Chris Baysden
What you can learn about fraud prevention from a casino

An internal auditor at Caesars Palace shares the house’s tips for detecting and combating fraud.

May 21, 2014
by Chris Baysden

Las Vegas casinos attract all sorts of people: High rollers, thrill seekers, and the matrimonially inclined. But along with those highly sought-after customers comes another, much less desirable guest: the fraudster.

Some roam the casino room floor, cheating at cards or sneaking craps bets onto the table after the dice have already been thrown. Others use tech skills—or even something as low-tech as a garage-door clicker—to trick slot machines into making more frequent payouts. A sizable number aren’t gamblers at all. Instead, they’re employees who steal from restaurant cash registers or hotel desk personnel who earn erroneous commissions off faux sales such as bogus room upgrades.

So while Las Vegas casinos may have more sex appeal and Elvis impersonators than the average business, they also have many of the same fraud-related problems as other retail and hospitality operations. Casinos also are billion-dollar businesses that can afford to allocate plenty of resources to combating fraud.

Matt Mitchell is the man behind many of the fraud prevention efforts at Caesars Palace, one of Las Vegas’s most iconic venues. A 32-year-old Nevada native, Mitchell serves as director of internal audit for Caesars Entertainment Corp.’s western division and online gaming operations. When it comes to fraud, he and his counterparts up and down the strip have seen it all: from fairly standard schemes aimed at distracting dealers, to gamblers who diligently tracked a roulette station’s results for years to discover if the wooden wheel’s construction led to a dead spot “bias” for certain wheel sections.

“It blows my mind the amount of time spent in trying to do this,” Mitchell said.

While those particular examples are pretty gaming-industry specific, the majority of fraud cases that Mitchell sees actually occur off the casino floor (gaming frauds are usually for higher dollar amounts, while hospitality and retail frauds occur with more frequency). Here’s his advice for other businesses looking to start or improve a fraud prevention and detection program:

  1. Analyze the data that you have. Point-of-sale systems typically offer a wealth of data, and some sets of it—once properly identified and tracked—can be powerful clues in fraud detection. “Once you start that process, the fraudsters immediately rise to the top—it’s like cream,” Mitchell said.

    For example: Restaurants often use comp codes that allow managers to give patrons free meals—to compensate for poor service, for instance. Keeping track of the average number of comps can help auditors determine if servers are actually comping a meal in the system then pocketing the cash that was meant to pay for it. That practice can be a costly problem in swanky restaurants such as those found in casinos, because bills can easily reach several hundred dollars.

    Point-of-sale systems that record every keystroke at a terminal can also be used to detect patterns indicative of fraud. “If I see a cancel check button followed within the next 30 seconds by an open drawer button or something like that—that’s not normal,” Mitchell said. “So I can build analytics to identify those anomalies and report out on it.” Suddenly, thousands of pages of journal data can be transformed into a quick recap of when and where suspect transactions occurred.
  2. Don’t underestimate the power of surveillance. Accountants are good at spotting fraud red flags in the data. But organizations also need experts skilled in video or in-person surveillance to back up the accountants’ observations. “Once you can marry those, you can almost always pursue prosecution,” Mitchell said of fraud on the casino floor and in the hospitality side of the business. “Just the data itself won’t get you to that next step. You need to have that linkage with the surveillance.”
  3. Constantly evaluate your control procedures. Controls are a balancing act, especially in a service industry. Organizations don’t want to give frontline employees the figurative key to the castle—such as a comp code, for instance. At the same time, managers aren’t always available to deal with a client’s problem as quickly as good customer service would dictate. Mitchell said that he’s always asking, “What’s the balance between too little access and too much access?” Some organizations don’t give frontline employees any ability to deal with transactions like a comp. Others go the opposite route, relying on coaching and reviewing to address any potential abuse.
  4. Integrity, tenacity, and attitude are crucial components when hiring fraud prevention personnel. “The folks that are on our teams that have done really well with this have a sense of ownership in the business,” he said. “They are personally offended when somebody steals from the business.”
  5. Don’t be afraid to start small. Beginning a fraud prevention program can seem like a daunting task, especially if management isn’t keen on footing the bill for startup costs. But there’s never a bad time to initiate such a program, even if it means beginning with baby steps. “Get some wins under your belt,” Mitchell said. “When that happens and you can prove, even on a small scale, what the realizable outcome is, then I think that the business’s leaders will see the value in creating a prevention program.”
Rate this article 5 (excellent) to 1 (poor). Send your responses here.

Chris Baysden is a senior editor for the AICPA Magazines & Newsletters team.