SOPs & Precious Metals: Mining Your Own Business

By Lowers & Associates,

Disclaimer: Portions of this conversation have been edited for length and clarity, and certain locations and details have been modified for privacy reasons.

Standard Operating Procedures (SOPs) are exactly what they say on the tin – a calculated and tested directive used as a foundation for an operation or individual tasking.  At L&A, we often use a tree as an example of the mechanics behind an SOP: the roots provide the foundation from which the procedure grows; the trunk is the day-to-day actions and the branches are the end deliverable result.

However, a tree will grow wild if permitted.  And left unchecked, SOPs will do the same thing.  Unfortunately, the question we most often run into when assessing a business and its SOPs speaks to the reason why avoidable risk exists in the first place: If the SOP isn’t broken, why should we fix it?

As with everything we do in risk mitigation, questions are good, but the bottom line here is that there is no single answer as to “why” fix an SOP.  For an SOP to remain viable, it needs to remain malleable while also staying strong in the face of adversity.  This means SOP’s need to be challenged, as the current times, technology and industry attitudes constantly change around it.  Periodic and systemic reviews and tests are just as integral to the SOP as the original calculated and tested directives that comprise the SOP itself.  Some businesses might excel at the review and update process, but even then, they can sometimes fall short by failing to communicate those documented SOP changes to all relevant staff.

As part of #OurStory series, Daniel Cootes, AIExpE and Client Relationship & Operations Manager for Lowers & Associates UK office, shares some insights into his experience assessing an operation in Asia whose SOPs weren’t so much incorrect but existed in an environment where uncertainty was not a risk the insurer was willing to ignore.

So, somewhere in Asia, there’s an operation.  The insurer of this operation, our client, needs to determine what type of coverage the operation (their client), needs, so they ask you to assess the active threats in the area.  It turns out these threats include local gangs, natural disasters and ISIS.  Walk us through securing a facility like this for the insurer – where do you start?

Daniel Cootes
The thought process here begins with how to answer one question, really: Could an attacker cross this facility’s perimeter, suppress the security onsite, get to the vault, breach that vault, take what they want and then get back out?  Intelligence leads us to believe that, yes, this sort of attack is possible, but you also ask, is it likely?  Where this mine is located, it’s certainly possible, but most of this type of gang activity is in the bigger Southeast Asian cities.  Also, this insured has a fantastic piece of nature looking after them, because we’re talking about an operation in the middle of a jungle where it’s pretty much two roads in and two roads out with hours of driving required through dense trees. But you start by recognizing, yes, there is a possibility of this scenario happening, obviously, and go from there.

With an understanding of the facility’s threats, the landscape around it, the likelihood of an attack, the personnel involved, what kind of recommendations did you end up making and how did you reach those conclusions?

Daniel Cootes
Given the parameters and all the different angles that they had, I made some recommendations of what we thought was acceptable, the operation then came back with what they thought was acceptable based on their operational and cultural perspective.  Ultimately, it’s about being realistic, and how easy would it be for the operation to implement the updates.  Something like this didn’t need to be nuclear bomb proof, so we looked first at the gate and fencing that they had, for example.  It was all about 10 years old and in the jungle, things get rotten quickly – it’s hot, wet and horrible, right?  And so, they had to commit to review that fencing every six months.  We talked about upgrading their roving patrols. We also looked at upgrading their CCTV.  Technology nowadays is so inexpensive, there’s no excuse to not have it.  There are some other very specific things we did for them that I won’t go into, but a good deal of it comes back to their standard operating procedures and making sure their people are following those.

SOPs are incredibly important, and you were able to assess this facility’s risk entirely through a remote process – how did you do that?

Daniel Cootes
Lots of questions. I kind of like to start from the outside and work my way in.  If I turned up at the site, I tried to build the picture of what was in front of me, and what would stop me from getting in.  I mentioned the gates already, but I also had questions about their guys on the gates, which guys had access to the CCTV or any alarm systems and how the gates locked – some of these gates might be left open during the day, some of these sites run 24 hours as well.  It again comes back to being collaborative and flexible and understanding what’s realistic for them to be able to lock the gate and which of their guys on the gate is involved in that process.  Really, you just keep peeling back as many layers of the onion as possible and what it takes to get to the good stuff in the vault.

When you get to the vault, the questions become things like what were they doing to prevent attackers from getting into that space, how well-trained and well-armed their guys were, are the guards their own guys or an outside security company, how are they actually screening these people.  You just keep pulling the wool at the jumper and ask all these types of questions.  At the same time I’m asking these questions, I have to try and be realistic.  I might want them to have a military response, but it’s about understanding what they’ve got and how they can deploy it. I again would go back to the SOPs, who wrote them and how – was the person accredited?  How old are the SOPs, what’s changed since then?  Have those updates been made and communicated?

All this assumes a breach by people, bad actors.  How do you go about mitigating the risk of a natural disaster?

Daniel Cootes
For us and our work, we must think specifically about what insurers are actually insuring.  Most have their policies they write for people of course, but in this instance, the high-value goods are what they’re focused on.  So, the primary question we need to be able to answer here is: If there is a natural disaster, will this be a total loss with respect that it will never be seen ever again?

For example, let’s say there was a fire in the Louvre gallery and there were no fire suppression systems. Once the Mona Lisa has been burned to smithereens, it’s gone.  However, with something like a precious metal, there’s a good chance we can salvage that after a mudslide through excavation or the like, depending on where it ends up.  Ultimately though, you can’t really mitigate a mudslide, right?  And that’s what insurance is for, those unforeseen, unfortunate circumstances.  What you can think about, though, is how the valuables are stored.

When we talk about vaults with cash inside, fire is a risk, so you ask questions about fire suppression systems – what’s in place, what do we need to put in place.  For a mudslide, what we can be conscious about is trying not to have the goods scattered all over the place once the slide is over and do our best to keep it in at least a defined area.  Because as long as we can get to the vault, it’s not a total loss.  So, it was more about how they controlled the inventory – once it comes out of the mine, it’s processed, heads straight into the vault, it’s labeled and locked, check that off the list.

So, talking then about ISIS, how does that factor into the risk mitigation process?  That seems like it would bring a whole outside set of geopolitical and other type of problems.

Daniel Cootes
What we’ve seen ISIS do in Africa, is something that could happen at this operation’s location.  We asked the operation if they’d thought about a branch attacking them to, not just steal from, but take over the operation.  They had, fortunately, and were doing things to keep tabs on the local gangs, they also had access to the military with a few guys onsite, in addition to a few policemen.  These were people that were trained in weapons systems, could fight back while a call for more help went in.  From there, we dug into questions about their communication capabilities, ran down the list of who controlled those processes, how many satellite or cell phones were available, internet capability, back-up power and generators, and just, again, kept pulling at the thread.

For this operation, ISIS presented a viable threat and was something they needed to include in their SOP, and my assessment was that they needed to refresh some things around that.  The likelihood that they could get in, launch an attack, steal something and either leave or occupy to some degree was slim, but it’s good for both the operation and the insurer to be thinking about.

What about this experience was impactful for you personally or for the client?  Clearly the whole process resonated with you.

Daniel Cootes
As I mentioned, the SOP’s were dated, in fact the person who had written them was no longer there.  Over time, things had clearly changed in their operations, so while the SOPs weren’t wrong per say, they had to update them in line with the way the business was operating currently.  They were looking to potentially hold more stock, for example. So, we didn’t reinvent the wheel, the SOPs were written by a pretty competent person, but what they realized they needed to do was pull them out of the drawer more often and compare them to what was going on in the world. What problems are out there and keeping their procedures relevant?

For me, there’s always two benefits to this type of work.  One, you’re pleased you’re helping keep people safe, and two should a loss happen, I did everything on the insurers’ behalf possible to mitigate the risks and insure these high value goods, to mitigate every conceivable threat in that respect.  For us, the client is always primary, we want to make sure they aren’t hit with any kind of major loss.  If we’ve done our jobs right, we can avoid that.  For me, SOPs are key, keeping them relevant.  They’re awesome to have, but if they’re stuck in a drawer and don’t see the light of day for 10 years or until there’s a problem, that’s not going to work out for anyone real well, is it?

  Category: Risk Management
  Comments: Comments Off on SOPs & Precious Metals: Mining Your Own Business

Emotional Intelligence & The Allure of Insurance Fraud

By Lowers & Associates,

Emotional Intelligence and the Allure of Insurance Fraud

By Neil Watson and Keith Gray

Insurance loss happens for many reasons.  For a business, common causes include armed robbery, theft, customer injury, floods, fires, and storm damage; but any natural disaster, large-scale event, or man-made act can bring about a claim.  When an event involves the loss of physical stock or damage to property, the loss is immediate, and it creates an urgent need for the business owner to settle the claim so that the business can resume operations and avoid further lost revenue.

This desire to quickly return to business as usual is a natural one, but in the wake of an event, it’s not uncommon for the resolution process to test the business owners’ resolve.  And while most claims post-incident are legitimate, from time-to-time, human emotions will complicate the process and create an environment that enables fraudulent activity, sometimes in unexpected ways.

Why Does Insurance Fraud Happen?

The Fraud Triangle provides all the insight required to answer this question.  Our team has written extensively on this, but Donald Cressey’s hypothesis in his book “Other People’s Money” says it all: Trusted persons become trust violators when they conceive of themselves as having a financial problem which is non-shareable, are aware this problem can be secretly resolved by violation of the position of financial trust, and are able to apply to their own conduct in that situation.”

It’s true that some fraudulent claims start out as legitimate but become ‘exaggerated’ during the claims process due to perceived opportunity.  In other cases, if the business is not doing well and is losing money, desperation can create enough pressure to commit fraud.  In rare cases, the fraud may involve large organized criminal gangs; these are often well-planned and involve multiple parties where the sole intent of the activity is a rational attempt to defraud an insurance provider.

It’s for these reasons that impartial guidance through the claims process is crucial.  As an insured, it is important to work closely with your insurance broker and the loss adjuster in preparing your claim and validating your losses.  Without this professional assistance and oversight, fraud can easily find its way into the conversation.

How Does Insurance Fraud Happen?

Below are a few examples of insurance fraud we’ve seen over the years at Lowers & Associates:

  • ‘Padding’ legitimate claims to increase the claim amount
  • Including losses from previous shortages or events within a big ‘single event’ claim
  • Manipulating inventory, possibly running two sets of books, to allow for the tracking of actual inventory versus the falsely reported inventory
  • Exaggerating the damage suffered as a result of a natural disaster (storm), or even causing some additional damage not caused by the original disaster
  • Committing arson
  • Staging accidents or thefts

The current COVID-19 situation globally, coupled with other localized events (recent looting losses in the U.S. or the extreme poverty facing certain areas in Brazil), is resulting in retail sales for certain sectors falling by over 50% and as much as 100%, which is clearly not sustainable.

In such unprecedented times as these, the possibility of a spike in fraudulent claims is a real concern. There is an increase in both the pressure and opportunity factors, resulting in an increased likelihood that potential perpetrators may rationalize their fraudulent thoughts and act on them as a result. For business owners, it can be hard to find consistency and understand what their default problem-solving steps should be.  When the Lowers & Associates team is presented with uncertainty, we often lean on process and procedure to identify a way forward in our work together with clients.  This path can always be informed by intuition, experience, and empathy, but for a business, without process and procedure to provide impartiality, the risk of insurance fraud increases significantly.

What Can You Do About It?

Ideally insurers would commission a pre-risk survey to establish security protections, stock levels, and standard operating procedures to satisfy themselves that the risk meets their requirements.  While this is recommended, it is not always feasible due to time or cost restraints.

Post-event, once a claim has been filed, relying on the findings of a law enforcement investigation may not be feasible due to timing or any related circumstances related to the event (especially if it’s large-scale or a natural disaster).  And even if law enforcement is doing an investigation on an event, it may not be a priority, creating an extended period of uncertainty.  Lastly, law enforcement may also be very hesitant to provide any info that they do have knowledge of, especially when it is an active investigation.

To manage this process, business owners and insurers need independent third parties that are flexible, have experience across multiple industries and can dedicate the appropriate time required to work through a claim (i.e. gathering facts, evidence and necessary documents) to support the basis of the claim.  For truly complex fraud matters, business owners and insurers should expect the third party to have a Special Investigations Unit (SIU) with extensive experience in technical surveillance countermeasures (TSCM) and counterintelligence that regularly work on international assignments.

With enterprise risk mitigation and insurance solutions that include UAV/UAS, special investigations, forensic accounting, loss adjusting and more, Lowers Risk Group stands ready to support our clients through the claims process with the speed, accuracy and dedication you’ve come to expect from over 30 years in the business.  To learn more, contact us.

About the Authors

Neil Watson brings nearly 30 years of insurance industry experience to Lowers & Associates, where he currently serves as Global Operations Director.  With key insurance industry relationships in both the London and International insurance markets, Neil’s primary responsibility is to grow all verticals and assist in building out L&A’s claims adjusting capabilities.

Keith Gray has been with Lowers & Associates for over 15 years and currently serves as the VP of Client Relations.  In his current role, Keith provides oversight with respect to program coordination, management of a nationwide team of industry professionals, investigation, and client communication.  Keith possesses a degree in Accounting and is certified as both a Certified Fraud Examiner (CFE) and Certified Anti-Money Laundering Specialist (CAMS).

  Category: Occupational Fraud
  Comments: Comments Off on Emotional Intelligence & The Allure of Insurance Fraud

Adapt & Overcome: The Case for Virtual Surveying

By Daniel Cootes,

As discussed in our most recent LinkedIn post, COVID 19 has forced companies to review and amend their operations top to bottom. And whether these changes are temporary or long-term, one thing is certain: the impact on both business and employee culture is permanent.

The best businesses right now are doing two things: 1) finding ways to stay open and 2) evaluating the future. And the best leaders of these businesses understand the value of employee training, especially in times like these: a safe, secure environment creates well-being for employees and customers, which enables more innovation with less interference. Given the current circumstances, employees want to be sure that their employer is looking out for them. The first step in achieving this (while also keeping the cash registers ringing so that your strategic plan has a future) begins with a wholistic understanding of the business risks. That is, surveying.

While traditional consulting and surveying is simply not plausible right now, recent advancements in technology and encrypted video have made virtual surveying a viable option.  For businesses considering a virtual survey, the team at Lowers & Associates has compiled a list of insights and considerations that may be helpful in your discovery process:

  • The primary benefit of virtual surveying is that it can be conducted anytime, anywhere. With no travel, virtual surveying is one of the best ways forward-thinking businesses can control costs.
  • Virtual surveys are less disruptive to the organization and provide quicker report-in-hand turn around. This can be a massive advantage for organizations pressed for time or with reduced staff capacity.
  • Always a collaborative exercise and NEVER the “lesser of two evils,” virtual surveys can often provide deeper insights than those conducted in-person (sometimes business owners feel more at ease with a physical distance between themselves and the surveyor).
  • Rapid advances in technology come with a learning curve. Leading risk mitigation consultants should be versed in a suite of technology applications to successfully execute a virtual survey.
  • Information is information, right? Sort of.  Asking the right questions matters, knowing how to analyze the answers makes all the difference, and consistency is king.  Virtual or not, surveyors reviewing requested documentation and/or an audio/visual recording of the survey should be able to turn around the same exact results.
  • Consistency is key in both business and surveying. Virtual surveyors should be able to hand over responsibilities to another surveyor if one should fall ill or become unavailable. Process can be both a businesses’ arrow and its Achilles Heel!
  • Virtual surveying should include an ability to perform the following:
    • Pre- survey meetings
    • Staff competency and interviews
    • Reviews of:
      • Day to day operations
      • Site physical security
      • Insurance
      • Fiduciary Controls
      • Policy & Procedure
      • Vault construction
      • Crime and illegal activity (Local and Countrywide)
    • Facility Design Consultation
    • Follow up consultation meetings

 

Adaptation is crucial for businesses during this real-time reinvention of the workplace, and for 30 years, Lowers & Associates has pushed the boundaries of technology to keep those workplaces safe (this includes virtual surveying). #OurWork #Together has also always been collaborative, and so we encourage you to view and share the insights, stories and applicable tips that our team has been publishing at the Lowers & Associates LinkedIn page. If you have any questions, please contact us.

Loss and the Cannabis Industry: Layers of Risk

By Lowers & Associates,

Loss and the Cannabis Industry: Layers of Risk

Emerging markets tend to fall into that riskiest of strategic planning quadrants: Unknown-Unknown territory. They bring with them both tremendous opportunity and enormous risk.

The cannabis industry is one such market.

While medicinal marijuana has been legal in Canada since 2001, and in select states in the U.S. since 1996, only recently has cannabis transitioned into a full-blown commercial enterprise in both countries.

We spoke with Joe Scarlato, President of Emerging Markets & Technology R&D at Lowers Risk Group, to understand just what risks the cannabis industry poses.

Layer by Layer, the Risks Add Up

Understanding risk is an important first step for any business to take to mitigate the possibility of loss. Risks in the cannabis industry run the gamut from catastrophic loss, business interruption, physical security, and cyber losses to a changing regulatory environment.

Cannabis facilities generally fall into one of three different business models which provide a rough framework for understanding their associated risks.

Grow Only Facilities

Facilities that focus on growing plants or producing their distillates have the most clear-cut risk: the catastrophic loss of their plants. Without plants, the business has no raw materials with which to manufacture its products. It can’t sell the cannabis or its distillates (i.e., concentrates such as raw hemp, flour, CBD oil, THC oil that is separated from the cannabis plant matter through a refinement process).

Integrated Facilities

Many cannabis facilities grow the plant and do wholesale operations, for example producing packaged flours, vapes, or edibles. The products then go straight to distribution to dispensaries or retail channels through a regional product distributor.

Here both the plants and the packaging processes represent the largest areas of financial risk. The facility itself could have a catastrophic event, such as a fire. Not only are the plants lost, but the business must re-tool its original packaging machinery to return to full operations. Or, the dispensary industry might encounter a regulatory shift that prevents them from continuing to use the business’s product.

“Massachusetts just banned vapes from being distributed to dispensaries in the state. So, if you’re a vape producer, and all of sudden you have no one to sell vapes to, your entire distribution network gets taken away from beneath you,” says Scarlato.

These added risks introduce the need for expanded business interruption or contingent business impact coverage.

Vertically-Integrated Facilities

At the highest level of complexity are facilities that integrate multiple aspects of manufacturing and distribution. They grow, process, package, distribute, and sell products, increasing value every step of the way. “As you add more integration, you add in more perils that could impact the bottom line,” notes Scarlato.

A Sampling of Added Risk:

  • Trucking distribution (e.g., accidents, delays, explosions)
  • Product recalls (e.g, tainted flour)
  • Regulatory changes (e.g., shifts in state or federal laws)
  • Catastrophic loss (e.g., theft, drought, plant disease)
  • Product liability (e.g., THC oil used in vapes)
  • Property damage (e.g., for each facility)
  • Personal liability, auto insurance, crop insurance

Fully-integrated verticals like these pose an extremely complex insurance program and aggravated financial risks. These businesses have the most to lose.

The Role of Regulatory Compliance

Cannabis facilities in both Canada and the U.S. have another level of risk to navigate: changing laws. One area where this can be seen is in licensing. Right now, cannabis operations in California predominantly use temporary licensing. Many Canadian dispensaries buy products from these U.S.-based manufacturers.

So, if there’s a dispensary in Canada buying their flour from a farm in a California facility that’s working under a temporary license, and the State of California decides tomorrow to have a cessation date for all temporary licenses, it creates a real problem. Even if the California grower qualifies for the permanent license, they’re likely going to be out of flour for a couple of weeks as they go through the certification process. That leaves the Canadian company holding the (empty) bag.

Many of Canada’s publicly-traded cannabis companies look to the U.S. to buy up privately-held facilities, yet the risk of having a licensing problem in the U.S. potentially impacts their Canadian license. Because of these regulatory concerns, Canadian companies are shying away from such investments.

Now, add in the multitude of other regulatory bodies that oversee the industry – the United States FDA, state product safety boards, the U.S. federal bank – and the complexity is exponentially amplified.

“The logistics in cannabis are challenging to understand, which is one of the reasons insurance is so difficult,” explains Scarlato.

Assessing Risks

In order to avoid the perils of operating in the cannabis sector, the risk solutions team at Lowers Risk Group can help businesses assess potential risk – from security to business processes, to supply chain logistics. We’ll help you create a strong business continuity plan that will minimize the financial impact of these vulnerabilities. Please contact us if you’d like to get started.

  Category: Risk Management
  Comments: Comments Off on Loss and the Cannabis Industry: Layers of Risk

Beyond Run, Hide, Fight: What 3 Recent Active Shooter Incidents Taught Us About Being Prepared

By Lowers & Associates,

Beyond Run, Hide, Fight

Active shooter incidents have become a new normal in our society. As of Sept 24, 2019, there had been an average of 1.24 mass shootings per day in 2019, killing 377 people and injuring another 1,347 victims.

“Run. Hide. Fight®” has been the mantra of training set down by the Department of Homeland Security. We are instructed to run and escape if possible; hide if escape is not possible, and fight as an absolute last resort. While this run, hide, fight mantra offers a lot of value to give people a course of action and to help them feel more confident and prepared in the event of an active shooter scenario, there is more to the equation when it comes to prevention and preparation. It’s time to face this fact.

Here, we look at three recent incidents that should serve to remind organizations that there is much more to consider.

Historic District in Dayton, Ohio

In the early hours of August 4, 2019, a 24-year old gunman with an AR-15-style assault rifle and 250 rounds of ammunition killed nine people and injured another 27 in the Oregon Historic District of Dayton, Ohio. The perpetrator was killed by police within 32 seconds of the first shots. A search of the shooter’s home uncovered evidence of his obsession with violence and that he had expressed a desire to commit a mass shooting.

The organization Childhood Preparedness, which provides resources for early childhood professionals with emergency preparedness planning, response, and recovery, formed the following takeaways from both the Dayton shooting and the El Paso shooting, which happened in the same weekend.

Lessons Learned:

Active Threat Training Saved Lives: Dayton law enforcement agencies received previous training in active shooter response, and their quick action saved countless lives.

Citizen Training Is Important: The key to citizen survival in both the Dayton event and other mass shootings was to quickly identify the sound of gunshots.

Running Is Always an Option: In this situation, running was, in fact, a good idea. Running from the gunfire to a safe location away from the shooter helped save some lives. However, some individuals froze and needed to be prompted by others to run. Individuals who chose to lay on the floor suffered multiple injuries and were trampled by others running from the area.

Stop The Bleed Training Can Help: Participants at the scene aided first responders by treating the wounded with basic first aid, CPR, and even applying tourniquets, such as belts, to the wounded. Tourniquet use is a crucial element of Stop The Bleed Training, which teaches bystanders how to stop severe bleeding before professional medical help arrives on the scene.

Townville Elementary School

On September 28, 2016, in a small town 40 miles outside of Greenville, South Carolina, a fourteen-year-old opened fire at Townville Elementary School playground, shooting three students and a teacher. One of the students, a six-year-old boy, later died, as did the shooter’s father, who had been killed earlier in the day by his son. The suspect was apprehended by a volunteer firefighter after his gun jammed on the playground, just 12 seconds after he first pulled the trigger.

Dr. Joanne Avery, Superintendent of the district, candidly shared her experiences in dealing with the immediate response to the shooting and its aftermath, in a School Safety Webinar sponsored by Raptor entitled, Lessons Learned and Changes We Made After an Active Shooting.

Lessons Learned:

Quick Response is Crucial:  The majority of active shooter events, 69%, end in five minutes or less and 67% are over before the first police arrive. “Speedily moving towards engagement with the shooter should be the primary guideline when teaching active shooter response tactics,” according to the FBI’s report, A Study of Active Shooter Incidents in the US Between 2000 and 2013.

Shooters Do Their Research:  Active shooters study and learn from past events in order to inflict the largest amount of damage. “They want their events to be deadlier” and that “they’re on the clock…so they try to get as much damage done as quickly as they can.”

Rural Areas Are Not Immune:  The majority of school shootings have occurred in semi-rural and rural areas, which means it can take between 12 and 15 minutes for first responders to arrive.  Dr. Avery says this is one of the reasons her school was chosen by the shooter.

Create a Drill Calendar:  Have regular active shooter response training with employees and (in the case of schools) students. Create different types of scenarios (e.g., lockdowns, times of day, types of weapons used, outside vs inside).

Know How to Lock Down: You need to be able to have things in place to inform people within the building about the shooter’s whereabouts and a clear evacuation plan. In some situations, training on how to confront the shooter may be warranted.

Dr. Avery stresses that “the first action that anybody should make if they see an active shooter on campus is…to shout ‘lockdown’, call the front office, and then call 911.”

Las Vegas Country Music Festival

On October 1, 2017, between 10:05 and 10:15 p.m., a shooter opened fire from his suite on the 32nd floor of the Mandalay Bay Hotel on a crowd of 22,000 concertgoers at an outdoor music festival. Firing more than 1,100 rounds of ammunition, he killed 58 people and wounded 422; a total of 851 people were injured during the panic that ensued. The shooter, a 64-year-old man, was found dead in his room from a self-inflicted gunshot wound. His motive remains officially undetermined.

In July 2019, the Las Vegas Metropolitan Police Department released a comprehensive After Action Review report about the event, which included a set of 93 recommendations to prepare for the future.

Lessons Learned:

Plan Ahead with Partners: Work with local government and community organizations, including neighboring police, fire, hospital, and coroner officials, to be better prepared and have a more coordinated response.

Become Less of a Target: Responding officers should remove reflective vests so that they are less of a target to shooters.

Have Trauma Kits On-Hand: For large scale events, have more trauma kits on hand available to paramedics and other responders.

Secure High-Rise Buildings: Secure high-rise buildings that oversee open-air crowds and train more officers to stop a shooter in an elevated position.

If we’ve learned one thing from these devastating incidents, it’s that preparation is key. Whether it’s understanding the sounds of gunfire, having trauma kits on hand, or even being prepared to attack and take down a gunman, these actions save lives. Acting quickly and decisively means all the difference.

Every active shooter scenario will be different, but the point is that organizations must have some level of preparedness for each phase of a shooting event – before, during, and after. Those strategies should include:

  • reducing the likelihood of a workplace shooting through comprehensive risk mitigation (e.g., threat assessments, training, physical security);
  • having response plans in place in the event of an active shooter scenario (e.g., evacuation routes, communication with law enforcement); and
  • managing the aftermath of an event (e.g., employee support, public communications).

Once in place, plans must be continually updated, drills practiced, and changes communicated regularly.

Keeping your employees, customers and other stakeholders safe and your business protected is a 24/7/365 endeavor. To learn more, download our latest whitepaper, “Coming to Grips with the Known-Known of Active Shooter Incidents.”