Insider fraud in charities: too few controls, too much trust?

Research just published by the Charity Commission has highlighted particular problems that may be found in charities which are vulnerable to insider fraud. 

Too few controls

A review of a sample of cases relating to twenty charities that had either reported insider fraud to the Commission, or where information suggested to the Commission that the charity was at increased risk of such fraud, made clear that in all but one case absence of appropriate controls was the main enabling factor.

This contrasts with research by the Commission published in 2016 on fraud, in which it found that controls to prevent fraud (or swiftly to identify it) were not consistently applied, although they were in place.

Whatever the reason for this change, the message for charity trustees is that they need to make sure their charity has both put appropriate controls, policies and procedures in place, and that these are consistently applied.

Internal controls should also be reviewed regularly, to ensure they are still appropriate.

Too much trust

The responses of a further 54 charities to a Commission call for information supported the Commission’s conclusion from its review of cases that lack of controls and the failure consistently to apply controls can be a significant factor contributing to the occurrence of insider fraud, but also suggested that a major problem is the placing of too much trust in, or responsibility on, one individual.

Charities need to avoid this kind of situation. It should never be the case, for example, that only one person has unsupervised control over the charity’s finances – or even a charity’s bank account, which should normally have two signatories.

In smaller charities, where limited numbers of trustees, staff and volunteers may make it harder to segregate duties, sufficient checks still need to be put in place.

And, in all cases, all trustees should have unrestricted access to financial information, so that those responsible for dealing with the charity’s funds can be held to account.

Culture and people

The research also identified the need for trustees to ingrain a counter fraud culture in their charity, so that people feel that they can challenge decisions, or raise concerns they may have, about fraud.

They also need to make sure they have the “right people” in place to protect the charity from fraud. The research suggests this should include:

  • Carrying out the appropriate employment checks on new employees, with such checks being proportionate to the level of fraud risk for their posts.
  • In medium and larger charities, perhaps giving a particular trustee specific counter fraud responsibility, and appropriate training, to provide the charity with greater ability to manage the risk of fraud at Board level.
  • In larger charities, or those with high numbers of financial transactions, the trustees may wish to consider the use of a dedicated counter fraud resource to be proportionate, if the risk of fraud is significant.

Reporting fraud

Finally, perhaps the most worrying finding contained in the new Commission research is that, of the 54 charities that responded to the Commission call for information and had suffered a fraud:

The need for charity trustees correctly to report fraud, both to Action Fraud or the police and to the Commission, is something of which every charity trustee should be aware.

Our content explained

Every piece of content we create is correct on the date it’s published but please don’t rely on it as legal advice. If you’d like to speak to us about your own legal requirements, please contact one of our expert lawyers.


Mills & Reeve Sites navigation
A tabbed collection of Mills & Reeve sites.
My Mills & Reeve navigation
Subscribe to, or manage your My Mills & Reeve account.
My M&R


Register for My M&R to stay up-to-date with legal news and events, create brochures and bookmark pages.

Existing clients

Log in to your client extranet for free matter information, know-how and documents.


Mills & Reeve system for employees.