In February 2026, BDO in conjunction with the Fraud Advisory Panel, published the Charity Fraud Report 2025 following the Charity Fraud Awareness Week held in December 2025. The report, titled Charity fraud report 2025 – A five‑year review, provides a comprehensive analysis of fraud trends affecting charities over the period 2021 to 2025.
Unlike previous editions, this year’s report looks beyond a single year and instead analyses five years of data, offering valuable insight into how fraud risks are evolving and how charities are responding.
Key insights from the report:
The report highlights a number of important themes for charity trustees, management and staff, including:
- Fraud remains a significant and ongoing risk – while reported fraud levels in 2025 were the lowest in five years per the survey, over a third of charities still experienced fraud or attempted fraud.
- Internal and external threats are evenly balanced – respondents continued to report a mix of internal and external fraud indicating fraud is as likely to be perpetrated by insiders (staff, volunteers or trustees) as by external parties, reinforcing the need for strong internal controls and oversight.
- Misappropriation of cash or assets and payment diversion fraud remain the most common types of fraud experienced by charities.
- Non‑financial impacts are increasing, charities are reporting higher levels of reputational damage, loss of morale and supplier issues following fraud incidents.
- Cyber‑enabled fraud continues to be viewed as the greatest future risk, particularly phishing, ransomware and issues caused by AI, even where actual reported incidents remain lower than perceived risk.
- Fraud prevention activity is improving, most charities had risk registers that include fraud, whistleblowing policies and conflicts of interest policies in place, however fewer than half had a formal fraud or cyber response plan.
- Awareness of the Economic Crime and Corporate Transparency Act (ECCTA) increased, with many charities taking steps to review fraud risk assessments, policies and training in response to the new “failure to prevent fraud” offence.
PEM’s view
The report reinforces an important message for the charity and not‑for‑profit sector: fraud is not a sign of failure, but failing to prepare for fraud is a governance risk.
Every charity, regardless of size, structure or mission, is susceptible to fraud and cybercrime. While it is encouraging to see a reduction in reported fraud and greater awareness across the sector, the report also highlights that fraud continues to have significant financial, reputational and operational consequences when it does occur.
From our perspective, charities should consider the following key takeaways:
- Fraud risk should be embedded into governance, not treated as a one‑off compliance exercise. Regular fraud risk assessments and board‑level oversight are key.
- Internal controls and culture matter as much as external threats. Over‑reliance on trust continues to be cited as a key barrier to fraud prevention.
- Training and awareness are essential. As fraud techniques become more sophisticated and harder to detect the importance of training increases. Staff, volunteers and trustees all play a role in prevention and early detection.
- Response planning is often overlooked. Having a clear fraud and cyber response plan can significantly reduce damage, confusion and stress if an incident occurs.
- Cyber risk and data protection cannot be separated from fraud risk, particularly with the increasing use of digital platforms, online fundraising and remote working.
For trustees and senior management, the report is a timely reminder that proportionate investment in fraud prevention and awareness ultimately protects charitable funds, people and public trust.
Next steps
The Fraud Advisory Panel website hosts a wide range of practical resources, including guidance notes, insight articles and on‑demand webinars, available at: Resources – Prevent Charity Fraud
At PEM, we also provide a range of charity‑focused resources, articles and guidance to help organisations strengthen governance, risk management and internal controls, including fraud awareness and prevention.
If you would like to discuss how the findings of the report relate to your organisation, or would like support reviewing your fraud risk framework, please contact us.
Please note that this content is not intended to give specific technical advice. It is designed to highlight some of the key changes rather than provide an exhaustive explanation of the topics. Professional advice should always be sought before action is either taken or refrained from as a result of information contained herein.
