The Charity Commission has recently updated its guidance to help trustees protect their charities from fraud and cybercrime.
At the release of the guidance, Mazeda Alam, Head of Guidance & Practice at the Charity Commission said that “It is every trustee’s responsibility to ensure they’ve done all they reasonably can to protect their charity from harm – reading our guidance is the best place to start.”
Whilst cybercrime might be seen as just one type of fraud, over the last few years this area has become far more important in its own right, particularly for organisations that handle money and personal data. Through its casework, the Charity Commission identified that most common type of cyber fraud experienced by charities was phishing attempts and as a firm we have seen this happen at a number of charities over the last few years with, in some cases, significant sums of money being lost. However, criminals are becoming more and more sophisticated in their attempts to gain access to systems and extract money from organisations. Trustees need to think about the robustness of both their IT systems and internal processes to prevent unauthorised access to their systems. Unless they have suitable internal expertise, charities may well need to engage a specialist company to assist them.
The Commission’s cybercrime guidance seeks to help charities protect themselves from this ongoing threat. It sets out the importance of establishing an internal culture of fraud and cybercrime awareness.
The fraud guide explains what to do if fraud or attempted fraud is discovered at a charity and provides tips on how to reduce the risk of fraud taking place. It explains the importance of having robust internal financial controls and signposts to the Commission’s more detailed guide about this.
Both guides highlight the importance of reporting all fraud attempts, including those that failed, to Action Fraud. Fraud is underreported, with many hesitant to report incidents. Reporting enables trustees to get the support they need and means there is a more accurate picture of how fraud is affecting the sector. The guidance for 'Protect your charity from cyber crime' can be found by clicking here and the guidance for 'Protect your charity from fraud' can be found by clicking here.
If you wish to discuss this further, please contact one of our Charties team members here.
