Information about fraud, how to spot it and what you can do to protect against it.
Like any other sector, charities are not immune to criminal abuse from fraudsters. Fraud poses a serious risk to valuable funds and sensitive data, and can damage the good reputation of charities, affecting public trust and confidence in the sector as a whole.
Fraud is dishonesty, involving either:
- false representation, for example identity fraud
- failing to disclose information
- abuse of position to make a gain or cause loss to another
Fraud is the most reported crime in the UK. According to the Office for National Statistics, an individual in the UK is 10 times more likely to be a victim of fraud than theft. The charity sector is no different.
Estimates of the scale of charity fraud in recent years have varied between nearly £150 million and almost £2 billion per year. It is clear that the loss to fraud has a significant impact on the good work that charities do.
Fraud can come from internal sources (insider fraud), for example by employees and volunteers, or from external sources such as fake emails set up by hoaxers.
You can find out more about preventing insider fraud through this e-learning video on the Fraud Advisory Panel website.
If your charity has been the victim of fraud, it’s important to report it to the relevant authorities. Reporting can help you access essential advice to get your charity back on track, but will also build a clearer picture of the scale of fraud affecting the wider sector.
You should report attempted or actual fraud to Action Fraud or call them on 0300 123 2040.
Action Fraud is a national reporting centre specifically for reporting frauds and has an online fraud reporting service, available 24 hours a day. The website includes an A to Z of fraud types.
Also report serious fraud incidents to us at the Commission, stating what happened and the steps you’re taking to deal with it. Email RSI@charitycommission.gsi.gov.uk
For essential advice on why, what and how to report, see our guidance on reporting serious incidents, which includes a new table of examples and a fraud/theft checklist.
This short e-learning video on the Fraud Advisory Panel website explains why it’s important to speak out and report fraud.
Responding to fraud infographic
Our infographic gives you some top tips on how to respond to fraud when things go wrong. If in doubt, take action and report it.
How to protect against fraud
Fraud is a serious problem that you can’t afford to ignore. Charities can, and should do more, to be fraud-aware.
Charity trustees have a duty to manage their charity’s resources responsibly and ensure that funds are protected, applied and accounted for.
With a total annual income of over £69 billion, the charity sector is vulnerable to fraud and financial crime. It’s essential that trustees put in place suitable counter-fraud measures – even small changes can help protect charities from harm.
It’s vital that all money given to charities is used for legitimate and lawful purposes.
You can watch this YouTube video to help you spot the signs of fraud and scams.
Fraud and financial crime is one of the most common types of abuse for charities. These are highlighted in our tackling abuse and mis-management reports.
Charity trustees can avoid basic mistakes and make sure their charity is well protected by:
- ensuring strong financial management and good governance
- putting in place financial controls and ensuring they’re applied robustly
- reading our guidance on internal financial controls for charities (CC8)
Some charities, such as shops or trading outlets, have a higher risk of financial loss or falling victim to fraud, due to the nature of their activities.
If your charity relies upon cash-based fund raising, it may be more vulnerable to opportunist and organised fraudsters. For advice on protecting your charity from fraud and financial crime, see Chapter 3 of the Charity Commission’s Compliance Toolkit.
Charities should take a proactive approach to reducing fraud risk by following best practice advice and practical tips, such as those outlined in.
The Fraud advisory Panel website has useful e-learning videos to help you prevent:
Counter fraud best practice: templates for charity trustees
We have a developed a range of best-practice templates for you to use when protecting your charity against fraud. All of the following can be adapted to suit the needs of your charity:
Counter fraud questions infographic
Our infographic highlights the questions you should be asking to help protect your charity against fraud.
The risks to your charity from cyber-fraud are increasing all the time. It’s a huge problem, which all organisations need to be aware of and guard against. Around 70% of all fraud is now committed online and it has been described as ‘the crime of our times’.
Cyber crimes can be quite complex and difficult to detect, often involving data breaches or identity fraud. It’s important that you consider how best to protect your charity’s valuable assets from harm online.
For advice on guarding against cyber-crime visit the following websites:
The Cyber aware website has an online assessment tool so you can check how cyber secure your charity is. Advice and guidance is provided after the assessment to help you meet the standard. You can also download Cyber Essentials documents to help you put essential security controls in place.
For an insight into the mindset of cyber hackers, you can read about the human side of cybercrime in the journal ‘Nature’.
You can learn more about protecting your charity against cyber fraud in this e-learning video on the Fraud advisory Panel website.
Taking a few simple actions today is a good start - you don’t need to be a technology expert to protect your charity.
Cyber security research
The Department for Digital, Culture, Media & Sport has carried out research with UK registered charities to explore their awareness, attitudes and experiences around cyber security.
This is part of the government’s National Cyber Security Strategy which aims to make the UK the safest place to live and work online.
You can read the cyber security in charities research on the GOV.UK website. This will help you to review and assess your cyber security processes, to help keep your charity safe.
Get help if experiencing a live cyber-attack
Action Fraud has launched a 24/7 live cyber-attack helpline. In the event of a live cyber-attack, this helpline gives access to specialist advisors who can offer advice and support to charities or other organisations in reporting the attack. These reports are immediately sent to the National Fraud Intelligence Bureau (NFIB).
To prevent cyber criminals from operating, the NFIB will then assess whether there are any websites, bank accounts or phone numbers that can be closed down. The reports are also sent to the relevant law enforcement agency for investigation if necessary.
Regulatory alerts about fraud
We publish timely alerts and warnings to inform trustees about particular risks or vulnerabilities which could affect charities and their operations.
You can read our most recent alerts issued about fraud:
- keep your charity safe - watch out for phishing scams
- ransomware threat - keep your charity safe
- regulator warns charities against the use of cash couriers
- charities at risk of cyber attack
Organisations that combat fraud in charities
The following organisations carry out vital work to help combat fraud in charities.
Many of these belong to the ‘Charities against Fraud’ coalition, which is a cross-sector group of nearly 40 organisations who work together to fight fraud in charities.
Charity Commission for England and Wales
Registers and regulates charities in England and Wales, to ensure that the public can support charities with confidence.
Office of the Scottish Charity Regulator
The independent regulator and registrar for Scottish charities, supporting public confidence in charities and their work.
Charity Commission Northern Ireland
The independent regulator of charities in Northern Ireland, ensuring charities meet their legal requirements and obligations.
The Fundraising Regulator
The independent regulator of charitable fundraising, established in 2015 to strengthen the system of charity regulation and restore public trust in fundraising.
Information Commissioner’s Office
Upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
National Trading Standards
NTS Scams team provides advice and guidance to charities to ensure that charities and their donors are protected from fraud.
Police and crime prevention
The National Fraud Intelligence Bureau (NFIB) sits alongside Action Fraud within the City of London Police, which is the national policing lead for fraud.
Operation Signature (West Sussex Police) is the force campaign to identify and support vulnerable victims of fraud within Sussex.
FALCON stands for ‘Fraud and Linked Crime Online’ and is part of London’s Metropolitan Police Service.
Sector organisations and initiatives
Fraud Advisory Panel
The Fraud Advisory Panel is an independent voice of the counter-fraud community. It champions best practice and works to improve fraud awareness, and build sector resilience.
Get Safe Online
Get Safe Online is a public/private sector partnership supported by HM Government and comprising leading organisations across banking, retail, internet security and other sectors. It provides factual and easy-to-understand information about online safety.
Credit Industry Fraud Avoidance Service (CIFAS)
CIFAS is a not-for-profit organisation working to protect businesses, charities, public bodies and individuals from financial crime.
Small Charities Coalition
A national umbrella and capacity-building organisation with over 7,000 members UK-wide. It helps trustees, staff and volunteers of small charities access the skills, tools, and information they need.
Foundation for Social Improvement
Builds and shares knowledge across the sector, representing small charities with policy makers and the public. FSI provides vital leadership and supports small charities to raise funds to serve their beneficiaries.
Charity Finance Group
CFG champions best practice in financial management within the charity and voluntary sector. It provides guidance to its charity members and the wider sector at large on the best practice for countering fraud.
The Information Security Research Group at UCL works to understand how people become victims of cybercrime, and to identify realistic measures they can take to protect themselves.
Government departments and agencies
National Cyber Security Centre (NCSC)
The NCSC is the official government lead on cyber security. Its stated mission is to make the UK the safest place to live and do business online. It has a division which is directly responsible for charities and the wider public.
The Department for Digital, Culture, Media & Sport helps to drive growth, enrich lives and promote Britain abroad. It protects and promotes cultural and artistic heritage, helping businesses and communities to grow. It also plays a vital role in making Britain a safe place to be online.
HM Revenue & Customs (HMRC) is responsible for administering the UK’s tax system, including the management and reduction of risks to tax revenue. HMRC’s compliance and enforcement work includes tax fraud (where the law has been broken) and tax avoidance (where rules of the tax system have been misused to gain a tax advantage, but not illegally).