It’s a really sad fact that there are so many people looking to take advantage of other’s trust.
Charities in England and Wales spend nearly £80 billion of valuable funds a year and it is therefore not too surprising that they are a target for criminals.
On talking to larger clients they tell me that they have a fake email requesting payments almost every week, so vigilance across their entire team is key to protecting them from scammers.
As charities are becoming smarter at spotting these fake emails, cyber criminals are looking to third parties to help them circumvent this. Sending emails as if they come from employees of the charities to payroll providers asking them to change bank details is just one recent case I have seen.
But it’s not just the faceless cyber criminals that are worrying trustees up and down the country. Sometimes it is much closer to home. Employees working within charities can naturally build up a huge level of trust and it is this breach that can be so upsetting as well as damaging.
One example is of a client, who had a long standing employee, who always ensured that they got everything done, working extra hours to show their devotion to their work. The trustees didn’t have time to check and authorise every payment and the employee started to test this with small payments being diverted.
Gradually the employee became more confident and set up fictitious supplier accounts, creating false invoices. They began to rely on the extra income that they were making for themselves so looked for other ways to increase their income. As they also operated the payroll, when employees left, rather than remove them from the payroll, they simply changed the employees’ bank details to their own.
The clues were there if the Trustees looked close enough. Expenses were regularly exceeding budgets in areas where they were not expecting variances. The employee even talked about the more luxurious holidays that they had started to enjoy.
Another example was of an employee, who wrote out cheques for lottery winners, which were expected outgoings for the charity. The long standing employee convinced the trustee to sign blank cheques so that they could be ready to be sent out as soon as the draw had taken place. Paying themselves a large volume of small prizes each month was easy – the larger winners were listed on the website and nobody was expecting the smaller prizes so didn’t complain when the cheques didn’t arrive.
Again, the clues were there. Cruises seem to be popular with criminals! The employee kept delaying the internal auditor, but the real clue to the fact that something was wrong was only picked up by close scrutiny – the smaller prizes always cleared the bank 2 days after being sent. Think about it, if you receive a small cheque, wouldn’t it be likely to sit on your mantelpiece or in your purse until the next time you visited a bank?
In all of the above cases clear internal procedures could have helped prevent the loss, but it’s not just a case of having procedures in place, it’s about ensuring they are followed.
The Charity Commission issues regular guidance on how to help prevent fraud with easy to read guidelines. As we approach the end of National Charity Fraud Awareness week I encourage you take a look at recent documents issued.
In its Guiding Principles for Tackling Fraud the Charity Commission points out:
- Fraud will always happen – simply being a charity is no defence
- Fraud threats change constantly
- Prevention is far better than cure
- Trust is exploited by fraudsters
- Discovering fraud is a good thing
- You should report every individual fraud
- Anti-fraud response should be proportionate to the charity’s size, activities and risks
- Fighting fraud is a job for everyone
Here at Rickard Luckin we have an experienced team who can help review the procedures you have in place, identify weaknesses and make recommendations for improvements. The reviews can be tailored to your specific needs and the findings presented in an easy to read document for management and trustees alike. So, while the Charity Commission acknowledges that fraud will always happen why not ask us to help you to mitigate that risk.