Cracking security at land-based casinos


cracking security
and-based casino security is about so much more than just "randomly staring into cameras", which is just as well, considering the wide array of threats that venues are currently facing, from active shooters to fraudulent credit cards

Honoria Hebert, director of regulatory compliance, L’Auberge Lake Charles Casino Resort
Derk Boss, security and surveillance consultant

A panel of casino security, surveillance and compliance specialists were on hand at G2E Vegas to offer insight on the most pertinent issues currently facing the sector. Gambling Insider was there too, and presents the following summary of the discussion, which was led by moderator Darrin Hoke.

What are some of the things that you’re seeing on the compliance side that surveillance has been able to assist you with, or vice versa?
HH: One of the hot topics for us in compliance is Title 31 and suspicious activity reporting. Just a few years ago Title 31 was really record keeping – surveillance people were the last people to want to hear anything about that. Things have truly evolved since then – the record keeping component is just a small component.

When I have a guest who’s visiting and I have filed three or four suspicious activity reports during the course of the year, I can partner with my surveillance department and say: “Can you tell me anything more? Am I seeing this right? What do we think they’re doing?” I don’t want to call them in at the beginning, because it’s not surveillance’s job to be the record keepers, it’s my job, but I can provide them with trends and in turn they’ve been able to provide me with data and surveillance coverage which has led to some pretty significant cases.

DB: We’re not working in the dark any more. We’re actually looking at the game statistics, we’re looking at the food and beverage paperwork and doing some analysis of the systems that are out there – getting information from compliance. So it’s not a random thing where we all stare into cameras to come across something. It’s so good to see that trend developing where we’re using departments such as compliance to help us with our job.

What do you think of Know Your Customer and its impact? How do you think that is going to translate to security and surveillance going forward?
HH: It’s funny – it feels like every month I’m required to know more and more about my customers. At one time it was just a case of if you got a federal grand jury subpoena on someone or you saw a news article about one of your guests, but now there’s the expectation that we should have already known them before it got to that point.

Where I really see security and surveillance buying into it is when I have identified people for whatever reason and feel like I need to know more about them. There’s some people where maybe they’re very heavy cash players, and that’s typically where I rely back on surveillance and security, because they are the eyes. I’m looking at paperwork, I’m looking at trends and maybe looking at Google, but surveillance can tell me if this person is a very good gambler and that’s why they have a lot of cash. Do they play with credit in a funny way and it inflates the drop and it looks like they have more activity than they really do? They can tell me who they are associated with. There’s all sorts of things that I’ve learnt from my surveillance department.

DB: In surveillance, we know who these players are – we’re the best at it. Of course we already do a lot of investigative work in the background about players – who they are and where they came from. I remember one case we had with a 22-year-old. He was playing craps every day and spending thousands of dollars. He’s driving up in some old beat up sedan of some kind, so where did he get his money? We looked into him and he worked at a car wash, so he’s either getting a lot of tips or something else is happening. Of course, it turned out that he was dealing drugs and things like that. In the old days, that money would come on the table and we didn’t care at all. Nowadays, you have to care.

Executives don’t want to think of active shooters, but it’s our job to make them think. Maybe you have to go in there with some video of one of the last shooters. You’ve got to get across to themDerk Boss
What are your thoughts on active shooters and how security can work there, and how surveillance can fit into that role? How do we overcome the challenges of management to acknowledge that this is a problem in our society today?
DB: Active shooter for us is something we better pay attention to – well they’ve hit us already. It’s a perfect place for it to happen – they want the publicity. They want to be acknowledged and what better place to do it than in front of thousands of cameras. So I see it as an ongoing trend that we need to be aware of.

However one thing I find is that people aren’t trained for it, they’re not ready. There may be a few of us that have actually had a shooter policy or plan – what you’re going to do and how you are going to evacuate – but very few do, and one thing we don’t ever do is practice. You have to know what you’re doing and we don’t practice that enough.

I think security surveillance has to step up and say this is happening and we need to practice it. Whether anybody else gets involved or not, you have to have security surveillance people ready to go. You’re the only ones that can provide a certain type of live information to police – what’s going on, where people are, where they should walk to, what’s behind that door.

I also think it’s a good idea that in orientation with new employees they be trained on how to react in that situation. I ran into some push back when I first started doing that – they didn’t want people to be afraid when they come to work, they didn’t want them to think that way. But the employees liked the information – they had something they knew how to do.

I know that the executives don’t want to think of these kinds of things, but it’s our job to make them think – show them how important it is. Maybe you have to go in there with some video of one of the last shooters. I know that’s not popular with people but you’ve got to get across to them.

We all probably have an emergency plan in place, but I can tell you from personal experience that nobody really reads that book until it’s too late.

As of 25 October, all of your businesses’ devices have to be capable of reading a little chip that’s buried into a card. What's your thoughts on PCI compliance and what do you see in terms of the relationship with surveillance and security?
HH: We’re at the point where we’re having to meet sharper criteria to be PCI compliant. We end up doing a lot of backwards investigating, so we can get a report to credit card fraud – that’s when my relationship with security and surveillance is critical. I can ask surveillance to review old footage to see if we can identify who was using those credit cards. Surveillance can get a better visual record of who the person was and tie back to times where they possibly checked into the hotel. And security – if that person had to go through the turnstiles or have their ID scanned, we may be able to piece together exactly who that person was that came in.

DB: We all have a number of departments like compliance, internal audit – people who are responsible for looking for indicators of fraud. What I found in a number of cases is that we don’t spend a lot of time training those folks who are actually doing that job. They’re not trained in loss prevention, so to speak, and I think we miss something there. I think it’s important for us to get out there and train in some of the basic things to look for, because the better they are at that, the more information they can feed us.

There’s a tremendous amount of fraud out there – it’s amazing how often we’re getting hit with these different frauds. We see more in the United States than anywhere else because everybody else is using this new card that’s been out in Europe for years. There’s several larger organisations now that have hired or put together their own special units and that’s all they do, just look for fraud. I know some of them and there’s usually nine or ten on the staff and they’re all busy, they’re all carrying a caseload of 10 to 20.

HH: I would definitely urge everyone to make sure your revenue control, internal compliance and cage departments are reporting to you ? any time it is reported to them that a credit card has been used fraudulently. That hasn’t always happened and I’m not convinced that it consistently happens. A customer will call and say: “Hey my credit card was used but I wasn’t there”, and sometimes it's a case of a couple of hundred bucks to make it go away. An audit department will take care of it and surveillance is never going to hear of it, security is never going to hear of it. The account is never going to be flagged and they may have missed an opportunity to catch a person.

Let’s talk about exceptions and how they correlate to some of the bigger prizes.
HH: Every casino has some sort of internal audit of every department that’s trading on these exceptions and unfortunately there can be a lot of noise. There was a point in September last year when my general manager said to me that, year-to-date, he had over 15,000 revenue audit exceptions. How do you go through that noise and see if there’s anything really there?

The flip side is that we’ve had frauds where, when we've been going back to try and figure out what dollar figure we're looking at to try and prosecute this person, one of the key components we used was the exception reports. There was a casino manager who would pretend that there was a slot malfunction and do a ‘paid out’ to steal money in chunks of between $40 and $200. She was getting exception reports for this almost every day – with the same person signing off on them. Can you really blame someone when there’s 15,000 exceptions going out?

What we’re trying to do – and we’re getting better, we’ve actually had a few fruitful investigations since then – is actually data mining those trend exceptions. You should ask your revenue, audit and compliance departments who are the employees that are getting most exceptions, and also look for specific types of exceptions. It’s amazing once you start looking – there are clear indicators of theft but they’d never been communicated to surveillance or security departments.

If you’re not already receiving an analysis of the exception report, ask for it. Then if you do catch a team member who’s involved in crime, ask your compliance department to give you all the exceptions those people have, because that will help build your case. You are actually able to use exception reports in some cases to get a dollar figure and go from a misdemeanor to a felony. The information is out there, it’s just making sure that it’s being communicated back to you.

DB: How they’re stealing, they can hide that, but they can’t hide the result – the money’s gone. If something happens, it leaves a trail – you can find it that way. You're working specifically now with the information. When you’re specific, you can be deadly.

This article was first published in November 2015
Premium+ Connections
Premium Connections
Executive Profiles
Live! Casino and Hotel Louisiana
The Star Entertainment Group
Bayes Esports
Follow Us

Global Gaming Awards Asia-Pacific: Going live

The Global Gaming Awards Asia-Pacific are set for their firs...

Preview: SiGMA Asia 2024

SiGMA’s annual Asia summit comes back to Manila – signif...

Company profile: Praxis Tech

Being payments ready in Asia - A call to action for iGaming...