Shrinkage control: find the loss, then fix its cause

Shrinkage is the most expensive number most businesses never measure properly. It hides inside book stock between counts, surfaces once a year as an unexplained write-off, gets attributed to “theft, probably”, and is budgeted for the following year as if it were weather. Meanwhile the actual causes — a supplier short-shipping one line for months, a waste process nobody logs, a back-door pattern at two specific sites — carry on undisturbed.

CPCON approaches shrinkage as a measurement problem first. Reliable, frequent counts and a disciplined book-to-physical reconciliation turn one annual number into a grid of variances by SKU, category, site and period — and loss that has a shape has a cause. Our shrinkage engagements move through that sequence: measure, locate, attribute, fix, and then keep counting so the fix is proven rather than assumed. This page sets out how each stage works, the causes we separate, how retail and warehouse problems differ, the technology that earns its place, and the return a serious programme produces.

What shrinkage actually is

In strict terms, shrinkage is the difference between the stock your system says you own and the stock you physically have, once every legitimate, recorded movement has been accounted for. Expressed as a figure it looks tidy. Treated as a single cause it is useless, because that one number is a blend of at least five distinct problems that have nothing in common except that they all reduce the count. A programme that chases “the shrinkage” as if it were one thing will spend on cameras while a supplier quietly short-ships, or discipline staff while a chiller waste process goes unlogged.

The decisive distinction is between known and unknown shrinkage. Known shrinkage is loss you can already explain: logged waste, recorded damage, authorised markdowns and returns to vendor. Unknown shrinkage is the residual gap that remains after every recorded movement is stripped out, and it is the only part worth investigating, because it is the part nobody can yet account for. A surprising share of what businesses label theft is in fact unrecorded known loss — damage and waste that happened, was real and legitimate, but never reached the system. Separating the two before anyone reaches for the word “theft” is the single most important discipline in the whole field.

The five causes — and their fingerprints

Each source of loss leaves a different statistical signature in the variance data. That is what makes a data-led investigation possible: you do not need to catch the loss in the act if you can read its pattern. The table below sets out the five families, what sits inside each, and how each one announces itself once you have variances broken down by SKU, site, shift and period.

External theft

Shoplifting, organised retail crime, theft in transit and robbery are the losses the public imagines when it hears the word. They are real and, in some categories, large — but they are also the most over-attributed, because they are the explanation that requires no one inside the business to be at fault. External theft has a distinctive shape: it concentrates on high-value, concealable, easily-resold lines, it follows trading hours and staffing gaps, and it favours specific entrances, aisles and blind spots. When the variance grid shows loss spread evenly across dull, bulky, low-value stock, external theft is not the answer however convenient it would be.

Internal theft

Staff theft is uncomfortable to investigate and easy to either ignore or over-accuse. It takes the form of stock walking out, cash skimming, refund and void fraud, sweethearting at the till and collusion at goods-in. Its fingerprint is different from external theft: it clusters by individual, by shift and by till, it shows up in void and refund exception reports, and it is often steady and low-level rather than dramatic. The right output here is never an accusation — it is an evidence pack (variance trail, exception reports, movement records) structured so your HR, security or legal teams can act properly and lawfully.

Supplier and goods-in loss

A supplier that consistently short-delivers, over-bills, or books quality rejects as received can drain margin as effectively as any thief, and it is invisible until you reconcile what was ordered, what was invoiced and what was actually received. The give-away is unmistakable once you look: supplier loss clusters by supplier and SKU across every site. No shoplifter steals the same line in identical proportion in Aberdeen and Plymouth; a short-shipping supplier does exactly that. This is the cause most often missed by theft-focused investigations, and the one with the cleanest, cheapest fix — a receiving control and a supplier conversation.

Process and operational loss

Damage, breakage, spoilage, expiry, weight loss on loose goods, mis-scanning and unrecorded markdowns are the quiet majority of most shrinkage figures. They are legitimate once recorded, but when the process to record them is weak the loss surfaces later as an unexplained gap and gets blamed on theft. Process loss clusters by category and handling profile — chilled, fresh and fragile lines lead the table — and it is seasonal. The fix is rarely security; it is a working waste-logging and markdown discipline, which is also why fixing it improves both the count and the data quality of everything downstream.

Administrative and system error

Mis-keyed receipts, wrong units of measure, un-posted transfers, duplicate adjustments, master-data errors and pack-size confusion generate phantom shrinkage that no security measure can ever stop, because nothing was ever lost. Its signature is the equal-and- opposite variance: one SKU short, a related SKU long, netting to near zero. This is artefact, not loss, and a proper stock reconciliation removes it before it ever reaches the investigation — which is why reconciliation discipline is not paperwork but the filter that stops you investigating problems that do not exist.

Measuring loss properly: the shrinkage rate

You cannot manage what you measure badly, and most shrinkage is measured badly — as a single, annual, company-wide percentage that averages a leaking site into a clean one and tells you nothing actionable. The headline calculation is simple: shrinkage rate is the value of unknown stock loss divided by net sales for the same period. So £180,000 of unexplained loss on £12,000,000 of sales is a 1.5% shrinkage rate. It can be struck at retail value or at cost; what matters is fixing one basis and holding it constant so periods are comparable.

The number only becomes useful when it is decomposed. A serious measurement breaks loss down on every axis the data allows:

• By site — to find the two or three locations carrying most of the loss instead of spreading the average.
• By category and SKU — to separate the handful of leaking lines from the long tail that is fine.
• By period and shift — to expose time-of-day and day-of-week patterns that point at theft windows or process gaps.
• By transaction type and user — to surface refund/void exceptions and goods-in patterns.
• Known vs unknown — so the investigation only ever chases the residual nobody can yet explain.

This decomposition is impossible without reliable, frequent counts. One count a year produces one number a year; you cannot see a pattern in a single data point. Programmes built on cycle counting generate the variance density that turns shrinkage from an annual shock into a managed, observable metric.

The investigation: from a number to a cause

Once the loss is measured and located, the investigation follows the fingerprint. This is methodical, evidence-first work, not a hunt for a culprit. The sequence we run is deliberate and the order matters:

1. Strip out the artefact. Reconcile first. Equal-and-opposite variances, unit-of-measure errors and un-posted transfers come out before anything is called loss. A meaningful share of apparent shrinkage dies here, harmlessly.
2. Separate known from unknown. Pull every recorded waste, damage, markdown and return-to-vendor out of the gap. What remains is the unknown loss that is actually worth a person’s time.
3. Read the shape. Does the residual cluster by supplier and SKU across all sites (supplier/goods-in), by site and trading window on concealable lines (external theft), by individual, till and shift with refund/void exceptions (internal theft), or by handling-sensitive category (unrecorded process loss)? The pattern nominates the cause.
4. Test the hypothesis with evidence. Receiving and supplier checks on the worst lines; waste and markdown process review; movement-trail sampling; till exception analysis. The cause is confirmed against records, never assumed from the pattern alone.
5. Report cause-coded, prioritised findings. Each tranche of loss attributed to a cause, sized in pounds, ranked by recoverable value, with the evidence attached and a specific, owned fix against each one.

The principle that runs through all of it is evidence before accusation. We do not put a name to a number until the trail supports it, and where findings genuinely do point at an individual or a supplier, the output is built so the people who must act — HR, security, legal, procurement — can do so on solid ground.

A worked example: how one number becomes four causes

Take a retailer reporting £240,000 of annual shrinkage on £16,000,000 of sales — a headline rate of 1.5%. Budgeted as a single “theft” line, it is treated as an unavoidable cost and nothing changes. Run through measure-locate-attribute, the same £240,000 separates into problems with names and owners:

• £70,000 — unrecorded waste and damage on fresh and chilled lines that happened but never reached the system. Known loss masquerading as theft; the fix is a working waste-logging discipline, not security.
• £55,000 — supplier short-delivery concentrated on a handful of lines, identical across every store (the cross-site tell). The fix is a goods-in control and a supplier conversation, and much of it is recoverable.
• £45,000 — refund and void fraud clustered on three tills and two staff, visible in exception reports. The fix is a till control and an evidence pack for HR.
• £40,000 — external theft on concealable, high-value categories at two stores in specific trading windows. The fix is targeted EAS, source tagging and layout.
• £30,000 — administrative and unit-of-measure error that nets out on reconciliation. Not loss at all; it never should have been in the figure.

The £240,000 that looked like one immovable cost is now £30,000 of artefact to remove, £55,000 of partly-recoverable supplier loss, and three operational fixes ranked by recoverable value. That is the difference between budgeting for shrinkage and managing it — and it is only possible because frequent counting produced the variance density to read the pattern in the first place.

Common mistakes that keep loss high

Most shrinkage programmes underperform for the same handful of avoidable reasons. Recognising them is half the cure:

• Treating shrinkage as one number. A single annual figure averages a leaking site into a clean one and points at no cause. Decomposition is the whole game.
• Reaching for “theft” first. The default explanation requires no internal fault, so it gets over-used — while unrecorded waste and supplier loss, often the larger share, go unexamined.
• Counting once a year. One data point cannot reveal a pattern. Without frequent counts there is no variance density to investigate, and loss is only ever discovered long after it could have been stopped.
• Buying technology before the diagnostic. EAS, cameras and RFID bought on a hunch land on the wrong categories. Spend should follow the located loss, with a measurable before-and-after.
• Skipping reconciliation. Without stripping out artefact first, teams investigate phantom losses that are really mis-postings, wasting effort and credibility.
• Letting the fix decay. A diagnostic that is not operationalised reverses within a year. Named owners, KPI tracking and quarterly review are what make the gain stick.

Retail versus warehouse: different problems, different controls

Shrinkage in a shop and shrinkage in a distribution centre are not the same problem wearing different clothes. The dominant causes differ, the loss surfaces in different places, and the highest-leverage controls are almost mirror images. Treating a warehouse like a big shop — or a shop like a small warehouse — is a reliable way to spend on the wrong control.

In retail, the loss is customer-facing and till-facing: external theft on concealable categories, refund and void fraud, and fresh-food waste dominate. The controls that move the needle are electronic article surveillance, source tagging, exception-based reporting at the point of sale, and decisions about layout and staffing on the highest-risk aisles. Sector-specific patterns are covered on our retail page.

In a warehouse, the value is concentrated per location and the loss is operational: mis-picks, goods-in and goods-out errors, damage in handling, and internal theft at the dock. Here the leverage is in receiving verification, scan discipline, location accuracy and radio-frequency or RFID-driven picking. The detail for distribution operations sits on our logistics & warehousing page. The common thread is counting cadence: both environments depend on frequent, location-level counting to see loss while it is still small.

Technology that earns its place

Technology does not stop loss; located, targeted technology does. The cardinal error is buying the kit before the diagnostic, so the spend lands on a hunch rather than on the categories and sites the data has proven are leaking. Sequenced correctly — diagnostic first, technology second — each tool attacks a specific slice of the problem with a measurable before-and-after:

• Electronic article surveillance (EAS) and source tagging raise the cost of concealment-based external theft on the specific high-risk lines the diagnostic identifies.
• Exception-based reporting (EBR) mines till data for the refund, void, no-sale and discount patterns that mark internal theft, turning the POS log into an investigation tool.
• RFID and item-level tagging change the economics of theft and surface process loss far faster by making item-level stock continuously visible. For high-value or high-theft categories, RFID tagging makes concealment-based loss far harder to sustain and shortens the time between an item going missing and you knowing.
• Receiving and goods-in verification — scan-on-receipt, three-way matching against order and invoice — closes the supplier and goods-in gap that theft-focused programmes routinely miss.
• Perpetual and cycle counting tooling generates the variance density the whole programme runs on; without it, every other tool is flying blind between annual counts.

The control programme: making the fix hold

A diagnostic that is not operationalised decays. Sites drift, disciplines lapse, and within a year the loss is back. The control programme is the loop that keeps the gain. It has four standing components, each with a named owner and a review rhythm:

• Targeted counting. Cycle counts concentrated on the risk categories and high-loss sites the diagnostic exposed — not a blanket re-count of everything, but observation where it earns its cost.
• Reconciliation governance. A disciplined, scheduled book-to-physical reconciliation with cause-coded variances, so loss is caught and classified the moment it appears rather than discovered at year-end.
• Receiving and process controls. Goods-in verification, waste and markdown logging that actually gets used, and refund/void controls at the till — the operational fixes that attack the causes, embedded into daily routine.
• KPI tracking and quarterly review. Shrinkage rate by site and category trended over time, with a quarterly review that holds owners to the trend. Improvements that are not tracked are improvements that quietly reverse.

The return: why loss reduction beats most margin work

Shrinkage reduction has an unusually clean business case because every pound of avoided loss falls straight to the bottom line — there is no cost of goods to subtract from it, no marketing spend behind it. At typical retail margins, recovering a single percentage point of shrinkage can be worth the contribution of a very large slice of additional sales that you would otherwise have to win, stock and serve. The arithmetic is what makes loss reduction routinely outperform most other margin initiatives pound for pound.

The return shows up in more than the P&L. A business that can evidence its stock position carries a smaller audit risk; the statements of stocktaking required under Companies Act 2006 s.386(4) fall out of the programme as a by-product, and a documented, cause-coded reconciliation shortens the year-end conversation rather than lengthening it. There is a working-capital dividend too: accurate stock data means less defensive over-ordering and fewer phantom stock-outs caused by records that lie. A shrinkage programme, done properly, pays for itself on the recovered loss alone and returns the audit and working-capital benefits for free.

Why independence matters here more than anywhere

Shrinkage investigation is the one counting discipline where internal delivery has a structural conflict: the processes under examination — receiving, waste logging, adjustments, count quality itself — are run by colleagues of the people counting. An independent count and reconciliation removes that bias, and removes equally the opposite failure, where every variance is casually attributed to staff theft when the data points at a broken process. We report what the evidence supports, with the variance trail attached; where findings do point at individuals, the output is structured so your HR, security or legal teams can act on it properly.

There is also a hard accounting edge: unknown loss is a direct P&L hit, and a business that cannot evidence its stock position is exposed at audit — the statements of stocktakings required by Companies Act 2006 s.386(4) are exactly the records a shrinkage programme produces as a by-product.

How an engagement is scoped

There is no single right shape for a shrinkage engagement, because the right shape depends on what you already know and how far the problem has been allowed to run. Three common starting points cover most situations:

• Diagnostic engagement. A bounded piece of work to measure the loss honestly, locate it by SKU, category, site and period, attribute it to causes with evidence, and hand over a prioritised, costed fix list. This is the usual first step: it sizes the problem and proves where the money is going before any ongoing commitment.
• Control programme. The diagnostic plus the standing loop — targeted cycle counts on the risk categories, reconciliation governance, receiving controls and KPI tracking by site and category, reviewed quarterly. This is what converts a one-off finding into a sustained reduction.
• Incident or event response. A focused count and reconciliation triggered by a specific event — a suspected fraud, a step-change in unexplained loss, a pre-transaction check — where the priority is a defensible, neutral picture quickly.

Scope is set by what the data demands, not sold as a fixed package. High-loss sites and high-risk categories get the most attention; the long tail of stock that is demonstrably fine is left to routine counting. The aim throughout is that every pound spent on investigation is justified by recoverable or preventable loss — the programme should pay for itself out of the loss it stops.

What the data needs to deliver this

A data-led programme depends on a few inputs being available and reliable, and part of the early work is often getting these into shape:

• A clean SKU master — consistent units of measure, pack sizes and cost/retail values, because most artefact loss traces back to master-data error.
• Movement history — receipts, sales, transfers, returns and adjustments, so legitimate movement can be separated from loss.
• Recorded known loss — logged waste, damage, markdown and return-to-vendor, so known and unknown shrinkage can be split.
• Frequent physical counts — the variance density that makes patterns visible; supplied by the engagement where it is not already there.
• Till and exception data — refund, void, no-sale and discount logs that surface internal-theft patterns in retail.

Where these are weak, improving them is not a detour — it is part of the fix, because a business that cannot trust its own movement data cannot tell loss from noise. The counting and reconciliation disciplines that produce reliable data are the same ones that keep shrinkage controlled afterwards.

The CPCON difference

CPCON brings own, directly-employed field teams to every count — not a franchised or sub-contracted crew assembled per job — which is why our variance data is consistent enough to read for patterns in the first place. The methodology behind these engagements has been refined across more than 4,500 inventory and verification projects in six countries over 30+ years, and it treats stock loss as the meeting point of three pictures that must be reconciled: the physical reality on the floor, the logical record in the system, and the financial position in the ledger. Most loss lives in the gaps between those three, and reading all three at once is what separates a real diagnosis from a guess.

On certification, we are deliberately precise: CPCON does not hold or claim its own ISO or SOC certification for these services, and we will never imply otherwise. Where your shrinkage and stock controls need to satisfy a certifying body, the body certifies your organisation — and what we deliver is the field evidence that makes that certification defensible. Honest scope is part of the product.

Built from counting, not consultancy

Everything in the programme stands on field data: independent stocktakes to establish truth, cycle counting to keep risk categories under continuous observation, and stock reconciliation to separate artefact from genuine loss before it reaches the ledger. When the number must convince a third party — an auditor, a lender, an insurer — the discipline steps up to an independent stock audit. Retail and warehouse specifics are covered on our retail and logistics & warehousing pages — and for high-theft categories, RFID tagging adds item-level visibility that makes concealment-based loss far harder to sustain.

The programme at a glance