Cifas Homepage
NewsroomCareersContact Us

Tackling the insider threat at charities

19 October 2021

The UK likes to think of itself as a nation that champions charities. At Cifas, our staff are provided with volunteering days to support a charity of their choice, and we also organise regular fundraising activities for our chosen charity of the year, UK Youth.

Research by the Charities Aid Foundation discovered more than £5 billion was donated by the public to UK charities in the first six months of 2020 and almost 1 in 3 UK adults participated in some form of voluntary work in 2019/2020 according to Statista.

When we donate our time or money to support a charity, we hope we are going to directly help the cause: whether that be funding life-changing medical research or supporting a local donkey sanctuary. Thankfully, most donations will reach their intended destination and help to make a difference.

But sadly, the charity sector is just as vulnerable as any other to the insider threat, meaning funds raised to support the charity and its missions could be ending up in the pockets of criminals.

The insider threat in charities

There are typically three factors present when somebody commits fraud:

1. An opportunity to commit fraud;

2. A motivation; and

3. The perpetrator must be able to rationalise the fraud.

As with any other sector, there are multiple reasons why charity employees may be motivated to commit fraud, such as if they’re facing financial hardship at home or being coerced by others. Charity workers may also be presented with opportunities to commit fraud, such as if they have access to data or accounts. However, it seems inconceivable that an employee would be able to rationalise stealing from a charity when they know the impact those funds could have.

Despite this, examples of insider fraud in the charity sector are clear to see.

In 2017, a head of a homeless charity in Wales was jailed after he abused his position to swindle £1.3 million by forging invoices which allowed him to live a lavish lifestyle. His fraudulent use of funds meant to support the charity saw him spend £100,000 on boats, £26,000 on airfares and £80,000 at The Savoy. The charity, which had been providing support to those in poverty or facing homelessness in Wales for more than 40 years, went into administration because of the insider fraud, resulting in 20 people losing their jobs and being owed more than £292,000 in pay when the charity went into liquidation.

In a more recent instance, earlier this year a hospice charity shop manager stole over £9,000 from the charity, despite having previously been convicted for misappropriating funds at another charity. The charity she most recently stole from estimated her actions had indirectly cost them more than £17,000 which could have paid for 140 nursing shifts or 70 specialist night shifts.

Clearly the consequences of insider fraud at charities are real and have a significant impact.

In both examples, it’s been the greed of single employees that has seen them commit fraud. However, there is also the threat that organised crime could be involved in orchestrating the insider fraud.

Sponsor a child trafficker

At Cifas, we often used the analogy of ‘sponsoring a child trafficker’ when someone takes part in money mule activity and allows ill-gotten funds to pass through their bank account.

However, there is also the possibility of charitable funds being abused by an insider to help fund organised crime activities, such as child trafficking. Research commissioned by Cifas, and conducted by the Royal United Services Institute, has proven the link between fraud and organised crime. Criminals will attack where they believe there is easy money to be made, and charities are no exception to this.

It should be said that instances of this are rare, but the impacts could be devastating to any charity.

Helping charities to tackle the insider threat

The insider threat can have catastrophic impacts upon charities. In addition to the financial risk, there is also a reputational risk to the charity. Examples exist where charities have lost a significant number of regular financial supporters due to reputational issues. Carrying out few checks on employees and not assessing and mitigating the threat of insider fraud could be deemed a reputational risk.

It is vital that charities have a robust process in place to protect their charity from the insider threat throughout the employee lifecycle: from the moment they submit their CV to the exiting process.

The Enhanced Internal Fraud Database is the only database in the UK that records instances of dishonest conduct by job applicants and employees in the workforce, helping employers identify potential threats to their organisation. The Enhanced Internal Fraud Database holds fraud risk data relating to internal threats, such as bribery and corruption, theft of personal and/or commercial data, customer account fraud and false applications (including fake qualifications).

Our community records subjects suspected of dishonest conduct against their organisation to the Enhanced Internal Fraud Database, enabling other members to screen job applicants and employees against this data. Relevant search results from the National Fraud Database can also be returned, providing vital signs an employee is facing hardship and so may present a risk of insider fraud.

If a match is made against an individual, the organisation can make an informed decision on how to proceed. By screening candidates against the Enhanced Internal Fraud Database, charities will be safe in the knowledge that they are not employing someone who is known to have been involved in dishonest activity.

For more information on how the Enhanced Internal Fraud Database can help #StopCharityFraud, get in touch with us.

Posted by: Tracey Carpenter

Tracey is Cifas' Insider Threat Manager


The role of the internet in the evolution of identity fraud

29 October 2021

To mark International Internet Day 2021, Cifas' Duncan McLellan explores the role the internet has played in the evolution of identity fraud. In 2020, Cifas members recorded over 185,000 instances of identity fraud, with a further 11% increase recorded in the first six months of 2021.


Return to the office – new opportunities for employee fraud?

22 July 2021

Employers have had a challenging time responding to the challenges of the pandemic. However, with the ‘re-opening’ of the country, and the end of official advice for staff to work from home, employers could face a new challenge in dishonest employees faking COVID-19 tests and vaccinations.

Back to blog home >
Posted by: Tracey Carpenter

Tracey is Cifas' Insider Threat Manager