A pernicious and disheartening crime, fundraising fraud poses a threat to the entire charity sector. Here, experts provide their thoughts on how to manage the relevant risks.
Last November, Richard Bramley was sentenced to 16 weeks in prison (suspended) and 200 hours of community service for defrauding Macmillan Cancer Support of donations to charity golf events he had held over 11 years.
In proceedings at Boston Magistrates’ Court, it emerged that money Bramley had raised in his string of Longest Day Golf Challenge tournaments had never made it to the advertised destination. Following a probe by Macmillan’s in-house counter-fraud team, Bramley pleaded guilty to fraud by abuse of position. Further to his above punishments, he was ordered to pay the charity £2,400.
This episode illustrates how fundraising fraud exploits trust and rides on the coattails of brands established for the express purpose of appealing to our better natures. While this can be relatively small amounts of money, prolonged frauds may be material to the financial statements, and reputational damage to the charity has to be a consideration.
Occurring in both misrepresentative and official contexts, fundraising fraud typically takes one of three forms:
- people posing as fundraisers who take donations from the public without any intention of forwarding them to the named charity;
- third-party fundraising agents acting on behalf of a charity keeping a percentage – or all – of the donations they have been contracted to raise; and
- internal charity employees dipping into, or skimming, donations received from members of the public.
Lurking over all of those risks is a sector-specific challenge. “I think it would be very difficult for a charity to discover that it has fallen prey to fundraising fraud – or, if it does, the extent to which it has been affected,” says Louisa Burton, a member of ICAEW’s Charity Community (formerly the Volunteering Community) advisory group, and is writing a PhD on fraud against small charities. In a Type 1 or 2 case, she says, a charity may not be tipped off until a donor gets in touch asking whether their funds have been received. In a Type 3 case, she is not confident that a standard audit process would find an issue: “It wouldn’t necessarily be looking at each individual transaction in detail.”
The charity sector also suffers from cultural blinkers when it comes to risk factors associated with fundraising fraud, underlining one of the crime’s most saddening aspects.
“Many charities think: well we don’t have any fraud here, because we’re a charity,” says Dave Carter, Chair of the Charities Against Fraud Group. “This ties into one of the most interesting facets of criminology. Individuals tend to believe that other people share their moral values. And because the vast majority of people who work for charities are kind, warm-hearted, altruistic people, they assume much of the time that their colleagues and those who act on their charity’s behalf are cut from the same cloth.”
However, Carter stresses: “Blind trust is not a control. What we need is lots of accountability and not a lot of trust. But in reality, we have the reverse.”
Alone with cash
In Burton’s view, a risk could arise from a charity failing to keep in regular contact with its donor community. A charity that spends a lot of time talking to donors by letter, email or social media would be more likely to pick up on issues around impersonation or fraudulent contracting. For example, donors who haven’t received thank-you letters for the safe receipt of funds would raise that with the relevant charity if it is normally quite communicative, and their feedback could red-flag a potential fraud.
While internal fundraising fraud in a digital context could eventually be picked up from the emergence of suspicious patterns, the appropriation of physical cash may be much harder to uncover. Burton says: “You would definitely need controls around people being alone with cash. For example, you should have two or more people opening mail or emptying cash buckets – plus teams to set controls on cash buckets coming in and going out, including steps to ensure they are properly sealed and locked.”
Burton acknowledges the difficulty of tackling imitative, fraudulent campaigns, because a charity’s natural instinct is to get its message out to as many people as possible. However, she says: “I’d recommend doing all you can to protect your campaign’s domain name, plus similar domains and registered trademarks, to make life harder for people who may attempt to set up mimicking websites.”
What role should finance, accounting and auditing teams play in addressing fundraising fraud risks? Carter says there is significant scope for them to help devise and implement a set of dedicated policies and procedures, and then support their effectiveness. “For example, bank reconciliation and journaling: do you have a way of pinning down a definitive balance of what’s come in versus what’s gone out, and documenting transactions for future reconciliation?”
Those sorts of areas, though, are mere starting points. “You could have the best policies and procedures in the world,” he notes, “but they are totally ineffective if staff are unaware of them. So, it’s vital to drive awareness – not in a one-off set of internal communications, but on a constant, rolling basis. Once that awareness is in place, the next step is that the policy must be enforced. Charities tend to find the word ‘enforcement’ a bit scary, because it sounds somewhat draconian. But all you are doing is taking measures to ensure that the letter and spirit of your policy are adhered to. And that can be done in a very professional, sympathetic and human way.”
In addition to contributions from accounting and auditing staff, that approach would require broader input from those responsible for governance – so charities would benefit from close cooperation between their finance and senior teams. “Tone comes from the top,” Carter says. “If senior figures don’t care about fraud, no one else will. Plus, any charity should have a fraud champion who routinely sends out updates about risks and how to address them – preferably the CEO, CIO or at least a prominent trustee.”
This would be particularly useful for smaller organisations. “A lot of big charities have fairly evolved control frameworks, policies and procedures,” Carter says. “But when we turn to the large volume of very small charities, I think they probably have quite immature control frameworks.”
For Carter, fundraising fraud is a reputational issue with a direct impact on charities’ ability to source funds from the public. Burton agrees – and goes further. “Ultimately,” she says, “it’s an existential threat to the sector as a whole. By undermining public confidence, it threatens the industry’s resilience, because people will be less willing to donate.”
In comments provided to Insights for this article, independent watchdog the Fundraising Regulator said: “Accountants, auditors and finance teams play a vital role in ensuring a charitable institution’s assets and resources are used only for the purposes for which they were given, including the prevention of charitable fraud.
“The Fundraising Regulator advises trustees and finance teams particularly to be alert to the potential of fraud, identify ways that fundraising could be at risk of fraud, and consider mitigating actions to prevent fundraising fraud – including training staff to spot the signs.”
It added: “When working with external parties from agencies, volunteers and commercial partners, charities should carry out appropriate checks on them before entering into an agreement and make reasonable efforts to monitor their fundraising efforts regularly to ensure contracts are being delivered as intended.
“This will ensure charities are confident that fundraisers can and will do what you expect of them – and prevent you falling victim to fraud.”
ICAEW’s Charity Community is free to join for all. Find out more about the advice and resources it provides here.