Tim Rutherford looks at lessons trustees can learn from the fraudulent activity at Astonbrook Housing Association.

The report into the fraudulent activity at the Astonbrook Housing Association Ltd (charity number: 1093877) serves as a salutary reminder to trustees that they cannot simply rely upon fellow trustees or their CEO to manage the financial affairs of their charity.

The charity provided housing and support services to approximately 3,500 asylum-seekers from rented properties. It had 120 employees and five residential properties. The charity's annual income of £16m came from government agencies and city councils. Complaints were made about the charity being operated in a fraudulent manner involving sums in the region of £1.8m. As a result the CEO and two trustees have been sent to prison along with a number of employees.

The report showed that the trustees effectively delegated total day-to-day control of the charity to the CEO without putting in place any monitoring structure. The CEO was making major expenditure decisions without seeking trustees' prior approval or even reporting after the event. Many charities benefit hugely from CEOs with strong personalities who lead their charity from the front. Trustees have to remember that whilst they can delegate day-to-day management to a CEO they cannot abrogate their personal responsibility for decision-making. It is not enough to read the quarterly papers for a board meeting and assume that they cover all the key decisions.

Significant amounts of petty cash were used to provide emergency support to beneficiaries. The trustees saw the petty cash as, just that, a petty issue and failed to put in place any mechanisms for keeping control of such payments. Payments of up to £10,000 were paid to staff without any receipts. What may have seemed necessary to enable critical needs to be met, ended up as a potential bonus for employees. The trustees should have been alive to this issue and questioned why such sums were being paid, trustees should not assume that such matters are merely small scale.

The accounting irregulaties of the charity read like a watch-list for vigilant trustees:

• There were false invoices in excess of £1.8m created for fictitious companies which were used to support payments to staff, trustees and connected individuals and companies.
• Payments totalling upwards of £1m were paid through the payroll to ghost employees, many of whom were family members of the CEO, senior staff and trustees with cheques being made out to a different name to the employee.
• The charity maintained inadequate financial records.

While these examples are extreme, they are clear characteristics of the type of fraud that can be experienced by any charity. If allowed to start on a small level, they can quickly develop into a significant fraud. Trustees cannot simply rely upon the CEO or senior management to uncover such fraud. It is not even enough to delegate the responsibility for financial monitoring to a group of the charity trustees and for the rest to rely on a quick canter through the accounts at a board meeting. The trustees are all personally responsible for what happens on their watch but how many actually do go behind the reports and figures presented at board meetings to ensure that proper procedures and controls are being observed.

Whilst I do not recommend that trustees need to hide behind doors and arrive unannounced for spot checks of the petty cash, trustees clearly have to consider the extent to which they should take an active role in carrying out due diligence on the charity's financial affairs. Prudent trustees should spend some time making sure that they know how the charity's internal financial controls operate in practice, otherwise they could find themselves responsible for allowing significant fraud to go on in their name.

Tim Rutherford is a partner in the Charities Group at IBB Solicitors, specialising in risk management and fraud services for charities.