Article

Developments in the charity sector

June 2019

We have highlighted a few reports and changing regulations that may have an impact on your charity. Please take some time to consider the cyber security breaches survey 2019 and consider the resources available for trustee boards to help identify and address the risks. The Charity Commission guidance for charities with a connection to a non-charity is also linked below with a summary as are the checklists for charities to assess their relationships with non-charitable subsidiaries, non-charitable founders and regular partners or funders that are non-charitable (and not a founder or subsidiary). For larger charitable companies amendments to the strategic report requirements and accounts and reports regulations may have a significant impact requiring additional thought in the content and presentation of reports.

Cyber security breaches survey 2019

The Department for Digital, Culture, Media and Sport published their annual report on cyber security breaches in April 2019. The key findings infographic summarises that while 22% of charities compared with 32% of companies identified cyber security breaches or attached in the last twelve month the average annual cost for charities that lose data or assets after breaches was £9,470 compared to £4,180 for businesses. Whilst, the survey reports a 15% increase in charities putting cyber security policies in place, this means that only 36% of charities have policies leaving almost two thirds of the sector potentially vulnerable (although ahead of businesses for which only 33% had policies in place). A separate infographic has been produced to focus on the impact on charities. This gives further detail on the results by income, looking at charities with income of under £100,000, £100,000 to £500,000 and those over £500,000. Not surprisingly more charities in the higher income band identified breaches or attacks, however all bands were recognised some cyber-attacks and breaches.

The Charity Commission updated its guidance protect your charity from fraud and cyber crime in May 2019 including in it reference to the National Cyber Security Centre’s toolkit designed to encourage essential cyber security discussions between the Board and their technical experts. The toolkit sets out a number of challenging questions for Board’s about ‘what good looks like’ in different contexts, for example, risk assessment, collaboration and developing a positive cyber security culture.

Charities with a connection to a non-charity

On 29 March 2019, following consultation in 2018, the Charity Commission published its guidance for charities with a connection to a non-charity. The guidance makes clear that the Charity Commission expects that

  • trustees will have applied this guidance to all connections they have with non-charities;
  • trustees will have addressed the risks of any connection; and
  • trustees will ensure that the charity’s resources are never used to advance non-charitable agendas and interests.

The key message is that, whilst connections with non-charities can make a positive difference for a charity’s beneficiaries, it is an area where the Commission’s casework has identified concerns. The six principles covered in the guidance are:

  • Recognise the risks
  • Do not further non-charitable purposes
  • Operate independently
  • Avoid unauthorised personal benefit and address conflicts of interest
  • Maintain your charity’s separate identity
  • Protect your charity

More information on the guidance can be found here.

Strategic report and directors’ report requirements for large charitable companies

Companies Act regulations have further developed the strategic and directors reporting requirements for large companies; and this legislation will include large charitable companies. Additional regulation reporting is required for year ends beginning on or after the 1 January 2019 and includes:

A statement in the Strategic Report of how directors have complied with their duty to have regard to the matters in section 172 (1), which are:

  1. the likely consequences of any decision in the long term,
  2. the interests of the company's employees,
  3. the need to foster the company's business relationships with suppliers, customers and others,
  4. the impact of the company's operations on the community and the environment,
  5. the desirability of the company maintaining a reputation for high standards of business conduct, and
  6. the need to act fairly as between members of the company.

A statement in the Directors’ report summarising how directors (trustees) have engaged with suppliers, customer and others in a business relationship with the charity (where this overlaps with the section 172 report this can be managed through a cross reference)

And for charitable companies with over 250 employees the employee engagement requirements are extended to include a statement in the Directors’ report summarising how directors (trustees) have engaged with employees and taken account of their interests.

Strategic report and directors’ report requirements for large charitable companies

Section 172 covers the duty to promote the success of the Company. For a company this focusses around shareholder value, for a charity, it is anticipated that the focus will be around the benefit to beneficiaries.

The statement must be available on a website. However, for the charitable companies who already make their accounts available on the charity’s website, this requirement will be met through publishing their annual report.

Large charitable companies will need to plan early to ensure they are prepared to meet the new requirements

  • There will be a much greater focus on reporting specific outcomes from engagement activities and the impact on decisions taken by the Board
  • A robust governance framework for engagement is likely to be required
  • Knowledge and capacity to conduct engagement activities may need developing
  • Engagement activities should be conducted through a range of methods and channels to capture a reliable range of feedback
  • Charites will need to develop practical actions and ways of responding to feedback

More information can be found on pages 8 to 11 of the latest briefing for listed companies linked here.

Update to Charities and trading guidance for increase in small trading tax exemption

The charities and trading guidance published by the Charity Commission was updated in June 2019 for changes to the small trading tax exemption. The new exemption limits are shown below. The full guidance can be accessed here.

Update to Charities and trading guidance for increase in small trading tax exemption

Useful information/guidance links for the above articles summarised

Cyber security

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/791940/Cyber_Security_Breaches_Survey_2019_-_Main_Report.PDF

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/791945/CSBS_2019_Infographics_-_Charities.pdf

https://www.gov.uk/guidance/protect-your-charity-from-fraud

https://www.ncsc.gov.uk/collection/board-toolkit

Charites with a connection to a non-charity

https://www.gov.uk/guidance/guidance-for-charities-with-a-connection-to-a-non-charity

https://www2.deloitte.com/uk/en/pages/charities-and-not-for-profit/articles/charity-technical-briefings-charities-with-a-connection-to-a-non-charity.html

Section 172 and other reporting updates

https://www2.deloitte.com/content/dam/Deloitte/uk/Documents/audit/uk-gib-beis-regulations-june-2018.pdf

https://www2.deloitte.com/content/dam/Deloitte/uk/Documents/audit/deloitte-uk-gib-100-guidance-october-2018.pdf

https://www2.deloitte.com/content/dam/Deloitte/uk/Documents/audit/deloitte-uk-gif-on-the-board-agenda-2019.pdf

Charities and trading

https://www.gov.uk/guidance/charities-and-trading

Did you find this useful?