The Impact of COVID-19 on Charities and New Guidance on Cybercrime Prevention
21 May 2020
The Charities Regulatory Authority recently published its “Survey Report on the Impact of Coronavirus (Covid-19) on Charities”. This followed its publication of its new guidance document “Protecting your charity from cybercrime”.
Key takeaways from the Report
The survey was emailed to all registered charities and was live for 13 days from 1 April to 13 April. Overall, 2,223 responses were received and these formed the basis of the Report. The key issues facing charities at this time are:
1.Impact on services
67.8% of respondents reported that their services have been restricted by the impact of COVID-19, with many forced into temporary closure, while 18.37% reported that their services were largely unaffected. The remaining 13.83% reported that their charities were at the front line of the response to COVID-19. Of particular concern was that 53.86% reported that their charity would be unable to carry on their services for more than six months if the COVID-19 crisis continued. This is an alarming statistic and one to which everyone in the charities sector hopes the government and the public will respond to offer further assistance.
In a welcome finding, 89.22% of respondents reported that they are seeking to ensure adherence to their regulatory requirements with the CRA. A reminder to charities that the CRA has extended the deadline for annual reports due between 12 March and 29 June to 30 June.
The Report also indicates that charities have adapted well to using technology to conduct business during the COVID-19 crisis. 39.27% of respondents have reported that their charities have utilised teleconferencing and other electronic means to conduct meetings and 33.91% have communicated via email. Virtual meetings have become the norm for all of us, charities included. Charities should always consult their governing instrument to check if virtual meetings are permissible for both meetings of charity trustees, and of members (to include AGMs and EGMs). If governing documents require amendment, we suggest that charities should take advice. A reminder too that the CRA must be informed of all changes to a governing instrument at this time.
Of some concern is that 15.82% reported that they have left the chairperson or a nominated person to run the charity. Charity trustees are collectively responsible for discharging their duties and they should note that they risk personal liability in some circumstances for neglecting these duties. Regular communication, collaboration and burden sharing is particularly important at this time.
The Report notes that a number of respondents requested leeway with respect to deadlines for the Charities Governance Code (the Governance Code) which should be implemented by charities in 2020 and reported on by charities in 2021. The Report stresses the importance of standards of good governance being maintained by charities, noting that this is especially important during a time of crisis. At present, there is no derogation from implementation of the Governance Code. We would be happy to advise you further if your organisation needs assistance in implementing the Governance Code.
44.88% of respondents reported that they saw their charity’s financial situation as “reasonably secure”. The majority however reported difficulties as follows:
31.66% - financial situation “uncertain”
13.59% - reliant on new funding streams
9.87% - financial situation “in difficulty”
Respondents overwhelmingly reported that their fundraising plans for 2020 had been negatively affected with 90.31% reporting that their plans for 2020 had been cancelled or postponed. Charities’ fundraising efforts have largely moved online and as we note below, this comes with its own risks. Concerns were also raised about eligibility for the State subsidy schemes and obligations to pay rent and insurance when their offices were closed. Last week, we looked at some of the government supports available to charities. There is still time to apply for these and further rounds will follow. Please contact a member of our Charities & Not For Profit team if your organisation needs advice on eligibility for State schemes or other financial obligations. Early engagement and intervention is key.
Guidance on protecting your charity from cybercrime
This guidance provides practical advice to charities to ensure that they are protected against cybercrime. The guidance is particularly timely as cybercrime tends to become more prevalent at times of crisis, and we have seen examples of this in other sectors since the COVID-19 outbreak. A key pillar of the Governance Code is Exercising Control and it is advisable to conduct regular risk assessments in relation to your charity. The CRA has produced a template risk register as part of its Toolkit. Be sure to add this as an agenda item to the next meeting of your charity trustees if you have not already considered it.
The CRA recommends charities take the following measures to minimise the risk of cybercrime attacks:
Ensure devices have the latest software installed and have anti-virus software installed and up-to-date
Set strong passwords – use special characters and update passwords on a regular basis
Keep regular backups of data
Be aware of the threat of phishing – think before you click on that link!
Disable network sharing and folder/file sharing – charities should invest in secure systems for storage and sharing of information
Train your charity trustees, staff and volunteers on these risks
Take extra steps to protect personal data, which is subject to the General Data Protection Regulation
Report any suspicious activity to An Garda Síochána
While it is clear that many charities are experiencing difficulties during this challenging period, the CRA has highlighted the importance of maintaining standards of good governance throughout the crisis. Charities should continue to work on implementing the Governance Code as it is a tool which will assist charity trustees in carrying out their duties and navigating a way forward to deliver their services in furtherance of their charitable purpose.
The guidance for protecting your charity from cybercrime is a welcome reminder for charities to ensure that their IT practices and procedures are up-to-date and in line with best practice.
If you would like any further details on the above, please contact our Charities & Not-for-Profit team.
The content of this article is provided for information purposes only and does not constitute legal or other advice.