Fraud: Does it really only happen to others? Amanda Francis

Fraud  Fraud is something people have great difficulty in defining but no difficulty in recognising if they come across it.  The intentional use of deception to obtain an unjust or illegal advantage.  Fraud can be extremely imaginative but will contain: –Misappropriation of assets; and/or –Manipulation or distortion of data

Where do the risks originate from?  Fraud from within the organisation;  External fraud; and  Mal-administration.

Key facts about fraud  It is increasing at an alarming rate especially through technology;  Often committed by people we know;  Results from basic control failures;  On average carries on for 3 to 4 years before it is detected; and  Can be almost impossible to detect if it involves collusion.

Trustees’ responsibilities  A legal duty to safeguard the charity’s assets;  To manage the charity’s finances and assets in a way which identifies and manages risk; and  Ensure the quality of financial reporting, by keeping adequate accounting records and preparing timely and relevant financial information

Fraud from within the charity  The trusted employee or volunteer  The forged or intercepted cheque  Online banking  The fraudulent invoice  Incoming cheques and post opening  Payroll and expense claim irregularities  Building an illusion

The golden rules  Lead from “the top” - implement routines and systems and enforce them with no exceptions;  Use common sense and management controls; and  Be wary of those who never take holidays and who operate in a chaotic or “messy” way.

Controls over banking  Authority for opening/closing accounts  Bank all receipts promptly  Cheque signatories and authority levels  Blank cheques  Custody of cheque books  Sign only after sight of supporting information  Payments online – internet banking and BACS  Encourage those paying you to do so by bank transfer not cheque (or cash)

Payroll controls  Keep complete and accurate personnel records  Segregate preparation and payment  Review of payroll prior to payment  Trustees should authorise pay rates and minute that they have done so  Pay via BACs not by cheque or cash  Formal expense policies

External fraud  The “con trick” – the begging letter or the request for help in return for financial reward.  Computer hacking, social engineering and spoof websites.  Money laundering – overseas projects and interest free loans.  Identity theft – card details and address details.  Bribery.

Minimising the risk of external fraud  Never be taken in by poorly written begging letters etc – always check out details extremely carefully;  Basic common sense IT controls;  Never accepting significant cash receipts;  Obtaining written reports of how funds sent overseas have been used;  Security of PIN numbers, removing your name and address from letters, documents etc and shredding;  Bribery policy - A quick start to the Bribery Act (Ministry of Justice website).

Reacting to fraud  Adopt a positive attitude towards protecting the charity’s assets and ensure staff handbooks etc set out the charity’s approach to the discovery of fraud;  Reports to the Charity Commission – Reporting Serious Incidents; and  Reporting to the police.

Mal-administration  Failure to obey the law – payroll operation and immigration rules.  Failure to take care – computer back-ups, insurance cover, employee references.  Take risk management and disaster recovery seriously.