Charities urged to be aware of cybersecurity risks

Charities lost £8.6 million to fraud in the last financial year, according to the latest research by the Charity Commission and Fraud Advisory Panel.

The Fraud Advisory Panel is warning charities to be vigilant over the coming months, with opportunities and motives for fraud likely to rise with the economy under strain.

Data released during this week’s Charity Fraud Awareness Week suggests that charities may currently be vulnerable to fraudsters attempting to exploit the Covid-19 pandemic because staff and volunteers are less likely to have had fraud training. A study carried out by the Charity Commission in partnership with the Fraud Advisory Panel last year found that only 9% of charities had a fraud awareness training programme.

According to Action Fraud, charities reported almost £8.6 million of lost funds in the last financial year with 1,059 separate incidents of fraud reported by charities from April 2020 to March 2021. However, with fraud often under-reported, the true scale of fraud against charities is believed to be much higher.

The Charity Commission is highlighting these figures, and the live risk to charities from fraud, as part of Charity Fraud Awareness Week. Other new figures show that around 65% of charities feel the pandemic has increased their risk of fraud with concerns expressed that risk may have been increased as a result of more remote working and virtual sign-off processes.

The same study (conducted by BDO LLP in partnership with the Fraud Advisory Panel in September 2021) also revealed:

  • 53% of respondents believed that the pandemic has made it more difficult to manage the risk of fraud within their charity.
  • 60% of charities said that their financial investment in fraud prevention has stayed the same during the pandemic. A further 14% said they do not financially invest in fraud prevention at all.
  • 90% of respondents said that the risk of fraud to their charity over the next 12 months is expected to remain at the same level or increase.

Together with the Fraud Advisory Panel, the regulator is urging all trustees to sign up to a new Stop Fraud Pledge, which commits charities to taking six practical actions to reduce the chances of falling victim to fraud.

The pledge includes measures such as appointing a suitable person to champion counter-fraud work throughout the organisation, performing stringent checks and due diligence, and assessing each year how well fraud controls are working, what new risks there may be and what improvements are needed.

Helen Stephenson CBE, Chief Executive of the Charity Commission, said: “Charity is special – it delivers good to so many people’s lives and helps strengthen our society. When the public donate generously to charities it is because they want to make a real and positive difference to a cause they often care deeply about, and they want to know their money will reach the ‘front line’

“Sadly, as these figures we have released today show, there remain criminal individuals who would take advantage of organisations that seek to do good and of those that generously donate.

“That is why I am calling on all charities to take the risk of fraud seriously by signing up to our new Stop Fraud Pledge and taking six simple steps to protect their charity. Combating fraud gives the public confidence that their money is safe, protects vital funds for charities and more widely helps maintains trust in the charities we all care so passionately about.”

David Clarke, Chairman of the Fraud Advisory Panel, added: “It’s never been more important that voluntary organisations are fraud aware, and Charity Fraud Awareness Week is a timely opportunity for organisations to take stock and ensure they’re protecting themselves.

“Fraudsters want to exploit weaknesses exposed by the pandemic, so we recommend all charities are aware of common fraud risks, take time to check what they are being asked to do, and keep their organisations safe.

“Now is a good time for charities to revisit and review controls that may have been introduced as part of their crisis management response at the start of the pandemic to see if they need strengthening. “Everyone involved in a charity, from the most senior to the most junior employees, should be given the skills to recognise the tell-tale signs of fraud, and know what to do if they have concerns.”


Featured Articles

Secure 2024: AI’s impact on cybersecurity with Integrity360

With 2023 seeing increased AI in cybersecurity, and rising cyberattacks, Integrity360 leaders consider what the 2024 cyber landscape will look like

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Network Security

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI