Earlier this year over 3,300 charities took part in a research study about fraud awareness, resilience and cyber security.
The results suggest that many charities are not doing the basics to protect themselves.
Over two thirds of charities (69%) think fraud is major risk to the charity sector. Internal (insider) fraud is one of the biggest threats.
Over half (58%) of charities think cyber crime is a majority risk to the sector. 30% of cyber crimes were identified by internal IT controls.
Findings also show that charities do not always recognise how vulnerable they are. They need to put basic checks and balances in place to protect themselves.
- over a third (34%) think their organisation is not vulnerable to any of the most common types of charity fraud
- over half (53%) of charities affected by fraud in the past 2 years knew the perpetrator
- 85% of charities think they are doing everything they can to prevent fraud, but almost half don’t have any good-practice protections in place
- only 29% of charities reported cyber crimes to the police
The gap between awareness and practical action is a threat to charities’ valuable funds, and to public trust and confidence in the sector.
Preventing charity fraud: insights and action research report
Preventing charity cyber crime: insights and action research report
Simple steps to protect your charity
- introduce and enforce basic financial controls (for example have at least two signatories to bank accounts and cheques, undertaking regular bank reconciliations)
- make sure no one single individual has oversight or control of financial arrangements - effective segregation of duties is a crucial method of preventing and detecting fraud
- encourage staff, volunteers and trustees to speak out when they see something they feel uncomfortable about
We have worked with the National Cyber Security Centre (NCSC) to develop cyber security guidance relevant to charities of all sizes.
The Cyber Security: Small Charity Guide provides simple steps to improve cyber security.
The Board Toolkit is relevant for larger charities. It helps boards and senior managers understand cyber security from a governance perspective. This makes it easier to have productive conversations with technical colleagues.
Charity Fraud Awareness Hub
Register to access the free Fraud Awareness Hub.
This is a new one stop shop for information on how to prevent, detect and respond to fraud. You can access free help sheets, case studies, webinars and practical tutorials.