Nearly every week there seem to be reports of a prosecution for fraud in a charity. Serious incidents reported to the Charity Commission almost doubled in 2010-11. They included 371 cases of theft and fraud valued at £6m. According to the National Fraud Authority's 2011 Annual Fraud Indicator, fraud is estimated to cost the charity sector in England and Wales £1.3bn – roughly 1.7% of the not-for-profit sector's income. As many fraud cases will go undetected or unreported, the actual figures are likely to be considerably higher.
The sad fact is that fraud is on the rise, no doubt fuelled by the economic crisis. In February, the Charity Commission was compelled to call on charity trustees to minimise the risk of fraud after four incidents where trustees were convicted. The ability to detect signs of fraud is a major concern, particularly in smaller organisations. Ultimately, trustees are responsible for fiduciary controls and stewardship of their charity, for preventing fraud and for reporting it.
Interestingly, fraud became a criminal offence only in 2006, with the introduction of the Fraud Act which defined the offence in three classes: fraud by false representation, fraud by failing to disclose information, and fraud by abuse of position. What all these definitions have in common is that fraud is theft.
It seems that one of the biggest issues charities need to overcome is the willingness to talk about fraud. Many shy away from such discussions, believing perhaps that it indicates a lack of trust in their staff and volunteers. In so doing, they stumble at the first hurdle. Boards need to consider carefully that it is the duty of trustees to communicate clearly that fraud is theft and will not be tolerated. One way of communicating that message is by having a clear policy that includes details of what fraud means, how the charity expects to detect fraud, how it will respond to fraud as well as a policy to support whistleblowing.
Why and when does fraud occur?
When looking at how to minimise the risk of fraud, it is important to be aware of why it happens. Evidence points to the fact that fraud tends to occur when one of any of the following factors are present: first, if there is a perceived opportunity or weak process, such as a lack of financial controls or signed cheques being available; second, if there is pressure or incentive from a third party or from personal circumstances; and, third, when someoner rationalises that what they are doing is OK.
Other challenges are present, too. Charities can be more vulnerable if they rely on goodwill and volunteers, or if they find it potentially awkward to vet and to impose good practices. Equally, they may be funded through cash donations, which can be hard to track, and they may have dispersed activities. All these issues make charities a target for fraud.
There are insider risks too, such as the use of temporary employees, particularly in the finance department. Equally, failure to vet new employees sufficiently is a major risk. Kate Sayer, a partner at the auditing and consulting firm Sayer Vincent, pointed out that 15% of all CVs contain at least one lie. And fraudsters do get new jobs. Always take up references, especially for professional qualifications and, if at all in doubt, a phone call will often be more enlightening than a standard reference.
To reduce insider risks, internal controls need to be robust and good systems need to be introduced. To quote Terry Pratchett: "Just because you're an angel doesn't mean you have to be a fool." It is good practice and management to have robust processes, not least for the protection of your staff and volunteers.
So what can charities do to improve controls?
First of all, charities need to have clear processes that run throughout the whole organisation, especially those that are concerned with funding, finance and the ways in which the charity is represented. It is common practice to ensure that duties are segregated so that no one person has responsibility for an entire process.
Controls need to be led from the top, established by the executive team and supported by the board as part of the regular risk assessment and mitigation. They should include both preventive and detection elements. Prevention would include ensuring clarity of roles and training. Examples of good detection controls may include the authorisation processes – deciding who in the organisation has authority for making purchases and banking funds, as well as providing independent reviews. Occasional spot checks by the honorary treasurer on invoices or cheques raised may be enough to deter.
Another important consideration is having a policy in place on whistleblowing. The most common method of detecting fraud is by others in the organisation flagging up areas of concern either to their line management or the board, so it is important that employees have clear procedures and guidance and understand to whom they can talk, with the reassurance that it will be confidential.
An action plan on how to deal with fraud is also a good idea. This would include how the fraud is reported to the police, Action Fraud and the Charity Commission. This plan also needs to involve human resources who would, in the case of insider fraud, play an important role by interviewing potential witnesses and ensuring that all the correct legal procedures and steps are taken.
It isn't pleasant to think that people who are working hard within your charity may be capable of fraud, but the sad truth is that more and more charities are suffering. High profile cases are damaging the public's perception of the whole sector, and every charity has a responsibility to make sure that sensible safeguards are in place. While charities cannot eliminate fraud completely, they can introduce processes that will protect them and reduce their risks in the future.
Denise Fellows is chief executive of The Honorary Treasurers Forum.
This content is brought to you by Guardian Professional. To join the voluntary sector network, click here.
