Crime in the Supply Chain and What to Do About It
When it comes to high-stakes cargo thefts, most people think of luxury cars, pricey electronics, and pharmaceutical drugs as prime targets. Yet during the peak of the pandemic, a new mark emerged: medical-grade oxygen.
With COVID-19 cases skyrocketing, regions including Latin America, the Middle East, and Africa struggled to meet the rising demand for this life-sustaining gas. As supplies dwindled, prices began to soar, giving rise to an illicit market. In fact, thefts of medical-grade oxygen increased 200% in late 2020 and early 2021 compared to total thefts in 2019, according to consultancy BSI Group.
If cylinders of compressed gas can trigger a spike in criminal activity, then it goes to reason that no product in today’s global supply chain is completely safe. Risk factors vary from world crises to the precarious security of certain geographic regions. For example, as COVID-19 cases climbed, cargo thefts of medical devices and supplies, including personal protective equipment, rose by more than 5,000% in 2020 over 2019 losses. Meanwhile, as BSI notes, Latin America continues to suffer an extreme rate of cargo truck hijackings. In 2021, these hijackings made up 60% of cargo theft incidents recorded in South America and 78% of cargo thefts occurring in Mexico.
Regardless of contributing factors, the repercussions of supply chain crime can be severe, including business disruptions, revenue loss, tarnished brand reputation, increased operating costs, and employee attrition. Consumers also pay a price for supply chain crime: “It’s becoming more expensive for consumers to purchase products as companies have to pay for increased security and law enforcement,” says Rachel Michelin, president and CEO of the California Retailers Association.
That’s not to suggest, however, that enterprises are at the mercy of cargo criminals. Rather, by modifying or creating new business processes associated with risk assessment, data collection, and educational efforts, organizations can mitigate the risk of supply chain crime and lessen the chances of falling victim to theft as they build out their business.
A perfect blend of risks: Pandemic lockdowns, shipment slowdowns, and rising online orders
While supply chain theft is hardly new, a number of factors, including the pandemic, “opened a whole world of increased exposure to supply chain crime,” says Lynda Buel, president and CEO of Security Risk Management Consultants.
It’s easy to understand why: Multiple lockdowns around the world slowed and, in some cases, temporarily halted the flow of raw materials and finished goods. In late 2021, as transport delays mounted, cargo began piling up at shipping ports, truck yards, outside warehouses, and even dumped on the side of the road and on residential streets, creating an unsupervised playground for criminals-in-waiting, Yahoo News reported. In fact, while cargo can be stolen at any point along the supply chain continuum, 55% of all cargo thefts in 2021 with a known location occurred within unsecured parking, according to a Sensitech report.
“Pallets of products are stolen because cargo containers just sit there – we can’t move them quickly enough,” says Michelin.
Another factor contributing to supply chain crime is an increasingly digital universe for purchasing goods. “The rise in online shopping and delivery has opened a new avenue of theft that is targeting Amazon, FedEx, UPS, and USPS trucks with their deliveries,” says Buel. “It has become a crime of opportunity for package thieves and hijackers by stealing trucks, slashing tires, breaking and entering the trucks, or attacking the driver.”
And the chaos is not limited to delivery trucks. Earlier this year, photos and videos surfaced showing piles of empty boxes, many with delivery company logos, strewn alongside rail tracks in Los Angeles County – the aftermath of thieves looting freight trains, CNN reported.
Many manufacturers and retailers blame lax legal prosecution for the brazen nature of these crimes, but a proliferation of online marketplaces for stolen goods is also to blame, according to Michelin.
“We’ve seen this surge of big, online marketplaces popping up where you can take a picture of an item, put it online, and someone will buy it,” she says. “There really aren’t any guardrails around that so it’s much easier to steal something, get it on the online marketplace, and sell it.”
4 strategies for combating supply chain crime
The good news is there are ways organizations can modernize existing business processes or design new ones to both minimize their exposure to risk and strengthen their security posture against a growing crowd of bad actors and sophisticated tools. Here’s how.
Expand the scope of risk assessments to include partners. Regularly conducting internal risk assessments can help organizations identify where vulnerabilities lie within their supply chain and determine a plan of action to mitigate these risks. But in today’s interconnected world, a company’s supply chain is only as safe as its most vulnerable supply chain partner.
“Great companies make sure their suppliers are as resilient as they are,” says Jim Yarbrough, a global intelligence program manager at BSI Group, which helps organizations improve their business processes.
For this reason, Yarbrough recommends organizations expand the scope of their risk assessment processes to include the risk profiles of supply chain partners. Doing so, however, “is way easier said than done,” he adds. “Big box retailers, automotive manufacturers, and companies in aerospace and the pharmaceutical industry have thousands of suppliers that are constantly changing all the time.”
Fortunately, companies can fight back by digitizing and automating B2B transactions across the supply chain to provide near-real-time visibility into partner activities and security practices. The result, says Yarbrough, “is the ability to visualize your supply chain and understand the relations between suppliers so that you can identify where your weak points may be.”
Another process for assessing the security capabilities of supply chain partners: establishing a feedback loop. For example, Yarbrough says companies can use questionnaires to query supply chain partners on the strategies they’re leveraging to mitigate risks, or request “evidence or certifications” of measures being taken, such as physical security precautions associated with warehouses and manufacturing facilities. What’s more, he adds, companies then can use these same feedback loops to create corrective action plans with partners.
Educate employees on supply chain crime. While assessing the security stance of supply chain partners and creating feedback loops can expose weaknesses in a supply chain, organizations must also educate partners on the importance of preparing for and responding to risks.
It’s not just about changing business processes. Companies have learned that if they can convince suppliers about the benefits of reducing the risks of crime, they can collaborate to reduce it. These companies “explain to their suppliers why mitigating supply chain crime is vital to their long-term survival as a business,” says Yarbrough. Such efforts, he says, can help companies “withstand many of the incidents we’ve seen over the last several years.”
Supply chain partners aren’t the only entities that can benefit from an education in supply chain dangers. “Many supply chain security issues emanate from an insider threat,” adds Yarbrough.
In fact, the Transported Asset Protection Association reports that approximately 70% of supply chain and cargo theft can be linked to insider involvement, whether intentional or accidental.
For example, employees can be bribed to share confidential details on everything from truck routes to shipment dates. And some organized crime rings have even been known to plant members in warehouses, paying them handsomely in exchange for insider information.
That’s all the more reason, says Yarbrough, for organizations to ensure a company’s human resource processes for recruitment and hiring include carefully vetting employees and educating them on a company’s culture and ethical expectations.
Collect intelligence on criminals, not just trucks and packages. For years, organizations have relied on GPS systems to collect real-time information on the whereabouts of everything from containers and trucks to trailers and packages. By collecting this data, organizations can not only keep tabs on high-value cargo but increase the likelihood of quickly locating and recovering stolen goods. But criminals are discovering effective workarounds for these precautionary measures.
“Since GPS technology is common in the supply chain, criminals are getting smarter in the use of jamming devices to circumvent GPS tools,” says Buel. “For example, they might use a ‘sniffer’ device to detect GPS systems hidden in packaging or on pallets, then use a GPS jammer to block the technology so it cannot be used to help law enforcement locate a stolen trailer.”
One way to outsmart increasingly sophisticated criminals is to switch from relying on processes that collect information on the movements of containers and trucks to processes that help gather intelligence on the most likely movements of criminals. For many, the necessary tools are already in place: data analytics applications, artificial intelligence-powered models, Internet of Things devices. However, the processes for using these tools must expand to include collecting and integrating new types of geographic, demographic, and predictive data.
This means using data to determine points of risk, Buel says, such as “where there are high-target areas for criminals, what time of day criminals tend to strike, and what products are in high demand among criminals.” Based on this data, organizations can better plan and apply proactive measures, such as preventing cargo from lingering in areas most attractive to criminals.
Factor in cybersecurity when it comes to cargo. There is increasing concern about cyber threats to the supply chain. Case in point: Cargo thieves can use cyber breaches to obtain information such as delivery times, appointments, and the name of employees retrieving cargo loads to help them make fictitious pickups that appear genuine.
In response, the Transported Asset Protection Association has released cybersecurity standards that help organizations address cyber vulnerabilities and concerns. These standards aim to set appropriate levels of cyber security, vendor risk assessments, incident response plans, and secured third-party vendor relationships. But as cyber risks multiply, organizations must also re-examine processes related to data collection and network protection to prevent breaches and other nefarious activities.
A developing risk, but one that supply chain leaders can address
Despite a large array of tools and technologies that companies have to combat supply chain crime, they still face many challenges. Reinventing processes related to risk assessment, education, data collection, and cybersecurity can require financial investment, the right IT talent, and C-suite commitment – scarce resources in a post-pandemic world.
But it’s important to act. The pandemic has changed the way goods are sent and received, while an increasingly digital supply chain makes it easier than ever for cargo criminals to profit from their bad behavior. However, by re-examining existing business processes, and taking new approaches to supply chain security, organizations can better prepare for the future.