Why are some cash machines more likely to be subject to attempted forced removal than others?

The Charity Crimestoppers reports that the number of attacks on cash machines (ATMs) ‘has doubled over the past four years,’ with an annual cost to communities of £150m. The consequence for communities commonly includes an inability to access cash locally for a period. The best possible result for an ATM host is managing the consequences of costs
in the very low thousands for superficial repairs. The worst case is a cost of over £1 million due to the ATM theft creating a building fire and a total loss of the property.

The intuitive sense is that the number of ATM incidents have increased over the past few years. Balkerne reviewed available data for attempted ATM theft incidents for a particular UK Grocery Retailer, with roughly 2,000 stores nationwide and identified a notable increase in frequency in 2020, but a consistency between criminal success and failure.

The success of a physical attack on an ATM involves several factors, from the characteristics of the ATM installation, the knowledge and ability of the criminal perpetrators and the equipment and techniques used to conduct the attack. Vehicles are commonly used in attacks, not just for travel to and escape from the site. Three broad modus operandi for
the use of vehicles on site have been identified:

  • Stolen vehicles are used to ram into the shop and / or ATM to achieve access.

  • A chain attached to a stolen vehicle is used to drag the ATM out.

  • A stolen telehandler or digger is used to drag the ATM out.

Further methods of ATM attacks, which are less frequent include:

  • Mixed gases are introduced into the ATM and ignited to dislodge it.

  • Attack on staff conducting replenishment of ATM.

  • Use of angle grinders to access the back of the ATM.

In this short case study, we review the positioning of three different ATMs which are located within 1km of each other. From visual observations only, and with no knowledge of wider security measures regarding their installation, a simple assessment is made as to their vulnerability to criminal action of forced removal.

ATM ‘A’ is sited through a masonry shop front with a dedicated enhanced servicing shroud located internally. The ATM is installed so that the front is turned 90º from the road. This installation and the placing of bollards to the front of the store, significantly restricts the ability of any vehicle manoeuvre with appropriate speed and angle to attempt a rip-out of the ATM unit. The site is also well provided with several CCTV units providing coverage.

ATM unit ‘B’ is sited through a glazed shop front with a servicing shroud located internally, adjacent to the main glass door entrance. The ATM unit is installed front facing and there is substantial tarmac area immediately adjacent to the store, which affords plenty of vehicle manoeuvre room to achieve the required angle and speed to comprehensively dislodge the ATM unit. It can be discerned from inside the shop that the ATM does not have an enhanced anchoring system.

ATM ‘C’ is sited through a masonry shop front with an adapted internal room for servicing. The front of the ATM is installed at a 45º angle from the road. The presence of a raised planter bed and bollards restricts the ability for vehicle manoeuvre from the front. The side access to the ATM room is protected by a security door and reinforced measures on the wall.

All very interesting, but what has this got to do with technology, Balkerne’s SmartResilience platform and insurance?

LINK is the UK’s cash machine (ATM) network and has a formal ATM Security Working Group, with comprehensive physical ATM security guidelines for installation of, and maintenance of the integrity of ATMs. For the purposes of achieving the best possible premiums from the Insurance Capacity Provider and the Broker, it is up to the insured customer to provide information on how ATM installation and maintenance best practices have been adhered to and overall risk managed as well as possible. A failure to achieve required standards of installation and address vulnerability management will increase risk and liability for the insured customer.

Fundamental to risk mitigation is the need for insured customers to gather and compile information digitally and in a structured format on the conditions of ATM installation and security measures. Furthermore, structured, digital information on where ATMs have been attacked, when and how, enable the necessary knowledge of recognising long term and temporary trends of criminal activity, the issuing of dynamic alerts, but most importantly, the understanding of what security measures work, their cost effectiveness and a prioritisation of ATM locations for capital investment.

Balkerne’s SmartResilence is the digital platform for the insured customer to understand and manage risk:

  • Conduct surveys and assessments of installed equipment.

  • Compile financial values at risk.

  • Record risk controls in comprehensive details and analyse their success.

  • Enable consistent reporting of incident information and subsequent analysis.

  • Disseminate information based on real time alerts.

  • Conduct analysis and make key business decisions.

Perhaps the probability of an ATM rip-out resulting in a catastrophic building fire and a £1m insurance claim could have been significantly reduced by a £2,000 investment in humble anti-ram bollards? The only way is to get the data.