At Advocate, we provide debt recovery services to several charities. For them, having to instruct a debt collection agency is far more common than finding money has been taken without consent. Recovery of overdue charity invoices is one thing, but profiteering through ill-gotten gains is quite another. No one likes to think of their charitable donation being used to line the pockets of thieves. Charities are not immune to Fraud. Charities can be the victims of fraud through direct theft of funds held in a bank account or indirectly through donations being intercepted. Some fraudsters will even create a fictitious cause with the sole intention of embezzling donations.
The scale of Starting Up
As the Captain Tom Foundation recently brought into view, the cost of establishing a charity can be eyewatering. You’ve got consultancy and administrative fees, fundraising costs, advertising, marketing, website hosting, lease and furnishings, and not forgetting the payroll. It also showed the pitfalls for trustees if they have no prior experience in the sector. The financial structure and rules, including how revenue is generated and spent, involve a genome sequence different from that of a limited company. Directors answer to shareholders, and trustees answer to everyone else. Buying a thousand overpriced non-BSI-compliant blankets is a write-off and boardroom embarrassment for a director. A trustee doing the same thing faces far harsher scrutiny because the blankets cannot be used to benefit the charity’s mission. Further charity money is then used to dispose of the stock. Charities, of course, strive to hire those with relevant experience and knowledge. Larger charities offering a six-figure salary will inevitably get the cream of skilled trustees and managers, but even they can fall victim to the F word.
Scale of Fraud
Action Fraud reported that over £1.6 million was lost through online charity fraud in 2021. Charities themselves reported that £8 million was lost through other mediums of fraud. The real figure (taking into account direct and indirect unreported fraud) is estimated to be £1-2 billion per year. A recent survey found a mere 14% of charities said they actively invest in fraud prevention. If a charity goes public, announcing it has been the victim of fraud and has little to no fraud prevention measures in place, the fall in public confidence and donations places its very mission at risk. Hence, most instances of fraud go unreported. The pandemic saw indirect fraud increase, notably through email and social media scams.
Hacking & Ransom
In December 2020, the National Association for Voluntary and Community Action (NAVCA) found itself the victim of a cyber hack. Having lost access to the mailbox, the trustees quickly took steps to identify the issue and utilised a third-party IT company to secure NAVCA’s data. The hackers had changed the mailbox password using it to send 144 emails, presumably with phishing in mind. Gaining access to a mailbox or impersonating that of a registered charity to divert donations preys on the goodwill of the great British public. In addition to the reporting a company must go through when a data breach is identified, charities must also report to the Charity Commission. Suffice it to say NAVCA has strengthened its process and systems following the cyber hack.
Of all the weaponry in a fraudster’s armoury, ransomware is the most potent. It is the ability to access, withhold and steal an organisation’s digital files whilst seeking payment of a ransom sum before the data is repatriated. Payment is commonly requested in digital currencies such as BitCoin or Ethereum because they are harder to trace. 80% of ransomware attacks start with an unsuspecting employee clicking on an unsolicited weblink. Often hackers will threaten to make public financial or personal data if the ransom is not paid. When a charity holds information on vulnerable adults or children, the repercussions of having data made public go much further than a bit of bad press. Whether your charity makes pillows for hedgehogs or homes for refugees, the need to be cyber-secure and information security aware cannot be underestimated.
An Inside Job
It’s not just small charities that are vulnerable. Like a company, if an organisation grows too quickly, it can struggle to establish a management structure with the necessary safeguarding. They say a business can choose when to grow, whereas a charity does not have the same luxury. That is true of Help for Heroes, which was founded in 2007. What started off as a two-person team running an appeal to raise £3 million now employs over 300 people with a £20 million-plus pre-pandemic turnover. In 2014 a volunteer was sentenced to 54-months at Her Majesty’s pleasure (prison) for a £300K fraud. This had been committed over a 3-year period where HfH was growing exponentially. At the time, HfH did not have much in the way of fraud prevention. Suffice to say the charity has learnt a great deal and has implemented safeguards to avoid history being repeated.
Taken for Granted
We’ve talked about fraud on donated funds, but what about money going out through grants to the causes a charity supports? This is where an analytical eye is required to ensure beneficiaries meet the criteria, share the same vision, and serve the same mission as those for which donations are in aid. Not all good causes are good, and not all beneficiaries will use that money in the spirit intended. The incompatibility of a refugee camp receiving a grant whilst its managers stay in 5-star boutique hotels or a save water charity funding cotton farming is not lost on anyone! Charities like Children in Need are famous for actively showing what the donations have been used for and how the community has benefited. Such transparency instils trust and encourages repeat donations.
Victims of Fraud
Charity fraud cases have been hitting the headlines more frequently over the last decade. This is partly due to the drive for increased awareness. We’ll now look at recent noteworthy cases.
Autism Care: in January 2022 a former employee of Autism East Midlands was sentenced to more than 3-years imprisonment for a £145K fraud over a 7-year period. Being responsible for organising residential trips meant she had access to charity credit and debit cards along with petty cash. She was also found guilty of false accounting to cover up charity money spent on personal luxuries, including 14 holidays over the period.
Cancer: in 2021 the founder and former director of Little Heroes Cancer Trust was sentenced to 20-months in prison for defrauding the charity out of circa. £200K. He was ordered to pay back £25K. The charity ceased trading shortly after investigations began in 2015. Cash was either diverted to personal bank accounts or used to loan out and harvest interest. Whilst the charity had been set up to honour a personal tragedy, fraud prevented the LHCT from reaching its full potential.
Heritage Preservation: a former manager at Cardigan Castle Enterprises, which operates on historical grounds for charitable purposes, was given a suspended sentence and community service for his £40K deception. He has since pledged to repay the funds. His fraud included claiming the cost of a fictitious online course, diverting proceeds of the charity’s PayPal account, using the charity credit card for personal expenses, and understating cash banked from the tills having siphoned the difference.
Housing Services: a rogue tenancy service manager responsible for a Canning Town tower block on behalf of a housing charity received a 28-month prison sentence in 2020. Using the veil of a management company to break the audit trail of the tenant to charity, a total of £100K was fraudulently redirected to his personal wealth. Several flats were marked as unoccupied whilst the manager sublet them and pocketed rent. His solicitors cited a gambling addiction as a contributing factor to carrying out the 3-year fraud.
Heart Care: gambling was also a theme in the £200K fraud case from the British Society of Echocardiography by a former financial officer. In a given year that amounted to 20% of the charity’s revenue. Police started their investigation in 2019 with the magistrate handing down a 3-year prison sentence for the 5-years of misappropriated funds. The deception was made worse by the former employee initially trying to convince his small team of colleagues that a fraud warning email from the bank was a scam.
Youth Services: in 2021 Bristol police opened an investigation into the misdirection of £32K raised on a GoFundMe account supposedly on behalf of Changing Your Mindset. The charity had received recent press for their ambition of taking 15 young people on a trip to West Africa. Changing Your Mindset did not receive the monies donated in their name.
The Final Word
The human desire for power and money is embedded within our psyche and is arguably innate. The application of morals, ethics, and desire to be part of a just society is what prevents most people from resorting to fraudulent and illegal actions. In other words, you may covet your neighbour’s ox but draw the line at running away with it! Where actions fail society, the Justice system and Her Majesty’s Prison Service are utilised to provide that day of reckoning. Although fraud against a business is just as illegal, that against a charity strikes a particular moral chord.
Fraud in the charity sector is nothing new. It has always been an issue. Where there is money and kindness, there are always going to be opportunists or organised fraudsters hoping to take a gut-churning advantage. That said, the recent increased awareness by charities, great and small, who are bringing in strong fraud prevention measures, gives hope of a smaller operating window for the morally bankrupt and disdain.