Retail Losses Exceed $50B as Cybersecurity Risks Weigh on LP Executives

WASHINGTON, D.C. — Theft, fraud and losses from other retail “shrink” totaled $50.6 billion in 2018, up from $46.8 billion the year prior as industry security executives described a growing overlap between loss prevention (LP) and cybersecurity efforts, according to the latest National Retail Security Survey released by the National Retail Federation (NRF) and the Univ. of Florida.

“We are seeing dramatic changes in the risks faced by retailers, and loss prevention practices and priorities are evolving to meet those challenges,” NRF Vice President for Loss Prevention Bob Moraca says. “As criminals find new ways to steal, loss prevention teams are finding new ways to stop them. Increasingly, this is a battle focused on technology.”

The report shows shrink averaged 1.38% of sales during 2018, up slightly from 1.33% in 2017, but has held steady around 1.4% over the past few years. With the percentage largely unchanged, the increase in the dollar amount is due primarily to growth in retail sales.

The largest losses per incident came from robberies at an average $2,885.15 (down from $4,237.02 in 2017), followed by employee theft at $1,264.10 (up from $1,203.16), and shoplifting/organized retail crime at $546.67 (up from $543.28). Robberies are comparatively rare, however, while shoplifting/ORC and employee theft together typically account for about two-thirds of shrink each year, with most of the remainder coming from vendor or paperwork errors.

While 43% of those surveyed said the largest increase in fraud is occurring in stores, 30% said it is happening online and 22% said it is coming in multichannel sales, such as those where the purchase is made online but the merchandise is picked up in store.

Of challenges that have grown in priority for LP teams over the past five years, cyber-related incidents are the top issue, according to 68% of those surveyed while 65% also pointed to ecommerce crimes and another 51% cited return fraud, including incidents involving purchases made online but picked up in stores. ORC was cited by 65%, and internal theft by 60%.

A total of 89% said there is increasing overlap between retail LP teams and cybersecurity teams, but only 30% of LP executives said they were regularly involved in cybersecurity issues. Most of the time, LP is brought in after the fact on cyber issues, with 60% saying they are called in for incident response with only 26% involved in threat analysis.

LP executives are preparing for increased involvement in cyber issues, with 62% seeking analytical skills in new hires and 40% seeking cybersecurity skills.

“These are changing times in retail and that means changes in loss prevention,” says Univ. of Florida criminology professor Richard Hollinger. “As always, the challenge is for the honest to stay ahead of the dishonest.”

The survey of 63 LP and asset protection executives from a variety of retail sectors was conducted Feb. 27 through March 29. The study, which is a partnership between Hollinger and NRF and is sponsored by Appriss Retail, was released as LP executives from across the country prepare to meet in Anaheim, Calif., for the annual NRF PROTECT conference, June 11-13.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

Global Security Operations Centers: Trends and Opportunities in 2024 and Beyond

HID Report: Mobile IDs, Multi-Factor Authentication and Sustainability Top Trends

Brivo 2024 Top Global Security Trends Report Highlights AI Growth, Budget Crunches

Research Reveals Key Trends in the Adoption of Visitor Management Solutions