Charities and fraud risk

A 2024 UK charity fraud survey found that 50% of detected charity fraud cases involved insiders: staff, volunteers, members, or trustees. These cases included misappropriation of assets, bribery, payroll and procurement fraud. Global research by the Association of Certified Fraud Examiners (ACFE) also highlighted similar patterns, including the misuse of funds, false invoices, and fraudulent fundraising, often committed by employees or trustees for personal gain. Awareness of these risks is critical for all charities. 

Examples of charity fraud:

• USA: The founder of Feeding Our Future was convicted of defrauding $250m in Covid-related aid by submitting fake names of children supposedly fed.
• Northern Ireland: A charity employee falsely claimed over £1m in donations to receive £250,000 in Gift Aid.
• UK: A fundraising chairperson misappropriated £225,000 for personal use.
• UK: A gang dressed in teddy bear costumes impersonated Children in Need collectors, stealing £500,000.
• Globally: Cyber fraud is a growing threat, especially phishing and impersonation scams. In 2019, fraudsters impersonated Salvation Army executives to access sensitive data.

The most common form of cyber fraud against charities is “authorised push payment” fraud or “payment diversion” fraud. This occurs when a fraudster impersonates a supplier, creating invoices that appear to be legitimate to redirect funds.

Why does fraud happen? The Fraud Triangle

The Fraud Triangle, developed by criminologist Donald Cressey in 1953, explains that fraud occurs when three elements align: 

1. Opportunity: By implementing strong internal controls and regularly testing and assessing them, we can ensure that we reduce or eliminate the opportunity for fraud.
2. Pressure: This can be perceived or real. A person may be living beyond their means, they may have an undeclared gambling addiction, substance abuse or external stressors which you are unaware of. Open communication and HR support can help, but red flags such as lavish spending or frequent luxury holidays should be noted.
3. Rationalisation: Often driven by the belief that “everyone else is doing it.” This can be addressed through strong ethics, visible leadership integrity and a safe, anonymous whistleblowing system. 

A cultural blind spot

A 2023 paper, Understanding Fraud in the Not-For-Profit Sector: A Stakeholder Perspective for Charities, highlighted “trusting indifference” – the tendency of donors and beneficiaries to underestimate the severity of fraud due to assumptions of ethical conduct and the “warm glow” of giving. This complacency can weaken monitoring and accountability. 

The study introduced the Fraud Tower Model, identifying three key risk layers:

1. Social factors – where social dynamics create opportunities for fraud, exacerbated by a lack of oversight.
2. Organisational conditions – where charities often function in relaxed control environments with inadequate oversight, increasing their susceptibility to fraud.
3. Opportunity seekers – individuals who target charities as easy fraud opportunities. 

What can charities do to prevent fraud?

The following list is a starting point:

• Establish strong internal controls and segregate duties.
• Conduct regular fraud risk assessments and follow up on findings.
• Promote and maintain an anonymous whistleblowing system.
• Strengthen cybersecurity and controls against APP fraud.
• Provide regular anti-fraud training for all staff.
• Foster an ethical culture backed by leadership.
• Create and enforce a Code of Conduct.
• Ensure consistent disciplinary action when fraud is detected.
• Implement an Internal Audit function to regularly test controls.

How Forvis Mazars can support you

Our dedicated not-for-profit team can help your organisation stay protected from fraud. Contact us today.