“For most charities it is now a question of when, not if, they are targeted”. These are the sobering words of the Charity Commission speaking of fraud in their recent publication “Tackling Charity Fraud” (https://www.gov.uk/government/news/tackling-charity-fraud-new-resources) . Fraud is already thought to cost the charity sector around £2.3bn per year and although thankfully, fraud is still rare in churches, it is not unheard of. To use one example, a long standing trustee and church member was responsible for administering conferences. He handled this by himself with no one else involved. He “borrowed” around £12,000 to help him through a personally difficult time but did not, and could not, repay it.
The Commission adds that charities are sometimes seen as soft targets and so it is important that fraudsters and the general public see that fraud is being taken seriously.
So what is in the guide?
A good deal of the guide appears to be aimed towards larger charities, but that is not to conclude that smaller charities are not at risk. It certainly highlights practices and procedures that smaller charities and churches can use effectively.
The guide suggests that the term cybercrime is often misunderstood to mean highly sophisticated targeting including ransomware and hacking, but goes on to say that in the main cybercrime is more likely to be low-tech “cyber-enabled” crimes like theft and forgery.
The report offers some straightforward advice to protect against cybercrime including:
A separate guide “Cyber Security: small charity guide” (https://www.ncsc.gov.uk/collection/charity) explains the background to some of the more common cyber related threats and provides a series of tips in many of the areas listed above.
Protecting your information
A data breach can do very significant damage to a charity’s reputation so it is important that churches know what information they hold and why they hold it, and whether in paper or electronic form, that it is stored securely. Interestingly, most breaches are people oriented, (e.g. the theft or loss of papers) rather than system oriented, but with the recently arrived GDPR, this cyber guide is also a useful tool to help you keep electronic data secure.
Common charity frauds
The report highlights common charity frauds and how to prevent them.
Most churches will have good relationships with those people and organisations which it provides grants to. However, there may still be times when grants are provided to organisations less well known to the church. Here, the advice is simple; do your due diligence. Find out who it is that is requesting the grant and be sure that church funds are reaching their intended targets.
This is predominantly referring to fraud where banking details have been obtained by the fraudster and used to transfer money out of the charity’s bank accounts. Once again, by following simple steps the chances of this can be reduced.
Proper banking controls are important in all churches and charities. The paper “Financial controls in churches and small charities” (https://www.stewardship.org.uk/resource/financial-controls-churches-and-small-charities) has a lot more information.
Staff and volunteer fraud
The report does not cover the possibility of staff or volunteer fraud, but as unpalatable as it may be these things can, and do, happen in churches. All churches should have simple controls in place, in part to protect the church’s assets and in part to protect people and reputations.
Accountability is not the enemy of trust and neither is good administration the enemy of generosity; but both are essential elements of financial wisdom.
Registered Address: 22 Newland, Lincoln LN1 1XD