Tips for charities to help manage risk and reduce claims
The risks charities can be exposed to depends a lot on the size of the organisation, how complex the organisation is, and how it is funded.
There are also external factors that can influence risk, some of which are beyond control of the charity and can merely be prepared for in advance, or reacted to after the fact, such as changes in the economic climate, legislative changes, technology changes, environmental issues, and of course human involvement.
Why is risk management important for charities?
Risk management is important for all organisations and is a key part of effective governance for charities of all sizes.
Through effective risk management, charity trustees can help to ensure the following:
- Significant risks are identified and closely monitored to enable trustees to make informed decisions and take correct and timely courses of action.
- The charity is able to make the most of opportunities, knowing that the risks involved will be well managed.
- Strategic planning is continually updated and improved.
- The charity’s goals are achieved more easily and with minimal disruption.
The Charity Commission recommends that charitable organisations have risk management policy in place so they can effectively identify, monitor and manage the potential risks.
What should a charity’s risk management statement include?
Charities with annual incomes of £500,000 or more should include a risk management statement in their trustees’ annual report (1).
The risk management statement should include:
- Acknowledgement of the trustees’ responsibility for identifying, assessing, and managing the risks.
- An overview of the charity’s process for identifying risks, including details of any major risks that have been identified, and reviewed/assessed.
- Explanation of the processes and systems the charity has put in place to manage risks.
What are the common risks that charities can face?
When charities consider their risks they must ask whether or not they can continue to meet the needs of their beneficiaries, both now and in the future.
- Public liability – including accidents and injuries to members of the public and/or accidental damage to another person’s property.
- Employee claims in the event of an accident or illness.
- Risk of damage to the charity’s reputation – this could come in the form of human error, such as a misjudgment of a situation, or a dishonest act.
- Financial risks – including shortage of donations, misappropriation of monies, inappropriate investments, shortage of employees and volunteers, and the rising costs to hire community halls, heat rooms, and run vehicles.
- Changes to government legislation.
Explaining the risk management process for charities
No matter how careful you are, there will always be the potential risk of accidents. Therefore, no organisation should seek to eliminate risk altogether, but should seek to better understand the potential for risk and the potential impact of various risks.
The creation and management of a risk register can help to briefly explain the risks, their potential impact, and more importantly… explain the actions that need to be taken to manage the risk and who is responsible for those actions.
At the very least, charity committee meetings could include risks as an agenda point to be discussed.
Charity risk assessments
A risk assessment is the process of considering the risks associated with any given activity or event in advance. From the risk assessment, plans are put into place to minimise, mitigate, and even nullify the risk and its potential consequences.
Typically, the things to consider include:
- What is the hazard?
- Who is at risk from the hazard?
- Are there any control measures already in place?
- What control measures should be implemented?
- What is the severity of the risk (including the likelihood of the hazard’s occurrence and the adequacy of the control measures)
- What, if any, further precautions might need to be put in place?
It is very important that all staff and volunteers involved in the charity event understand the risk assessment and know how to implement the actions identified.
From the risk assessment, a risk register can begin to be populated so staff and volunteers know who is responsible for dealing with each risk occurrence.
Charity risk register
A risk register is a risk management tool, which also helps to fulfill regulatory compliance requirements, and acts as a repository for all identified risks, including any helpful information such as the nature of the risk, measures for management and mitigation, and who is responsible for the risk. It is commonly displayed as a table or as a scatterplot diagram. (2)
An example of a risk register could be:
Ref no. |
Risk |
Probability |
Consequences |
Impact |
Risk Score |
Control/s |
Owner |
Action When |
Monitoring |
Unique identifier for each risk |
Risk description and causes |
Agreed score to indicate probability of risk occurrence |
Summary of the potential impacts of the risk |
Agreed score to indicate impact of the risk |
Total of Probability and Impact scores |
Actions for which the risk owner is responsible – Prevent, Control, Reduce, Mitigate. |
Person/s responsible for monitoring and managing the risk and for the mitigation measures. |
Immediacy of required action for each risk. |
How to monitor the ongoing risk and who will monitor it. |
Risk 1 |
|
|
|
|
|
|
|
|
|
Risk 2 |
|
|
|
|
|
|
|
|
|
Tips to minimise a charity’s exposure to potential risks
There are many risks that charities face daily. The most obvious risks are to employees and volunteers and to charity shop customers and third-party suppliers, such as couriers, financial advisers and accountants, legal professionals, and other visitors to a charity’s premises.
Accidents can cause injury claims from employees and/or third-parties which can be expensive if a charity organisation is not adequately insured.
Ensuring any trip hazards (such as steps) are clearly marked will help to mitigate any accidents, whilst carrying adequate public liability insurance for charities will ensure any legal costs that may arise from a third-party claim for an accident can be covered without too much financial impact on the charity itself.
If an employee or volunteer has an accident whilst working for the charity, then they could claim for lost income and medical fees as a result. In this instance, employers’ liability insurance for charities would respond to cover a claim and the associated damages, such as fees for medical treatment.
Charity risks that are arguably less obvious to the general public but more relevant to those within the charity organisation include:
• Governance risks
• Operational risks
• Financial risks
• External risks
• Compliance and regulatory risks
• Reputational risks
For this article we will highlight one potential risk example for each of these, its potential impact on the charity, and what steps can be taken to mitigate the risk.
Charity governance risk example: |
||
Potential risk |
Potential impact |
How to mitigate the risk |
Conflicts of interest |
|
|
Charity operation risk example: |
||
Potential risk |
Potential impact |
How to mitigate the risk |
Fundraising |
|
|
Charity financial risk example: |
||
Potential risk |
Potential impact |
How to mitigate the risk |
Fraud or financial error |
|
|
External risk example: |
||
Potential risk |
Potential impact |
How to mitigate the risk |
Adverse publicity |
|
|
Compliance risk (law and legislation) example: |
||
Potential risk |
Potential impact |
How to mitigate the risk |
Compliance with legislation and regulations appropriate to the activities, size, and structure of the charity |
|
|
Reputational risk example: |
||
Potential risk |
Potential impact |
How to mitigate the risk |
Hiring staff and volunteers to work with potentially vulnerable children or adults. |
|
|
Who is responsible for a charity’s risk management?
Overall responsibility for the smooth running of a charitable organisation rest with its trustees. The trustees’ involvement in the charity’s risk management is vital for determining the charity’s risk appetite, for accountability of the effective risk management of the charity, and for ensuring the charity is compliant with legislation.
It is the responsibility of the trustees to ensure the processes involved in risk management are implemented using a diagram such as the one below, can help when determining the severity of risk and the timescale for action.
Mitigating a charity’s risk exposure with insurance
- Charity public liability insurance (PL) – Public liability insurance will cover legal costs and damages should your charity be accused of damaging a customers’ property or be alleged to have caused an accident to a member of the public.
- Employers’ liability insurance (EL) – This policy is a compulsory insurance requirement under the Employers’ Liability Act (1969) and it is a criminal offence not to carry cover if you employ staff. The legal minimum level of employers’ liability insurance you must carry is £5million. The policy covers legal fees and the cost of compensation awarded to an employee who suffers an injury or illness that they have sustained working for you.
It is important to be aware that you can be fined £2,500 for each day you are not adequately insured. On top of this, you can be fined £1,000 if you do not display your employers’ liability insurance certificate, or if you refuse to make your EL certificate available to inspectors when they ask to see it. (3) - Professional indemnity insurance (PI) – Professional indemnity insurance covers your legal costs and expenses in defending a claim, and any compensation or costs that may subsequently be awarded, following:
- Professional negligence - such as making a mistake in a piece of work for a client or giving them poor advice.
- Unintentional breach of confidentiality - such as sharing sensitive client information without permission.
- Unintentional breach of copyright - such as using an image on your website without permission.
- Defamation and libel - such as making false comments about a competitor or client that damages their reputation.
- Loss of documents or data.
- Loss of money or goods (for which you are responsible). - Trustee indemnity insurance – Trustee indemnity insurance can cover your legal fees, expenses and any damages awarded against you following an allegation of negligence in the running of the charity – giving you the peace of mind that your personal finances will not be at risk if a claim is made against you.
Our insurance for trustees provides cover for: - Your legal liability as a governor, director, council member, officer or trustee of the organisation.
- The defence of any legal action seeking your disqualification as a director.
- Any investigations you are requested to attend.
- Extradition proceedings (including appeals).
- Fidelity insurance (PI) – Fidelity insurance can protect your charity, club or community group against fraud, theft or dishonesty by volunteers or employees. Common examples include fabricating invoices, false expense claims, petty cash theft and stealing collection tins.
Our fidelity insurance pays for losses you incur because of:
• Loss of money or goods arising from the dishonest or fraudulent acts of your employees.
• Loss of property or funds through third party computer fraud or fraudulent transfer instructions. - Office insurance – Office insurance is designed to protect your business against unexpected events concerning your workplace. This can include cover for damage to the structure of your building, as well as protection against the loss of or damage to your office equipment. Anything from a fire or flood to a break-in could result in thousands of pounds worth of damage.
We offer a range of different types of cover, including buildings and contents insurance, business equipment cover and business interruption insurance, to comprehensively protect your property against a multitude of risks.
Arranging the right insurance for your charity is important, and without speaking to a specialist it can be a complicated process. At Markel Direct we have a wealth of experience of providing cover for charities and other not-for-profit organisations.
Click the ‘Get a quote now’ button today to get a quick quote for your charity insurance.
Sources:
1. https://www.gov.uk/government/publications/charities-and-risk-management-cc26/charities-and-risk-management-cc26
2. https://en.wikipedia.org/wiki/Risk_register
3. https://www.gov.uk/employers-liability-insurance
https://www.raffingers.co.uk/hub/news/managing-risk-for-charities-the-basics https://www.legislation.gov.uk/uksi/2008/629/contents/made
Guidance pdf: Charities and risk management (CC26) https://www.gov.uk/government/publications/charity-reporting-and-accounting-the-essentials-november-2016-cc15d https://www.gov.uk/government/publications/charities-and-risk-management-cc26/charities-and-risk-management-cc26 https://www.almondtreeconsulting.co.uk/blog/risk-management https://www.ncvo.org.uk/help-and-guidance/involving-volunteers/recruiting-and-welcoming-volunteers/writing-a-volunteer-agreement/
Need some help?
0800 640 6600
Mon - Fri 08:30 - 17:30
Local rate and mobile friendly
Support