Roedd swyddfa o bobl yn eistedd o flaen sgriniau cyfrifiadurol yn llawn data a chod cyfrifiadurol amrywiol

Charities urged to take action to protect themselves from fraud

Published: 29/11/23 | Categories: Information & support, Author: Siân Eagar

This is an update of a blog originally published 28 September 2022 by Sian Eager

For Charity Fraud Awareness Week 2023, we want to remind charities about the ever present need to be alert to fraud and cyber crime.

Charity Fraud Awareness Week takes place between the 27 November and 1 December 2023 and the need for this initiative is as great as ever. This campaign, led by the Fraud Advisory Panel, aims to tackle fraud and cyber crime by raising awareness and sharing good practice.

Fraudsters diverted more than £2.7m from charities in the last year, according to Action Fraud, and there were 501 charity fraud crime reports between 1 November 2022 and 31 October 2023.

Voluntary organisations are being encouraged to think about the risks of fraud and take steps to ensure their money, people and data are kept safe. Many organisations continue to be susceptible to fraud and the risks are increasing as we move from the pandemic to the cost of living crisis.

During the pandemic many voluntary organisations, large and small, faced unfamiliar operational and financial challenges, the urgent shift to remote working, the roll-out of new communications technologies and additional demands on staff and volunteers, which together created significant new fraud vulnerabilities. In many cases these changes in working practices are here to stay and now we face the added pressure of a cost of living crisis that creates financial worries for everyone.

Whilst it is difficult to accept that anyone would commit fraud against a voluntary organisation, the current economic climate creates a heightened risk. The main types of frauds that organisations need to be aware of are:

  • Cybercrime (including cyber-fraud): in particular, phishing emails, data theft and ransomware attacks will all continue to be key risks.
  • Insider fraud: staff and volunteers coming under increasing financial pressure may try to take advantage of weak financial controls.
  • Procurement fraud: a tougher trading environment may prompt the manipulation of procurement processes to supply goods and services that are overpriced or which simply never arrive.
  • Financial statement fraud: organisations in difficulty may be tempted to present a façade of solvency by fiddling the books.

These risks may seem daunting but the best thing an organisation can do to protect itself is to get the basics right. Here are some top tips on fraud prevention with a few useful links to get you started –


  • Review ways of working and financial controls. Consider how new ways of working may have affected your financial controls and procedures. Make sure that you have a robust financial control policy that is followed at all times. This information sheet on our Knowledge Hub shows you how to create a financial controls policy.
  • Cyber security. Make sure you have good, basic cyber-security measures: strong passwords, regular data backups, and software updates performed as soon as they become available. If you want to learn more the National Cyber Security Centre (NCSC) has an online learning module for small voluntary organisations and other resources for use by staff and board members.
  • Training and awareness. Check that individual trustees, staff and volunteers understand their own role in preventing fraud and cybercrime. Are they sufficiently knowledgeable to recognise red flags, confident to raise concerns and secure enough to be open about their own mistakes (such as clicking on a dodgy link in a suspicious email)? There are lots of free resources to help with this on the Charity Fraud Awareness Hub.
  • Whistleblowing and attitudes. Review whistleblowing policies and procedures and try to foster a no-blame culture that prioritises collective learning not punishment. Start a regular and open dialogue about fraud with your trustees and managers so that people feel able to talk about any concerns they have. This Knowledge Hub information sheet explains what you need in a whistleblowing policy.
  • Recruitment. No one wants to think that the people they work with might not have the best interests of the organisation at heart, but as the cases of ‘insider fraud’ show, sadly this is sometimes the case. Make sure you have a recruitment policy, ask for references and to see original ID and qualification documents. Carry out any appropriate background checks and make sure people are being supervised in their roles. Read this help sheet on Getting to know your staff for some guidance.

Charity Fraud Awareness Week provides the ideal time to learn more about how you can keep your organisation safe from fraud. Visit the  resources on the website.