Overview of Scheme

Not all organized retail crime involves traditional theft from retail stores. ORC groups have employed numerous tactics to defraud retailers and obtain merchandise. In receipt fraud, for example, thieves steal merchandise, create counterfeit receipts for the stolen goods, return these stolen goods to the retailers using the counterfeit receipts, and collect money off of the fraudulent returns. This cuts out the fence altogether, potentially netting a higher return.

Some examples of the return fraud and abuse problems include:

  • Wardrobing or renting: Purchasing merchandise for short-term use with the intent to return the item, such as a dress for a special occasion, a video camera for graduations and weddings or a big-screen television for the Super Bowl.
  • Returning stolen merchandise: Shoplifting with the objective to return the item(s) for full price, plus any sales tax.
  • Receipt fraud: Utilizing reused, stolen or falsified receipts to return merchandise for profit. Alternatively, returning goods purchased on sale or from a different store at a lower price with the intention of profiting from the difference.
  • Employee fraud: Assistance from employees to return stolen goods for the full retail price.
  • Price switching: Placing lower priced labels on merchandise with the intention of returning the item(s) at the higher price point.
  • Price arbitrage: Purchasing differently priced, but similar-looking merchandise and returning the cheaper item as the expensive one.

Return Fraud and Abuse Defined

The first step in addressing the issue of return fraud is developing an understanding of its many iterations. David Speights of the Return Exchange, a leading technology provider of fraud and abuse detection, offers the following three categories as primary RFA definitions:

Opportunistic Return Abuse: This type of RFA activity takes advantage of consumer service- oriented return policies for personal gain, often on an opportunistic, unplanned basis. One example according to Speights is price arbitrage.

“Suppose an item is purchased for $80 and the customer loses a receipt,” says Speights. “If they later return the merchandise without a receipt, the customer may receive $100 in store credit for their return if the merchandise was bought on sale. It is likely the customer will not point out this discrepancy.”

In this case, the customer has committed fraud by taking advantage of the retailer’s mistake.

Intentional Return Abuse: These schemes take fraud a step farther by using the return policy exclusively for personal gain on a regular and planned basis. A key difference between normal return activity and abuse is intent—a return abuser intends to use and return merchandise and often does so on a repeated basis.

The most common example is retail “renting” or borrowing. This practice is defined by the purchase and short-term use of a non-defective product with the ultimate intent of reclaiming the cost by returning it later as if new. Studies have identified retail renting as the most common form of RFA, accounting for up to 52 percent of fraudulent or abusive returns. Offenders apply this practice to a wide array of products, from clothing used for a special event to electronics and tools used for particular one-time or short-term events or jobs.

Renting of clothing and accessories has become so prevalent that smaller retailers have emerged to serve the explicit purpose of renting apparel. Members pay a monthly fee in order to borrow the latest and trendiest in fashion for a set period of time.

Retail renting renders legitimate the practice of renting via explicit procedures, though mass merchants and nationwide chains appear unlikely to adopt the practice in the near-term. Instead, larger-scale retailers apply more subtle policies to offset the effects of renting, including setting return timeframes, tracking frequent offenders and their affiliates, and applying “restocking fees” that dissuade consumers from buying and returning higher-priced merchandise.

Return Fraud: This most extreme form of RFA involves activities that clearly violate the law, from check fraud to return of stolen goods.

  • Check Fraud—This type of fraud involves the purchase of an item with a bad check, and return of the item before the check clears. Gift card fraud can sometimes work in the same manner, though it requires more elaborate, time-sensitive scheming on the part of the fraudster.
  • Price Manipulation—Price tag or container switching, price alteration, or the practice of replacing one item for another before making a return are all iterations of price manipulation. For example, an offender might purchase two similar items with different prices, switch the packaging, and return the cheaper item at the higher cost. The more expensive item can then be sold on-line or to a fence.

Retail loss prevention managers report even more sophisticated forms of price manipulation are on the rise. “[Offenders will] put a different item’s UPC on the item to buy it for less and then take the UPC off and return it for full price,” says Kristy Schafer of Shopko, a national chain of general merchandise and pharmacy retail stores.

Such advanced types of fraud require some technical expertise and knowledge of UPC codes and labels to accomplish. Counterfeit UPCs can sometimes be obtained via on-line chat rooms and local fences.

  • Returning Stolen Merchandise—Using stolen merchandise for RFA has become slightly more difficult, as many retailers now require a receipt for a cash refund. However, serial offenders will seek receipts out in order to facilitate fraudulent returns. For example, if a receipt isn’t available, the returner may accept a store credit, which in today’s on-line world is easy to resell on the Internet at a discount, or resort to tender fraud, or the practice of converting a non-receipted return into a cash return. Other RFA offenders search store parking lots and trash for usable receipts.
  • Receipt Fraud—This can take many forms, though the ultimate goal—to produce a receipt with which to validate a fraudulent return—remains the same. This type of abuse developed in retaliation to retailers’ evolving approach to return policy, which has increasingly required a printed receipt for a cash return.

Retailers have adopted this more restrictive stance in response to certain abuses, such as the emboldened fraudsters who enter a store, grab an item from a display, and immediately return it for a cash refund. Today, most retailers require a receipt issued within the past ninety days before issuing a cash or credit refund.

Conversely, non-receipted returns are usually issued a merchandise credit. Return abusers have turned to various tactics in order to acquire the receipts necessary to guarantee a cash or credit refund. These tactics include printing counterfeit receipts, forging receipts, purchasing receipts from the Internet, or as mentioned, scavenging for discarded receipts in stores, trash bins, or parking lots.

Once a receipt is obtained, the offender simply goes through the store, picks up all the items on the receipt, and returns them for cash, a practice referred to as shop-listing. Nashua/CIS Multicolor is one innovative company working with retailers to provide counterfeit-resistant receipts using sophisticated inks, paper coatings, and other emerging techniques.

Organized Retail Crime

Adding to the impact of these RFA categories is organized retail crime (ORC). One of the most serious threats facing the retail industry today, ORC costs retailers billions of dollars each year.

ORC networks attack retailers with a savvy gained from years of criminal experience, targeting bulk quantities of high-demand goods. Often operating with large pools of cash, ORC groups are able to carry out large-scale RFA schemes with devastating financial impact. These gangs employ a multitude of return fraud tactics, ranging from systematically returning stolen items to store service desks for cash refunds or store credit/gift cards to providing cheap counterfeit goods and repackaging them for cash returns.

ORC groups are particularly nefarious in their strategic, pre-planned approach to fraud. They will use retail outlets as ways to launder money, using retail goods for cash conversion or work in collusion with store employees to obtain multiple cash refunds. ORC field operatives may also be violent to intimidate employees to facilitate their escape, putting shoppers and employees at risk.

Furthermore, the profits gleaned from ORC are frequently funneled into other illicit activities, like drug trafficking, illegal immigration, or even terrorism. It is, therefore, imperative retailers form a targeted approach to identifying and intercepting such abuse schemes using software to detect, track, and address offenders and offending patterns.

Identifying and Addressing Fraud

At the most basic level, the benefits of RFA prevention should exceed the costs involved in preventing it. The goal is simple — target the types of fraud that undermine profit the most and develop high-impact methods to address those types.

It wastes time and money…not to mention a detriment to customer service…to attempt to target all fraudulent returners, especially since some forms of RFA are defined by intent. A better approach is to develop a system that accurately identifies “bad” or high-impact returners first by pinpointing the specific behavioral patterns characteristic of fraud and abuse.

Retailers and loss prevention experts use a range of different return procedures to minimize the effects of RFA. Many employ manual store-level authorizations for handling return authorizations, as well as verifying legitimate restocking. This means store personnel are in charge of interpreting and applying return policy to individual returns and identifying fraud. Fighting RFA using this method of processing returns is dependent upon an employees’ subjective assessment of both the return and the customer.

Some retailers use POS refund systems, either purchased from an outside vendor or developed in-house, to process returns. Such systems allow retailers to automatically tie receipted returns to the original receipt value, or, in more sophisticated and integrated systems, allow retailers to swipe a driver’s license or other ID in order to obtain customer information, such as name, address, and phone number. If a POS system is unable to perform this function, the information is typically entered manually.

Automated POS systems are helpful in pinpointing “bad” returners—that is, systematically identifying those repeat offenders whose purchase/return profile is consistent with return fraud. As Kevin Thomas of Office Depot explains, “Normally, these type issues are identified at store level with the customer present attempting to commit the fraud. The POS system flags an issue with the refund while it’s taking place.”

Other systems are designed to go even further by looking for individuals with links to high- impact returners via data mining.

Receipted vs. Non-Receipted

Too often a discrepancy exists between how retailers handle receipted versus non-receipted returns. Many current return policies and systems are not effective in the pinpointing of “bad returners” in possession of some form of receipt. In fact, fraudsters with stolen or forged receipts are often able to make returns with few questions asked.

In a recent survey of return procedures conducted by Loss Prevention magazine, the majority of retailers stated their return procedures differ for receipted versus non-receipted items. A customer without a receipt will frequently be asked for personal information, such as name, address, and phone number. Most store procedures also require employees to assess price and timeframe and obtain management approval before accepting a non-receipted return.

However, procedures are often more relaxed for receipted returns, since receipted returns are perceived as legitimate. Because so many forms of RFA are based on forged or otherwise illegitimate receipts, there is significant potential for retailers to minimize RFA through a more precise system of targeting bad returns—for both receipted and non-receipted.

New Anti-RFA Technologies

Computerized systems programmed to identify bad returners and analyze past behavior before authorizing a return can help resolve this situation. Such systems are able to immediately identify the individual and determine whether or not he or she fits the profile of an abusive returner, regardless of whether or not a receipt is involved.

As David Speights of The Return Exchange explains, this type of software “uses the transaction history of the consumer or employee to identify behavior that is associated with return fraud and abuse. By utilizing predictive modeling techniques, it can create hundreds of variables on each consumer and employee. These are combined together in sophisticated mathematical models to determine the likelihood of fraud and abuse.”

The key to effectiveness with such a system is the definition of a fraudulent return. The nature of this definition will vary between retailers, but will consist of objective criteria specifically developed to target fraud, such as the following:

  1. The frequency or number of purchases versus returns processed for that customer, whether or not any of these were tagged as fraudulent,
  2. The type of products the customer purchased,
  3. The employees involved in the transaction,
  4. Store locations, and
  5. The average dollar value of each purchase.

Computerized systems eliminate the subjectivity inherent in employee-handled returns and may, in fact, help the retail industry stay ahead of the adaptive criminal. Today’s most advanced technologies may employ heuristics and actually learn to evolve to serve changing situations, making the challenge of adaptation that much easier.

“Adaptation is a newer idea in fraud-prevention systems,” Speights says. “Certain products are programmed to adapt, and in the future they will be able to detect and prevent fraud even as fraud patterns change. Fraud prevention systems of the future will receive feedback on their effectiveness and adjust their behavior in real time. Real-time adaptation will be just as important as real-time fraud prevention; in fact, people will not think of one without the other.”

Another system designed to reduce RFA by SIRAS produces an electronic registration or receipt to track specific products by serial numbers and barcodes. Several retailers are working to enhance their in-house anti-RFA software, while others are partnering with outside firms to customize their detection and action process.

The Future of Return Fraud Prevention

Of course, adaptation is an ongoing process. As retailers begin to use more comprehensive, high- tech RFA-prevention systems, offenders will, in turn, devise ways to either avoid or take advantage of them—a fact most retailers understand and accept. “As technology evolves,” Office Depot’s Thomas explains, “refund fraudsters will continue to develop ways around the system enhancements.”

According to Speights, such developments are already underway. “We see two trends emerging as retailers adopt systems that prevent RFA. First, the fraudsters are looking for opportunities elsewhere. Today, this means that retailers without RFA-prevention systems are hosting a higher number of fraudsters, and their share of RFA is increasing every day. Once RFA-prevention reaches a critical mass, some return fraudsters will move to other forms of fraud, or learn how to work around fraud-prevention models.”

Examples of this type of system-avoidance involve making infrequent returns, returning items to different stores, or using other IDs or people to make the return. Before such retaliations become a problem, retailers should work to adopt more comprehensive RFA-prevention systems.

“Large shared databases will be essential in the future,” Speights says, “because it is the only way to combat multi-retailer fraud schemes. Retailing is heading toward more data sharing in order to prevent fraud, and sharing will be essential to prevent multi-retailer schemes.”

Although now viewed as a longer-term tool, RFID is yet another technological advance with potential for minimizing the impact of abusive returns. Attached to high-priced, high-loss items, RFID integration at the product level may eliminate the need for paper receipts altogether. Assuming tags are not “killed” at the POS, item-level history retrieved at the return counter can inform retailers of details like the product’s point of purchase, and original form of payment. Although not cost effective for all products, applying this technology to highly coveted products or integrating it with automated return systems could dramatically reduce fraud. Customer service could also benefit, as legitimate shoppers could enjoy easy, quick returns without having to track down receipts.

How will consumers react to more elaborate return policies? The media is already warning shoppers of a shift in return policy as a result of RFA losses, and suggesting ways to avoid problems at the returns counter. Whether consumers will accept stricter rules as an unavoidable result of RFA is not known. However, without some form of systematic adaptation, return fraud is only going to worsen in scale and impact.

The criminal process is ever-changing, continually adapting to the retail environment and the loss prevention strategies within it. Crime is impossible to stop, but it can be curtailed. In the retail industry, this involves staying ahead of the curve, anticipating the offenders’ moves, and developing and implementing proactive solutions before a problem grows too large.

The ever-increasing cost of return fraud positions it as one such problem. By developing and implementing procedures that pinpoint fraudulent returns in a systematic, objective manner, retailers can stay one step ahead of offenders, and protect the bottom line.

How to identify it

An enterprising criminal-minded Chicago couple purchased equipment that allowed them to reproduce bar codes as well as print store sales receipts. Their illicit business involved printing the bar code from the $1.99 roll of shelf liner paper on sheets of adhesive-backed labels, taking the labels to the targeted store, and placing the counterfeit bar codes over the bar code on rolls of wall paper with a retail price of $22.99. They would then purchase fifteen rolls of wallpaper, which would scan on the POS register for $1.99 each for a total of $29.85. They later removed the bogus bar code label and printed a receipt reflecting a purchase of fifteen rolls of wallpaper at $22.99 totaling to $344.85. Using the fraudulent receipt, they would then return to the store to obtain a refund. This particular couple repeated this process twice a day, 250 days a year, which generated a tax-free income exceeding $150,000 annually.

The California Alameda County District Attorney’s office filed criminal charges in 2003 against three illegal Irish immigrants involved in a similar bar code scam. In this case, a bogus bar code was used to significantly reduce the purchase price. The merchandise was later returned with the actual bar code. The refunds were made without sales receipts. These individuals beat the refund tracking system by verbally transposing numbers on the identification, which they read aloud to the refund cashier. These refunds were issued as gift cards, which were then sold at a discounted rate for cash.

How to investigate it

Review refunds processed or “approved” with the same manager code, key, or ID. Very often fraudulent refunds are conducted by the management / supervisory employees with easy access to transaction data, multiple registers, and approval authority. These dishonest managers can bounce from register to register processing fraudulent transactions, without any one cashier’s data showing as “overly suspicious”.

Check employees with a pattern of “mid-range” cash refunds – typically $29.99 – $79.99 (adjust amounts for higher price point retailers). Most dishonest employees will not risk making multiple high dollar fraudulent refunds, in attempts to avoid any unwanted attention from LP / Mgmt.

Scrutinize single transactions with multiple returns of the same item; and multiple transactions with single returns of the same item (especially when they fall into the “mid- range” value range as described above). People are by nature, creatures of habit. Dishonest employees will often return to the same item or category day after day to process their fraudulent transactions. They develop comfort in their method for getting the item to the scanner, or they keep a barcode in their possession. Many times the subject will simply memorize one or more UPC’s or SKU’s in order to ease their process.

Scan refund transactions for any patterns in time stamps or days of the week. Dishonest employees will often only attempt fraudulent refunds during a particular manager’s shift, before or after lunch or break, or outside of normal business hours. Once they have established that a time, day, or shift “works” for them, they will often keep to it.

Always be aware of any “refund-liability items” that are within reach (or short walking distance) of employees working at refund registers. Examine refund transactions for returns of these items. For example: When you see several suspicious refunds involving 32G Flash Drives. It helps to know that they are kept behind the service desk (immediately behind your potential suspect).

Review transactions for refunds on items that are not typically refunded; IE: snacks, beverages, or tobacco products. Often customers will leave without waiting for receipts on these types of items. The dishonest employee can keep & utilize that receipt to process a “receipt refund”, theoretically reducing red flags.

Review employee sale data for merchandise credit / due bill / store money card transactions. Obtain the number from the tender used, and investigate its origin. Many companies have “hard-stops” in place to cut down (or eliminate) no receipt cash refunds. Dishonest employees are often just as happy to accept merchandise credit / due bills / money cards. These forms of tender can be utilized by the employee directly; or they can be bartered for cash on the streets.

Thoroughly investigate any refund transactions involving gift cards. Many retailers do not have the ability to deactivate a gift card once it has been activated. So a dishonest employee can ring him/herself up for a $500.00 gift card, tell the register that he/she is paying with $500.00 in cash, and then follow the remaining procedures for activating the card. Immediately after the sale transaction (or later, when the opportunity presents itself), the employee will process a refund. The register subtracts the imaginary $500.00 from the till. The employee now has an active gift card, AND a balanced drawer.

Always be on the lookout for refunds going back to the same credit card; especially when the credit card history shows no evidence of the (refunded) items being purchased, or when there are more refunds than sales credited to the card. Looking at scanned vs. “hand- keyed” credit card transactions is also helpful. Dishonest employees often utilize refunds to drop the balance on their credit cards. Often, it is not even necessary for the employee to reach for their card or the refunded item. They have the number of their card memorized, as well as the item number or SKU of the item they wish to “return”. This is often done with a customer standing in front of them to alleviate suspicion. The entire fraudulent refund process can occur within a matter of seconds; and to anyone watching (live or on camera), it looks like the employee is just hitting a few buttons.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment