Due diligence and fundraising

Introduction

This is a guide to help you to meet the code by carrying out due diligence. It provides examples of situations when due diligence checks are important, contains suggested good practice, and links to information and guidance provided by other organisations and regulators.

You must make sure you conduct due diligence whenever it is relevant to your fundraising activity in order to meet the code, even if it is not covered in this guide.

A list of top tips for conducting due diligence is also provided at the end to help you in your fundraising activity. You may also find it helpful to read some of our other guides together with this one, including: Documenting your fundraising decisions, and Monitoring your fundraising partners. 

Importance of due diligence

Due diligence involves carrying out proper checks to help you confirm the identity and verify the legitimacy and suitability of your donations, donors and others you work with.

It is not sufficient simply to know about due diligence or have a procedure in place. You must carry out and keep a record of your due diligence checks that are proportionate to the circumstances. This will help you make reasonable decisions and effectively manage your fundraising activity, in accordance with the code. See more in our guide Documenting your fundraising decisions.

You must act legally, openly, honestly and respectfully so that donors and the public have confidence that donations are being collected and accepted in accordance with your charitable purposes, regulation and the law.

Failing to carry out due diligence

You may not be compliant with the code if you fail to carry out proportionate due diligence checks when necessary. You may also face an increased risk of financial or reputational damage to your charitable institution and to fundraising, and in certain situations criminal liability.

Due diligence and the law

See more in the code at 1.1.1

To meet the requirements of the code, you must conduct due diligence to make sure you are not breaking the law, including when working with or accepting donations from certain sources. You must be assured that the donations you are offered or receive are not subject to restrictions, prohibitions or sanctions, such as relating to:

• Tainted donations
• Proceeds of crime
• Proscribed organisations
• Designated persons subject to UK government sanctions 

You must know what to do if your due diligence checks indicate anything suspicious. This includes reporting the matter to the police and/or other relevant authorities.

Risk management and due diligence

See more in the code at 2.1.1

To meet the requirements of the code you should assess and manage the risks associated with your fundraising activity. You should also carry out proportionate due diligence checks and make reasonable decisions based on what you find.

Sometimes charitable institutions can become exposed to wrongdoing by those seeking to exploit their fundraising activity. Charities can become targets of fraud, theft, bribery and corruption, money laundering, tax evasion, abuse, exploitation or other forms of illegality and unethical behaviour.

You should be alert to the risk of any form of inappropriate behaviour or wrongdoing and seek to reduce it by carrying out due diligence, including:

• Assessing the risks of accepting, declining or returning certain donations.
• Obtaining assurance that donations do not come from an inappropriate or illegal source.
• Assessing whether any conditions or restrictions accompanying a donation would compromise your independent and reasonable decision making.
• Assessing the risk of working with a third-party fundraiser and/or any other party you are considering entering into an agreement with, in order to carry out your fundraising activity, such as commercial suppliers.
• Obtaining assurance that your fundraising activities will not cause harm.
• Checking that those who fundraise on your behalf, for example your trustees, staff, or third-party fundraisers, do not pose a risk of harm to others, to your fundraising reputation, and to that of fundraising generally.

You should document in writing any risks you have identified, the actions you have taken to reduce or eliminate the risk to your institution and to fundraising, and any decisions you make as a consequence. 

See more in our guide to Documenting your fundraising decisions and Monitoring your fundraising partners.

Donors and donations

See more in the code at 2.2.2

The purpose of carrying out proportionate due diligence into donors and donations is to identify and verify the source and nature of a donation.

To meet the requirements of the code, you should carry out due diligence checks into the financial and reputational dealings of your donors and their donations, in proportion to the risk, before accepting.

You do not need to question every donation. Due diligence checks into small cash donors and their donations will not normally be necessary unless there are other risk factors present.

The due diligence you carry out will depend on the circumstances and context, including:

• The source, size and nature of the donation.
• How much you already know about the donor.
• The circumstances in which the donation is being made.
• Your policy on accepting and refusing donations.

You should always carry out proportionate due diligence checks when certain known risk factors are identified relating to donations, including:

• Unusual unsolicited donations, such as those that are unusually large.
• Anonymous donations or those made through an intermediary.
• Donations with unusual, unreasonable or potentially illegal conditions or restrictions.
• Donations associated with complex banking or tax arrangements.
• Time-limited donations.
• Donations in the form of loans.
• Donations from foreign sources or made in a foreign currency.
• Donations of a significantly different value than expected.
• Donations of property, particularly of significant or potentially appreciable value, such as real estate or cryptoassets.

You should document in writing the due diligence checks you conduct and the decisions you make, to show they are in the best interests of your charitable institution.

In some circumstances, you may need to report a donation to the police or other appropriate authorities and/or to your relevant charity regulator under its reporting serious incidents regime where applicable. See more in our guide to Documenting your fundraising decisions.

You should not gather more personal data than is necessary to carry out proportionate due diligence, in accordance with data protection legislation. Your privacy notice/policy should explain how and why personal data is processed in this context.

Fundraising partners and others you work with

See more in the code at 2.2.2 and section 6

Before entering into an agreement with a fundraising partner you must carry out proportionate due diligence. You may also need to conduct due diligence checks during your working relationship, particularly if you become aware of new risks.

Your checks should include, as relevant: 

• Who you are dealing with by verifying their identity, their business type, and the activities they engage in.
• Their ways of working and values.
• The appropriateness of working with them.
• What they can reasonably deliver for you, including their commercial viability.

The code requires you to have a written agreement in place with third-party fundraisers (unless they are a volunteer). The law requires you to have a written agreement in place with any professional fundraisers or commercial participators that you work with.

You should monitor the activities of third-party fundraisers and others you have entered into agreements with relating to your fundraising throughout your working relationship, in a way that is proportionate to the nature and scale of your fundraising activity. This is to remain alert to anything inappropriate, unusual or suspicious. See our guide to Monitoring your fundraising partners.

Safeguarding

See more in the code at 4.2.1, Section 5 and 6.1.1

To meet the requirements of the code, you must have and follow policies and procedures to avoid, identify and manage any risks of harm towards or by anyone. This includes those that you directly or indirectly engage with in your fundraising activity, including by carrying out a risk assessment.

You must have procedures in place to carry out due diligence checks into the suitability of people working or volunteering with you where they are likely to have access to children (anyone under 18 years old) or adults at risk. If you use a third-party fundraiser, ensure that your written agreement with them requires them to carry out appropriate checks on anyone they engage, whether employed or contracted, to fundraise on your behalf.

You must meet your legal duty to safeguard your beneficiaries and your reputation by carrying out appropriate checks on those fundraising on your behalf. Carry out a basic Disclosure and Barring Service (DBS) check in England and Wales, a Level 1 (formerly ‘basic’) Disclosure Scotland check in Scotland, and an Access NI check in Northern Ireland on anyone aged 16 years or older if your risk assessment determines it is appropriate. You should also conduct any other appropriate checks.

If the fundraising role will involve contact with children or adults at risk, consider whether it is eligible for a higher-level check but only request such a check where you are legally allowed to do so.

You and your fundraising partners must also know how to rapidly refer or report safeguarding concerns and suspected or actual incidents of harm and ensure you do so where the situation arises.

See more about risk management in our guidance on Documenting your fundraising decisions.

Fit and proper persons

See more in the code at 4.2.1, and sections 7.3 and 7.4

If you are promoting or proposing promoting a house-to-house fundraising collection(s), you must exercise due diligence to ensure that people acting as collectors are fit and proper persons to comply with relevant legislation. This is likely to include obtaining basic DBS (and/or equivalent) checks on collectors. You must be licensed by the relevant authority, where required.

You must: 

• Meet your legal duties on using the Disclosure and Barring Service, Disclosure Scotland or Access NI checks.
• In England and Wales: conduct due diligence, or ensure that your third-party fundraiser does this, to ensure that the volunteer is a fit and proper person where a volunteer will be carrying out house-to-house collections on your behalf.