Charity fraud is a widespread issue that affects both charities and their donors. Charity fraud exploits nonprofit organisations or their donors’ personal information for financial gain.
This data can range from financial information such as bank account details to sensitive data like addresses and phone numbers. Charities are commonly targeted for fraudulent activities due to their lack of resources to help prevent cyber attacks.
They are also more vulnerable to such attacks, as their employees are often a mixture of paid staff and volunteers. This combination and a lack of resources can make charity training difficult.
As a result, charity staff can not always identify the warning signs of fraud taking place. It is also more likely for charities to lack the auditing and evaluation methods necessary to spot or prevent fraud.
In this blog post, we will examine:
- What is a charity fraud
- The different types of charity fraud
- Highlight the tactics utilised by fraudsters
- Suggest ways to minimise the risk of falling prey to these scams.
Let’s learn more about this crucial issue and what we can do to protect the integrity of charitable organisations everywhere.
What is Charity Fraud?
Charity fraud occurs when individuals or organisations mislead donors about the purpose, beneficiary, effectiveness or amount of charitable donations in order to obtain money or other resources. It is a type of white-collar crime, which is committed for financial gain and is non-violent in nature.
Types of Charity Fraud
The two types of charity fraud are:
- Internal Charity Fraud
- External Charity Fraud
Internal Charity Fraud
Internal charity fraud occurs when individuals within a charitable organisation embezzle, divert or misuse funds intended for charitable activities for personal gain.
This type of fraud can occur at any level of the organisation, and it may involve creating false invoices, forging signatures, or manipulating financial records to conceal theft. The impact of internal fraud on a charitable organisation can be significant, causing a loss of credibility and damage to its reputation.
It is important for charitable organisations to establish internal control measures and instil an ethical culture to mitigate the risks of internal fraud and insider threaths. They should also provide financial transparency to donors, maintain proper records, and monitor the use of funds.
External Charity Fraud
External charity fraud is committed by individuals or organisations outside of the charitable organisation. It may involve creating a fake charity or using the name of a legitimate charity to solicit donations from unsuspecting donors.
Other tactics employed by external fraudsters include:
telemarketing fraud
online crowdfunding fraud
External fraud can cause financial losses to donors, bring disrepute to legitimate charities and cause trauma to affected communities.
Donors should research charities before they donate, verify the legitimacy of the charity, and ensure that their contributions are being used as intended.
Charity Fraud in 2024
Charity fraud is an unfortunate crime that takes place hundreds of times every year. The Charity Fraud Report 2024 was conducted by the Accountancy firm BDO and the Fraud Advisory Panel on 100 UK-based charities.
The survey shows common methods of fraud, their impact and what actions and barriers charities can use to help organisations stay secure from instances of fraud.
The survey reported that 42% of its charity respondents were victims of fraud or attempted fraud in 2024.
Figures provided by the BDO Charity Fraud Report 2022
Most Common Examples of Charity Frauds
According to the report, the most common examples of charity fraud suffered are:
- Identity fraud
- Financial misreporting
- Bribery and/or corruption
- Payroll fraud
- Grant fraud
- Cyber (Ransomware/Data breach)
- Donation/Legacy fraud
- Authorised Push Payment fraud / Bank mandate fraud / Payment diversion fraud
- Misappropriation of cash or assets
- Fake beneficiary
- Supplier/Procurement fraud
- Expenses fraud
Let’s explore each type of fraud in more detail.
Identity Fraud
This type of fraud relies on pretending to be someone else. Criminals might steal personal details—names, addresses, National Insurance numbers, even bank account information—to pass themselves off as someone else. Sometimes they go even further, building entirely fake identities from scratch.
In the charity sector, identity fraud can take a few troubling forms:
- Pretending to be a staff member: Someone could use stolen or fabricated credentials to slip into a charity’s systems.
- Setting up a fake charity or branch: Fraudsters might create what looks like a legitimate nonprofit, complete with a website, branding, and donation channels. But behind the scenes, every penny is going straight into their own accounts rather than to a true cause.
- Impersonating a trustee or senior leader: By mimicking someone with authority, scammers can authorise payments or decisions that appear valid on the surface, but ultimately serve fraudulent ends.
Financial Misreporting
This kind of fraud happens when someone deliberately distorts a charity’s financial records to paint a false picture of how the organisation is doing. The reasons behind it are different, from hiding other frauds to bending numbers to secure funding
This type of fraud is about misusing power for personal gain. It can show up in different ways, but it usually falls into two overlapping categories:
- Bribery: This involves offering or accepting something valuable, money, gifts, favours, to sway someone’s decisions.
- Corruption: A broader term that covers a range of unethical behaviour where someone uses their position for personal benefit. That could mean a trustee steering contracts toward a company they secretly own, or an employee quietly pocketing kickbacks from vendors.
Payroll Fraud
This specifically targets the process of paying employees. It involves manipulating the payroll system to make fraudulent payments. Some of the most common tactics include:
- Faking timesheets
- Ghost employees
- Inflated salaries
- Made-up overtime
Grant Fraud
Grants are vital for many charities, but that also makes them a target for fraud. Grant fraud happens when someone lies to secure funding or misuses it once it’s been awarded. It can take place at any stage of the grant process.
Cyber Fraud
Cyber fraud comes in many forms, but two of the most damaging for charities are ransomware attacks and data breaches. Both can have serious damaging effects on your charity operations and erode public trust.
- Ransomware:
This involves malicious software that locks a charity out of its own systems. Files are encrypted, and a ransom is demanded, usually in cryptocurrency, in exchange for the decryption key. - Data Breach:
A data breach happens when someone gains unauthorised access to sensitive information and then steals it. That could include donor records, beneficiary details, employee data, financial accounts, or proprietary materials.
Donation and Legacy Fraud
This type of fraud exploits the goodwill of donors. It might involve someone inside the charity stealing donations, redirecting online payments to personal accounts, or intercepting cheques.
In other cases, donors are misled about how their money will be used. Fraudsters may also tamper with legacy instructions in wills or impersonate a charity to collect fake donations.
Authorised Push Payment, Bank Mandate & Payment Diversion Fraud
These are clever scams built on manipulation. A fraudster convinces someone, often through a realistic email, call, or message, to send money to what seems like a trusted recipient.
Misappropriation of Cash or Assets
This is internal theft, plain and simple. It includes pocketing donations from events or collections, stealing charity-owned equipment, or using resources—like vehicles or tools—for personal use. Sometimes, staff may even sell charity assets or donated goods and keep the money. These actions chip away at resources meant to support the charity’s mission.
Fake Beneficiary Fraud
This scheme involves inventing people who don’t exist, or misrepresenting real ones, to divert charity funds or resources. Fraudsters might create fake service users, inflate the number of beneficiaries reported, or exaggerate the needs of actual recipients to justify extra payments.
Supplier and Procurement Fraud
Procurement fraud happens when the process of buying goods or services is manipulated, often in partnership with outside suppliers. Common tactics include fake or inflated invoices, charging for work that was never done, and steering contracts toward companies with hidden personal connections.
Bid rigging is another red flag, where suppliers collude to ensure one of them wins at an unfair price. Whether it’s through backroom deals or rigged paperwork, the charity ends up paying more or getting nothing at all.
Expenses Fraud
This type of fraud involves dishonest expense claims made by staff or volunteers. It could be as simple as claiming a trip that never happened, padding a legitimate cost, or buying something personal and disguising it as work-related.
Even small amounts, if repeated, can add up quickly and undermine trust in the organisation.
Charity Frauds in 2024 and Beyond
The BDO Charity Fraud Report 2024 reveals that fraud remains a major concern for UK charities, with 42% reporting incidents or attempted fraud in 2024, a figure largely unchanged from the previous year (43%). But there are some little signs of progress.
Financial impacts seem to have decreased. Fewer charities experienced direct financial loss this year, 84% of those affected, down from 92% in 2023. Non-financial consequences like staff morale and reputational damage also showed signs of improvement.
While internal fraud, particularly the misappropriation of cash or assets, continues to be the most common concern (affecting 40% of charities), staff expenses fraud saw a notable decrease from 35% to 29%. On the other hand, external threats, led by Authorised Push Payment (APP), bank mandate, and payment diversion fraud, remained steady at 33%.
It’s encouraging to see that there was a significant increase in charities taking action; 52% reported fraud to the police in 2024, up from 37%, and fewer charities took no action (down to 12% from 21%).
How to Protect Your Charity From Fraud
Overall, the report indicates growing awareness and better response mechanisms, even as insider and cyber-enabled frauds remain persistent threats.
This is why you should make sure your charity improves its cybersecurity posture, including performing regular cyber audits, choosing the right cyber insurance, legacy technology as well as cyber security training for staff. The software and staff will then be better placed to detect cyber attacks and fraud.
Making sure your charity staff and volunteers are aware of the growing cyber threats and how to spot them is crucial. This will help reduce the number of cyber attackers committing fraudulent activity towards your organisation.
Key Takeaways on Charity Fraud Examples
In conclusion, charity fraud is a serious issue that has far-reaching consequences for an organisation’s online accountancy.
Charity fraud can cause significant financial losses, damage to reputation and harm to communities. Charitable organisations must establish internal controls, provide financial transparency, and implement anti-fraud measures to detect and prevent fraud.
Ultimately, charity fraud is a complex issue that requires collaboration from all stakeholders to be effectively addressed.
Do you want to find out how to improve your charity’s current cyber security landscape?
