Over half of charities hit by fraud knew the perpetrator, according to new research
Charities warned to take steps to prevent fraud, after new survey shows many are not protecting themselves against biggest risks. Findings are part of largest ever survey on fraud and cybercrime in charities
Over half (53%) of charities affected by fraud over the past two years knew the perpetrator, according to new research into the fraud and cybercrime risks facing charities.
The research suggests over a third of those committing fraud were the charity’s own staff members; trustees and volunteers together were responsible for 28%; beneficiaries were identified in 13% of known frauds.
The Commission says charities can be at particular risk of insider fraud, because they often rely excessively on goodwill and trust in single individuals.
The findings are based on the largest-ever survey of charities’ attitude towards fraud and cybercrime, commissioned by the charity regulator, the Charity Commission and in partnership with the Fraud Advisory Panel, and were launched on Monday 21st October and Wednesday 23 October 2019.
While there is no evidence that charities are at greater risk of fraud or financial crime than other types of organisation, the risk of fraud in charities appears to be growing, costing the sector millions – and potentially billions – of pounds each year. The potential impact of this on the reputation of charity and charities’ ability to deliver maximum benefit in pursuit of their causes cannot be ignored.
Gap between awareness and action on fraud
The new research indicates that charities are increasingly aware of the wider risk of fraud. Over two thirds of charities (69%) think fraud is major risk to the charity sector and insider fraud is recognised as among the greatest threats to charities.
But the findings show that charities are not always recognising how vulnerable their own organisations are, and are not consistently putting basic checks and balances in place:
- over a third (34%) think their organisation is not vulnerable to any of the most common types of charity fraud;
- 85% of charities think they’re doing everything they can to prevent fraud, but
- almost half don’t have any good-practice protections in place.
The Commission is concerned about this gap between awareness and practical action because it poses a threat to a charity’s ability to deliver for beneficiaries if donors cannot be confident in charities’ stewardship of the money it receives. The Commission is calling on charities to take simple steps, including to:
- introduce and enforce basic financial controls [ e.g. having at least two signatories to bank accounts and cheques, undertaking regular bank reconciliations]
- ensure no one single individual has oversight or control of financial arrangements; effective segregation of duties is a crucial method of preventing, and detecting fraud.
- encourage staff, volunteers and trustees to speak out when they see something they feel uncomfortable about.
Helen Stephenson CBE, chief executive of the Charity Commission, says it is vital that the regulator helps charities tackle fraud effectively:
We want to help charities maximise the positive impact they have in the lives of those they exist to serve, and in society as a whole. Preventing and tackling fraud against charities is a vital part of that.
While the majority of those involved in charity are honest, passionate, and committed, charities can unfortunately be vulnerable to exploitation and abuse by those intent on personal gain. And when a charity does fall victim to fraud, more is lost than money. Fraud can have a hugely detrimental impact on morale in a charity, and on public trust.
The good news is that it’s possible to disrupt and prevent fraud, if charities put basic measures in place. That starts with charities acknowledging that they’re vulnerable to abuse and being determined to prevent people taking advantage of their good name and the generosity of those who support their cause. We therefore applaud charities that are open about the steps they’re taking to identify and tackle fraud and call on all charities to put protective steps in place to keep their charity safe from harm. Zero tolerance of fraud is an important element of sound financial stewardship which is vital to public trust and confidence in charities.
The steps we are recommending are simple because we know that smaller charities in particular don’t need or want lots of bureaucracy – just the tools they need to deliver as much benefit as possible.
Growing risk of cybercrime against charities
The new research indicates that charities are increasingly aware of the risks of cybercrime, which is a term that describes crimes that exploit or attack a charity’s digital presence, data or systems, such as phishing and malicious emails, hacking and extortion.
The survey shows that more than half (58%) of charities think cybercrime is a major risk to the charity sector and almost a quarter (22%) believe cybercrime is a greater risk to the charity sector than other sectors. Larger charities are generally more likely to appreciate the risk of cybercrime and take action to prevent it.
Helen Stephenson said:
Charities, like other organisations, rely increasingly on digital technology to deliver on their purposes. It is therefore vital that charities take reasonable steps to strengthen their systems against those intent on causing harm. Protecting a charity in this area is not just about systems or financial assets, but also about people: charities hold sensitive data on beneficiaries, staff and volunteers, and have a responsibility to keep that data safe.
I hope the findings of our research, and the tools we and others have made available to charities, help trustees and other leaders in charities of all sizes protect their organisations against the key risks.
Case study: leading the fight against fraud – Macmillan Cancer Support
Since establishing its dedicated resource for counteracting and better protecting itself against fraud in 2015, Macmillan Cancer Support has recovered nearly £400,000. In addition to an award-winning specialist counter-fraud team, who investigate and resolve fraud cases, the charity has introduced robust fraud reporting processes and has rolled out counter-fraud training to frontline staff. Guidance on spotting and reporting fraud is available to all staff and is regularly featured in internal news and updates.
Bob Browell, Counter-fraud manager at Macmillan Cancer Support says:
“Macmillan relies almost entirely on public donations to provide vital support for the growing number of people living with cancer in the UK and the money we have been able to recover will make a huge difference. Any pound lost to fraud is a pound too many and our vital counter-fraud processes enable us to identify, prevent and stop fraud quickly and effectively.”
New pledge to help charities tackle fraud
Alongside the findings of the surveys, the Commission is launching a new pledge designed to help charities protect themselves. All charities, regardless of size or type, are encouraged to adopt ‘Tackling Charity Fraud - Eight Guiding Principles’, a collective mission statement which the Commission has developed in partnership with the Fraud Advisory Panel. The pledge is also endorsed by international charity regulators from USA, Australia, New Zealand, Scotland and Northern Ireland.
Notes to Editors:
 Red flags for insider fraud include people being:
- Unwilling to share duties or delegate tasks to others
- Reluctant to take holidays
- Excessively close to suppliers
- Vocally unhappy about their pay
- People who may be more vulnerable to committing fraud may also appear to be living beyond their means or experiencing financial difficulties, drug, alcohol or gambling addictions, family problems, or generally present as ‘rule breakers’.
 All Fraud Awareness Week campaign materials, including free webinars and help sheets, are available on the new Fraud Awareness Hub.
 The National Cyber Security Centre and the Charity Commission have worked together to develop several resources relevant to charities of all sizes. Cyber Security: Small Charity Guide - This guide provides simple, free or low-cost steps to improve cyber security. The Board Toolkit - Relevant for larger charities, this guidance helps boards and senior managers understand cyber security from a governance perspective, making it easier to have productive conversations with technical colleagues.
Latest News from
Charity regulator opens inquiry into Hospice Aid UK15/11/2019 09:25:00
Inquiry to examine financial and governance matters at the charity.
Court finds former trustees of disability charity in contempt of court14/11/2019 15:20:00
Charity Commission is successful in its first ever application to the High Court for a finding of contempt of court.
New board addresses governance failings at Christ Embassy following regulator’s inquiry14/11/2019 11:20:00
Charity Commission reports on inquiry into Christian charity.
Commission appoints interim manager to Aid Convoy08/11/2019 14:10:00
Interim manager appointed to address continued concerns at charity under inquiry.
Charity regulator helps the public give confidently ahead of Remembrance Sunday08/11/2019 12:20:00
Advice on how to ensure your charity donations reach their intended cause.
Committee seeks views on charity accounting framework04/11/2019 08:25:00
The SORP-making body is looking for engagement partners that will form key stakeholder groups to help gather feedback and ideas for change.
Regulator investigates linked charities over financial concerns01/11/2019 16:30:00
Significant discrepancies in charity accounts raise serious concerns
Commission finds misconduct and mismanagement by trustees who lacked the skills to manage a charity31/10/2019 12:20:00
Charity Commission inquiry into Jalalabad Association uncovers failures in its governance, finances and safeguarding