One of the main threats facing the Not for Profit Sector is the risk of Cybercrime. With more and more activity taking place online, the scope for malicious attacks increases. It seems that criminals have no compunction at targeting the Charity and Not for Profit Sector, perhaps believing that organisations are more “trusting” and defences are accordingly less developed. This has been exacerbated during the COVID pandemic as more activities are carried on remotely.
To mark Charity Fraud Awareness week, The Charity Commission has refreshed its guidance on protecting your charity from fraud and cyber-crime:-
This gives a rage of resources, giving links to areas such as reporting frauds, combatting insider fraud, establishing proper financial controls, cyber-crime and links to many resources such as anti-fraud policies, board toolkits e-learning videos and guidance on cyber-security and helpful websites.
Additionally, a new website https://preventcharityfraud.org.uk/ has been launched giving many helpful resources.
Key recommendations include:-
- Be aware of the issue and give it necessary priority
- The board needs to have this on their radar as a key risk as ultimately they are responsible for Cybersecurity
- Organisations however need to decide who is responsible for this on a day-to-day basis – board members may not be the best people to run with this
- Where necessary incidents need to be reported to the relevant regulator, being that the Police, or Charity Commission or National Cyber Security Centre. The board need to be made aware of any issues.
- Prevention is better than cure!
Remember that is not only financial loss that may occur, criminals will also be looking for personal details which might put you in breach of GDPR regulations as well as being damaging to your reputation.
The document includes links to helpful resources from the National Cyber Security Centre. There are resources specifically for charities which have wider application to the whole Not for Profit Sector.
Cybercrime is something that is not going to go away, and this is swiftly becoming one of the major fraud risks affecting charities. We all need to be aware of it and to take steps to mitigate this threat.