We use cookies to give you the best possible online experience. If you continue, we'll assume you are happy for your web browser to receive all cookies from our website. See our cookie policy for more information on cookies and how to manage them.

Knowledge store

For tips, tools and guidance on all things risk management, just search for a topic you’re interested in or use the below pods.

Knowledge store general enquiry form
Submit enquiry

Cash Security - Theft & Burglary [Hardfacts]


Cash, which should be regarded as notes, coins and freely convertible (usable) vouchers, is especially attractive to criminals. As such they frequently look to steal it by stealth ('theft) or forced entry ('burglary') in each case such an event occurring either opportunistically or after considerable research and planning.

All organisations undertaking cash handling, i.e. cash receipt, issue, counting, transfer, banking, and cash storage can be at risk of theft/burglary, and should take appropriate measures to prevent it.

This Hardfacts outlines some general advice on cash security which is primarily aimed at enhancing the security of cash against theft/burglary. More specific information on protecting the cash from robbery and on safety of cash handling personnel is available in ‘Hardfacts' 3013 and 1004 respectively.

In depth theft protection is best achieved by following a series of steps, as outlined below:-

Step 1 - Risk Assessment

As a first step a theft risk assessment should be undertaken that considers:

  • When, where and how cash is handled
  • When, where and how cash is stored
  • The amounts of cash handled/stored
  • The likelihood/nature of a theft
  • The monetary and commercial impact of a theft/burglary
  • The adequacy of existing precautions

Once the assessment has been completed, measures to improve security can better be considered, as indicated below.

Note: Some useful further guidance on this whole topic can be obtained from the RISCAuthority website: see 'Sources of Further Information' below.

Step 2 - Risk Avoidance

In some cases use of cash can be avoided, e.g. by only making/receiving payments by cheque or electronic transfer.

Step 3 - Risk Reduction

Consider whether the amount of cash held at vulnerable locations  in transit and overall can be reduced for example:-

  • Adopt more frequent cash collection from vulnerable areas such as tillsetc to a more secure area 
  • Undertake more frequent banking e.g. twice rather than once daily/weekly etc
  • Store cash in duplicate locations/safes within the premises
  • Remove cash outside occupied hours

Step 4 - Risk Transfer

If you have a 'Merchant Fill' convenience ATM, changing it to a 'Cash in Transit' (CIT) type if likely to mean you will no longer be liable for its contents - although the general risk to the premises and personnel will remain.

Step 5 - Managing Risk

Those risks that are unavoidable or which remain after considering steps 2-4 need to be managed, as indicated below:

Managing Risk - People

Arguably the most important general theft security measure relates to people, so consider:

Cash handling and other personnel need to be trustworthy and to reliably follow designated security procedures, so ensure personnel:-

  • Have their previous employment record and references fully checked before being employed 
  • Are suitably vetted fro criminal records e.g. via the Disclosure and Barring Service (DBS) formerly referred to as 'CRB' checks
  • Are trained in security procedures and then held to account for their ongoing use 
  • Understand the reason for/workings of any security procedures, devices and systems provided and any possible limiations 

Security Guards
At some sites a manned security presence, either ‘in house' or an external company, may be appropriate.

The criteria for selecting a guarding company should include staff holding appropriate Security Industry Authority (SIA) licences, adhering to recognised training and operating procedures (e.g. those set out in BS 7499 - Code of Practice for Static Site Guarding and Mobile Patrol Services ) having suitable insurance and being subject to a strict regime of external inspection/site audits.

Although companies who hold SIA Approved Contractor Scheme (ACS) status will have suitably licensed and trained staff, National Security Inspectorate (NSI) or Security Systems and Alarms Inspection Board (SSAIB) listing is the best indicator of complete compliance with all of the above recommendations.

Criminals are usually looking for an easy target, so are susceptible to being deterred if security precautions that are not otherwise readily apparent are 'advertised', e.g. display warning signs such as "Opening this door activates an alarm" or "No money is left on these premises overnight" etc

Managing Risk - Theft

Many cash thefts, whether belonging to organisations, employees or visitors, take place when premises are trading or otherwise potentially accessible to the public. These usually occur when thieves use stealth or bravado to snatch cash from insecure or unattended areas, so consider:

Procedural Security

Ensuring that  personnel:

  • Have limited access to cash handling or storage areas
  • Do not leave cash in areas that are, or may at times be, unattended, e.g. cloakrooms, reception areas, trade counters, etc
  • Do not leave cash in rooms/areas having doors/windows readily accessible from outside the building
  • Do challenge strangers

Physical Security Measures

Physical measures can be used to restrict unauthorised access for example:

  • Using locks/access control systems to secure all or the most vulnerable parts of a building
  • Ensuring cash is locked up, e.g. in a till, safe or other receptacle that is itself secured in place and that is ideally sited within a lockable and alarm/CCTV protected area  
  • Restricting cash handling to purpose built and secure cash handling rooms/offices - see ‘Hardfacts' 3013 Cash Security - Robbery for more information

Electronic Security

If other measures fail, it is useful to be alerted to the presence of someone who should not be there, so consider:

  • Having a suitable* general premises alarm idealling programmed to allow a "part set" during occupied hours e.g. opening certain doors or entering certain areas will activate it
  • Installing a specific local alarm for use when at risk areas/rooms are unattended
  • Using locally monitored CCTV to relay pictures of vulnerable areas to occupied parts of premises

*This would typically be a remotely monitored alarm eligible for routine police response.

See other ‘Hardfacts' sheets for fuller information on intruder alarms and CCTV systems.

Managing Risk - Burglary

Most cash theft occurs after a break in whilst a premises are unoccupied so consider:

Procedural Security
Ensure designated personnel:

  • Conduct a tour of the premises at close of business to ensure all security measures are in place and fully working
  • Remain contactable 'out of hours' and have an appointed/knowledgeable deputy for periods of absence (e.g. holidays/illness)

Physical Security - Premises
A building should be of adequate strength to resist the expected level of likely attack. See ‘Hardfacts' 3003 Perimeter Security and 3017 Door & Window Security for further information.

Physical Security - Safes
Use a good quality safe supplied by a competent safe dealer/locksmith, e.g. a member of the Master Locksmiths Association (MLA),  ensuring that it has a suitable burglary resistance (Security 'Grade'*) for the values held within it.

*Safe manufacturers will usually suggest a Grade(and related cash limit) for their safes, with Grade ideally being certified by an independent test body e.g. European Certification Board - Security (ECB-S) or Loss Prevention Certification Board (LPCB); but in any event the intended cash limit should always be checked with any interested insurer before purchase.

Electronic Security - Intruder Alarms
A (remotely monitored) intruder alarm is the most common means of detecting an responding to a break in.  Such alarms should:

  • Be designed, installed and maintained by an installer whose adherence to relevant British/European standards, and any police requirements, is evidenced by holding accreditation from a recognised alarm inspectorate body, i.e. the NSI or SSAIB.
  • Be connected to NSI/SSAIB accredited alarm receiving centre (AR)
  • Have good levels of detection at both perimeter and within target areas of the building, especially where a ‘confirmed activation' is required to obtain a police response
  • Use a phone/radio based dual path Alarm Transmission System (ATS) having high security/performance - to ensure that failure of the ATS will be quickly detected and reported 

Electronic Security - Security Fog Systems

When activated these systems sometimes call security 'smoke' systems very quickly fill a room/area with harmless thick obscuring white fog thereby preventing intruders seeing what they have come to steal.  Such systems should:

  • Be designed installed and maintained by an installer whose adherence to relevant British/European standards (e.g. BSEN 50131-8) and any police/fire brigade requirements is evidenced by holding accrediation from a recognised alarm inspectorate body i.e. the NSI or SSAIB.
  • Be connected to/integrated with a remotely monitored intruder alarm

Electronic Security - CCTV
CCTV can be used to locally or remotely alert appropriate personnel to a burglary underway and/or obtain images (evidence) for later use. Such systems should

  • Be designed installed and maintained by an installer whose adherence to relevant British/European standards and any police requirements is evidenced by holding accreditation from a recognised alarm inspectorate body i.e. the NSI or SSAIB.

See other 'Hardfacts' sheets for fuller information on intruder alarm and CCTV systems.

Key Action Steps

  • Assess the risks and consider the adequacy of current security measures

  • Seek professional help and advice, including that of any interested insurer's

  • Use suitably accredited and competent providers for locks, safes, intruder alarm or CCTV system work. 

  • Ensure personnel have adequate security vetting plus intial and on-going training

  • Display suitable warning signs

  • Review security on a regular basis and as circumstances change

Sources of Further Information

Other ‘Hardfacts' in the Property Protection Security series, which are available in our ‘Knowledge Store' at

The RISCAuthority (UK property insurer's technical group) See

In particular, consider these two documents

S22: Cash Security - a user's guide

S3: Convenience ATM's - recommended security measures

Note: Their website contains many other documents that may be useful e.g. those covering the principles of property security, security fog devices, intruder alarms, CCTV and keyholding etc 

The Disclosure and Barring Service see 

The Security Industry Authority. See

National Security Inspectorate (NSI) - Tel 01628 637512 or see

Security Systems and Alarms Inspection Board (SSAIB) - Tel 0191 296 3242 or see

Master Locksmiths Association (MLA). Tel 01327 262255 or see

The European Certification Board - Safes (ECB-S) or see

The Loss Prevention Certification Board (LPCB) or see

Insafe - supplier of safes and security cabinets (member of Aviva's "Specialist Partner" network) Tel 0800 252225 or visit

Security Fog Companies:

SMOKECLOAK - Tel 01604 839000 or

BANDIT - Tel 0870 7770434 or

SMOKESCREEN - Tel 01205 821002 or

PROTECT - Tel 01299 254254 or

British Security Industry Association (BSIA) Tel 0845 389 3889 or see

Next Steps:

  • Source discounted products, available to Aviva insured customers and brokers only, via our Specialist Partners - click here to find out more about the savings you could make
  • View our Tools and Templates
  • Call our Risk Helpline on 0345 366 66 66
  •  Email us at

Please Note
This document contains general information and guidance and is not and should not be relied on as specific advice. The document may not cover every risk, exposure or hazard that may arise and Aviva recommend that you obtain specific advice relevant to the circumstances. AVIVA accepts no responsibility or liability towards any person who may rely upon this document.

Rate this entry

Was this helpful to you?