Keeping Your Charity Safe From Fraud & Cybercrime

Due to the Government’s coronavirus lockdown measures, charities were forced to make immediate – overnight, in some cases – changes to their ways of working. While the transition to homeworking has been good for business continuity, flexibility and physical safety, it has left charities vulnerable to civil fraud while they were finding their feet – creating new opportunities for fraudsters to dupe the sector.

International Charity Fraud Awareness Week, which takes place between Monday 19th October and Friday 23rd October, brings together those in the charity and not-for-profit sectors to increase awareness of fraud and cybercrime.

As a result of the coronavirus pandemic, it’s never been more important for charities to know the warning signs to look out for so they don’t fall prey to civil fraud, as well as what charities should do if they think a crime has been, or is about to be, committed.

Why are charities at higher risk of fraud during the coronavirus pandemic?

The past seven months have been unparalleled and there’s no doubt that every charity in some way, shape or form will have been affected by the pandemic.

When it comes to fraud, the main risks that will have arisen from the coronavirus outbreak will be due to charities and their employees being distracted or taking their eye off the normal safeguarding procedures they had in place before the pandemic struck.

Changes to normal business practices when people made the shift to working from home is likely to have led to a breakdown in systems intended to safeguard charities, personal affairs and processes, which, in turn, could give fraudsters the opportunity to take advantage.

The downturn in economy is also likely to have had an impact. When times are desperate, people turn to desperate measures to see them through. Charities have been forced to function differently, therefore fraudsters may be able to infiltrate them more easily.

While it’s expected that charities will be at a higher risk of fraud during the coronavirus pandemic, unfortunately, as is the case with most civil fraud, the full extent of how many offences have been committed during this period will only become apparent further down the line.

The cleverer the fraudster, the longer funds take to be recovered. Until then, it’s impossible to say for sure whether the coronavirus pandemic has allowed for a surge in cases.

What cybercrime scams are charities, their staff and volunteers most at risk of?

Fraudulent emails, also known as phishing, texts and phone calls are the main types of scams that can reach staff and volunteers.

For example, scammers often pretend to be from an official source – such as a bank, a charity supplier or CEO – and intercept and spoof the organisation’s emails. A charity will then receive an email from the company stating it has changed its bank account details. Often, it’s only when an invoice is chased, which could be weeks later, that the fraud will be uncovered.

Fraudsters use technology to make the messages look legitimate, but ultimately, they trick people into handing over their bank details, calling premium numbers or downloading malicious software.

Most scams have one thing in common – they will create a sense of urgency. The correspondence is designed to rush people and prevent them from thinking twice. However, such urgency should also be a warning sign and an alert to potential fraud.

How can I safeguard my charity from fraud?

While it’s true the past months have been extraordinary, the key to safeguarding your charity against fraud remains the same – be vigilant.

It’s vital charities alert volunteers and staff to examples of cybercrime and make them aware that fraudsters are constantly finding new vulnerabilities. If in doubt, they should always call the sender – on a trusted and verified number – to find out if a message is genuine.

Whether you’re dealing with money transactions or starting to move back to working in person again, it’s of paramount importance you remain completely aware of what you’re doing and what is happening within your charity. This way, you’ll be able to spot if something doesn’t feel right or add up much more quickly.

I think my charity has been defrauded – what should I do?

Every fraud is different and varies in size and severity. Therefore, there isn’t a ‘one size fits all’ answer.

The essential first steps, however, should be to close off any possibility of a repeat scenario, whether this means changing passwords and procedures or dismissing any employees who may have been involved.

Next, obtain a complete backup of physical or electronic documents and set out a detailed timeline of events to provide clarity on the situation.

If there are any identifiable individuals involved, it’s important you approach the police immediately. If these individuals are likely to still be in possession of the funds they’ve stolen, you should proceed through the Courts without delay to try and recover them.

If required, you can pursue an injunction to freeze assets in the UK and worldwide and, if necessary, even an injunction permitting the equivalent of a civil search warrant to be issued over the defendant’s properties and documents, and computers to be seized and searched.

How Nelsons can help

Cathryn Selby is a Partner in our Dispute Resolution team.

If you would like further advice in relation to the subjects discussed in this article, please contact Cathryn or another member of our expert team in Derby, Leicester or Nottingham on 0800 024 1976 or via our online form.