Charities consider cyber-enabled fraud, including phishing, to be the biggest risk facing the sector in the next 12 months. But data from BDO’s Charity Fraud Report: A Five-Year Review (2021 to 2025) showed that human-centred fraud risks remain the most prevalent.
“Despite improvements in fraud awareness and fraud prevention among charities over the last five years, over half (52%) expect the threat of fraud to increase in 2026,” a news release said.
About a third (34%) of charities reported incidents of fraud or attempted fraud in the last year (down from 42% in 2024). And, of those affected by fraud, 73% experienced a financial loss, a decline from 92% in 2023 and 84% in 2024.
A disconnect exists between perceived and actual fraud experiences. While charities view cyber-enabled fraud as the biggest threat, that type of fraud ranks eighth in occurrences (11% in 2025 vs. 22% in 2024, and 35% in 2023) — falling further behind more traditional fraud threats.
The most common types of fraud reported last year were internal (misappropriation of cash or assets) and external (payment diversion fraud, also known as APP, or authorised push payment, fraud), 34% and 27%, respectively — down from 40% and 33%, respectively, the prior year, the report said.
Insider fraud remains the biggest challenge facing charities, the release said. Thirty-eight per cent of perpetrators in 2025 were insiders within the charity. However, the report added, while insiders make up the largest group of perpetrators, this is the lowest level of insider fraud recorded in the survey’s five-year history.
BDO surveyed over 160 leaders from UK charities.
Trust is a double-edged sword for charities, the report noted. Respondents surveyed cited a lack of internal resources (48% vs 45% in 2024) and an overreliance on trust (45%, an 8-percentage point increase from 2024, but down from 57% in 2023) as the main barriers to fraud prevention.
With funds and resources stretched, most charities (93%) said they encountered at least one barrier to effective fraud prevention in their organisation last year, and 38% said they faced three or more barriers that hindered robust prevention strategies.
“A balanced strategy addressing both current and emerging threats is crucial,” the report said. “Bridging the gap between perceived and actual risks will enable charities to refine their fraud-prevention strategies more effectively.”
Internal controls (57%) remain the most common means of detecting fraud, the report said. Overall, 77% of respondents said their charity’s financial investment in fraud prevention increased or stayed the same (down 3 percentage points since 2024), but 20% said they do not financially invest in fraud prevention (down 2 percentage points since 2024).
— To comment on this article or to suggest an idea for another article, contact Steph Brown at Stephanie.Brown@aicpa-cima.com.
