Hedging Your Bets: 4 Security Lessons from the Casino Industry

The casino industry may seem a world apart from most businesses; after all, most enterprises aren’t 24-hour, windowless operations filled with tourists and high rollers.  But one thing all businesses have in common is the need to prevent fraud, and casino operators are experts at that.  Casinos arguably attract more fraudsters than any other industry, but any business is vulnerable on some level.  Here are a few lessons from the pros that can apply to nearly any business or organization.

High-Tech/Low-Tech: A casino needs to be on guard for everything from sophisticated electronic hacks used to ‘fool’ slot machines into more frequent payouts to a patron slipping a bet onto the craps table after the dice have been tossed.  A combination of experienced security personnel, video surveillance and data analysis helps to reveal irregularities, giving them the upper hand (pun intended) against potential fraud.

In other industries, video surveillance may be appropriate to protect physical inventory or to monitor employees with access to cash.  The technology for security video has grown by leaps and bounds, even as costs have declined.  A low-cost system can allow a business owner to keep tabs on video feeds from where he or she may be, even on a smartphone.  And while prevention is always best, video evidence can assist in a prosecution should it become necessary.

Even more useful to the typical business is data analysis, which need not be as complicated as it sounds.  Regular review of banking and other financial statements, done by someone other than the person writing the checks, can reveal irregularities.

From within/From without: Casinos have to deal with the dual threat of not only the visitor looking to defraud the system, but employees with access to point-of-sale systems who might be tempted to pocket the money paid for a “comped” meal or a bogus room upgrade.

The typical organization is much more likely to be defrauded by an employee than an outsider, but any enterprise doing business online is a potential target for external fraud.  IT security measures should be regularly reviewed and updated.

And as to the employee seeking to defraud their employer, the best defense is a system of checks and balances that divides the responsibilities: for example, a policy stating that checks above a certain amount must be signed by two employees, and that all checks presented for signature are accompanied by an invoice or other supporting documentation.

Access: A recurring dilemma in the casino industry is how much access a frontline employee should be granted, for example: should a desk clerk be privy to the necessary code to comp a room for a patron?  Best security practices would dictate that only a manager should have that information, but a manager may be spread too thin to respond promptly to customer needs.  Every industry has similar tradeoffs, and striking the appropriate balance between security and a smooth-running, customer-friendly operation involves careful analysis.

Start small: Most businesses don’t have the security budget of a multi-billion dollar casino.  The good news is that most businesses don’t need to.  The best procedure is to set a plan in place that implements safeguards one at a time on a specific timeline.  As each successive step is implemented the previous measures should be reviewed to be certain they’re having a positive impact on security without hampering the responsiveness of business operations.

For any questions, please contact Salmon Sims Thomas.