24 minute read
INTERVIEWING
Random Lessons from the Room: Part One
Conversations often take strange turns, leading where we never expect them to go. Such a conversation inspired this column discussing the lessons we’ve learned during tens of thousands of interviews. We opened this topic up to our interviewers, so they could also share things that they have learned over the years in the room.
The Truth Often Has Many Versions
The truth can be an elusive thing. Determining the truth can often be problematic even when there may be audiovisual evidence of what happened. Four cameras covered the slide of the runner as the third baseman took the throw and swung his mitt to touch the advancing runner. The umpire was carefully positioned and observed the play calling the runner out. The manager protested the call, and the umpires gathered to review the video evidence of the play. While the play was clearly close, after attempting to tag the runner out the third baseman pursued the runner reinitiating the tag when he reached third base. Immediately the announcers raised questions suggesting the third baseman had actually missed the tag. Depending on the camera angle, there was no independent verification that the umpire had blown the call. The end result—the base runner was out as the play was called.
Sometimes the truth can be altered because of the position of the observer. In this case, the third-base umpire was in the best position to closely examine whether or not the third baseman actually made contact with the runner. Fans who were biased for the runner argued the third baseman’s actions after the attempted tag showed that he believed he had missed touching the runner.
So the truth can change as a result of biases, assumptions, position, or other qualifiers, which might shade even the truthful witness’s testimony. Many times the guilty individual will intentionally shade the truth in an attempt to salvage his self-image or to reduce the seriousness of what he has done.
For the investigator it is often difficult to know with absolute certainty what the real truth might be. Instead, the investigator has to use the physical evidence, witness testimony, or other information to piece together what is the most likely series of events.
by David E. Zulawski, CFI, CFE and Shane G. Sturman, CFI, CPP
Zulawski and Sturman are executives in the investigative and training firm of Wicklander-Zulawski & Associates (w-z.com). Zulawski is a senior partner, and Sturman is president. Sturman is also a member of ASIS International’s Retail Loss Prevention Council. They can be reached at 800-222-7789 or via email at dzulawski@w-z.com and ssturman@w-z.com.
© 2017 Wicklander-Zulawski & Associates, Inc.
Don’t Give Up Your Evidence
Since it can be difficult to tell when people are lying, shading the truth, fabricating events, or just omitting details that may incriminate them, the investigator can use what evidence is available to evaluate the stories, sequence of events, or alibis of the main players.
If the individual was aware of all the information available to the investigator, he could begin to alter his story to match the evidence uncovered during the investigation. However, when the investigator withholds the evidence and allows the individual to tell his story, the evidence can help determine the veracity of the individual. One common problem during conversations with those suspected of wrongdoing is that the investigator contaminates a confession by talking about evidence, alluding to evidence, or using leading questions that infer the correct answer.
Evidence can also be given up by using an incorrect assumptive question to obtain the first admission. For example, if the subject is suspected of creating fraudulent refunds to steal money, many investigators might ask for
continued from page 12 the first admission using this question—“What is the most number of fraudulent refunds you created to take money from the company?”
If one was to use an assumptive question relating directly to the refund, you have indirectly told the subject what is most likely known and where his exposure in the investigation lies. This question may also infer that the investigator does not know about any other forms of cash thefts the employee has participated in. This results in the employee making fewer admissions because he doesn’t believe the investigator knows about the other areas of theft. Had the investigator used an assumptive question that said, “What is the most amount of money that you took from the company in the last year?” This question addresses a broad area of the investigation, which has revealed the employee stole money but not the method used to do so. The employee may now offer an admission to
taking money right out of the register or voiding sales leaving the investigator with his knowledge of the individual using fraudulent refunds to steal cash. The investigator now knows in absolute terms that the employee is lying by omission, and there is additional development of the admission to be done.
In any interview where the individual confirms facts that were not related to him by the investigator, it helps substantiate that the subject is giving a truthful confession.
What Is the Common Denominator?
If there is a problem with the outcome of an interview or a conversation always seems to cause someone to deny, it is most likely going to happen because of something the interviewer is doing or saying that contributes to the problem. The common denominator in multiple interviews is the interviewer, not the subject. What this tells us is the interviewer’s statements or actions must be contributing to these difficulties.
When investigators come to us saying, “I always have this problem,” the first thing we begin to do is look at what the interviewer has done and said up to that event. By examining what came before the problem, we are often able to determine how to correct these difficulties. For many investigators, it’s the problem of developing an admission beyond what was already known from the investigation. With this problem, it’s often the assumptive question that contributes to the lack of development. For example, if an investigator watched an employee steal $20 out of the terminal and put it in the right front pocket, he may choose to ask the individual to remove the money from their pocket immediately. Now the employee knows he is caught but also can surmise that this is the only thing the investigator knows and thus is confident that he can claim that this $20 theft was the only time he had taken money. Had the investigator gone through with the interview and asked the individual, “When was the very first time you took money from the company? It wasn’t your first day on the job was it?” The investigator now has an opportunity to expand the scope of the admission and ultimately develop the admission to a more accurate amount.
Most of the problems in the interview are caused by the interviewer. These problems can vary, but ultimately they are the responsibility of the interviewer. It could be the tone of voice, word usage, strategy, failure to rationalize, or any of a dozen other things the interviewer is doing wrong. If you’re having problems, examine carefully what you’re doing and saying that may be contributing to the problem.
Rarely Catch the Person the Very First Time
For everyone, there will be a very first time that they have done something wrong or committed a crime. However, people tend to fall into patterns of behavior that they can rationalize and justify internally. Also, people become more careless and have less fear of being caught the more often they do something. The very first time a crime is committed, there is a significant emotional and physiological reaction to their fear of detection, but this diminishes as they have success in their crimes.
There are likely to be other indicators that a person is likely to be involved in theft activity. Dissatisfaction, poor workmanship, and frequent absences can all be indications that someone is unhappy in their position and can therefore justify a criminal act. Even in a murder where a husband takes his wife’s life, there are likely to be other actions he took during the relationship that could have contributed to the ultimate death. It would be highly unusual for a spouse to kill their partner unless it was preceded by some form of verbal or physical abuse, infidelity, or some other event that was a precursor to the murder.
Prior to the interview, consider what the individual has done and what other related types of incidents would be of a similar nature. For example, a residential burglar could also easily rationalize a simple theft, shoplifting, or other property crime because they are closely related and likely to provide items that could be converted into cash.
We will continue our discussion of lessons from the room in our next column.
PRODUCT PROTECTION
BENEFIT-DENIAL SOLUTION SAVES MILLIONS IN SMARTPHONE LOSSES
By Garett Seivold, Contributing Writer
Joe, a would-be thief, couldn’t believe his luck. Here was a store willing to hand him a brand new state-of-the-art smartphone with no credit check and a few dollars down. And just two doors away was another retail store—this one advertising that it paid top dollar for smartphones.
The criminal wheels in his mind turned. “Easiest money I’ll ever make,” he thought.
But in the real-world version of this scenario—and it did happen—“Joe” was rebuffed when he tried to turn his rent-to-own cell phone into quick cash. Rent-A-Center had registered the phone’s unique identifiers on a blacklist of sorts, so the companion retailer knew not to process the transaction. This was phase one of a security strategy that Rent-A-Center’s asset protection team devised to protect its rented mobile devices. In short order, the device protection plan the department employed reduced losses by over 50 percent and saved Rent-A-Center millions of dollars.
The Rent-to-Own Model
The primary loss prevention challenge faced by Rent-A-Center is obvious—and built in to its founding business model. Started as Mr. T’s TV Rental in the 1960s, the concept was the brainchild of Ernie Talley, who wanted to give hardworking customers who lacked cash and credit a way to rent merchandise with an option to own it. The company’s rent-to-own model gives people who lack cash and credit immediate access to top brands and products. “We’re not retail; we’re rent-to-own, so our transactions start where most end,” explained Brian Peacock, CCIP, director of asset protection for Rent-A-Center’s US operations. “When you make your first weekly payment of $30, you can be walking out with a $2,000 TV with no credit check.” It’s a model where some measure of loss is clearly unavoidable—and where the ability to control the amount of loss is critical to business success.
From its founding as Rent-A-Center (RAC) in 1986, the company has grown from sixteen stores to approximately 2,600 stores in the United States, Mexico, Canada, and Puerto Rico; employs nearly 21,000 people; and is a leader in an industry that is nearing $7 billion annually. The company earned its reputation by helping people furnish their homes with rent-to-own furniture, appliances, and electronics, but has expanded into computers and mobile devices. It’s in this category that the company started to see problematic losses. “When we entered the mobile space, there was a much higher risk of transaction fraud, and the mobile category saw high losses,” said Peacock.
Not every customer chooses to follow the rent-to-own agreement to its conclusion. Some individuals, for example, decide that they can’t afford it, and others decide they want to upgrade. These cases are no problem for RAC; customers simply bring the item back for a return or an exchange. However, in some cases, customers stop making payments, which typically sparks the company’s recovery process.
“It depends on what state and what jurisdiction the transaction was in, but typically we would pursue it through our legal department,” explained Peacock. “So as long as we did our work on the front end, we could file against
Brian Peacock
Total Past Due Dollars During Roll-Out of DPP on Smartphones, 2015*
Remaining Value Dollars Past Due
30-59 Days Past Due 60 Days Past Due
the customer—for a felony in some jurisdictions—or pursue a civil case.”
Although RAC was doing an effective job at recovery, the expense of getting products back from delinquent customers was significant, especially with its mobile category. “In our general model there is already risk, and we realized that we were going to have to figure out a new approach for smartphones, to prevent people from renting a phone and then selling it to an unsuspecting customer on Craigslist or eBay.”
An Idea Takes Shape
Rent-A-Center’s million-dollar device protection solution originated five years ago in the loss prevention department, which is now branded as asset protection. The LP team was mulling over ways it could protect its rent-to-own computers. One of the ideas was to secure computers with software that could be remotely activated, essentially rendering them “bricks.” The idea to apply a software solution to inventory hit a snag, however, when Aaron’s—using a similar product— was accused of accessing the cameras on customers’ computers. (Issues in the case are still being litigated. In May, the Ninth Circuit Court of Appeals ruled against retailer claims that insurance providers had a duty to defend it in underlying lawsuits.)
The case drew quite a bit of attention in the press and caused RAC to rethink its plan to lock rental laptops. “We had put the idea on pause until we started with mobile and smartphones—at that point we knew we were going to have to figure something out to protect our assets,” said Peacock.
Through leveraging his retail connections, Peacock turned to Recipero, a data aggregator focused on depriving thieves of a safe and ready market for misappropriated mobile devices. The company collects data from a variety of sources, such as theft reports, carrier contracts, and device ownership data, and shares that with law enforcement, insurers, and retailers—with the goal of helping stakeholders identify instances of fraud, for example in the event that a person sells his or her device and then files Benefit denial is one of the core principles of a situational crime prevention approach to security, which is built on the theory that an effective way to deter crime is to make attempts more difficult, more risky, and less rewarding. The strategy’s potential to cut crime is clear—if goods aren’t useable or won’t work unless purchased, then there is no reason for someone to steal them.
an insurance claim, or if a person is attempting to sell a leased device.
By leveraging the power of blacklists under its Stop Loss program, Rent-A-Center was able to make an immediate impact on the losses due to fraudulent resale of rented mobile devices. “We got that initial strategy up and running quickly, and we immediately saw a positive impact,” said Peacock.
That included the real-world case of “Joe.” When he took his just-rented smartphone to a neighboring GameStop, the device showed up on a “don’t purchase” list, and the retailer turned him away. Thwarted, he returned to the RAC store two doors away and returned the phone.
On the backend, RAC gets daily reports with information on which device, when, and where such attempts took place. Within twenty-four hours a notification is sent to operations so that a call can be placed to the customer that had possession of the device and make him or her aware that RAC had knowledge of the attempted transaction.
Old Strategy, New Twist
The idea of curtailing a crime by denying thieves the ability to benefit from the goods they steal is an old one. Recipero’s website highlights a quote from a book on crime reduction dating back to 1800—“Deprive a thief of a safe and ready market for his goods; and he is undone.”
Benefit denial is one of the core principles of a situational crime prevention approach to security, which is built on the theory that an effective way to deter crime is to make attempts more difficult, more risky, and less rewarding. The strategy’s potential to cut crime is clear—if goods aren’t useable or won’t work unless purchased, then there is no reason for someone to steal them. For revenge or out of spite, perhaps, but that’s about it.
The strategy has a history in loss prevention, such as the development in the 1980s of ink or dye tags to protect store apparel. In that use case, illicit removal was designed to ruin the garment, thus reducing the ability for a thief to use it or convert it to cash, according to Read Hayes, PhD, CPP, director of the Loss Prevention Research Council. More contemporary benefit-denial techniques include car stereos that don’t function if
the faceplate is removed and special hotel hangers with small hooks or ball tops that require special racks. “In this low-tech example, benefit denial does not make stealing hangers riskier or more difficult; rather it makes it less rewarding unless the thief steals the rack as well or sells the hangers to other hotels,” according to Hayes.
While “benefit denial is not the total product protection answer for all assets in all places,” Hayes suggests that it is a good fit for today’s retailers, who are under pressure to enhance relationships with shoppers by providing open or self-serve merchandise access. “Benefit-denial technologies hold the promise of much more open selling of even high-value items,” according to Hayes.
This concept—to deny the illicit use of smartphones—was at the foundation of Rent-A-Center’s winning asset protection strategy.
Peacock and his team knew that the technology existed to lock cell phones and began to investigate how they could make it work for them. It was a thought exercise that the asset protection team was practiced at conducting. “We’re not the typical retailer, so the typical loss strategy won’t work for us in 80 to 90 percent of cases,” explained Peacock. “So we’re very used to thinking about how we can take an existing security solution and create a modified version that fits our business.”
In the last few years, the RAC asset protection team has used its unique business model to drive a slate of innovative technology solutions, including use of remote CCTV and business analytics to conduct remote in-stock audits to boost sales. The AP team also has several new projects in development, including the use of ID scanning technology combined with feature-matching biometrics to create a digital identity for customers. These profiles will use multifactor authentication to assist with detecting internal and/or external fraud while approving or declining rent-to-own applications.
While phone-locking technology already existed for corporate devices, the AP team had to do some legwork in order to find a technology partner who could provide technology that would prevent phones from working even after a factory restore and resetting of the device. RAC’s new partner, an endpoint security company called Absolute, began working on the next step—development of the software local stores would install on each smartphone before it was rented.
The whole asset protection project was implemented remarkably fast. In July 2014, RAC launched smartphones in all of its stores. In November, the asset protection team partnered with the largest smartphone data company to register the international mobile equipment identity (IMEI) numbers of all RAC smartphones to protect them from being sold or traded at other major retailers. In April 2015, the RAC asset protection team launched its Device Protection Program (DPP)—the technology-based solution to lock a device in the event it is lost, stolen, or has an expired contract.
Percent of RAC Smartphone Deliveries to Stores with DPP Installed, 2015 Snapshot*
80%
70%
69.37% 71.59% 73.18%
63.14%
60%
50%
53.17%
40%
4/18 4/25 5/2 5/9
Percent with DPP
*As it was critical to RAC’s ROI, metric was tracked weekly during launch 5/16
Rollout and Results
Webinars for every store manager in the country, led by AP and supported by RAC’s mobile training group, was key to a successful roll out of the DPP. Adoption was aided by the fact that the LP program opened up a lucrative product category many stores had shied away from. “They absolutely loved it and couldn’t wait to get it,” said Peacock. “Part of their bonus is based on store profitability, and stores were anxious to rent more smartphones.”
Additionally, the asset protection team, in coordination with the sales and mobile training groups, created a resource manual for store personnel that walked them through the steps of the program, potential scenarios that could arise, and instructions for helping customers understand the program. The manual detailed specific instructions on issues, such as how to install the DPP software onto phones (using a micro USB provided to stores) and how to respond to customers who report that their phones are locked. Written scripts take staff through the correct way to interact with customers in a range of locked-phone scenarios, in the event someone bought a stolen phone or is past due on a payment, for example.
Rent-A-Center’s million-dollar device protection solution originated five years ago in the loss prevention department. The LP team was mulling over ways it could protect its rent-to-own computers. One of the ideas was to secure computers with software that could be remotely activated, essentially rendering them “bricks.”
At the heart of the DPP is RAC’s ability to lock a phone once the software is installed on a smartphone and it is rented. Locking scenarios include: ■ If a smartphone customer is seven-plus days late on his or her payment, AP receives a notice from internal reports and automatically locks the device.
The individual is only able to make emergency calls and receive calls, and a message appears—“This phone has been disabled because the lease agreement has expired. Please contact or visit your Rent-A-Center store to arrange payment or return the device.”
Once payment is received, the customer is provided an unlock code to regain
full use of their smartphone. “On the front end, we let customers know about the technology and that the phone will lock if they go seven days past due,” explained Peacock. “And we let them know that once a phone is paid out, we can remotely remove the software.” ■ If an RAC customer attempts to sell a smartphone to a retail partner, a notification is sent to AP, who then disables the phone until it is recovered or a district manager authorizes the phone to stay on rent. ■ When a customer reports a lost or stolen phone to RAC, AP disables the phone until it is recovered. That capability—that RAC can use the
software to help retrieve a stolen device for customers—has been used as a selling point to customers. In this way, the locking software isn’t strictly viewed as a way to enforce payment. ■ When a store charges off a phone as
“Skip/Stolen” or “Inventory Shortage,”
AP disables the phone until it is recovered.
Once underway, the team anxiously awaited results from the DPP. One area of concern, which didn’t materialize, was that locking phones would cause a significant increase in returns. Instead, when faced with a locked device, most customers simply paid up. “People can’t imagine living without their phones, and we had a dramatic increase in payments,” said Peacock.
From a technical perspective, Peacock said the phone-locking process has been smooth. However, with 180,000 locks placed on smartphones last year, AP is working with the RAC IT team to automate additional aspects of the process.
Perhaps the most important benefit, however, is the fact that most customers don’t put the locking software to the test. When a smartphone has the device protection application installed, it’s 50 percent less likely to go seven or more days
past due compared to devices without the program installed, RAC data show. The 50 percent reduction in past dues equated to a 50 percent reduction in losses for the company. When devices do go past due, more than 60 percent of customers either make a payment or return the device within seventy-two hours of being locked.
Investigations have also benefited from the ability to pull the phone number from the SIM card within the device. This capability has assisted in the successful resolution of numerous internal and external investigations, according to Peacock, for example cross referencing a stolen phone’s number, identifying a suspect, and calling the number to conduct an impromptu interview.
Moving Forward
From deterring theft, reducing loss, and improving collections, RAC’s AP team calculated millions in savings within the first twelve months of the DPP. With those results, it’s no surprise that Peacock, who has spent twenty years in the loss prevention industry, called it “one of the most innovative and rewarding projects I’ve worked on.”
Peacock added that the endeavor was a true team effort, including key players in operations and product service, technical support, and the promotion and sales strategy divisions. RAC was also careful to work with its vendor to develop technology that would have no ability to track devices, locate individuals, take screenshots, or do anything similar that might cause privacy concerns. “Our reach was limited to our goal to secure our
Models
Galaxy Note 2
Galaxy Note 3
Galaxy Note 4
Galaxy S 3
Galaxy S 4
Galaxy S 5
Galaxy S 6
Galaxy S Relay
TOTALS
Remaining Value Protected by DPP
$2,983,084.09
$3,964,737.72
$6,978,358.74
$206,942.04
$1,480,591.31
$7,807,539.42
$4,756,273.32
$3,899.63
$29,303,752.06 Percent Protected
76.03%
85.53%
74.19%
49.03%
79.10%
84.34%
93.39%
9.77%
81.02%
From deterring theft, reducing loss, and improving collections, RAC’s AP team calculated millions in savings within the first twelve months of the DPP. With those results, it’s no surprise that Peacock, who has spent twenty years in the loss prevention industry, called it “one of the most innovative and rewarding projects I’ve worked on.”
assets until recovered or a payment is collected,” said Peacock.
As for advice for his industry peers, Peacock said he’s seen the value of making things simple and had to know that after the first webinar introducing the DPP that the stores would get it and love it. “My new motto is if it needs instructions, then it is probably too difficult to execute,” said Peacock.
Somewhat related, Peacock said the project taught him the benefit of taking responsibilities and pressures off stores by creating an enterprise solution that transfers work load to a central office, in this case the RAC Field Support Center. “Our program had a high success rate because we did not depend on 2,400 store managers to identify devices that needed to be locked. We took care of that for them,” said Peacock. The Field Support Center also supplied a centralized tool to quickly provide information about locked phones, including the passcode needed to unlock devices, he added.
Peacock understands that the millions saved in year one is likely the program’s high watermark. As awareness grows among scofflaws and deadbeats, fewer are likely to rent phones with the intention to steal. But while savings from the DPP on smartphones levels out, the RAC asset protection team is already taking aim at its next target—laptop computers and tablets and, eventually, game systems and televisions. “The technology isn’t quite there yet, but the opportunity is definitely there,” said Peacock, anxiously looking forward to his AP team’s next million-dollar victory.
GARETT SEIVOLD is a journalist who has covered corporate security for nearly twenty years. He has been recognized for outstanding writing, investigative reporting, and instructional journalism. He has authored dozens of survey-based research reports and best-practice manuals on security-related topics. Seivold can be reached at GarettS@LPportal.com.
STOPPING BAD GUYS STARTS WITH GOOD DATA
COMBATING CRIME IS COSTLY, BUT IMPROPERLY ASSESSING CRIME RISK CAN BE DEADLY.
With data from CAP Index®, retailers can quickly and accurately identify crime risk levels for all stores across their brand and pinpoint those that are most at risk for violent crime. CAP’s crime risk intelligence enables retailers to reduce an array of crime and loss.
Learn how to OUTSMART CRIME® today. capindex.com 800-227-7475
