Reading Time: 5 minutes
OVERVIEW
A mid-Atlantic financial institution with operations spanning nine states and over 200 branch locations. From high-rise downtown offices in major metropolitan areas to community branches in suburban and rural markets, this bank serves diverse communities, requiring a sophisticated approach to physical security management across drastically different risk environments.
With a commitment to employee safety and customer service, the bank needed a way to objectively assess, compare, and improve security across locations that could not be more different — from a branch in downtown Manhattan to one in a small Southern town.
CLIENT SITUATION
Like many financial institutions, this bank traditionally relied on anecdotal security assessments conducted by its regional security managers — all of whom brought valuable law enforcement backgrounds to the role. However, as the organization grew and expanded into new markets, several challenges emerged:
- Lack of Standardization: Branch security assessments were largely subjective, based on individual security managers' training and experience rather than consistent, measurable criteria.
- Difficulty Comparing Locations: With branches in wildly different environments — from high-crime urban centers to low-risk suburban areas — leadership struggled to objectively compare security posture across the footprint.
- No Quantifiable Risk Metrics: When requesting security investments or improvements, the team lacked hard data to support their recommendations, sometimes facing pushback from stakeholders who questioned the necessity of enhanced measures.
- Growing Footprint: As the institution continued to expand, it needed a scalable system that could quickly and accurately assess both existing locations and potential new sites.
The security team knew they needed more than gut instinct. They needed a data-driven framework that could translate complex security realities into clear, actionable metrics that both security professionals and business leaders could understand and act upon.
PINKERTON SOLUTION
The bank integrated the Pinkerton Crime Index (PCI) as a foundational component of an innovative, standardized branch security assessment program — one that appears to be the first of its kind in the financial services industry.
Rather than using PCI scores in isolation, the security team developed a comprehensive methodology that combines PCI data with their own detailed branch assessments to create a unified risk rating system.
The bank's approach centers on a dual score methodology:
- 50% PCI Crime Risk Score — Objective, data-driven assessment of the crime environment surrounding each branch
- 50% Internal Branch Assessment Score — Evaluation of physical security measures, controls, and vulnerabilities at the location itself
The security team developed a dual-comparison methodology that provides more nuanced risk assessment than standard benchmarking. Rather than simply comparing each location against national crime averages, they also compare branches against their own organizational baseline.
For example, while a specific Florida location might register 1.5 times higher in violent crime than the national average, the same branch scores 1.8 times higher when measured against the institution's own footprint average. This approach revealed that the bank's overall portfolio actually trends higher than national averages — largely due to strategic market presence in urban banking centers — making internal benchmarking essential for accurate risk prioritization.
Statistical Rigor with Real-World Application
The team organized all locations by standard deviation groupings based on violent crime risk — their primary concern for employee safety. Unlike typical statistical analysis, they deliberately did not remove high outliers because those locations house real people who need protection.
This kept high-risk locations in major metropolitan areas in the dataset, ensuring those vulnerable sites received appropriate attention and resources.
Dashboard-Driven Decision Making
All data is compiled into an accessible dashboard that leadership and security managers can reference at any time. The dashboard allows them to:
- View each location's PCI score, internal assessment score, and combined overall rating
- Compare branches within the same market or across the entire footprint
- Track changes over time as crime patterns shift or security improvements are implemented
- Prioritize locations for security investment based on objective data
The team emphasized that crime data only delivers value when it drives actionable security decisions. Simply knowing that a particular branch location faces 2.5 times higher violent crime risk than the national average provides limited benefit without a framework to act on that intelligence.
PCI data directly informs targeted security measures, allowing the bank to invest resources where they're needed most:
In Higher-Risk Locations:
- Enhanced access control systems
- Additional surveillance cameras and monitoring
- Security guard escorts for employees during high-risk hours
- Coordination with local law enforcement for increased presence
- Upgraded lighting in parking areas
- Panic buttons and emergency response systems
- Riot glass installations where appropriate
In Moderate or Lower-Risk Locations:
- Standard security protocols without costly advanced measures
- Focused spending on maintenance and basic improvements
- Reassurance to staff and management that current measures are sufficient
This data-backed approach has reduced pushback and accelerated approval for necessary security enhancements.
BUSINESS IMPACT
The integration of PCI into this standardized assessment framework has transformed how the bank approaches security across its entire organization. There have been measurable improvements:
- Standardized Risk Assessment: Every location now has an objective, comparable security rating — eliminating subjective assessments and creating consistency across nine states and multiple security managers
- Data-Driven Resource Allocation: Security investments are now prioritized based on quantifiable risk rather than gut feeling, ensuring maximum impact per dollar spent
- Enhanced Credibility: Hard data gives the security team stronger credibility when requesting resources or implementing new protocols
- Improved Employee Morale: Branch staff feel more confident knowing their security needs are being objectively assessed and addressed
- Leadership Confidence: Retail division leadership has embraced the approach wholeheartedly
The security team reviews the PCI dashboard monthly to track any significant changes in crime patterns. While groupings remain relatively stable, this regular monitoring ensures they can respond quickly if a location's risk profile changes.
Every year, the team conducts a comprehensive review of all locations, updating PCI scores and recalculating their organizational benchmarks. Branch assessments are required every three years but can be conducted more frequently as needed or directed by leadership.
Perhaps most significantly, the team has documentation and data to back up their recommendations — which has proven crucial when incidents do occur.
The methodology has caught the attention of industry experts. According to the team, a leading financial institution security consultant noted he had never seen a comprehensive risk number assigned to physical properties in the financial industry before — calling this approach potentially a first in the sector.
The bank plans to continue refining its assessment methodology and expanding its applications. The security team remains committed to data-driven decision-making and is exploring additional ways to leverage PCI insights for pre-opening site assessments and expansion planning.
The bottom line: By combining PCI's objective crime data with their own rigorous internal assessments, this bank created a security framework that's both quantifiable and actionable — proving that when it comes to protecting people and assets, data-driven decision-making makes all the difference.
