Protecting Payday: How Commercial Banks Enhance Robbery Deterrence and Investigations
Before working his way up to the role of vice president, office services and security, Robert Ross started his career with Gate City Bank the way many get their foot in the door of the banking industry: as a teller.
Gate City Bank has 45 bank branches in the U.S. states of Minnesota and North Dakota, serving customers for more than 100 years and managing assets valued at $3.6 billion.
Ross was hired in 2013, shortly after a bank robbery. An individual had come into the bank and to the front of the teller line, where they said they had a weapon and demanded money from the teller.
“Right off the bat, Gate City Bank was very focused on making sure the team members felt comfortable with the situation and were provided resources for everybody,” recalls Ross, who is also a member of the ASIS International Banking and Finance Community Steering Committee and the CSO Center.
Since then, Ross has advanced in the organization and is now focused on security with responsibility for all physical security forms, including access control, cameras, training, alarm systems, and liaising with law enforcement. He’s also overseen the response to three robberies that have happened at the bank’s branches—including one where he was the direct contact for the bank during the investigation.
“We try to do whatever we can to create prevention for robberies and incidents, but we build our systems with the expectations that it is going to happen—with the hope that it never does,” Ross says.
Understanding Bank Robberies
There were 1,740 reported incidents of robbery, burglary, and larceny targeting financial institutions in the United States in 2022, according to the FBI’s most recent data.
Of these incidents, 1,415 were robberies at commercial banks. In most of these cases (1,557), perpetrators approached the bank counter and used a demand note (1,028 cases) to get the teller on duty to hand over cash from his or her drawer.
This is the primary method that bank robbers use when stealing from a commercial bank, says Adam M. Hoogland, unit chief, Violent Crime Unit, FBI’s Criminal Investigative Division. Prior to his current role, Hoogland worked bank robberies out of the Bureau’s Chicago field office—one of the top five offices in the United States for investigating bank crime.
Hoogland credits Chicago’s presence on the list possibly to the opportunity available and the wide swath of suburbs in the Chicago area—approximately 6 million people in more than 300 suburbs and a large city—where there are lots of banks and a highway system nearby. There’s also the anonymity that comes with working in a large, metropolitan area.
“I think with a larger city, you get people who are unknown to people,” Hoogland adds. “Like you go to a rural area where we have very few bank robbers, everyone knows who you are. It’s harder to commit a crime like that.”
We build our systems with the expectations that it is going to happen—with the hope that it never does.
Commercial banks are the most targeted because they are the everyday bank that you see on the street with doors open to the public, Hoogland explains.
“Bank robbery typically is an opportunistic crime,” he adds. “There is some planning by some bank robbers, but I found a lot of bank robbers over the years are just in need of some money for something for whatever reason. They’re down on their luck. They’re drug users. There’s some other thing going on in their life. It’s an opportunity to make a little bit of quick money.
“Typically, a lot of the bank robbers who are not repeat offenders don’t even realize it’s a federal crime until they’re caught,” Hoogland continues.
And approaching the teller is simply the most obvious choice for where to go in the bank itself to get direct and fast access to cash.
“Most bank robbers want to be in and out, and don’t want to be seen,” Hoogland adds. “They’re going to take the easiest path possible to get the money. They know the longer they’re in the bank, the more eyes that are on them, the response time of police if an alarm is tripped, so they want to be in and out as quick as they can.”
Robberies are also changing with the times. Back when people were paid by physical checks that needed to be cashed or deposited at a commercial bank, there was a slight increase in robberies happening on Friday paydays. But currently, Hoogland says there’s no trend data that makes a certain day more likely than another for a robbery to occur.
While the 2022 numbers might seem high, they reflect a significant decrease in bank robberies following the COVID-19 pandemic that Hoogland says is likely to continue.
Back in 2016, for instance, there were nearly 4,400 reported bank robberies which decreased to around 2,600 in 2019 before continuing their descent. Hoogland credits this in part to bank branches closing their lobbies as part of the initial pandemic response—limiting the ability for opportunistic crime at open banks.
Additional security measures being implemented may also play a role in deterring bank crime.
“There’s a lot of cameras out there, everywhere—not just in the bank,” Hoogland adds. “Whether your license plate is seen by someone just with a cell phone or a Ring camera a block away, there are a lot of opportunities to be caught.”
In some instances, this might be pushing criminals to focus on bank crime that can be accomplished outside of branch locations—such as targeting ATMs or even customers after they withdraw cash from the bank.
Hoogland highlights a recent rise in jugging—where customers withdraw money from an ATM and are then robbed.
“Once that money is out of the ATM, once it’s in a private citizen’s hands, it’s not a federal crime,” he explains. “We certainly do work with our partners to help them with what they can do to keep their customers safe and work on security measures. But it isn’t a federal crime because the money is no longer in the care of custody control or management of the bank.”
Security Requirements
Understanding the current state of U.S. bank security requires a history lesson. After the 1929 stock market crash, the Great Depression, and the closure of numerous banks caused Americans to lose millions in personal savings, the U.S. Congress created the Federal Deposit Insurance Corporation (FDIC) in 1933.
The FDIC acts as a federal backstop, insuring deposits up to $250,000 per depositor, per FDIC-insured bank, for each account ownership category. To be FDIC members, however, banks must meet certain security requirements.
They must designate a security officer with the authority to develop and administer a written security program for each banking office. The program has to establish procedures for opening and closing business locations, and for safekeeping currency, negotiable securities, and other valuables at all times.
Additionally, the program must have procedures to identify people who commit crimes against the institution and to preserve evidence to aid in identification and prosecution. These procedures include retaining records of robberies, burglaries, and larcenies; maintaining a camera system that records activity in the bank; and using identification devices, such as prerecorded serial-numbered bills or chemical and electronic devices that can identify stolen money or the people who handled it.
The security program must include training of officers and employees for their responsibilities under the security program, as well as employee conduct during and after a robbery, burglary, or larceny.
Finally, the program must provide for selecting, testing, operating, and maintaining appropriate security devices, such as:
- A means to protect cash or liquid assets—like a vault or safe
- A lighting system to illuminate during darkness hours and the area around the vault if visible from outside the banking office
- An alarm system or similar device to notify law enforcement of an attempted or perpetrated robbery or burglary
- Tamper resistant locks on exterior doors and windows that may be opened
- Other devices as appropriate
Along with meeting those security requirements, there are other steps organizations can take to deter robbery attempts.
At Gate City, for instance, Ross says they focus on CPTED principles—having open sight lines, windows that are available for team members to see out of, ensuring branches are well lit, and having a general state of cleanliness to demonstrate that this is a “well-maintained and monitored space.” Gate City also utilizes some cameras that can easily be seen as a form of deterrence.
The other major area of focus is training with an emphasis on customer service. One of the most important things staff can do is be actively focused on who is coming in and out of the bank, and talking to everyone who enters the branch.
“All of our team members from a customer perspective and sales perspective are taught to say ‘hi’ to everybody that comes in, and to look at the person, talk to them, and make sure that they know that that person has been noted—that we’re ready to see them in a moment,” Ross says. “Actively communicate with them as if they’re waiting, and that you’re watching them. Not only is that customer service, but that’s also specifically trained from a security perspective, too.”
Gate City also conducts social engineering penetration testing, where someone impersonates another individual to see how far they can get into the bank. This is done along with annual training and quarterly training, which covers bank robberies, acts of violence in the office, and even weather safety, Ross says.
“Then team members are supposed to have a quarterly huddle to discuss active deterrence and robbery processes within their team, to go over those so that they’re always at the forefront of the mind,” he adds.
Banks don’t need to go it alone, however. Most FBI field offices in the United States have a bank robbery coordinator, who is available to banking security practitioners and will come out to branch locations to provide a bank robbery presentation to the security team.
This presentation meets the FDIC’s requirement for security training, Hoogland explains, and it can also help branches get guidance on more specific issues and procedures—including a checklist of best practices to follow when a bank robbery happens. This can include ensuring the robber is outside after an incident, then locking the doors, calling 911, and explaining what happened to the dispatcher.
“Make sure you preserve any evidence—if you can,” Hoogland adds. “If the person left behind a bank robbery demand note, make sure you don’t touch it. Place a piece of paper over it so that it’s not touched by other people.”
It’s also important to be a good witness. Try to commit to memory what the robbers did, what kind of car they arrived in or fled the scene with, their physical attributes (height, race, clothing, or mannerisms), he says.
“Then we talk specifically with the security professionals about maintaining their equipment,” Hoogland says, adding that questions range from the type of cameras in use, to testing of the cameras, to how the surveillance system is powered, where the footage goes, and how to determine what solutions are best for that branch.
“It’s a business after all. We don’t dictate what they do, but we certainly do have suggestions of how they can maintain their cameras, their security, points of ingress and egress into the building,” Hoogland adds.
Camera systems can play a vital role in capturing digital evidence of an individual committing a crime, as well as for imagery pushed out to alert others in the area.
At one of the most recent robberies of a Gate City Bank location in the mid-2010s, for instance, Ross says that the robber came in, slid a note to a team member, took roughly $7,000 to $8,000 in cash, and fled. The person was a serial robber who was moving across state lines.
Gate City had installed March Networks cameras 8000 series in 2014 and was using 2- to 4-megapixel cameras across its branch locations. These helped the bank capture high-quality images of the robber, which were used to identify the suspect and arrest him in Florida.
When a Robbery Happens
If someone robs a bank in the Gate City system, Ross will get a call about the incident and the team goes into what he dubs crisis committee mode.
“Pretty much just drop everything, and whoever can be there boots-on-the-ground first, try to get there,” he adds. “Within about 5, 10 minutes, we are calling [the branch] to verify that everybody’s safe, secure, and that the building’s locked. And then we’re calling our security company.”
Gate City has a contract with Securitas and uses its electronics solution to verify that its monitoring systems are active and that police have been dispatched to the affected location.
Meanwhile, Ross is typically driving to the location from his base in Fargo, North Dakota, and has tasked one of his colleagues with putting a log together of previous robberies or larcenies and how the bank responded. This helps serve as a reminder of what the procedure is, so people make fewer mistakes or skip fewer steps in the heat of the moment.
Another colleague is then responsible for maintaining a timeline. This person logs all calls made internally, all meetings in response to the incident, and what was said during those discussions and by whom.
Once Ross arrives at the scene, he checks in with the team members there, “see how they’re doing and then also make sure that they know that HR is available, and provide them with the crisis care number,” he says.
“I usually give them a few moments after that initial conversation, and then meet with the police officer, or whomever has been assigned that case and is working it,” Ross continues. “Then, from there, we sit down, and I typically start pulling footage for them, give them video clips, start getting those rendered, and then also get screenshots made for them right off the bat on site, if needed. We get those started to be distributed within about 10, 15 minutes.”
Then, the police take the lead, and Ross steps back to act as the liaison for the bank—answering questions and being available while law enforcement interviews the team members, assesses opportunities for fingerprints, and obtains any additional evidence.
After law enforcement is done, Gate City will close the branch for the rest of the day.
“I’m then on the phone with our security company asking them to come back to the office for an emergency visit to review all of our alarms and to make sure everything’s reset properly,” Ross adds.
After the first 24 hours, Ross typically sits down with his account executive from Securitas to do a full review of the incident using video surveillance footage. They assess how the incident was handled, if there were any missteps, if more camera coverage is necessary, and if the response time was appropriate. Ross will also inform the branch team of the findings of the analysis, including explaining any additional security measures that might be implemented in response.
He also puts out a notice across the bank system about what happened with photos and descriptions of the suspects, so team members are prepared should those individuals attempt to enter another Gate City location.
“Then we also watch the Interstate corridors, because that’s typically the ones that will get hit,” Ross says. “The person will use the Interstate to get out of the location. Then we’ll watch those areas, too, and put more emphasis on having them be on a heightened sense of alertness.”
Meanwhile, Ross will continue to work with the police and ultimately the FBI—which will take over the investigation since bank robbery is a federal crime in the United States. If the perpetrator is caught, the bank will provide information on the funds to be returned and assist to see that person arrested and charged, Ross says.
Widening the Net
To keep banking security practitioners ahead of criminal actors who may be working in a specific area, the FBI issues regular bank robbery alerts. Hoogland says the Bureau also works closely with the American Bankers Association and the National Armored Car Association—attending annual trainings and events.
“We write situational informational reports that we share with our local partners and security professionals,” Hoogland adds. “We have a wanted poster program where we put out wanted posters to not only the local [police departments] but a lot of the banks in the area. If we know someone’s hitting a certain area, we’ll have them posted in other banks.”
Most bank robbers want to be in and out, and don’t want to be seen.
The FBI also maintains the Unknown Bank Robbers website—bankrobbers.fbi.gov—where it puts out information about individuals who have robbed or attempted to rob a bank, asking for tips.
This two-way information sharing is important because the FBI has the ability to link criminal acts and actors together. Bank robbery coordinators in various offices might be discussing their work and realize that the same person is hitting bank branches in all three of their jurisdictions and act to apprehend that person—a capability that local law enforcement does not always have the resources for.
Hoogland also says that the public plays an important role in catching bank robbers by providing tips, which may turn into leads and ultimately arrests.
“We rely on those tips heavily—especially the serial bank robbers who might hit four, five, or six times,” he explains. “The communities they’re hitting in, someone from that community is going to recognize the person.”
Security personnel at other organizations where criminals might attempt to use the money they stole from a bank can also play a key role in apprehension.
For instance, Hoogland recalls one case where a man wore a mask and gloves to rob a bank. There was a dye pack in the money, however, which stained the bills.
“He went around different casinos and was spending the money, trying to launder the money through the slot machines,” Hoogland says. “We caught him that way through cameras at three different slot machines, putting the money in, and we went to trial.
“We had a case with circumstantial evidence only, no physical IDs were ever made on him. He ended up getting 17 years in jail after a conviction at trial.”
Lasting Support
In instances where bank robbers are caught and convicted for their crimes, the people who were often working at the branch that was targeted will continue to go back to the scene of the crime.
Ross makes a point to be onsite after the initial shock of a robbery is over to communicate that the bank has resources to help staff.
“It’s our opportunity to do that personal check-in for those team members,” he explains. “We have that opportunity to talk to the team members, to go back to them, and then also show that we have a show of force there. That we are on site, making sure that everything is safe for them and that we’re taking care of them.”
It’s important that these employees feel safe and supported by not just their immediate team members, but leadership as well who are often responsible for approving security purchases, training resources, and staffing measures.
“The people that have had those situations happen to them are never the same. It is a traumatic event, and it will always be with them,” Ross says. “Whatever I can do to make it so we can have it happen as seldom as possible, and to also help if—and when—it does happen with the recovery, I will do everything in my power to make sure that happens.”
Megan Gates is senior editor at Security Management. Connect with her at [email protected] or on LinkedIn.