The Charity Commission has released guidance to help trustees protect their charities from fraud and cyber-crime.

The move comes after the regulator opened 603 cases relating to fraud and a further 99 cases relating to cyber-crime over the past 12 months.

According to the charity watchdog, phishing is the most common type of cyber-enabled fraud experienced by charities.

The organisation’s fraud guide explains what to do if fraud or attempted fraud is discovered at a charity, provides tips on how organisations can reduce its risk, and explains the importance of having internal financial controls and ongoing education to establish an internal culture of fraud and cyber-crime awareness.

The guide, which has been developed with the support of the National Cyber Security Centre and their Small Charity Guide, also contains links to several free online training modules designed for charities of all sizes.

As fraud is underreported in the sector, the regulator urged charities to report all fraud attempts, including those that fail, to provide a more accurate picture of how it is affecting the industry.

Mazeda Alam, head of guidance & practice at the Charity Commission, said that it is every trustee’s responsibility to ensure they have done all they reasonably can to protect their charity from harm.

“Protecting your charity from fraud and cyber-crime can understandably seem daunting, but there are many small, inexpensive steps charities can take to reduce the risk of any potential internal or external fraudster being successful,” he added. “Introducing a simple measure such as having dual authorisation for all financial transactions can help avoid these issues arising – which are often opportunistic.”

The new guide replaces previous guidance from the Commission, which it says is more concise and easier to use.

---