Charity fraud – are you prepared?

Published by Sonia Cheverton on 25 November 2024

Share this article

A recent survey of charity leaders highlighted cyber related fraud was their greatest concern however, there are many other types of fraud which may have a greater impact on them.  

The top 5 frauds impacting charities during 2023 were reported to be: 

  • Misappropriation of cash/assets  
  • Fraudulent staff expense claims  
  • Payment fraud (A type of cybercrime whereby a fraudster impersonates a supplier and diverts payments of invoices to their own bank account) 
  • Procurement fraud (Fraud occurring in the procurement cycle, examples include related party suppliers being chosen over value for money supplier, incorrect pricing from suppliers, false invoicing, collusion between parties to affect pricing) 
  • Fake beneficiaries  

Sadly, the perpetrators of these types of fraud are most commonly internal to an organisation, being staff, volunteers or Trustees. This goes hand in hand with charities responding that their biggest obstacle to preventing fraud as being overreliance on trust. A lot of charities are under resourced and have no choice but to place reliance on trust, given their small teams and limitations for segregation of duties. Following the cost-of-living crisis the motives to de-fraud any entity are higher, and unfortunately fraud has been on the rise.  

For example, in 2023, Age UK saw a former employee suspected of fraudulently gaining nearly £460k over a seven-year period. This equated to 5-6% of the charity’s income. This fraud was identified following improvements in the production and review of management information when a payment was identified that did not match the budget.  

Having close oversight of finances and the correct procedures in place means unexpected or unusual activity is more likely to be identified, especially when the fraud is of such a size. In this event the charity was quick to report this finding and was transparent in their findings in the hope to raise awareness to other charities.  

In many cases charities will be concerned to their reputational damage, which means that a lot of fraud goes unreported. However, this means that the extent to which charities become victim to fraud is also under-reported.

To help prevent fraud it is important to have strong internal controls, good governance and regular staff training.  

Some key tips for fraud prevention: 

  • Conduct background checks and rigorous agency checks on all staff recruitments 
  • Consider access controls carefully  
  • Have a clear whistleblowing policy  
  • Offer either internal or external financial and mental health well-being sessions to staff 
  • Create an open and honest feedback culture  
  • Have an internal policy for changing supplier account details 
  • Verify payment details directly with suppliers using a verified phone number 
  • Employee and Trustee training  
  • Have up to date anti-virus and operating systems  
  • Ensure data is regularly backed up  
  • Have a procurement policy  
  • Ensure new suppliers are reviewed and approved at appropriate levels  
  • Conduct research and background checks on new suppliers 
  • Require pre-approval for all expense claims  
  • Require proof of purchases of all expenses 
  • Regularly monitor staff expenses 
  • Complete monthly management accounts and review these against budgets and expectations so that any unusual activity is identified  

Cyber related crime is an ever-evolving risk as fraudster’s attempts are becoming more sophisticated. However, the sector is becoming better educated to the risks and how to combat them.  

Here at Kreston Reeves, we are seeing that our charity clients are far more aware of the different types of cybercrime, including phishing attempts, malware attacks and hacking. Being on top of your IT security is at the forefront of safeguarding your assets. If unsure do look into undertaking an IT audit to ensure sufficient preventative measures are in place.  There are also free resources available on the prevent fraud website, but also do check out the free training available from NCSC.

Reporting fraud or cyber crime

All instances of fraud or cybercrime should be reported. This enables you to get the right advice and also enables the sector to monitor the scale of fraud. All actual or suspected instances should be reported as a serious incident to the Charity Commission.

Action Fraud is also a national reporting centre specifically for reporting frauds and has an 24/7 online reporting service available.  

There is also further guidance on the above link on other relevant agencies that should be reported to.

Share this article

Email Sonia

    • yes I have read the privacy notice and am happy for Kreston Reeves to use my information






    Related people

    Email Kimberley

      • yes I have read the privacy notice and am happy for Kreston Reeves to use my information






      Email Sam

        • yes I have read the privacy notice and am happy for Kreston Reeves to use my information






        Email Lucy

          • yes I have read the privacy notice and am happy for Kreston Reeves to use my information






          View teamSubscribe

          Subscribe to our newsletters

          Our complimentary newsletters and event invitations are designed to provide you with regular updates, insight and guidance.

            • Business, finance and tax issuesPersonal finance, tax, legal and wealth management issuesInternational business issuesCharity and not-for-profit issues

            • Academies and educationAgricultureFinancial servicesLife sciencesManufacturingProfessional practicesProperty and constructionTechnology

            • yes I agree I have read and accept the privacy policy and am happy for Kreston Reeves email communications I have selected above






            You can unsubscribe from our email communications at any time by emailing [email protected] or by clicking the 'unsubscribe' link found on all our email newsletters and event invitations.