Audit-Based Surveillance: Making Sure Everyone Is Swimming Between The Flags
Casino surveillance departments around the world take different approaches to fighting the battle against internal theft and fraud. It's a constant battle but an inevitable reality in a 24 hour free flowing cash establishment like a casino.
Recently I had the opportunity to sit down with Darrin Hoke, the Surveillance Director at L'auberge du Lac Hotel & Casino, (excuse the French) a beautiful property nestled in the Bayous of Lake Charles, Louisiana. Darrin, a casino veteran of over two decades is a long time lecturer and instructor at the University of Reno Nevada on various surveillance related topics. We both share a passion for casino surveillance and apparently, as I found out, a liking for Lynard Skynard tunes.
Darrin and his team take an audit-based approach to identifying internal theft and fraud. By concentrating on the compliance of internal operational controls and procedures in a structured regular format, they are able to detect red flags that sometimes lead towards the discovery of untoward activity. Here's Darrin's take on it:
W.A. How does the audit-based (AB) process work?
D.H. The concept is based on the idea that Surveillance has the ability to see in from afar. We take the "observable policies and procedures and internal controls and reduce them down to single line questions that can be answered Yes/No or N/A. We then design the audits around a full range of observable activity. The surveillance staff then goes through each question and gives an appropriate answer based upon on what they observed. We then establish a "reasonable standard" of performance and based upon the number of questions that were answered negatively we give them a Pass or Fail rating. Any audit that fails is immediately sent to the shift manager and director of the department audited. We then reaudit the employee within 10 days to see if the corrective ac tion or remedial training has changed the performance. All of this data is retained in the program and allows us to go back and review an employee's audit history or departmental history. We can also measure the results against other traditional financial information such as hold percentages or cost of sales.
W.A. How long does an audit typically last and how many do you do a day?
D.H. We conduct a minimum of 15 audits per day (24 hours) at a minimum of 30 minutes each. In 2007 we conducted over 5800 audits for 10 departments and 40 different positions.
W.A. How do you record the results of your audits?
D.H. In 1997 I came up with a software concept using an Access Database called SAM (Surveillance Audit Manager). In 2007 I partnered with Sam Maggio, President of National Networks and software developer, to re-develop the software in a SQL/ASPX format. The improved version of the software was developed to provide a more robust database and reports utility. This version is very dynamic and gives a broader range of reporting features such as individual reports on performance, shift performance by positions or audit types, etc. In addition to the "real time" benefits SAM also maintains a historical database of all audits that can be researched by several different criteria. The new platform allows for multiple users over a company's intranet with the program residing on a SQL server. The program can also be used over the internet (off site hosting) or on a single PC with a SQL server.
W.A. What about training and getting buy-in from other departments?
D.H. User guidelines and management guidelines were established and management feedback was solicited to provide surveillance with an idea of what information they felt was important to be included in the audit. Surveillance training was very easy as the program was designed to be very uncomplicated and easy to use. Management has responded favorably to the audit process because we provide them an additional tool to help them see what processes work and what processes don't work.
W.A. How has IT been involved with the implementation of the software?
D.H. IT provided the space on the SQL server and the installation of the software. IT also plays a role in updating the employee files.
W.A. What have been the benefits to your organization?
D.H. We have been able to set new standards for performance. We have identified a number of inefficiencies and ineffective procedures. Through this process we have been able to make recommendations to management that have saved the company hundreds of thousands dollars. This process provides management with an extra set of eyes to see how their employees are performing when management isn't standing over their shoulder. Operational staff use these audits to coach team members on performance, training and ultimately disciplinary action. Through their coaching efforts their employees have better technical skills and give better customer service. The side benefit is that this process makes surveillance employees stronger at their job. By learning the different processes of each position they have a better understanding of each area and that makes it easier for them to identify theft or fraud.
W.A. Have you made any big busts as a result of using the software?
D.H. We have caught numerous employees stealing from POS locations, slots and table games. In 2007 our audits lead to 17 employee misconduct terminations, 8 employee arrests (felonies) and 5 external theft arrests among several other identifications of attempted fraud. In addition we were directly responsible for changing several internal controls and policies and procedures including the improvement of our table games drop process, redemption kiosk procedures and card and dice security issues. We have also identified a number of external theft issues as a result of the surveillance staff seeing a procedural vulnerability and catching someone trying to take advantage of it. This program exposes weaknesses in the operation and through forward thinking and we address those weaknesses through these efforts. These efforts minimize our exposures and truly make us proactive.
W.A. Why do you believe the AB approach is better?
D.H. Audit based surveillance is extremely PROACTIVE because the operators are focused on the task at hand and not aimlessly looking around hoping to catch something out of the corner of their eye.
W.A. Are any other properties using the software, is it customizable and is it for sale?
D.H. There are other properties using the software in the original version and the new version. Because the software is so dynamic we can add, create and adjust audits as the industry changes, obsolete questions are still retained to maintain data integrity and then placed into an "inactive" mode. Specialized audits can be easily designed and implemented in a matter of minutes. The software is available for sale and demo through the website www.darkshieldsolutions.com
My 10 cents worth
"Proactive" is often an overused cliché in our business. I've heard definitions ranging from doing a 200 camera walk through in 5 minutes to physically following a suspect into the buffet. Darrin takes his structured approach of pro-activeness one step further. On an annual basis he conducts a comprehensive risk assessment of selected areas within the organization.
The risk assessment is conducted using a combination of operational expertise gained by constantly auditing the target area and reviewing existing audit results compiled in the database.
The model on the right shows the levels of "activeness" that are often obtained within a surveillance operation. It is my belief that all levels should be utilized but all can only be obtained through training, developing the confidence and expertise of your staff of the entire organization and a strong management team that has good rapport with internal customers.
Often when a department relies on only a combination of reactive and random surveillance, many "red flags" are missed. Moving to an audit-based approach quite simply makes sure nothing or no one slips between the gaps. OK, you could argue there's a big gap between each 30 minute audit but I look it like a drug test. If they're doing it, it doesn't go away in the sample.
The other argument against going to audit-based surveillance is time and resources. I can understand this in some of the megaresorts around the world with over 200 gaming tables and high volume play around the clock. It is an R.O.I. issue. Let's do the math:
Basic examples (using fast talking salesman numbers):
From the examples you can see that the biggest considerations are the numbers of staff you would like to target and regularity of audits. If time and resources are an issue maybe you could adjust these metrics to give you a level of comfort and at the end of the year you can assess the R.O.I. Speaking with Darrin, I know the program has paid for itself in more ways than just financial.