In 2017 the Annual Fraud Indicator estimated charity fraud costs the sector £2.3 billion a year – that figure has risen to £2.5 billion in the 2019 report. Unfortunately, this indicator doesn’t include potential funds meant for the third sector that are sent elsewhere – the impact of the “fraud of diversion” is a figure that hasn’t been quantified, meaning the £2.5 billion is on the conservative side.
So what are the common ways that Charities are subjected to fraud?
- Ransomware – where weaknesses in a charities network are exploited by cyber criminals, this is where hackers use ransomware to access data and hold it to ransom.
- Shoplifting from charity shops is also considered an easy target and not just from the general public but staff and volunteers.
- A more traditional fraud occurs from the inside when money transfers are made to personal bank accounts on the back of fraudulent invoices.
- Also from the inside, but where the inside is the innocent party is the increasingly prevalent push payment scams. Criminals encourage and convince employees to send money to them by pretending to be from within the organisation and make an instruction to pay someone or pretend to be from a legitimate supplier and requesting payment.
Then there is fraud where the funds fail to make it into the charity “Fraud of diversion” – where money which is intended for a charity is sent elsewhere is also on the increase, for example the impersonation of charity fundraisers.
The one thing we know for sure about charity fraud is that is is ever evolving and developing – just when we think we have put the controls in place to protect ourselves, there will be something new to fight against.
What can we do to protect charities?
It is crucial to be vigilant, educate staff, trustees, volunteers and benefactors to the potential risks. Internal controls are also essential, but these also need constant review and refining. Technology is our friend and enemy, you need to ensure controls evolve with technology; remember how you had two signatories on the cheque book? that control is useless in today’s world of online payments!
Finally consider insurance – prevention is the best policy but adding in an extra layer of protection may be of great benefit should a fraud occur.