, and I appreciate it, Tony.
And, you know, I guess for our listeners, those that are in different areas of the business
or in the industry, if you will, you know, describe the difference a little bit
between internal and external words that you, Tom, and I have
used our entire career, the insider threat versus external. What does that look like for you?
And as you evolve from Kmart to Floor & Decor through the years?
I've always broken down internal versus external. I mean, obviously some external is the person that
doesn't work for me. It's an external source. It's a customer.
It's an accomplice of an associate. It is an organized group. And there's a lot of bleed over.
A lot of the internal investigations have that nexus that brings in an accomplice.
An example would be the so-called line voider or item correct investigations that drive a lot of
internal business at big box retailers. By default, if you have an associate handing something out to
somebody, then there's probably an external component as well. So they kind of blend together.
But I do try to categorize the processes we run based on that, you know, outside customer
accomplice versus the, you know, inside associate.
And the internals, to me, always have the greater potential for damage because they're
in the, my associates are in the building before we open, after we close, they touch,
my register associates touch every customer that leaves the store.
They touch every transaction that impacts my inventory up or down.
They handle money.
They handle credit.
So I think one dishonest associate can have a much greater impact on a business than that external component, all things being equal.
That's great feedback, great insights.
Tom, let me go over to you.
You've got a ton of experience in the same area.
And we're primarily talking today about internal theft and fraud, even though we're talking about
some collusion and external. But Tom, thoughts, questions from you? Yeah, I mean, first, welcome
to the podcast, Tony. I think we actually work at Home Depot at the same time. I was there about 20
years ago for a four-year period, but it's a
small world in the industry. My question is really around, and this is a loaded question, I know that,
around all of the changes in the last 10 years, and what have you been seeing with the,
specifically to fraud and even internal investigations, with the introduction to the
e-com world and, you know, today, buy online, pick up in store, same-day delivery out of store.
What are you seeing as a trend today?
And do you see it steadily increasing?
Do you see anything that's working to stop it?
Well, I see one of the things we're seeing is the liability and exposure at returns.
Some companies I've worked for had segregated returns desks
and segregated returns cashiers,
and I could separate those out of the data and look at them,
and then other companies I've worked for, they kind of blend together.
And as we're dealing with BOPIS and BORIS, buy online, return in store,
as these changes take place at POS, if we're not, you know, aware of, A, what is that cashier's ability at POS to make changes in the virtual world?
And then what is the customer's ability sitting in that virtual world to impact what we do at a register?
And that's where those liabilities, you know, sit. So, you know, Boris, we've got, we have a company I work for, didn't have very good
acceptance reporting to indicate when a customer had made a purchase and then completed that
refund inside the store, and that communication was incomplete back into that customer record.
So until we started looking for it, we didn't realize that customers would have purchased one item online and refunded that item six or seven times.
In that particular occasion, POS didn't communicate back into the electronic journal to decrement that customer's receipt, that online receipt.
So, again, a hole that at the time we weren't aware of,
and we had to go back and kind of recreate and fill.
So I think that's where the liabilities are,
is that technology runs ahead of the infrastructure, you know,
and the framework of POS and the e-com platform.
We have operators sometimes that come up with processes to help drive
customer throughput and customer experience,
and they may not communicate well with, you know, the side of the group that has to keep the
chickens in the hen house, and we don't see these exposures until they've already been exploited.
So that's, you know, on a macro level, that's kind of where I see our opportunities.
Yeah, that's a great overview. How about from a human standpoint, from you
personally, have you changed your investigative methodology because of some of those things that
you just mentioned? Yeah, so I didn't have a lot of experience up until the last few years
of dealing with e-com issues, and what I've found, at least everywhere I've worked,
in that most organizations, as they start to get into the virtual world,
they've got separate investigative groups,
one for brick and mortar and one in the virtual world.
And at least in my experience, where I just came from,
they didn't cross over very well.
There wasn't a lot of communication,
which led to the problems that I just described.
So, you know, where I am now, I don't necessarily own that e-comm investigative group,
but we sit down nearly weekly, and they bring to me all of their issues coming from the e-comm side,
and then given with the data and the stuff they give me, I'm able to go into the
POS side and the physical side and see, you know, where those penetrations are. And we've, A,
established some curbs, so we have better communication in both directions from brick
and mortar to the e-com platform and then e-com back to brick and mortar. So we can identify those anomalies of returns greater than sales
or where we've got several orders coming from a particular IP
or a particular identifier,
but using different tenders and different accounts as we look for those compromises
or actually the compromised accounts that are finding their way into the hands of people
and using virtual platform to make the sales and then sending in runners to do the pickups.
We've got, I guess, an advantage to a small degree in that my stuff is not necessarily desirable
in and of itself, meaning BOPIS at a Walmart or at a Home Depot, there's a lot of desirable
products there that are the end unto themselves.
In my world, I don't have a lot of people trying to get my stuff out unless they've already sold it to somebody else.
I have some power tools, and those are always desirable. But as far as a pallet of tile, it's just not practical to get a pallet of tile out unless you've got someone to sell it to.
a pallet of tile out unless you've got someone to sell it to.
So that creates trails, I guess, or footprints that we can go follow, and we're trying to get out there and get in front of who's commissioning business and then trying to get into our stores
either through the e-com platform or physically to try to get that merchandise out.
So it does give us a bit of an advantage in some of those areas just based on the merchandise that we sell.
But the most important thing is to have a foot in both worlds and not be siloed.
So, again, I spent the last couple of years learning the e-com exposures.
And then coming here, we're a smaller company.
e-com exposures. And then coming here, we're a smaller company. Again, we don't have necessarily the risks that, you know, big box or groceries may have. We don't sell gift cards, for example,
third-party or closed-loop gift cards. We don't sell, you know, some of the most desirable
shoplifting or theft merchandise or the stuff that's, you know, most likely to get converted in a refund. But again, we do have the stuff that's desirable to a niche audience. And
our most important thing is that, you know, we sit in both worlds and we have that communication
with that group so that, you know, we don't miss anything. So, Tony, I was going to ask you,
how do you detect and investigate some of these internal issues?
What are you allowed to talk about?
What's going to help our listener understand detection and even how you use ways that we detect internal or other theft or fraud to deter these people?
But what are some of your best detection methods that you've got right now
to understand something is happening or there's even a pattern? Well, I think the biggest thing
is first establish what's normal. Exception-based reporting, exception tools are something that I've
lived in for the last several years, either on the development side or on the deployment side or on the training side.
And it really comes down to knowing what's normal, how does that flow look.
In a closed environment like a store, there's a pattern, there's a rhythm, There's normality. And being able to, from the data perspective or from the physical perspective or even from video analytics,
being able to know what's norm and identify that anomaly.
The analogy I've used is in a world where all the particles are spinning left,
be able to see that one particle that's spinning right and track that.
So we build our EBT both internally and externally.
We have an external third-party tool, the secure tool from Apprish Retail,
plus some in-house tools as well.
And on the e-com side, we have, again,
some third-party tools that they really didn't want me to discuss.
So we establish normal.
On the inside, I know what my refund flow looks like.
I know what the average refund looks like.
I know what the average dollar looks like.
I know what is the average of scanned versus keyed items at the returns desk.
So we write the logic to figure out where the
curves are. What is that obstacle that stops that dishonest cashier, say,
from going farther? Is it a human intervention at a particular dollar
threshold? Is it a POS prompt? Is it some feedback from the
register or from the associate?
We figure out where those obstacles are, and then we try to figure out what are the ways around those obstacles.
So we try to chart the path in order to achieve the goal of either getting that refund or getting that merchandise out or getting that compromised credit card through the register.
What is the path to get to that goal?
And then we camp along that path, you know, liken it to hunting.
We pick off, you know, those that get past the obstacles that the registers have put up or that the organization has put up and try to get to where the returns are worth the
rewards are worth the risk.
And then we pick them off, for lack of a better term.
So, I mean,
our refund rates are established, our norms are established, our merchandise sales are established.
We have things that you don't generally sell one of. So if I have a lot of sales of one,
a quantity of one of this item, that in and of itself becomes an anomaly. And we build our resources to go down those paths
and pick off that part of the population that wants to stray down that path.
All right, excellent. So my next question I had, Tony, was talk about if you would,
does your organization assign different investigators or places you've worked to do in-store versus online or external theft and fraud?
What does that look like?
And I think you've worked – I know you've worked in different sized retailers, both in the number of stores and the dispersion across the U.S. and so on.
So kind of describe that.
What's that look like?
and so on. So can you describe that? What's that look like? And it's funny because it's changed,
but more and more I see in-store AP managers becoming part of the management organization,
key carrying managers, responding to alarm calls, helping customers, and still tasked with the AP function. And I see them becoming more and more generalists. So in a previous life, we selected a small group of specialists,
those that had an investigative background, had a data background,
had an interviewing background,
and we built up some data tools and some video tools
and basically turned them loose.
We did the same thing we
established what was normal we assigned this group with several thousand stores
we broke the group up regionally and started writing logic to identify you
know dishonesty at the registers we started looking for receiving issues
anomalies routine the back and anTV, and we pointed them at that
as specialists. So their sole purpose was to work within these tools and find dishonesty,
or if nothing else, find operational issues causing shrink, but the primary focus was on
dishonesty. And then the next step would have been, you know, we had to package cases,
next step would have been, you know, we had to package cases, package investigations, you know, and send them to the generalists in the field with a couple of goals that turned key-furnished
enough that, you know, the interviewer in the field could pick it up, validate it, be comfortable
with the data and the evidence there, and then go conduct a successful interview and get admission.
there and then go conduct a successful interview and get admission.
So it was a lot of fun, actually, because, you know, we hadn't done that before. And I hadn't seen a lot of other people do that or other organizations may have, but
it was nice for us to get into it.
And we came with some really strong, specialized people that could build these cases.
specialized people that could build these cases. And it helped because the generalists out in the field, again, their plates aren't big enough for all that they have to do in the store. Some of
these AP managers and some of these larger retailers have a huge task in front of them,
from the safety side, from the operational side, from the theft and fraud, the shrink prevention side.
So the easier we could make it for them, the better.
And it found out we were starting to get better interviews, a better quality of investigation, because what we handed to that end user was something that they could easily validate and replicate and make themselves comfortable,
and it taught them more and more
skills on their part to enhance those investigations with the tools they had in the stores.
And then also they started to become better interviewers because, A, they were getting
more interviews to do. We were doubling and tripling case count in some ways, and they were
more comfortable with the information we gave them, so they were more confident. So overall,
And they were more comfortable with the information we gave them, so they were more confident.
So overall, the skill set of our end users was enhanced.
And it also created another pool for us to go into.
As my investigators moved on to other roles, I had a great pool to go move into.
And I see that happening in the retail world. With places I've worked, there seems to be a larger gulf between the field AP structure
and the corporate AP structure. I see companies where the field AP structure reports to
the merchants or the operators, the operational folks in the field, and only has a dotted line
to that corporate AP structure. So it's becoming much more specialized on on the corporate side and much
seem to be much more generalized in in the field players i think that's a great point i guess my
question indeed for the group i think we're all fixed with the uh crossover between jobs the
in some cases job eliminations or mergers for business sake.
Today, when you're looking to hire someone for your team,
do you think differently than you did 10 years ago?
Yeah.
I mean, I used to hire when I was at a regional level,
I would look for store detectives or operations managers to move up into that AP manager role.
Now, sometimes, depending on what I'm looking to fill, we've taken some store operators and come in that understand data that can work in a DB2 or in
a SQL environment and translate that into what happens in a store. I've looked at law enforcement.
I've had some luck with law enforcement folks. I think a lot of law enforcement people tend to be
very black and white, and
we don't necessarily have that luxury in a retail environment of a yes or no, guilty,
not guilty call.
We have to work within more of a civilian mentality.
So I've had some wonderfully successful people come in as central or field investigators
working for me that came out of law enforcement, but it's not always a given.
So there's a wide range of people.
I do like people that understand what happens in a store, that know that normality,
that know that environment, and are tuned in to be able to pick out things that break that normality of a store
and teach them the data piece.
I think one of my most successful investigators was an old-school APM floor walker,
catching shoplifters, dragging them in, former law enforcement,
former military before that.
It was just old school and came in,
and we taught him to work in a SQL environment before we had, you know,
a lot of the exception-based tools we have now, starting to write queries.
And then it was amazing because he understood innately what happens at a register
and how a cashier does what they do at a register and why they do it.
And as soon as he could, you know, work at the macro level and fly at 10,000 feet
and watch that data flow across several hundred stores, it connected.
And he became one of the most gifted investigators I have ever had.
So, I mean, they come from all sides.
You've just got to be able to recognize someone's skill set,
be able to translate it into what you need.
Another question I had for you, Tony, if I might, is how do you tie together in-house information, data sources, in-house talent and expert resources,
and then some of the external resources you work with to, again, detect and define and then to handle uncovered now theft and fraud.
Right.
So one good thing about our group is it's kind of a small group, the retail AP, LP group within this universe.
It seems like there's a lot of the same players, and sometimes we just end up switching
jerseys. So we all kind of know each other. I leverage IAFCI a lot for banking and other retail
and law enforcement sources. I leverage LPRC for, you know, contacts and other retailers and other sources but most of it is just that that
dna that you know we've all carried with us for the last 30 years we know this guy and we know
this this this associate this this investigator this i work for this director this regional work
for me um and for me at least it's all kind of ad hoc, which is, I mean, there's a ton of institutional knowledge out there, and it's great to tap on.
I'd like to say I had a very systemic process, you know, for networking.
For good or for bad, I don't.
I'm kind of old school.
It's all kind of in my head and in my notebook.
It's all kind of in my head and in my notebook.
But, again, I just try to reach out to keep these people in mind.
For example, law enforcement.
Again, since we're still rather small, we haven't got a significant law enforcement networking process.
So what I started doing was every time we opened a store, I'd reach out to that local chief or that local sheriff and just introduce myself, introduce our team. And the first thing I say is,
if you ever need video, if you need transactional information, if you need something that we can provide, we will make it as easy as possible for you to get it, you know, through the appropriate
means, but as streamlined as possible. And our legal department has supported this a thousand percent. So we're starting to make
inroads into getting law enforcement reaching out and asking us for help, which for me is the best
place to be in, because if they're asking us for help, A, we can provide it as a good corporate
citizen, and B, you know, we can leverage that down the road
if we need assistance, if we need to shop a case, or if we have a workplace violence issue that we
need an immediate response on. And I think, you know, you touched on something that's very important
and something that Tom and I have talked about repeatedly on crime science. And, Tony, in this
case, the community, the retail loss prevention and asset protection community, working with law
enforcement partners is a relatively small, it may be tens of thousands of people overall, but still
a small, tight-knit community, all trying to solve the same things. You mentioned at LPRC and so on,
we have working groups and ways to accommodate that, as well as the industry associations and others,
ORCAs and so forth. But how do you work now and how have you in the past coordinated, Tony, with
other retailers and with law enforcement to better understand what's coming your way and to better
solve problems you've already detected? Okay, understood. So I've worked with some orcas in the past.
I was along with, I think, Dave Magersup
and a couple of others.
We're on a ground floor to create the Georgia,
the gray orca, the Georgia Retail Association,
ORC Association.
I think those orcas are great.
Where I am now, we're starting to move into that.
It hasn't necessarily been a priority with us because we're smaller,
and this is kind of a different business model, so kind of getting used to that.
But I think the ORCAs are probably a good starting point.
And, again, the work groups within LPRC and other industry associations.
So, for me, it's probably going to be the ORCAs moving forward.
Where I work, the biggest thing for me is leveraging the people I still know.
Home Depot, for example.
I and Home Depot share a lot of problems, a lot of liabilities based on some of the products that we sell.
So leveraging those people for me is probably how I'm doing it now.
Again, as I said, I'm not probably as organized or systemic as I could be,
but that's the way we're moving forward, ORCAs and those networks that I've carried with me.
Fantastic.
Can you tell me a little bit about working with law enforcement?
Where does that come in handy, Tony?
What's a good example of that where you developed a partner in law enforcement, a detective, an investigator,
and that person helped you with some of the situations that you came up with that you uncovered, you and your team? Oh, absolutely. We had a recent internal and shopping into law enforcement. I mean,
some of the things we do, we have to do remotely given travel limitations and the very, very
limited staff I have. So there's times when we may do a phone interview and then have to walk
a store manager through how to create this package and get law enforcement in so we had to do one of those out in
another state and a law enforcement was they weren't crazy about it in that it's
I promote from a law from a detective's perspective I don't want someone to drop
a folder on my desk and say here here, read this, and then go arrest somebody. So obviously we have to make it appealing and as straightforward and as clean as we possibly can.
And in the midst of that, we had a shooting take place outside of our store, not related to our store,
but we had cameras that were pointed in the general direction.
We received a call from the same agency, and we dropped everything.
We had video downloaded as best we could.
It wasn't great, but it was what they wanted.
Downloaded, prepared, signed off an approval, and in their hands.
And I think they realized that, you know, we were serious. We're not going
to be the people that expect law enforcement to show up when we call them, but otherwise,
you know, we're too busy to help them. So it got me traction on my internal,
and which they turned around and closed out. And then even better, we had an identity theft
slash credit fraud situation going on, same same store where we had a couple that had opened a fraudulent account or account takeover.
So they'd taken an existing account and done a takeover.
And we're in the store making a large purchase, and the store had recognized it, was able to reach out to us, and we could validate that the credentials used were invalid.
We found a victim, so we had everything we needed.
We were able to stall them, and I was able to reach out to the detective we had helped before,
and the response was wonderful in that it was darn near a full-blown tactical response.
It was wonderful to watch live on video remotely as the transaction was completed,
took possession of the merchandise, and then a very professional but a very aggressive
law enforcement response immediately surrounded them. And it was a very clean
takedown. There were no injuries. Nobody got hurt. It was surgical, and they were in cuffs and out
of the way. And it's now rolled into a federal
nexus with a lot of identities that were compromised, ended up in these guys' car.
So showing them that, you know, as a corporate citizen, if we have something that we can provide
for them, we'll do it, you know, whether we want something or not, I think goes a long way to,
you know, getting a response from them when we turn around and say, hey, can you help us?
Here's what we can give you.
It's amazing.
Yeah, building that credibility.
You're always there for them, and that makes them want to be and more likely to be there when you need them, it sounds like, Tony.
Let me ask you this.
Do you map and pattern theft and fraud problems to get an idea where they're mostly popping up in particular stores or DCs or office environments or with certain people and so on? You talked about you always want to understand what's normal, what's baseline, and exceptions to that are someplace I'm going to start.
But how do you map that?
But how do you map that? What are some of your investigative tools, digital software, other tools that you use to understand, to look for, to make sense of, to tie together and so on?
One of the best ones we use is whatever case management system you've had.
I mean, I've had several different case management systems.
Some are really large and bloated and some were very small and a thin client.
But if your data is good, I mean, we're bringing one in where we've got a rather agile application that we're using,
and we've created portals for the stores to go ahead and start entering incidents as they see them,
parking lot incidents, damage incidents, cash shortages, law enforcement requests,
anything that is outside normal course of business.
We've laid some clear protocols as to what we expect to be reported versus what they don't necessarily have to escalate.
versus what they don't necessarily have to escalate.
And so we're kind of in the baby steps of getting all that data and starting to map.
So, yeah, to that point, we'll be able to see where are my parking lot break-ins, where are my car break-ins, where is my vandalism.
We use CAP index, obviously.
We're looking at some video analytics as well that the merchandising group is actually taking advantage of as far as heat mapping and dwell,
but we're kind of shoehorning into that as well to help us at the micro level, at the store level.
So to your point, it still goes back to establishing what's normal.
The biggest thing is for us, again, it's case management.
It is an associate anonymous tip line that all rolls in the data collection.
A cap index, we shrink results, obviously.
We look at merchandise flow.
Are we growing merchandise at a higher rate in one part of the country than in another part of the country?
Do we have merchandise that is, you know, that sells better?
You know, tile may sell better in some parts of the country than wood.
So outside of that macro level of the store environment,
we'll look at a product line and see where we sell it,
and then within that subset we'll start to look for what are my anomalies,
you know, within that subset for that particular product line.
All of this is pretty much to try to either predict new activity in order to get resources
for the most part.
I mean, if we have, you know, get CapEx and OpEx in the right place so that, you know,
based on our experience, we know that this part of the country, we're going to have more
parking lot break-ins.
So we're probably going to look at more external cameras, more impressions of control, more signage.
If we have slips and falls in this part of the country due to weather,
we're going to start looking at our, you know, build our resources to minimize that ahead of time.
So we've got our own experience to leverage.
We've got industry trade groups.
Again, LPRC to throw them out there again to go out and leverage and hit other retailers and use their experience to try to figure out where it's going to be.
Excellent. Thanks, Tony. Tom, let me go over to you.
With all of the new technology advancements we've seen in the last five to ten years, how do you balance the human side versus technology, specifically with your investigation?
How do you find the right mix of how much human intervention versus technology is used to work that investigation?
It's kind of a feedback.
I mean, if it doesn't work, then I shift.
The one thing that I think we can guarantee is that you can't guarantee anything. There's always a change. There's changes in social engineering that change the way people
think and do things. There's firmware and hardware changes that, you know,
impact how people move through a building or move through a process.
There's software and firmware applications that, you know,
move people up and down a path or direct people along a particular path.
It's never changing.
But, you know, there's times I feel like, you know,
John versus the steam engine.
Nothing to me is going to be able to solve that case
without a successful interview.
I still need somebody, a human,
that understands how people do what they do,
why people do what they do, why people do what they do,
and understands what in that environment, you know,
where are the obstacles in that environment where, you know,
this dishonest cashier or this dishonest associate or this external shoplifter
or ORC group, you know, where are the liabilities?
I still need to camp there.
I've never seen a piece of software yet that stops somebody from walking out the door, sat them down,
got an interview, and got admission.
So until we've come up with either a minority report process
or some systemic way to sit down and talk to somebody and determine why they did what they did
and get that statement, get that admission,
then I still need very competent, intelligent,
and professional humans at the end of that information pipeline.
Thank you very much, Reed. I'll turn it over to you.
Okay, thanks, Tom and Tony.
So this has been excellent, Tony, we're at the end of our
normal broadcast time. And I really, really want to say on behalf of the LPRC, the Crime Science
Podcast team, Kevin Tran, our producer, Tom, me and our esteemed colleague, thanks, Tony,
for coming on here taking the time. I know your time is beyond valuable.
And I think our listeners are going to get a lot out of the challenges and some of the techniques of detecting and investigating internal, particularly internal fraud and theft and what we need to learn from there.
So, again, thank you very much, Tony, for appearing with us today on Crime Science.
Thank you for asking me.
Thank you.
Thanks for listening to the Crime Science Podcast presented by the Loss Prevention Research Council and sponsored by Bosch Security. If you enjoyed today's episode, you can find more Crime Science
episodes and valuable information at lpresearch.org. The content provided in the Crime Science Podcast
is for informational purposes only and is not a substitute for legal, financial, or other advice.
Views expressed by guests of the Crime Science Podcast are those of the authors and do not
reflect the opinions or positions of the Office of Prevention Research Council.