Business Risk during the Festive Season

Author: Stewart Clark / Date: November 27, 2017

Category: Risk Mitigation

As we take the run into Christmas, most business are focused on getting things finished so they can wind down for a bit of R ’n‘ R over the Christmas & New Year period. Naturally, those in Retail are still geared up until after the post Christmas sales and Hospitality, will run hard until the holidays finish, but….there is another group who are gearing up for a busy holiday season.

This group, would officially be on the “naughty list”, as this group have only one objective – to rob you.

What’s normally left off the pre-Christmas “to do list for most businesses is security. Physical and cyber.

Make no mistake, thieves will NOT be taking a break over the holiday season – in fact, they will be working hard exploiting the combination of business closures and peak retail activity.

The risks to business vary significantly, however what’s very consistent, is that most businesses spend more time planning their Christmas break-up party – than they do making themselves secure.

So, before you close for a Christmas / New Year break – stop and consider how well positioned you are against the following common security items. Whilst not an exhaustive list, it is a good starting point.

  • Payment system authentication devices and passwords – devices should not be left in the office and passwords should never be loaned or written down. This applies to your team as well, if they have laptops and other devices, make sure that they keep them secure whilst they are relaxing on leave.
  • Hacking – I’m always amazed at the ability of hackers to get access to computer systems, so I recommend that you have a quality IT Firm check your system for the necessary safeguards. Consider having your systems monitored, as the faster a problem is discovered, the more likely you can limit the severity and perhaps recover what’s already been taken or lost.
  • Credit cards – are there any replacement cards due, and if so, what arrangements have been made for receipt? New, unsigned cards coming to an unattended mail box is a gold label invitation for theft.
  • Vehicles – extra vehicles which are not in use, should be garaged for the holidays. This lessens the likelihood of theft or damage, but also discourages the “Christmas trip away” being racked up on the business vehicle.
  • Site Security – the very simple elements of locking up, security lights, monitoring, random inspections  CCTV and the like. Take every reasonable precaution to make your site “un-inviting” for any would be thief. Even if there is nothing to steal, the damage and disruption which can be caused by a break-in can still be significant.
  • Cash clearances – if the business is collecting large or unusual cash volumes during a “sales period”, then precautions should be made to clear this quickly. Random clearance patterns (time of day, person, route to bank etc) all reduce the chances of a planned robbery.
  • Warehouse sales – ad hoc sales in venues not normally used for selling or handling cash can present as a soft target. These venues – and the staff running them, are usually not set up or familiar with the types of security commonly found in permanent locations. Remember, theft does not need to be just cash – it can be product, equipment or files.
  • Cheque books, general financial reports, important licenses/contracts etc – should all be secured to prevent theft or unauthorized copying/viewing.
  • Internal fraud – distasteful as it is to consider, this is also a period where the low levels of supervision permit some internal fraud. This may range from simple pilfering of the stationery cupboard, to stock or larger scale fraud. A wise person once told me in the context of staff that, “trust should never come into it if the systems and controls are strong”. Are yours?
  • Data – if you have a major computer security issue as part of a hack or even a break-in, a good secure back-up regime will still be able to recover your data so you can start over.
  • Insurance – in the event that something does go wrong, a strong policy with the appropriate cover will at least assist you on getting back on track.

A further quick tip from an operational risk perspective – with the skeleton staff numbers during the festive season; make sure that minimum numbers are still maintained for items such as physical security, first aid, quality control and dual authority items.

So, for the festive season – before you take “a well-earned break“, make sure that you have taken a few simple steps to ensure that thieves are not going to have a Happy New Year at your expense.

To learn more about how you can improve your internal business controls, contact us at