The Charity Commission has urged charities to review their financial controls to avoid falling foul of mandate fraud, in which people or organisations are persuaded to change direct debits or standing orders to bank accounts controlled by fraudsters.
The regulator issued a notice today saying it had become aware of mandate fraud attempts in which the fraudster had been able to use the email address of a regular contact at a legitimate organisation to deceive charities into changing their bank details.
This type of fraud can also involve the fraudster impersonating an organisation by using direct mail, using headed paper and a company logo to lend credibility to the attempt.
The commission said it recommended that trustees and charity professionals familiarise themselves with the Metropolitan Police’s mandate fraud advice and ensure that the charity has sound authorisation and monitoring procedures in place for changing bank details and managing payments.
The regulator said that any request to change bank account details was an unusual occurrence and should be treated with suspicion.
Its advice on how to avoid falling foul of such attempts included checking all requests for a change of bank details using contact information held separately by the charity and by being suspicious of any such requests until independently verified.
Michelle Russell, director of investigations, monitoring and enforcement at the Charity Commission, said the cases the regulator heard about increasingly involved cunning tactics by fraudsters to gain the trust of their victims.
"At the heart of charity is trust, but when it comes to control of charity finances it’s crucial that vigilance and caution are the key watchwords," she said.
"It is also a timely reminder for trustees and senior charity staff to reflect on how fraud-aware their employees and volunteers are, and to review their charity’s financial controls."