Across all industries, digital trust is paramount. Whether you’re a large, established institution like a bank or a small grassroots not-for-profit, you are a potential target to cybercriminals and consumers are becoming more aware that all business transactions carry some risk.
Our recent Digital Trust Survey found that to increase digital trust, businesses need to address and clearly communicate the security and safety implications of a transaction. When requesting personal information or one’s digital identity, 27% said their trust in an organisation is most likely to increase if they can demonstrate clear safety protocols on their website such as multi-factor identification steps.
As cruel as it seems, cybersecurity incidents in the not-for-profit sector are increasingly common and sophisticated. Recent attacks against Anglicare Sydney, UnitingCare Queensland, and Oxfam Australia, are just a few examples. Despite this, recent research by PwC highlights that in-house cybersecurity skills are not being prioritised, reflecting a dire need for charities to cost-effectively invest in technology that can prevent and protect them against the latest threats. This makes charities, NGOs and NFPs even more susceptible to fraud and financial crime and, therefore, at risk of reputational damage and stolen donations and funding.
In line with Charity Fraud Awareness Week, Carol Chris, Regional General Manager of Australia and New Zealand at GBG wrote a piece for Pro Bono Magazine discussing Financial Crime 4.0 and the processes and policies NFPs, charities and NGOs can put in place to help minimise risk and the likelihood of financial crime from occurring.
“While the pandemic and subsequent regulations have changed the world and driven mass digital adoption, fraudsters have also refined their approaches. Digital transformation across the board has completely changed the dynamics between business risk and financial crime. The rise in losses from fraud, data breaches and reports of incidents of non-compliance are indicative of Financial Crime 4.0 – the continuous evolution in digital fraud and identity theft, which unfortunately significantly impacts the NFP and charity sector,” wrote Carol.
As outlined in Carol’s piece, there are the four critical steps the third sector needs to take in order to minimise security threats and protect themselves and their donors.
The first is conducting a risk assessment to gain visibility of vulnerabilities. Organisations should collaborate with staff from all functions to determine the key risk areas and their likely impact if the risks do eventuate. This puts an organisation in a better position to develop and implement a prevention and mitigation strategy to minimise the impact of high risk factors. Secondly, strict internal controls are needed to manage any incidents of internal fraud committed by someone within the NFP. Internal controls for charities can be in the form of providing different levels of access to makers and checkers, setting up a committee for cross accountability when authorising the movement of funds, and ensuring an audit trail is maintained to show the review of documents. There should also be regular reconciling of the charity’s bank statements against its accounts, to identify any suspicious or unusual expenses.
Importantly, it is best practice for any organisation of any size to develop a comprehensive fraud prevention policy. The fraud policy should include a clear definition of fraud along with a few examples of what may be deemed as fraudulent activity. It should also include the overall responsibility of management, instructions and procedures to prevent, detect and deal with fraud, including processes regarding whistleblowers.
Lastly, educating and regularly sharing examples of fraud, identity theft, and cybersecurity threats with all internal stakeholders will help to heighten awareness and mitigate the risk of fraud.
To read Carol Chris’s full article on Pro Bono Magazine visit https://probonoaustralia.com.au/news/2021/10/australian-charities-need-to-get-better-at-mitigating-fraud-risks/
To find out more about GBG’s Digital Trust Survey of more than 1,000 Australian consumers, visit https://www.gbgplc.com/apac/news/being-large-and-reputable-is-not-enough-to-increase-digital-trust/
To find out more about GBG’s fraud detection solutions, visit https://www.gbgplc.com/apac/fraud-compliance-management/
Hear from us when we launch new research, guides and reports.