Charity Fraud in 2019
The charity sector is currently facing a massive problem in the form of fraud. In fact, the latest data suggests that charities & charitable trusts lost £2.3bn to charity fraud crimes in 2017 alone.
With the National Crime Agency & National Audit Office suggesting fraud is now the UK’s most prevalent crime, we outline the common ways in which criminals have been found to defraud charities.
Late in 2016, the British & Foreign Bible Society was a victim of a large cyber-attack, in which the personal data of 417,000 people was stolen. The attack happened after a weakness in the charities network was exploited by cyber-criminals, leading to some supporter’s payment cards and bank account details being at risk.
The hackers utilised a ransomware attack to access and then transfer the personal data held by the charity. Ransomware is often used to lock data or threaten to publish It unless a payment is made.
These types of attack are on the rise, and cyber criminals are increasingly targeting charities that have poor cyber defenses. In the case of the British & Foreign Bible Society, the ICO fined the charity £100,000 for its poor cyber security measures, including an easy-to-guess password.
Reducing the Ransom Risk
The Governments Cyber Essentials website has useful tips for defending against an attack, including securing your online connection with a secure firewall, ensuring devices are set to secure, using strong and varied passwords, the use of two-factor authentication as well as encryption.
Combining these measures should make it difficult for a cyber-criminal to infiltrate your organisation.
For several years now, charity shops have been considered ‘easy targets’ for shoplifters- but this doesn’t always refer to random members of the public as its often staff and volunteers who have been found guilty of theft.
Research conducted by the Charity Retail Association found that since 2016, 45% of charities felt incidents of theft had increased.
Subduing the shoplifters
Training staff on the ‘common signs’ of shoplifting is a good way to reduce the crime. Common signs can include: nervousness, wearing baggy/heavy clothing out of season & behaving strangely. In addition, mirrors and lighting can help to prevent occasions of shoplifting.
In order to prevent internal thefts, charities should put in place stock controls, follow up employee references and carry out random bag searches.
3) Money Transfers
Simon Price, former chief executive of Birmingham Dogs Home, was sentenced to 5 years in prison in 2017 for stealing over £650,000 from the charity. Price was able to authorise payments to his personal bank accounts using a combination of fraudulent invoices from marketing firms, construction companies and solicitors.
Fortunately for the charity, £500,000 was able to be recovered from betting website- Paddy Power Betfair- after it was ruled by the Gambling Commission that insufficient anti-money laundering checks were conducted. This is not always the case, and in the past charities have been forced to close as a result of insider fraud.
Transferring the threat
Its important to ensure that no one-person has too much trust or responsibility for the charity’s finances. This can be achieved with measures such as: Double sign-off for bank transactions and large payments, more than one individual counting cash & frequent checking of the charity’s transactions against its bank statements.
In addition, charities should educate themselves on how insider fraud works and put measures in place to reduce the risk within the organisation.
4) Phoney Fundraisers
We know the extreme lengths some criminals will go to in an attempt to defraud a charity- some criminals will even impersonate charity collectors or set up fake fundraising accounts in an attempt to collect funds that otherwise would have been donated to legitimate charities.
Back In 2014, two men were imprisoned after impersonating Help for Heroes bucket collectors before an England game at Wembley. The men wore jackets taken from the charity and carried fake identity cards collecting donations before the days game.
Fighting the Phoney’s
Frustratingly there is little a charity can do aside from informing the public of the tell-tale signs. Recommendations from the Fundraising Regulator includes checking identification, permits and licenses. In addition, fundraising materials that are being used can be checked for the charity’s registration number and other details such as company logo or landline number.
5) Push-payment Scams
This type of fraud involves criminals encouraging employees to send money to bank accounts under the control of the fraudster, charity workers are often convinced by the fraudster impersonating individuals or organisations.
The most common method used is an email asking for an invoice to be paid, often from the organisations finance director or chief executive, but instead containing the criminals bank details.
This type of attack received attention in September when many charities received fraudulent emails pretending to be from the Fundraising Regulator, requesting payments for its service. Fortunately, the regulator sent out a warning to charities informing them of the nature of the fraud.
Pushing back against payment scams
Creating a culture within the charity can be a useful way to ensure staff are aware of these types of fraud. By conducting compulsory training for staff ensuring they are vigilant, charities can reduce the risk of fraud to the organisation.
Reducing the risk with Insurance
Beyond taking these steps to reduce the chances of fraud, its vital to ensure that you are properly covered should fraud occur. Contact our expert team at ThirdSectorProtect to learn more about reducing risk with insurance.
For more information on handling fraud risks within your charity, read another of our blog posts:
- 2019’s newest charity scam.
- Charity fraud: Common types and how to prevent them.
- How to prevent fraud within your charity.