Call us on 0800 953 0023

BRC guidelines help protect businesses from insider threat

In a bid to help retailers of all sizes protect themselves against malicious activity from inside their organisation, the British Retail Consortium (BRC) has published a set of guidelines.

The Insider Threat Guidelines lay out a series of simple steps that strive to ensure retail businesses are better placed to identify indicators of high-risk behaviour and consider what physical and cyber security measures they should have in place.

According to a survey published by the industry body, the cost of crime in the UK retail sector increased 18 per cent last year, with shoplifting, fraud and cybercrime reaching their highest levels since records began a decade ago.

The BRC hopes that the new guidelines will help to reduce such figures by stressing the importance of security controls to retail businesses across the country.

Tom Ironside, director of business and regulation at the BRC, said: "Security is often approached in terms of protection against external threats. Whilst the vast majority of employees are honest, retailers also need to think about where they may be vulnerable to malicious activity by those with inside access to their business.

"Whether this is theft of stock, complex fraud or a cyber data breach, businesses must be alert to such potential threats from within. The impact of an insider incident can be significant, resulting in damage to the organisation's reputation and staff morale, as well as financial loss."

A robust approach to security

Many businesses put security measures in place that help to protect against external threats. However, many of these do not prevent malicious activity by staff themselves. It is important, therefore, for businesses to implement well-established physical security procedures that work to reduce the risk of internal threats, such as employee theft and fraud.

The BRC guidelines recommend that security staff and loss prevention teams are provided with training that enables them to detect, respond to and prevent insider - as well as external - threats.

To help reduce the rate of theft, retailers are advised to provide employees with lockers in staff-only areas. This will give staff a place to store their bags, purses and other personal items. Routine locker inspections should also be randomly carried out, with staff being made aware that these will take place.

CCTV is another factor included in the BRC's guidelines, with the body informing businesses to ensure they have good CCTV monitoring in place. While most retailers will already use some form of CCTV, they are advised to make sure it provides good coverage of the shop floor and high-quality images.

What's more, the BRC advises businesses to integrate point-of-sale software solutions with CCTV, meaning they will be able to link any suspicious transactions at the till to corresponding CCTV footage.

Policies surrounding till operation and cash handling by staff should also be established. For example, it is recommended that tills are emptied and checked regularly by employees who are at supervisor level. Retailers should also clearly outline rules about how purchases by friends and family are processed to reduce the number of employees giving discounts or free goods.

Other recommendations proposed in the BRC's guidelines include conducting regular stock inventories and property audits, ensuring confidential paperwork is protected and stored appropriately, and having a dedicated staff entrance with employees wearing security passes at all times.


Posted by Andrew Miller

Image courtesy of iStock

Get a quote

Get a Free Quote

required *