It’s sad to see reports of fraud in charities in the press – I suppose the only good thing is that the fraud has been detected. The incidence of fraud has been increasing and charities are no exception. Charities are a target for fraudsters in a number of ways. Large charities report regular cyber attacks and other sophisticated methods involving hacking, credit cards, stealing bank details and more. Some of these attempts are really not so sophisticated though.
Take the example of the would-be thief who created a standing order form using the bank details he found on a charity’s website. His attempt to pay himself a regular amount was thwarted because he forgot to complete the payee details. Charities want to make it easy for volunteer fundraisers to give them funds, but make sure you publish only the details of an account that is not used for expenditure. That way, it will be obvious if unauthorised withdrawals are being made.
Some frauds are quite audacious and yet quite simple. It is common for a building company that might be undertaking work on your premises to put up advertising hoarding to announce their presence. Fraudsters have been contacting the client (often a school or university) to advise them of a change in bank details for the building company. A neat way to divert funds that would probably not be detected for some months. More often, however, fraud committed in charities is internal, just as it is for any other organisation.
The most common fraud is to create a bogus supplier (or two) and then slip a few invoices in for payment. This is most commonly perpetrated by finance staff and it is apparently possible for this to go undetected for years. It is a simple fraud that depends on managers not actually checking invoices when they approve them but signing them off anyway. So how strong are the controls in your organisation? Authorisation feels like it ought to be a strong control but in practice it depends on the time and energy of the individual charged with the responsibility. Ironically, this duty is likely to be discharged more diligently by a more junior member of staff.
The most important control your organisation can introduce is a strong culture that fraud is not acceptable and that it is OK to report any behaviour staff may consider to be unusual or out of the ordinary. Charities can play a strong hand here – stealing from the charity means that the money is not going to a good cause. A strong sense of values and commitment to the cause will create the right culture. It is also important though that the leadership of the charity sets the right tone – trustees and senior staff must follow the rules when it comes to claiming expenses and getting purchases authorised. If the leaders of the charity go round the system, why shouldn’t others too? Sayer Vincent is leading a one-day training course for CFG on 'Good controls and preventing fraud' in Bristol (July) and London (September).
« Back to all blog posts