Every year, criminals target charities, NGOs and not-for-profits for cybercrime and fraudulent activities as they exploit the current global crisis. Charity fraud can occur in many forms and come from internal and external sources, such as fundraising, banking, tax and Gift Aid, properties and investments or charity identities. Trustees must manage resources responsibly and take actions to check and protect their charities.
The Charity Commission has revealed 603 fraud cases and 99 cybercrime cases were reported in the last year.
The Fraud Advisory Panel is working to make charitable organisations take steps to ensure their money, people and data are safe. Trustees, directors, board members, staff and volunteers should know the risks and work together to #StopCharityFraud.
Charlotte Willmore, Wilder Coe Partner and Charities advisor shares her tips on how charities can tackle fraud.
Assessing Charity Fraud Risk
Whilst protecting your charity may seem daunting, trustees can take small steps to help reduce the risks of fraudsters being successful. The risk of fraud to the charity should be assessed and reconsidered regularly to understand how the charity could become exposed.
This could be as simple as detailing the risks e.g. a traffic light system of significance and what actions could be taken against them.
Implement and improve your financial controls.
For your charity to achieve its objectives, internal financial controls should be in place to protect assets and get the most out of resources.
Charities vary in complexity, size, and activities, and not all controls are relevant to all charities. Conduct regular reviews of your charity’s internal financial controls to check measures are right for your charity and update them if necessary.
Introducing dual authorisation for financial transactions can help mitigate any opportunistic issues arising.
Trustees should seek professional guidance on what financial controls and governance are appropriate for their charity.
Do you need an internal audit function or audit committee?
Depending on the size of your charity and the activities you conduct, you may need to implement a separate audit committee. The role of the internal audit is to look at the effectiveness of your charity’s financial controls and help identify and assess risks.
An audit committee’s role helps the trustees meet their responsibilities for risk management, implement efficient controls and effective use of funds. Therefore, an audit committee is a part of your charity’s financial governance arrangement and acts on the authority delegated by the trustees.
Define financial duties and responsibilities.
Any employee who has financial responsibility must be competent and understand their role. Have clear written role descriptions that set out the expectations for your staff and establish clear delegation guidelines.
Trustees should understand the financial systems in place and what “normal” is and have strong financial management and governance.
Introduce robust fraud training procedures and policies.
When hiring employees or volunteers, ensure your recruitment process and any ongoing training promote the culture of ethical behaviour and highlight fraud prevention measures.
Your staff and volunteers should understand the importance of reporting serious incidents including fraud or cybercrime and know your processes on whom to report to both internally and externally.
You should have an anti-fraud policy in place that identifies the steps your charity takes to prevent and respond to fraud. Also, consider appointing someone to be responsible for implementing and monitoring these measures. Promoting an anti-fraud culture and fraud awareness messages will encourage people to be more vigilant and allow for people to voice and raise any concerns.
All sectors of the economy are vulnerable to financial crime, and criminals exploit charities through fraud, theft, and money laundering.
“Fraud shouldn’t be something to be ashamed of,” shares Charlotte, “however, taking the right steps and actions to be proactive rather than reactive is key. If you have experienced fraud or wish to implement the necessary prevention measures, get in touch We can help signpost you to lots of informative guidance. If you are concerned and think you may have been a victim of fraud or cybercrime, report it to Action Fraud and the Charity Commission.”