Charities urged to be aware of cybersecurity risks

Charities lost £8.6 million to fraud in the last financial year, according to the latest research by the Charity Commission and Fraud Advisory Panel.

The Fraud Advisory Panel is warning charities to be vigilant over the coming months, with opportunities and motives for fraud likely to rise with the economy under strain.

Data released during this week’s Charity Fraud Awareness Week suggests that charities may currently be vulnerable to fraudsters attempting to exploit the Covid-19 pandemic because staff and volunteers are less likely to have had fraud training. A study carried out by the Charity Commission in partnership with the Fraud Advisory Panel last year found that only 9% of charities had a fraud awareness training programme.

According to Action Fraud, charities reported almost £8.6 million of lost funds in the last financial year with 1,059 separate incidents of fraud reported by charities from April 2020 to March 2021. However, with fraud often under-reported, the true scale of fraud against charities is believed to be much higher.

The Charity Commission is highlighting these figures, and the live risk to charities from fraud, as part of Charity Fraud Awareness Week. Other new figures show that around 65% of charities feel the pandemic has increased their risk of fraud with concerns expressed that risk may have been increased as a result of more remote working and virtual sign-off processes.

The same study (conducted by BDO LLP in partnership with the Fraud Advisory Panel in September 2021) also revealed:

  • 53% of respondents believed that the pandemic has made it more difficult to manage the risk of fraud within their charity.
  • 60% of charities said that their financial investment in fraud prevention has stayed the same during the pandemic. A further 14% said they do not financially invest in fraud prevention at all.
  • 90% of respondents said that the risk of fraud to their charity over the next 12 months is expected to remain at the same level or increase.

Together with the Fraud Advisory Panel, the regulator is urging all trustees to sign up to a new Stop Fraud Pledge, which commits charities to taking six practical actions to reduce the chances of falling victim to fraud.

The pledge includes measures such as appointing a suitable person to champion counter-fraud work throughout the organisation, performing stringent checks and due diligence, and assessing each year how well fraud controls are working, what new risks there may be and what improvements are needed.

Helen Stephenson CBE, Chief Executive of the Charity Commission, said: “Charity is special – it delivers good to so many people’s lives and helps strengthen our society. When the public donate generously to charities it is because they want to make a real and positive difference to a cause they often care deeply about, and they want to know their money will reach the ‘front line’

“Sadly, as these figures we have released today show, there remain criminal individuals who would take advantage of organisations that seek to do good and of those that generously donate.

“That is why I am calling on all charities to take the risk of fraud seriously by signing up to our new Stop Fraud Pledge and taking six simple steps to protect their charity. Combating fraud gives the public confidence that their money is safe, protects vital funds for charities and more widely helps maintains trust in the charities we all care so passionately about.”

David Clarke, Chairman of the Fraud Advisory Panel, added: “It’s never been more important that voluntary organisations are fraud aware, and Charity Fraud Awareness Week is a timely opportunity for organisations to take stock and ensure they’re protecting themselves.

“Fraudsters want to exploit weaknesses exposed by the pandemic, so we recommend all charities are aware of common fraud risks, take time to check what they are being asked to do, and keep their organisations safe.

“Now is a good time for charities to revisit and review controls that may have been introduced as part of their crisis management response at the start of the pandemic to see if they need strengthening. “Everyone involved in a charity, from the most senior to the most junior employees, should be given the skills to recognise the tell-tale signs of fraud, and know what to do if they have concerns.”


Featured Articles

Why CISOs Remain Crucial in the Age of Rampant Ransomware

As ransomware attacks escalate, the CISO has emerged as an indispensable guardian for the cybersecurity of companies

Q&A: Protiviti's Sameer Ansari on CISOs' Growing Challenges

Managing Director - Global Cybersecurity and Privacy Lead at Protiviti, Sameer Ansari discusses his views on the growing challenges CISOs now face

How Partnerships Proved Pivotal for UnitedHealth After Hack

When hackers hit UnitedHealth subsidiary Change Healthcare with a huge cyber attack, its partnership with Vyne Dental proved pivotal in managing fallout.

Transforming Cybersecurity: IBM & Palo Alto's AI Integration

Technology & AI

C-suite Indifference to Cyber Could Cost Business £145k

Operational Security

Why Avast Warn of Social Engineering in Cybersecurity

Operational Security