The Covid-19 pandemic has made charities more vulnerable to fraud, with organisations facing unfamiliar operational challenges, continuing to work remotely, rolling out new communications technologies, and attempting to meet extra client needs caused by the crisis.
With altered working patterns becoming the norm, and reduced real-life interaction between charity staff – not to mention the ongoing financial squeeze stretching personal finances – the current climate is a fertile ground for fraudsters and cybercriminals.
Whilst the crime rate in many areas has reduced during the pandemic, it is reported that fraud has increased by as much as 40%. Even before the pandemic, the Charity Commission found that up to a third of charities would become victims of fraud. So awareness of the problem, implementing fraud prevention measures, and vigilance have never been so important.
According to The Fraud Advisory Panel, the four headline fraud risks in 2021 are:
· Cybercrime: especially phishing emails, data theft and ransomware attacks. Other risks include people impersonating the organisation in emails or online, and viruses, spyware and malware. This can lead to websites slowing down or crashing, loss of access to files and networks, and corruption of both software and hardware.
· Insider Fraud: staff and volunteers coming under increasing financial pressure may find themselves tempted to take advantage of financial systems and controls which have been weakened or compromised by the response to the pandemic.
· Procurement Fraud: because the trading environment is so tough, and the supply chain in such chaos, the opportunity for staff, contractors and suppliers to collude, manipulating procurement processes by ordering overpriced or sub-standard goods, and taking bribes, is much greater than before the pandemic. And remote working may mean that physical checks on procurement are not as robust as they might once have been.
· Financial Statement Fraud: charities which are in financial difficulty – as many are – may be tempted to misrepresent their financial position to project an image of solvency.
The Fraud Advisory Service and the Charity Commission talk about a ‘fraud triangle’, with three elements which need to be present for fraud to occur. Understanding these is a big step towards being able to spot when an organisation might be vulnerable to fraudulent activity:
· Pressure, motive or incentive: this could be money worries, other personal problems or health issues
· Justification or rationalisation: this could range from a sense of grievance (perhaps because of being made redundant), or even a misguided sense of loyalty towards the charity itself
· Opportunity: Remote working, weakened monitoring, stretched resources all might contribute to making fraud possible.
Awareness of the problem is a big step towards preventing it, but there are a number of simple steps that charity management and trustees can take to minimise the risk of fraud. These range from basic cybersecurity measures such as strong passwords, updated software and data backups, to ensuring that whistleblowing policies and procedures are robust and well-understood within the organisation.
Above all, charities should be reviewing how any changes in the way they work which have been brought about by the pandemic, to ensure that they are not opening up the charity to additional fraud vulnerability.
The Fraud Advisory Panel has
launched a new website to coincide with Charity Fraud Awareness Week, which is
full of advice on how to avoid becoming a victim of fraud. It can be found at www.preventcharityfraud.org.uk.