Nobody knows how much fraud might be taking place in the charity sector, according to Simon Dukes, chief executive of the anti-fraud membership association Cifas.
Speaking at the Charity Finance Group's risk and fraud conference in London yesterday, Dukes said fraud both "exists and is significant" in the sector, although it is unclear how much actually occurs.
He said: "Nobody knows how much fraud there is in the UK. Anyone who says they do is lying. And nobody knows how much fraud there is in the charity sector either."
Dukes, who was previously deputy director of the Centre for the Protection of National Infrastructure and was responsible for cyber security, said it was crucial that all organisations, including charities, reported fraud either to Action Fraud or through secure industry bodies, such as the CFG or Cifas.
Only 315 cases of fraud in the charity sector were reported to Cifas last year, compared with more than 1,000 cases reported every day across the UK, Dukes said, making reporting rates in the charity sector "seem a little bit low".
He said: "Because we have no idea how much fraud there is in the UK, we have to start reporting it so we can start measuring it. Only then will we know if we are actually being successful in preventing it."
Despite this, Dukes denied that the charity sector was more or less vulnerable that other types of organisation or company.
"No organisation is immune from fraud, and charities are no more or less vulnerable to fraud than any other organisation," he said. "There are certainly things that affect charities that might not affect other organisations, but ultimately when it comes to vulnerability I would say that charities are no more or less vulnerable to fraud than any other organisation.
"You can be one of the best-defended companies, you can be extremely well tuned-in to how to defend yourself from fraud and still be a victim."
Dukes said there were five specific vulnerabilities in the charity sector, including certain points when a charity was naturally more susceptible to fraud, such as when they received a large grant or donation, outsourced services, hired a new chief executive or finance officer or recruited large numbers of staff or volunteers.
Invoice fraud, identity theft after a data breach, grant-making organisations and insider fraud were also highlighted as significant issues for the sector.
Dukes said that all organisations "are susceptible to insider fraud in some way, whether malicious or unwitting", and insider frauds cost the affected organisation on average 14 per cent more than what the fraudster took. Dukes said this rose to more than 200 per cent higher costs for frauds under £25,000.