Tag Archives: crime

Processes, Protocols and Layers of Protection: Essential Security Measures for the Medical Cannabis and Hemp Industries

By Joshua Wall
No Comments

As legalization of cannabis products from hemp to medical cannabis takes root across the U.S., there’s a growing need to understand and build good security practices. While many think of security as safeguarding assets like facilities and product, effective security does much more. It protects a business’ workers, providing them secure workplaces and incomes. Ideally, it reaches from supply chain to customers by ensuring consistently safe products.

To truly understand the value of this for a brand or for the industry as a whole, consider the opposite: the destructive effect – on a brand and on the industry at large – of unsafe or tampered product reaching customers, or of crimes occurring, just as the industry seeks to demonstrate its validity and benefits. Security is vital not only to individual farmers, processors or customers but to all who value what the industry brings to those who rely on CBD or medical cannabis products for their wellbeing.

Know the Threats.

Part of the learning process involves understanding the value of the product.Security is all about anticipating and reducing risks. These can include physical threats from natural sources – think flood, fire, tornado or crop fail – or from human threats. Human threats can arise from organized criminals, hackers, amateur thieves, vandals – or insiders.

As regulated industries, hemp and cannabis businesses also face risk of losses, which can be significant, from penalties ranging from fines to being shut down for non-compliance. While rules vary from state to state and continue to change, a disciplined approach to security is foundational to reducing risk at many levels. Rigorous operational processes must incorporate security that addresses risks at multiple points of access, transport and sale of products.

Learn the Rules.

In a rapidly evolving industry, one of the most important things producers can do is to learn. Security requirements vary by region and providers need to be aware of what is available. Get to know your state, local and federal resources for your operating area. California law, for example, specifies use of high-resolution video surveillance in dispensaries, while others do not.

Joshua Wall, Chief Operating Officer at Harvest Connect LLC

Part of the learning process involves understanding the value of the product. With medicinal cannabis, it’s helpful to grasp both its commodity value and the street value that could make it attractive to thieves. In “Why Marijuana Plant Value is So Important for Adjusters,” Canadian Underwriter Magazine gave examples that indicate the size of losses that may occur in growing and processing operations:

“In the medical marijuana space, ClaimsPro has already seen losses primarily between $150,000 and $750,000. These losses, mostly on Vancouver Island, were for fire and water damage, as well as boiler machinery issues, physical damage to buildings and specialized greenhouse equipment, as well as extra expense and business interruption.”

The same article notes a claim over $20 million at another single flower greenhouse. Security needs to reflect what’s present on our premises.

Educating the community can reduce risk as well. Producers of industrial hemp may need to inform would-be thieves that what they are looking at is not street-valued product. To protect the crops, which are generally grown outdoors and do not require a full security detail, a best practice is simply posting signs on the property that say explicitly “No THC.” 

Begin with a Risk Assessment.

Security begins with a professional evaluation of site vulnerabilities, examining key weaknesses that could be exploited by attackers. These include:

  • Monitoring access to the site is a foundational principle of security.
  • Design limited access points into the facility as well as prepare for possible facility breaches with perimeter access control, technological redundancies and ballistic glass for defensive architecture measures.
  • Look at route vulnerabilities as well.
  • Hedge site risk by not limiting your operation to a single site where one incident could wipe out an entire year’s crop.

The nature of threats is always changing. A 2018 Newsweek article described the struggles of legal cannabis farmers against illegal and potentially cartel-backed and violent operations in California. While a 2020 Business Insider report described indications that legalization was prompting some cartels to leave cannabis alone and move on to fentanyl and meth. “While Mexican drug cartels made their money predominantly from marijuana in past decades, the market has somewhat dissipated with the state-level legalization of cannabis in dozens of states across the US.”

Define Levels of Risk and Access.

The best security matches spending to risk in a commonsense way. Are you more at risk from the occasional smash and grab incident or is there reason to anticipate an organized assault? As in many industries, the greatest risk often comes from employee fraud or theft. Hiring carefully, paying fairly and training staff well are important to long term security.

Iron Protection Group in a training session
Image credit: Tampa Bay Times

How will the product be moved around within the facility and beyond it – and what staff are responsible for each part of the journey? Who can enter the cultivation areas and what protocols must they follow? On site staff should be trained on what to look for if they observe a security breach. Consider biometrics such as retinal scans, fingerprint scans or similar.

In cases where valuable product or cash is present, guards can play an important role. Harvest Connect uses only high-level former military or police officers in these roles, an approach recognized by many. Hunter Garth of Iron Protection Group notes they have “the ability to de-escalate a potentially harmful situation and the fortitude to see a mission through to completion, no matter what external circumstances may arise.”

Inventory and Transaction Controls

Inside threats from sloppy processes can be just as insidious as attacks. Poor tracking of inventory by Oregon’s legal cannabis producers made headlines in 2018 as The Oregonian reported, “U.S. Attorney Billy Williams told a large gathering that included Gov. Kate Brown, law enforcement officials and representatives of the cannabis industry that Oregon has an ‘identifiable and formidable overproduction and diversion problem.’’ Discipline, applied by state pressure but carried out by producers themselves, has begun to reduce the diversion of untracked product into the black market a year later.

Cannabis businesses need a professional approach to monitoring all product and money that moves through its systems. These operational processes can include time, date and attendance stamps on all inventory. Similarly, accounting systems and software must follow the highest professional standards. Lastly, when breaches occur, it is essential that fraud and theft are caught, eliminated and prosecuted as appropriate.

Nurturing an Emerging Industry

Security resources are an integral part of maintaining the integrity of a business’ supply chain. As the product moves from the fields to processing centers to consumers, purity assurance becomes an operational objective. Ultimately, protecting the product through secure and professional practices is the optimal way to serve customers, build a brand, and sustain the industry.

CannTrust Meltdown Indicative Of Summer Of Scandal To Come

By Marguerite Arnold
No Comments

While you may not have heard of CannTrust Holdings so far, that is now about to change. A summer spectacle of double dealing and corporate greed has put this Canadian cannabis company on the global map.

Unfortunately, the current meltdown underway is indicative of more to come.

A Summary Of The Story So Far

CannTrust, a company which serves 72,000 Canadian patients and got into the game early, decided to do what it saw other companies doing all around them. That covers a lot of ground (good and bad at this point). Regardless, the most relevant recent twist to the saga came when the company hired a new CEO, Peter Aceto last October.

Aceto however, along with the now also fired co-founder and chair of the board Eric Paul, decided to continue growing and harvesting unlicensed product. Worse, this occurred while boasting in public of their productivity gains on the way to securing a hefty investment of capital this spring. $170 million. The grow rooms finally got their certification in April.

What is even more embarrassing however, is that this was a round led by the much-vaunted investors the industry has been courting assiduously for the past several years. Specifically, in this case? Institutional banks like Bank of America, Merrill Lynch, Citigroup, Credit Suisse Securities and RBC Capital Markets.

But that is “just” the North American hemisphere. The rather unfortunately named CannTrust (certainly at this point) also had a European footprint – notably Denmark. Unlicensed cannabis ended up there too, of course. Stenocare A/S, the company at the receiving end of the same, reported receipt of product from the unlicensed rooms on July 4.

As far as such things go, however, you have to give it to CannTrust company executives. In terms of setting standards if not benchmarks and “records”, they certainly seemed to have set a few, although probably not the ones they aspired to. If not, with certainty, their investors.

A Surprise Or Inevitability?

That said, for many who have been sounding warnings for at least a year, the 2019 Summer of Canadian Cannascandal is certainly starting to confirm what many have been saying for quite some time. This is not the first time a securities exchange, for one, has sounded the alarm. Deutsche Börse delisted the entire North American public cannabis industry last summer briefly. Then they revised their policy, reluctantly, after Luxembourg changed its stance on medical use. That said, they are still watching with a standing policy of bouncing any company that runs afoul of their rules.

The problems, issues and more bubbling at the center of this cannameltdown, in other words, are not limited to just one company or country.

And everyone knows it.

Accounting For Past Mistakes

For those who are counting, the value of all of that illegally grown CannTrust product is not insignificant. Estimates are floating in the CA$50-70 million range. The problem is, of course, nobody is sure what numbers to rely on. CannTrust employees knowingly provided inaccurate information to the new CEO if not regulatory body until a whistle-blower provided a few more details.

That said, for all of the hullabaloo, one thing this story also does is point a bright spotlight on the lax enforcement of even this pretty easy-to-understand regulation.

The question, however is, if CannTrust thought it could get away with this kind of blatent flouting of the rules, if not lax oversight, are there any other companies who might have also done similiar things?

After all, even the pesticide scandal of 2016 did not occur at just one company either.

Where Are The Proceedings?

This is a rolling story, which began to break at the beginning of last month when Health Canada issued a non-compliance order to CannTrust and impounded 5,200 kg of dried cannabis that was apparently grown in unlicensed grow rooms on July 3.

There have already been some jaw dropping revelations so far (beyond the executive decision to even go down this road in the first place) no matter how attractive pimping numbers was. Starting with things like fake walls being erected to hide the grow. And then of course pictures that have been all over social media of late, of the now departed CEO Aceto being photographed directly in front of said unlicensed rooms too.

As a result, the drama has continued to unfold in a highly predictable way.

By August 1, CannTrust Holdings, a Canadian cannabis company listed on both the New York and Toronto stock exchanges, was facing a “quasi-criminal investigation” by the Canadian Joint Serious Offenses Team. This is a coalition of law enforcement agencies including the Ontario Securities Commission, the Royal Canadian Mounted Police Financial Crimes Unit, and the Ontario Provincial Police Anti-Rackets Branch.

But CannTrust’s issues don’t end there. This is an international story that is just beginning. Government regulators in Europe if not elsewhere are paying attention.So are shareholders, and their lawyers.

WSLCB

Washington State Regulators Crack Down On Diversion

By Aaron G. Biros
No Comments
WSLCB

For the second time in six months, the Washington State Liquor and Cannabis Board (WSLCB) took swift and severe action on a cannabis business licensee operating in the black market. The regulatory agency issued an emergency license suspension for Port Angeles’ North Coast Concentrates, which are effective for 180 days, during which time regulators plan on revoking the license altogether.

WSLCBAccording to a release emailed last week, the violation was uncovered during a routine traffic stop. “On September 20, 2018 an employee of North Coast Concentrates was pulled over by Lower Elwha Police, during the course of the traffic stop officers found 112 grams of traceable marijuana concentrates, three large jars and a large tote bin of untraced dried marijuana flower,” reads the release. “The products were not manifested in the state traceability system. Subsequent investigation by WSLCB officers revealed that the untraced product had been removed from the licensees grow operation and that the traced concentrates were returned from a marijuana retailer in Tacoma several weeks earlier.”

The release goes on to add that when regulators investigated the matter, they found text messages indicating the license holder’s complicity in the act. When the WSLCB suspended the license, officers seized “556 pounds of marijuana flower product, 24 pounds of marijuana oil and 204 plants from both locations.” Regulators say, “the severity of these violations and the risk of diversion” is the reason for the emergency suspension and product seizures.

According to the end of the release, The WSLCB issued one emergency suspension in 2017, and six in 2018. One of those was roughly six months ago in July when regulators issued an emergency suspension for a Tacoma-based cannabis business for the same reason as the most recent one- diversion.

The WSLCB release email from July
The WSLCB release email from July

The enforcement branch of the WSLCB acted on a complaint and inspected Refined Cannabinoids where they found “numerous and substantial violations including full rooms of untagged plants, clones and finished product,” reads a release emailed back in July. “During the course of the inspection officers discovered and seized 2,569 marijuana plants, 1,216 marijuana plant clones, 375.8 lbs. of frozen marijuana flower stored in 11 freezer chests, 3,423 0.5 gram marijuana cigarettes, and 97.5 lbs. of bulk marijuana flower without the requisite traceability identifiers.”

That July release also states that enforcement officers found evidence of diversion to the black market, in addition to the company not tracking their product. “Traceability is a core component of Washington’s system and essential for licensee compliance,” says Justin Nordhorn, WSLCB chief of enforcement. “If our licensees fail to track their product they put their license in jeopardy.”

Aaron_headshot
Biros' Blog

Should PA Revoke a Cannabis License For Their Parent Company’s Past?

By Aaron G. Biros
2 Comments
Aaron_headshot

Pennsylvania Medical Solutions, LLC (PAMS), won a license to grow medical cannabis in Pennsylvania, but some think the Pennsylvania Department of Health (PA DOH) should reconsider awarding that license. PAMS is a subsidiary of Vireo Health, which has medical cannabis licenses in New York and Minnesota, as well as quite the blemish on their business record. In December 2015, two former employees were accused of breaking state and federal laws by transporting cannabis oil from Minnesota to New York. Because of that history, some are questioning why exactly they were awarded the PA medical cannabis license.

A part of the PAMS application

In that school of thought is Chris Goldstein, a Philadelphia-based cannabis advocate and author of an article on Philly.com, which calls PAMS’ license into question. According to Goldstein, Vireo Health could lose their licenses in New York and Minnesota, and those former employees involved might even face federal prosecution. “On the surface it would seem that Vireo broke every rule in the book,” says Goldstein. “Not only could the company lose its permits in both of those states, but employees could face federal prosecution for interstate transport and distribution.” But does that previous wrongdoing by two former employees have any bearing on their application in PA? In Maryland, it did. According to The Baltimore Sun, concerns surrounding MaryMed’s parent company, Vireo Health, is the main reason why their permit to grow medical cannabis was revoked.

In response to some of those concerns about their PA license, Andrew Mangini, spokesman for Vireo Health, issued the following statement, which appeared in Goldstein’s article: “While we’re aware of allegations against two former employees of an affiliate, those individuals have never had a role in our application or in the management of PAMS,” says Mangini. “It’s also important to note that our Minnesota affiliate and our parent company Vireo Health have not been accused of any wrongdoing in connection with those allegations.”

Below is a timeline of events leading up to the PA DOH defending their decision to give PAMS a license:

  • December 2015: Two former employees of Minnesota Medical Solutions, a subsidiary of Vireo Health, transported a half-million dollars worth of cannabis oil from Minnesota to New York, violating state and federal laws.
  • February 9th, 2017: The two former employees were formally charged with crimes in Minnesota for illegally transporting cannabis across state lines.
  • February 20th-March 20th, 2017: PAMS submitted a license application to the PA DOH between these dates, listing their business state as Minnesota on the application.
  • May 2017: Maryland DOH suspended the licenses of MaryMed LLC, a subsidiary of Vireo Health, over concerns that the company did not provide information related to the Minnesota and New York licenses on their application, according to the Washington Post.
  • June 20th, 2017: PA DOH releases a list of license winners; PAMS was listed among winners for a cultivation license in Scranton.
  • June 26th, 2017: PA DOH officials defend their decision to award PAMS a license, according to a Philly.com article. That same day, The Baltimore Sun reported the Maryland Medical Cannabis Commission revoked MaryMed, LLC their license, citing concerns about Vireo Health.

April Hutcheson, spokeswoman for the PA DOH, told Philly.com in June, “Remember, the permits are given to business entities, not people.” The point she is making refers to the charges being filed against former employees, not any of the businesses who hold medical cannabis licenses.

Steve Schain, Esq. practicing at the Hoban law Group

Steve Schain, Esq., an attorney with Hoban Law Group in Pennsylvania, has seen no objective evidence of anything wrongful in either PAMS’ application or the DOH’s processing of it. “Marijuana related businesses often have distinct, affiliated components and the Department of Health faces two critical issues,” says Schain.

“First, whether grow applicant PA Medical Solutions, LLC (PAMS) had a duty to disclose alleged wrongdoing on its application, failed to fulfill this duty and, if so, whether PAMS’ application should be amended, re-scored or disqualified. Second, as part of its ongoing license reporting requirements, whether grow licensee PAMS has any duty to disclose the alleged wrongdoing. The answer to much of this hinges on whether criminal or administrative charges were leveled against just Vireo Health’s former employees or also included the entity and whether these individuals or enterprise fell within Pennsylvania Medical Marijuana Organization Permit Application definition of an “Applicant” (“individual or business applying for the permit”) or applicant’s “Principals, Financial Backers, Operators or Employees” of PAMS. Either way, it does not presently appear that the [PA] DOH missed anything.”

The list of permit winners in PA

This does raise the question of whether or not Vireo Health is under investigation, which is yet to be determined. According to Goldstein in his Philly.com article, the Minnesota DOH declined to comment on Vireo Health and the New York DOH says the department’s investigation is ongoing. “The selection of a Vireo Health affiliate to grow and process medical cannabis in Pennsylvania has cast a serious shadow over the integrity of the program even before it has started,” says Goldstein.

In Maryland, the DOH revoked their license as a direct result of those former employees in Minnesota committing crimes, according to The Baltimore Sun. Commissioner Eric Sterling said there is “a reasonable likelihood of diversion of medical cannabis by the applicant.” So should Pennsylvania do the same? Do those crimes by former employees have any bearing on their application? This story raises a number of questions regarding applications for state licenses that are largely left unanswered. One thing we know for certain: each state handles applications very differently.

DoJ Task Force Moves to Review Federal Cannabis Policy

By Aaron G. Biros
1 Comment

In a memo sent throughout the Department of Justice on April 5th, attorney general Jeff Sessions outlines the establishment of the Department’s Task Force on Crime Reduction and Public Safety. That task force, largely focused on violent crime, is supposed to find ways that federal prosecutors can more effectively reduce illegal immigration, violent crimes and gun violence.

The task force is made up of subcommittees, according to the memo, and one of them is focused on reviewing federal cannabis policy. “Task Force subcommittees will also undertake a review of existing policies in the areas of charging, sentencing, and marijuana to ensure consistency with the Department’s overall strategy on reducing violent crime and with Administration goals and priorities,” the memo reads. “Another subcommittee will explore our use of asset forfeiture and make recommendations on any improvements needed to legal authorities, policies, and training to most effectively attack the financial infrastructure of criminal organizations.” Those existing policies that Sessions refers to in the memo could very well be the 2013 Cole Memorandum, an Obama administration decree that essentially set up a framework for states with legal cannabis laws to avoid federal enforcement of the Controlled Substances Act.

In the past, Sessions has said he thinks the Cole Memo is valid, but remains skeptical of medical cannabis. In the last several months, comments made by Sessions and White House press secretary Sean Spicer have sparked outrage and growing fears among stakeholders in the cannabis industry, including major business players and state lawmakers. As a general feeling of uncertainty surrounding federal cannabis policy grows, many are looking for a safe haven, which could mean looking to markets outside of the U.S., like Canada, for example.

Sen. Jeff Sessions (R-AL)
Photo: Gage Skidmore, Flickr

Washington State’s former Attorney General Rob McKenna, Washington State’s former Chief Deputy Attorney General Brian Moran, and Maryland’s former Chief Deputy Attorney General Kay Winfree recently went on the record identifying the BioTrack THC traceability system as fully compliant with the Cole Memo. “The key to meeting the requirements of the Cole Memorandum is ‘both the existence of a strong and effective state regulatory system, and an operation’s compliance with that system’,” says the former attorney general and chief deputy attorneys general in a press release. “As described above, Washington State has a robust, comprehensive regulatory scheme that controls the entire marijuana supply chain.

The email sent to Colorado prosecutor Michael Melito

The flagship component of this regulatory scheme is the WSLCB’s seed to sale inventory system, the BioTrackTHC Traceability System.” Those commendations from a former attorney general could provide some solace to business operating with the seed-to-sale traceability software.

Still though, worries in the industry are fueled by speculation and a general lack of clarity from the Trump Administration and the Department of Justice. In an email obtained by an open records request and first reported by the International Business Times, a DEA supervisor asked a Colorado prosecutor in the state attorney general’s office about a number of cannabis-related prosecutions. The DEA supervisor asked for the state docket numbers of a handful of cases, including one involving cannabis being shipped out of state, according to The Denver Post. “Some of our intel people are trying to track down info regarding some of DEA’s better marijuana investigations for the new administration,” reads the email. “Hopefully it will lead to some positive changes.” So far, only speculations have emerged pertaining to its significance or lack thereof and what this could possibly mean for the future of federal cannabis policy.