Safeguarding the funding of your charity or non-for-profit is a vital part of your stewardship of the organisation. Having real control over your income streams, knowing where and when funds are being spent and protecting your charity’s brand are all essential tasks for CEOs, trustees, and management teams of not-for-profits.
But we live in a world where fraud and cybercrime are an increasingly dangerous risk, especially for charities.
Recent statistics released by the Charity Commission show that over 200 cases of fraud and 250 cases of theft are generally reported in the UK charity sector each year. And the impact of these crimes on your charity’s funding can be significant – reducing the social care you can deliver and damaging your brand in the eyes of potential donors, investors and fundraising partners.
So, how do you protect your charity and make your organisation less prone to fraud?
Protect your charity against cybercrime
Data from the Office for National Statistics states that you’re ten times more likely to be a victim of fraud than theft, with most cyber crime being fuelled by stolen data, Over the past 18 months over 1 billion accounts have had their details stolen – with the trend increasing year on year.
So, as a charitable organisation, how can you protect yourself from this kind of fraud? The run-up to Christmas can be a time when charities are more susceptible to fraud. Although we’d all like to think the best of the people around us, there will always be fraudsters looking for options and preying on the vulnerable – and sometimes using the name and brand of your charity to help them prise open pockets and fund their fraudulent activities.
With this in mind, here are five key ways to make your charity less liable to fraud.
1. Monitor who’s fundraising in your name
To begin with, it’s important to monitor and control who’s representing your charity and how they’re fundraising or bringing in income.
Your charity’s reputation is one of its most critical assets, so make sure you protect your brand, your name, and that all-important reputation. You need only think back a few months to the controversy around the collapse of Kids Company to realise how financial irregularities can impact on the public perception of your charity.
2. Use strong passwords and keep account details safe
You’re most susceptible to cyber crime when criminals have the means to access your online accounts or confidential data. So you must be vigilant around security.
Make sure you strong passwords (with a mixture of symbols, lower and uppercase letters) and -don’t re-use the same passwords for all your systems. And have a general awareness of potential scams. The classic scam is a phone call pretending to be a representative from your bank, and where the caller asks you to confirm your bank details. Never give bank details or passwords out over the phone. Always call your bank or provider to double check the authenticity of calls before sharing any information.
3. Don’t over-share on social media
Social media channels can be a wonderful place for promoting your charity and engaging with the general public, donors, and interested parties. But be careful not to share too much personal information that could be used against you.
If your charity’s financial director posts on Twitter saying they’ll be away for 2 months on charity work, that information is then out in the public domain. And the unscrupulous fraudster may take this chance to use that information. Watch out for people receiving emails purporting to be from your FD and asking for money for the “work they are doing” – those donations could just as easily be going to a fraudster, and not to the charity.
4. Keep more vulnerable donors informed and safe
Fraudsters will always choose to prey on the most vulnerable targets. And the group most vulnerable to fraud is usually the more elderly demographic.
Keep your older donors, benefactors and followers updated on the dangers of fraud and give them the best possible advice on danger signs to look out for and precautionary steps they can take. If people fall for a scam once, they’re likely to be added to a ‘sucker list’ that the fraudsters will sell on – meaning your most vulnerable public donors can be bombarded again and again with potential scams.
In the end, the advice must always be to apply caution, to double check the credentials of charity collectors and never to give money without first checking directly with the charity in question.
5. Have real control and oversight of your accounts and finances
When you have the best possible oversight of your accounts and finances, it’s far easier to spot any possible financial irregularities or to flag up when fraudsters are misappropriating your funds.
With a modern accounting system, such as Xero online accounting software, in place you have the best possible control over your income, expenditure and bank account. Any discrepancies will soon become evident through your financial dashboard and reporting, meaning you can act more quickly if a problem does appear.
As a registered charity, you need to have a highly robust system of internal controls and a healthy scepticism of any unusual activity. Train your staff and your bookkeeper to be alert at all times and to proactively look out for anything they feel is suspicious. For example, don’t change or share the charity’s bank details without checking or getting sign-off first from trustees.
Be proactive about your charity’s security
Fraud can cybercrime can happen to anyone. But charities are being actively targeted, as internal control systems may not be as robust as those seen with larger private-sector companies.
Our Charities team is aware of the growth in cybercrime in the charitable sector and can help your organisation to upgrade it’s IT controls, get modern accounting and reporting systems in place and advise your trustees, management and administration teams on the signs of fraud that they should be on the lookout for.
With Saint & Co running your charities accounts, we’re able to flag up any suspicious activity that we see. And remember, by law, it’s the charity’s trustees or directors who are responsible for protecting the organisation against fraud and to have systems in place to make your finances and sensitive information 100% secure.
Get in touch with your local Saint & Co office if you’re in any way concerned about the potential impact of cybercrime and fraud for your charitable organisation.