JFSC examination theme - how NPOs can mitigate the risk of funds being diverted

JFSC examination theme - how NPOs can mitigate the risk of funds being diverted

20 March 2024 | Nicola Crowell

JFSC examination theme - how NPOs can mitigate the risk of funds being diverted

The Jersey Financial Services Commission (“JFSC”) has announced that the theme for its examinations of prescribed non profit organisations (“NPOs”) in 2024 is diversion mitigation.

To assist prescribed NPOs in assessing relevant controls in preparation for these examinations, we’ve set out some thoughts as to how they can mitigate the risk of their funds being diverted to terrorist or other criminal organisations and comply with the requirements of the Non-Profit Organisations (Prescribed NPOs – Additional Obligations) (Jersey) Order 2022 (“the Order”) and the JFSC Handbook.


Diversion is defined in the 2021 National Risk Assessment (the “NRA”) of NPOs as “transactions by a NPO representative or external parties such as partners that diverge funds away from the NPO’s legitimately intended purposes to a terrorist or terrorist organisation for them to benefit from, directly or indirectly.”

The JFSC’s Handbook gives some examples of diversion as:

  • terrorists posing as legitimate NPO beneficiaries to benefit from NPO programmes, such as receiving NPO funds; and
  • terrorists appearing to act as ordinary associate NPOs, at the same time as abusing NPO resources by diverting NPO funds to support their activities.

The risk of funds being diverted to terrorist or criminal organisations is, of course, a critical concern for NPOs operating in today's global environment. Indeed, it has been described as one of the dominant forms of abuse of NPOs.

The JFSC’s selection of this as a theme for its examinations is further supported by the fact that, as reported in the NRA, responses to a questionnaire sent to 228 NPOs (selected due to the jurisdictions in which they operated) found that:

  • Only 30 of the NPOs had some form of safeguards in place for funds being distributed abroad, with only six having implemented specific anti-diversion procedures;
  • Only 10 NPOs provided their teams with anti-diversion training - eight as part of induction training and four on an annual basis;
  • The larger NPOs that operated in conflict and disaster zones advised that they had screening systems in place but this was not a common feature. 17 NPOs undertook automated sanctions screening and 15 NPOs did so manually;
  • 20 NPOs did not have any controls in place to ensure that their Partners were only undertaking work in accordance with the NPO’s expectations and agreements. Only 11 NPOs had contractual agreements in place regulating such matters and only four NPOs undertook unannounced field validation spot checks.

Relevant controls

The boards and key persons of prescribed NPOs may therefore wish to consider the below points and, importantly, ensure that the relevant controls are fully documented so that the NPO can demonstrate the effectiveness of the controls to the JFSC or any other enquiring party.

Assess Exposure to Terrorist Financing Risks, Including Diversion Risk

NPOs should assess their exposure of being used to assist terrorism, or the financing of terrorists, and must define and document their approach to diversion risk in a risk appetite statement, keeping this record up-to-date in a risk register.

Section 17.2 of the JFSC Handbook provides useful guidance, noting that “diversion risk may increase where a NPO:

  • does not properly invest in its terrorist financing risk control framework on grounds of cost;
  • is too focused on assisting NPO beneficiaries at the expense of accountability or effective risk management;
  • has a high-risk appetite and a low level of terrorist financing risk controls;
  • takes the view that if no incidents are reported, or that the diverted value is small, the risk of terrorist financing abuse is negligible. It is worth reflecting that even when utilising small amounts, a bad actor can cause great harm. For example, the cost of assembling a dangerous homemade explosive device can require only a relatively small amount of funds.”

The Handbook also explains the potential impact of transfer risk, being the risk that diversion will take place where funds are transferred to associate NPOs (the NPOs with which the prescribed NPO collaborates or works jointly in carrying out its activities and projects). Associate NPOs may have valuable local knowledge and relationships which can provide additional information and control and hence reduce terrorist risk. However, there is a risk that some associate NPOs may not have strong financial controls and so may inadvertently finance terrorist activities. Even worse, an associate NPO could be sympathetic to, infiltrated by, or under the control of, terrorist elements.

As a result, it is essential that prescribed NPOs conduct robust due diligence on their associate NPOs and other counterparties, particularly where there is also a connection to a high risk jurisdiction.

Prescribed NPOs should also assess and record the risks presented by their programmes. The Handbook helpfully provides guidance on relevant risk factors which should be considered in such risk assessments.

Maintain a Culture of Integrity and Ethical Conduct

NPOs should work to foster a culture of integrity, transparency and ethical conduct within the organisation. The board and senior management should lead by example in upholding ethical standards and promoting a zero-tolerance approach to corruption, fraud, or illicit activities.

This can be demonstrated in practical ways such as board members asking about risks when considering the NPO’s programmes and even something as simple as board members attending relevant training sessions.

Adopt Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) Controls

Prescribed NPOs should implement AML/CFT controls to prevent illicit funds from entering or being laundered through the organisation. These controls should include conducting risk assessments, monitoring transactions, verifying the source of funds and reporting suspicious activities to relevant authorities.

AML/CFT controls should also include clear due diligence policies and procedures for NPOs to vet donors, partners and beneficiaries, including screening for potential links to terrorism, money laundering or other criminal activities. There are reputable databases, watchlists and screening tools available to help NPOs identify high-risk individuals or entities but useful information can also be generated from a search of open source information, including that published on the internet.

Where appropriate, prescribed NPOs should obtain due diligence evidence, following a risk-based approach, on donors, partners and beneficiaries to ensure their legitimacy and credibility. This may include verifying their identities, backgrounds and intentions before accepting donations or entering into partnerships.

These controls should enable prescribed NPOs to comply with relevant provisions of the Order that they keep records of significant donors and take reasonable steps to identify, obtain information on, and confirm that its associate NPOs and beneficiaries are not assisting, or being used to assist, terrorist activities.

Strengthen Financial Controls and Oversight

A NPO’s financial controls are key in ensuring transparency, accountability and integrity in the management and use of funds and the Order requires that Prescribed NPOs have appropriate systems and controls to ensure that NPOs fully account for their funds and prepare annual financial statements. NPOs should implement a segregation of duties with regular audits and internal financial controls and oversight to detect and prevent financial misconduct or misappropriation.

These controls should extend to monitoring the use of funds by projects carried out by the NPO and by other NPOs with which the NPO collaborates or works jointly. As the JFSC Handbook rightly notes, “ceding control of funds does not cede responsibility for their destination. Associate NPO selection, due diligence and oversight forms a crucial part of responsible NPO activity.”

Monitor and Evaluate Effectiveness of Controls

As well as maintaining robust financial controls, NPOs should regularly monitor and evaluate the effectiveness of their risk mitigation measures and controls – for example by conducting periodic reviews, assessments, and audits to identify areas for improvement and address emerging risks proactively.

The findings of this monitoring should be reported to the NPO’s board, along with recommendations for any enhancements to controls. These enhancement tasks should be logged and then monitored to completion.

Educate Staff and Volunteers

NPOs should provide training and awareness programs for relevant staff, volunteers and board members on the risks of terrorist financing and financial crime. The training should equip them with the knowledge and skills to identify red flags, report suspicious activities and adhere to the NPO’s procedures, including those designed to prevent and detect the diversion of funds.

Promote Ethical Fundraising Practices

In order to avoid soliciting funds from dubious sources, NPOs should adopt ethical fundraising practices to maintain the integrity of their fundraising activities. They should ensure compliance with applicable laws, regulations and ethical guidelines governing fundraising, donor engagement and solicitation and may wish to go further to mitigate relevant risks by imposing policies which, for example, prohibit or restrict any activity in certain jurisdictions or preclude the payment or receipt of funds using methods which fall outside the formal banking system, such as Hawala, mobile money, preloaded cards or virtual assets.

Engage in Collaboration and Information Sharing

There can be great benefit for an NPO in collaborating with other NPOs (particularly those with similar activities or operating in the same jurisdictions), government agencies, law enforcement, and financial institutions to share information, intelligence and best practices for combating terrorist financing and financial crime. If possible, NPOs should participate in relevant networks, forums and initiatives to exchange insights and coordinate responses.

Other useful sources of information include guidance published by the UK Charities Commission (Charities: due diligence, monitoring and verifying the end use of charitable funds - GOV.UK (www.gov.uk) and Charities and risk management (CC26) (publishing.service.gov.uk)) and guidance published by the Financial Action Task Force (Best Practices on Combating the Abuse of Non-Profit Organisations (fatf-gafi.org))


By implementing these measures and adopting a risk-based approach to managing funds, NPOs can strengthen their resilience against the risk of funds being diverted to terrorist or criminal organisations while fulfilling their mission to serve their communities and advance their causes.

If you work at an NPO and would like to understand more about this area, please get in touch.

Contact Us

5 Anley Street, St Helier, Jersey, Channel Islands, JE2 3QE