Proven Fraud Prevention Strategies

Transcription

1 Proven Fraud Prevention Strategies Kris Rogers & Megan Slinn 2013 Retail Summit Scottsdale, Arizona summit.iqmetrix.com

2 Proven Fraud Prevention Strategies 1. Complex passwords Settings > Human Resources > Account Security Setup The more complex the passwords, the less likely that someone can log into the profile A complex password must have three of the following criteria: Upper Case, Lower Case, Numbers, Special Characters The minimum length can you edited (defaults to 6 characters) As a company-wide policy you can for the password to be reset 30, 60, 90, 120, 150, 180 days; or not have any policy for the reset 2. Lock Screen Settings > Workstations Settings > General > Screen Lock Override When this feature is activated, it will automatically lock the screen based on the settings saved The industry standard is 2 minutes You can set this per HR Role (Employees > Role Management > Role Details section) o This will override the company-wide setting on the workstation settings 3. Transaction Authentication Settings> Company Settings> POS Defaults> Transaction Authentication

3 Allows you to configure which types of transactions will require the employee to enter in their credentials in order to complete the transaction. The authenticated employee will now become the Tendered By employee for sales 4. G/L Account Activity Report Reports > General Ledger section This report can be used to monitor shipping expenses Fraud can happen at the vendor level; monitoring the shipping costs through this report will flush out any inconsistencies or issues 5. Biometrics Fingerprint scanners Simple setup, download drivers once have hardware, enter in fingerprints in employees profile Can help with Employee Time Theft or Buddy Punching Also used for different areas in which the fingerprint scanner can be used: Transaction Authentication Overrides Punch clock Login 6. Commissions Details Report Reports > Employee Commissions Used to see if employees are gaming the system with split commissions (1%/99% split) o The employee that is the primary salesperson with 1% of the commission will get credit for the sale in Performance Metrics; the other employee with get 99% of the commissions for this sale 7. Quick Sales Settings > POS Defaults > Quick Sale Rules - Settings> Human Resources> Security Screen Setup> Console:Sales The number of activations that go through as Quick Sales is astounding o Having sales go through as Quick Sales does not give the dealer any visibility into who this phone was sold to or refunded to o We recommend turning off Quick Sales in POS Defaults 8. Refund Summary Report Reports> Refund Summary Report Filter by Customer to see the Quick Sale Customers to see sales done to Quick Sales if not turned off in database. Also able to see what customers are called Quick first name, Sale last name Can be used to see which Refund Codes are being used 9. Refund Codes Settings > Finance > Payment Setup > Refund Code Setup All refunds by default require a comment, but that comment could be a single letter as RQ doesn t know what the comment should be Codes ensure a consistent entry of reasons as to why product was brought back; they are user defined, which means they are custom from client to client

4 With consistent Refund Codes you can create a Custom Report in RQ based on the Product Detail Report which we called, Refund Quantity Report that is grouped tender by and a column filter of Quantity <0 o You can view quickly all of the refunds by the tendered by employee and see what the reasons are there could be a pattern in which case the employee would need to be talked to 10. Refund Override Required After x Days Inventory > in the Product Details tab Some clients like to set it for a 30 refund policy, if it needs to be refunded past that, it will require an override code o This ensures that items are not being refunded after the policy without management approval o Some clients like tighter reigns and will put zero days in the field to ensure that each refund has an override code 11. Non-Sellable Inventory> Count Sheet> New Count Sheet Count at least In Stock and Non-sellable products to ensure no inventory is going missing in the non-sellable status 12. Sales by Invoice Report Reports> Sales by Invoice Report Starting with the Sales by Invoice report, the user can create a High Cash Sales Report from it o Group by Sold by Filter the Cash column with >50, 100 or 200 o You can identify employees that are not following policy or perhaps helping their friend steal phones 13. Cash Payment Type Restriction Settings > Finance > Payment Method Setup To avoid employees being able to refund high amounts of cash to themselves (fraud), there are a couple of settings on the Cash payment type that should be considered Allow on Negative Transactions o Any value o Maximum refund of $x Allow Full Amount Same-Day Refunds o This setting will override the Allow on Negative Transitions if the original invoice was paid in cash on the same day the refund is tendered (the idea being that the cash out be in the till and could be given back) 14. POS Restriction for Cash Back Settings> Finance> Payment Method Setup When set up will not allow the customer to get Cash Back when using a credit card/debit card Must have Payment integration for feature o Require authentication or verification Then one of the three options - Require credit card authorization, Require pin verification, Require check verification

5 15. Blind Cashouts Settings> Human Resources> Security Screen setup> Cash Management:Close Out Drawer In adding this feature you are ensuring staff is counting what is in the drawer not just putting in what the system total shows. The System Total, Difference, Till Transactions, Cash In Amount, Over (Short) Value and the expected amount in your drawer are all hidden Can also add in a buffer variance limit Settings> Finance> Miscellaneous 16. Manual Addition of PAW SKU s Settings > Point of Sale > POS Defaults > Sales> Sale Invoice Rules You can set in the POS Defaults to allow the SKU s that are used for the PAW to only be added through the PAW and not on their own. o The same thing can be done with the Promo SKUs 17. Integrated epin and RTR CSM needs to set this up with the client The integrated epin is a convenient way for the dealer to sell epins without carrying any inventory o To avoid fraud, ensure security around not being able to reprint or view the epin after the invoice has been given to the client is set up Security Screen Setup> POS: Reprint Phone Card PINs Full access means that the user will be able to see the PIN on the preview and print copies of that invoice (potential to steal the PIN if they activate it before the customer can) No Access means that the user will not be able to see the PIN on the preview or printed copies o RTRs are more secure as they are automatically loaded onto the customer s phone, there is no PIN required; therefore fraud is much less likely. 18. Credit Card Refunds Settings > Point of Sale > POS Defaults > Refunds To reduce the potential for credit card fraud, there are a couple of settings in POS defaults that will help out o Enforce credit card refunds to the original card used o Allow credit card payments to be refunded to other payment types with a manager override 19. Login Audit Report Reports The Login Audit report helps by showing a detailed report of the employee logins You can see who was logged in when and from what computer