Skip to content

Illustration by Security Management; iStock

Hello Sweetheart: Internal Theft Sours Retail Relationships

It’s a tale as old as time—or at least as old as brick-and-mortar retail stores. Employers saw the demand for their goods growing and knew they needed to keep up, so they hired more staff. But some of those employees would be caught stealing, and the relationship would sour. Cue the sad breakup music.

Internal theft—whether in the form of taking cash or goods—is only one aspect of shrink, the industry term for missing merchandise, measured as a percentage of sales. In retail, shrink can be attributed to employee theft as well as external thieves (for example, shoplifters), systemic errors, fraud, and damage.

In the latest annual study of U.S. retailers by the National Retail Federation (NRF), the average shrink rate in 2022 increased to 1.6 percent from the previous year’s rate of 1.4 percent. However, the 1.6 percent matches rates from both 2020 and 2019. “When taken as a percentage of total retail sales in 2022, that shrink represents $112.1 billion in losses,” according to the NRF. In 2021, the losses were estimated at $93.9 billion.

Although specific rates vary depending on the retail sector, the overall estimate is that theft contributes to 65 percent of U.S. retailers’ shrink rates.

While media reports have honed in on brazen and sometimes violent forms of external theft, internal threats to a company’s bottom line remain a priority for retailers. Of the respondents to the NRF’s 2023 Retail Security Survey, 48.5 percent said that employee theft was more of a priority for 2023 than in 2022. The numbers back up that concern.

“External theft…accounted for an average of 36 percent of total loss. Internal (employee) theft reported in at 29 percent of shrink loss,” according to the survey.

Other reports also indicated an increase in concern about insider thieves, such as the 35th Annual Retail Theft Survey conducted by Jack L. Hayes International. Respondents to this survey reported apprehending 44,834 dishonest employees in 2022, an 18 percent increase from 2021.

Most of these respondents said they noticed an increase in their shrink rates in 2022. But these retailers also said that the amount of money recovered from internal thieves (more than $50 million) increased by 14.7 percent in 2022.

The Methods and Motivations of Employee Theft

The term internal theft can cover a range of sins—from cash theft to feeding information to an external thief to actively stealing or helping others steal merchandise. It’s worth noting that internal theft is not solely limited to frontline employees, and that theft can also present as embezzlement or the selling of proprietary information.

Employees who choose to steal have incredible access to a store’s merchandise, plus awareness of, or even some control over, security measures that stores have in place. This level of access and knowledge creates opportunities for employees to steal or collaborate with external thieves, amounting to a greater loss for stores when compared to external thieves operating without insider assistance.

Where internal theft is concerned, “Typically, employers will see dollar losses much greater than they would experience from a shoplifter,” notes Alan Greggo, CPP. Greggo is a regional operations manager in comprehensive risk management for Pinkerton Consulting and Investigations, with previous experience in retail asset protection.

“According to the Association of Certified Fraud Examiners, research has shown the higher up the organization the perpetrator is, the higher the loss potential,” Greggo says. While a cashier or sales floor associate has access to cash and merchandise, it would take an entry-level dishonest employee years of successful, regular theft to rack up the thousands or hundreds of thousands of dollars that a chief financial officer could embezzle in one incident.

However, the sheer volume of smaller thefts at the front line can add up for retailers. The average dollar loss reported by NRF survey respondents for an internal theft was an estimated $2,180 per investigated incident in 2022, similar to the two previous years. That number drops a bit among those responding to the Jack L. Hayes study, where the average dollar amount stolen in incidents involving internal theft in 2022 was $1,136.93—representing a 2.8 percent decrease from 2021.

Overall, the National Retail Federation estimates that theft is responsible for 65 percent of U.S. retailers’ shrink rates.

The reasons for an employee to steal vary, and they can include rationalized retaliation, greed, need, revenge, external pressures, and temptation.

“For instance, a manager is intimidating or harassing in treatment to their employee,” leading an employee to feel justified in stealing as compensation for that manager’s behavior, Greggo says. “Another reason employees steal is out of need for more money. If they feel they are underpaid or wages and benefits they are owed are not being paid to them, theft could be a way to get revenge. Some employees may steal to support gambling or drug problems. Others are just tempted with the latest fashion or tech gadget that they must have but can’t afford.”

For some employees, theft might not have been a consideration until they witness someone else successfully walking out the door with merchandise that was not paid for. If no one approaches the shoplifter or thief, it appears there are no consequences for the crime, especially if no one is actually reviewing the surveillance footage.

Employers should watch for indications that an employee may be involved in some kind of theft. Greggo highlights certain signs of dishonesty: a notable reduction in performance, poor attitude, interpersonal issues with supervisors or peers, and open disgruntlement with the job or management. Other dishonest employees might write or brag about imminent thefts or hostile acts on social media or to other coworkers, or they may avoid taking time off.

Culture clashes are also at play. As with other insider threats, when employees feel that their employer’s priorities differ from their own, they may rationalize damaging the company.

Some warning signs could have been lurking even before a store hired a future thief, says Landon Winklevoss, vice president for intelligence advisory and legal relationships and cofounder of Nisos, a managed threat intelligence business. Winklevoss says that employees who steal may have a connection to any external thieves they coordinate with, whether family member or friend.

That existing connection can test the loyalty of the employee, even if he or she was not contemplating theft when hired. It can come down to who an employee feels more loyal to—an employer or a personal connection, according to Winklevoss. If the employer or a supervisor has seemingly wronged the employee, stealing from the workplace can become more appealing.

“It’s a pretty easy sell when your family and friends around you...are involved in a criminal enterprise of criminal conspiracy. That’s pretty easy recruiting grounds,” Winklevoss says.

And external thieves, including ones connected to organized retail crime (ORC) groups, are recruiting, looking for employees who are willing to either steal directly or provide information on a store’s patterns—from when new shipments come in, to how many security guards are working various shifts, to other security or store protocols. Along with cash and merchandise theft and refund fraud, passing off store goods to friends or other non-employees was one of the top reported methods of internal theft, according to the NRF.

When it comes to trying to prevent or interfere with internal theft, employers have a few options for dealing with an existing problem.

Honest employees can be an excellent source of information about suspicious behavior. Greggo recommends creating channels that employees can use to anonymously report thefts or other ethical issues. Retailers can also offer rewards for when a tip results in a successful apprehension or recovery.

On the technical end, video surveillance systems and access control features should be maintained and even integrated with other points of vulnerability in the store. For example, surveillance cameras can be integrated with point-of-sale (POS) systems to monitor checkout lanes and flag anomalous or high-risk behavior, such as when too many items are voided during a single transaction or on an individual’s shift.

“Camera surveillance systems should be connected to intelligent and AI integrated software to allow for quick searches that show an incident,” Greggo says. For sites using surveillance software, like a video management system, that also offer additional or third-party apps, certain ones can be especially helpful. For example, license plate recognition analytics can analyze feed from external cameras, thereby alerting security and store management to the presence of a car that was previously liked to a violent incident, a known shoplifter, or a disgruntled employee.

“Some businesses install cameras, record everything, and then never look at it until an incident occurs. That is not being proactive,” Greggo says.

Nisos’s Winklevoss doubts that even the larger big-box retailers would have the resources to task someone with continuously monitoring surveillance feeds.

To take some theft detection and intervention responsibility off sales floor associates, Greggo recommends regularly reviewing security footage, with analysts checking for anomalies. “It does cost more to devote analysts to use the software and train them properly, but it’s worth it in the end,” he says.

Feedback Loop: Changing Culture to Reward Employee Honesty

The hiring process can be a noteworthy tripwire in loss prevention efforts, especially during a hiring rush to prepare for greater sales and more inventory. As retailers expected a record-breaking year in 2023 holiday sales, the NRF estimated that stores would hire between 345,000 and 450,000 seasonal workers—comparable to the roughly 391,000 seasonal workers that were hired in 2022. Early, behavioral warning signs may not apply if the new employee is an unknown entity or has been planning to steal from the moment he or she applied for the job.

Hiring personnel should consider any red flags in an employment application, such as gaps in employment. A standard background check can identify issues that flag an applicant as a potential insider threat—issues are worth asking about in the subsequent interview.

However, Winklevoss cautions that background checks only go so far. For example, they may not show that the applicant has a previous relationship with either a person or group suspected of being involved in theft or an ORC group.  

To discover trends, security gaps, and cultural challenges, it’s worth looking at why a previous relationship soured between a larcenous employee and the store. Figuring out what went wrong in a previous instance can help a store and its security leaders to prevent the issue from recurring and to create more successful relationships with other employees.

Creating and maintaining a culture that prioritizes a good work environment can keep honest employees from turning into bad apples.

“Often [theft occurs] in retaliation for poor treatment or promises that were not kept,” Greggo says, noting that creating a culture that values employees and treats them fairly should start at the top. “Just as important is to treat employees well and pay them what they are worth. When hiring new employees, don’t make promises that can’t be kept. Consider training corporate leadership on how to lead versus manage their people,” he adds.

Security professionals may have an easier time promoting a positive workplace culture to the C-suite if it is seen as supportive of financial goals, such as shareholder values, according to Winklevoss. When the focus is on taking care of the workforce along with selling a good product, “shareholder value is going to take care of itself,” he says. “Culture eats strategy for lunch every day.”

Creating and maintaining a culture that prioritizes a good work environment—along with competitive pay—can keep honest employees from turning into bad apples. If a sales associate understands that his or her honest efforts are recognized and sees that the company adheres to ethical standards, it’s harder to rationalize theft, even if he or she witnesses external or internal thieves seemingly getting away with the crime.

Cultivating loyalty in workers can also go a long way, especially if companies and employers focus on creating a work environment that respects and listens to employees, as well as offering opportunities for career development. Other ways to foster loyalty include competitive salary and benefits packages as well as educational opportunities or support, or enabling other ways an employee can improve his or her life.

“That loyalty is going to usually trump any type of insider behavior. It’s when corporations look to take advantage of the rank and file where corporations open themselves up to mass theft,” Winklevoss says.

To this end, experts recommend investing in training and awareness programs for all employees, focusing both on loss prevention and the company’s ethical and compliance expectations. Along with training, companies can post notices about compliance, ethics, and more in employee areas. Similarly, new-hire orientations should include a statement on the CEO’s commitment to ethical behavior and integrity in the workplace.

These efforts can pay off down the road, offering loyal employees a path to reporting suspicions about a potentially dishonest coworker. For example, a cashier reports noticing that a new employee is always lingering around the store for an hour after his shift has ended or that he has a side hustle as an online seller but is using a different name online. An asset protection and loss prevention specialist can then review information gathered during the hiring interviews and begin looking into the new employee's public online activities to determine the likelihood that he or she has or will soon steal from the store. Without those honest employees, identifying internal theft may take longer.

Other anti-insider theft investments include control measures (compliance audits, bag checks, unannounced sales verifications); POS controls that require more than one person to verify certain actions; and opening and closing rules that require at least two associates to be present.

Communicating to employees that these measures support the company’s ethical efforts, safety initiatives, and overall culture can help create advocates for the store and discourage dishonest or unsafe behavior.


Sara Mosqueda is associate editor for Security Management. You can connect with her on LinkedIn or on X, @XimenaWrites.