The Regulator for Charities in England and Wales
This guidance is aimed principally at small and medium-sized charities and answers the questions we are most often asked by charities about electronic banking.
Much of the guidance is concerned with best practice advice on electronic banking. Section 5 deals with the legal power needed to adopt electronic banking This part of the guidance does not apply to charitable companies. However, the best practice advice applies to all charities using electronic banking, regardless of their legal structure.
"e" – a prefix meaning "electronic" as in, for example, e-mail, e-banking or e-commerce.
BACS (Banks Automated Clearing System) – This is an electronic payment system allowing funds to be moved between bank accounts electronically. For instance, in a charity this may be used to pay staff on the payroll and to pay suppliers.
PC – Personal computer
Governing document – means any document that sets out the charity’s purposes and, usually, how it is to be administered. It may be a trust deed, a constitution, memorandum and articles of association, rules, conveyance, will, Royal Charter, Scheme of the Commissioners or, in relation to an appeal, the published terms of the appeal inviting donations.
Trustees – means charity trustees. Charity trustees are the people who are responsible for the general control and management of the administration of the charity. In the charity’s governing document they may be called trustees, managing trustees, committee members, governors or directors, or they may be referred to by some other title.
The term "electronic banking" or "e-banking" covers both computer and telephone banking. Using computer banking, a charity’s computer either dials directly into its bank's computer or gains access to the bank’s computer over the internet. Using telephone banking, the charity controls its bank accounts by giving the bank instructions over the telephone. Both computer and telephone banking involve the use of passwords which give access to the charity’s accounts.
Using these methods, banking transactions can be actioned 24 hours a day. Computer banking allows a charity, for instance, to view recent transactions, print out statements and transfer funds between accounts and make payments. Many banks also have the facility for a charity to set up, amend or cancel standing orders. Electronic banking also allows payments to be made to the charity, i.e. acceptance of credit card donations. Most charities that use electronic banking will also continue to use some of the elements of more traditional methods of banking, such as a chequebook.
Electronic banking services differ between the different banks and building societies. If trustees decide that they want to use electronic banking then they should shop around for the most suitable package for their charity.
With changing bank technology more and more charities are likely to consider moving away from paper based banking methods; many charities have already done so. Broadly speaking our view is that the trustees of a charity will be justified in deciding to use electronic banking if:
It is important that any decision to adopt electronic banking be made with the benefits and advantages to the charity in mind. It is not right to move to electronic banking just because it seems fashionable or because the charity’s bank wants it to change (the motive for this might be to help the bank to reduce its own costs, rather than to provide a better service for the charity).
With electronic banking we would expect the same level of internal financial controls as we would with the more traditional forms of banking. There should continue to be clear segregation of duties to prevent any single person from being able to control substantial resources or obtaining unauthorised access to information; and there should be proper approval at, or delegated from, trustee level for movements and payments from bank accounts. Further advice on internal financial controls can be found in our publication CC8.
Electronic banking services are used increasingly by small and large organisations all over the world. Organisations and banks have a vested interest in making sure that electronic banking is as secure as possible.
Banks have a password system for both computer and telephone banking. With telephone banking all telephone calls are recorded, so checks can be made if there are queries about a transaction. Care has to be taken by a charity to ensure that only trusted people have access to the passwords.
Systems can operate hierarchical passwords so that some people are given "read only" access (i.e. the ability to read information but not to change it or add to it), while others may be able to suggest changes which then need to be activated by a supervisor.
Some banks or building societies will offer arrangements where two or more people each have to enter their own password or personal number before transactions are effected. Some banks allow larger organisations to purchase a plastic card reader: when a payment or transfer has to be made each official can swipe their card (connected to their PC) and then enter a personal number to release the payment. In this way, one official cannot effect a transaction without other officials being made aware of it and being required to authorise it. Some banks have plans to bring in systems that involve electronic signatures or other advanced identification systems.
Whatever arrangements a charity uses, the trustees should prevent any one individual from being able to control significant resources.
The Trustee Act 2000 gives trustees the power to delegate specified functions. One of these is the function of carrying out decisions that the trustees have taken.
Trustees can establish whatever banking arrangements they consider appropriate, subject to the proper level of financial controls, to carry out their decisions. These arrangements can include an account which is operated electronically. In their instructions to the bank or building society the trustees should clearly identify the scope of the authority of the person or persons who the trustees have authorised to operate the account. The trustees should continue to monitor and review the arrangements and remain free to cancel or amend the arrangements or authorise others to operate the account for them.
The powers conferred by the Trustee Act 2000 apply to unincorporated charities but not to charitable companies. The powers which the Act confers are in addition to any powers conferred on the trustees by the charity’s governing document. Trustees are not allowed to make use of the powers in the Trustee Act if the charity’s governing document specifically prohibits the use of electronic banking or restricts trustees to conventional banking arrangements. If the governing document of a charity contains such a prohibition or restriction, trustees should approach us for advice on amending their governing document.
A bank will usually ask a charity or its trustees to give the bank an indemnity before it agrees to provide an electronic banking service. The indemnity will typically say that the charity or its trustees agree to cover the bank for all costs and losses it sustains arising from use of the electronic banking facility (except where the costs or losses have come about because of the bank’s own error or negligence).
We recognise that most banks or building societies will not offer electronic banking to a charity unless the charity or its trustees agree to give this type of indemnity.
However, charity trustees need to give careful consideration as to whether or not to give such an indemnity. The reason why the banks seek an indemnity is because the risks of misuse of the account are greater in the case of electronic banking than in the case of conventional banking. The indemnity will have the effect of relieving the bank from responsibilities to which it would have been subject had the account been a conventionally operated trust account.
Under conventional banking arrangements, a bank would have to make good a loss to the charity if it debited the charity’s account on the basis of a cheque or other written instruction which had been forged - unless the bank could show that the trustees had, by their negligence, facilitated the forgery. In electronic banking arrangements, the effect of the indemnity would be that the bank would only have to make good a loss caused by an unauthorised instruction if the trustees could show that the bank had been negligent.
Whilst under conventional banking arrangements a bank can be liable to make good a loss to a charity’s account if it gives effect to an instruction from the trustees which it knows or should have known involved a breach of trust, under electronic banking arrangements the indemnity would relieve the bank of this sort of responsibility.
No system of controls, however elaborate, can guarantee that a charity will be totally protected against abuse. Trustees often express concern about the extent of their personal liability in the event of any loss to the charity through misappropriation or misapplication of funds. Having sufficiently rigorous controls provides not only the protection for the charity property but also the best defence against a charge of failing to protect the charity’s funds and thereby being in breach of trust. If funds are lost through trustees neglecting their duty of care they could be held personally liable to repay to the charity the funds lost. However, reasonable internal financial controls will reduce the risks associated with electronic banking and hence the risk of a claim being made under an indemnity.