The basic principles
Trustees should proactively safeguard and promote the welfare of their charity’s beneficiaries. They must take reasonable steps to ensure that these beneficiaries or others who come into contact with their charity do not, as a result, come to harm. This should be a key governance priority.
Trustees are required to act exclusively in the best interests of their charity and have a duty to act responsibly and with reasonable care and skill.
They must make sure that their charity’s assets are used only to support or carry out the charity’s purposes. This includes avoiding exposing the charity’s assets, beneficiaries or reputation to undue risk, and taking clear and reasonable steps to protect its beneficiaries from harm. Trustees should also be clear how incidents and allegations will be handled should they arise.
On occasion charities may be targeted by people who abuse their position and privileges to gain access to vulnerable people or their records for inappropriate or illegal purposes. Trustees must be alert to this risk and the need to manage it. Protecting children and adults from the risk of radicalisation should also be seen as part of this wider safeguarding responsibility.
Charities that fund other organisations, including overseas partners, whose activities involve contact with children or adults at risk, should carry out appropriate due diligence on the recipient body. Trustees should be confident that the partner is capable of delivering the proposed activities or services and has in place appropriate systems of control, including adequate safeguarding policies and procedures.
Trustees who act in breach of their legal duties can be held responsible for the resulting consequences and for any loss the charity incurs. When the Commission looks into cases of potential breach of trust or duty or other misconduct or mismanagement, it may take account of any evidence that the trustees have exposed the charity, its assets, or its beneficiaries to harm or undue risk by not following good safeguarding practice.
Supporting trustees with safeguarding
Charity law duties:
The main duties of trustees and what they need to do to carry these out competently are set out in detail in the Commission’s guidance The essential trustee: what you need to know, what you need to do. This also explains in detail what is meant by ‘must and should’ with respect to trustee duties.
•‘must’ means something is a legal or regulatory requirement or duty that trustees must comply with
•‘should’ means something is good practice that the Commission expects trustees to follow and apply to their charity
Following the good practice specified in the Commission’s guidance will help trustees to run their charity effectively, avoid difficulties and comply with their legal duties. Charities vary in terms of their size and activities. Trustees should therefore consider and decide how best to apply this good practice to their charity’s circumstances. The Commission expects trustees to be able to explain and justify their approach, particularly if they decide not to follow its good practice guidance.
In some cases trustees will be unable to comply with their legal duties if they don’t follow the good practice.
Good practice in recruiting trustees and staff
There are legal restrictions on who can be a trustee, which are set out in the Commission’s guidance Finding new trustees (CC30). There are also other legal restrictions in safeguarding legislation on who can be involved in working with children and adults at risk. This is a complex area that continues to change and be affected by new legislation and regulations. It’s therefore vital that trustees have effective systems in place so that their charity fully complies with any legal rules which apply.
Charities have a responsibility to make sure that trustees, employees and volunteers are suitable to work with children and adults at risk; that they obtain appropriate checks from the DBS; and that they are legally able to act in these positions. Charities should obtain and verify the original certificate of any DBS Checks.
A trustee will be eligible for an enhanced DBS check without a check of the Barred Lists if the charity is either:
•a children’s charity where workers for the charity are normally engaged in regulated activity1 with children
•a charity whose workers normally provide certain activities for adults who are in receipt of certain services (known as ‘work with adults’) as explained in the DBS adults workforce guidance (see the Annex on page 5 onwards)
If the charity does not meet the criteria above, trustees should consider obtaining a basic check from the DBS if, in their risk assessment it’s proportionate to do so, for example, because of the type of work which the charity undertakes, its area of operation or size.
Additionally, trustees who themselves carry out work with children or adults may also fall within the scope of regulated activity2, in which case they will be eligible to undergo DBS Enhanced checks including a check of the relevant Barred Lists.
Charities whose activities involve regular contact with children or adults at risk should always obtain a DBS Check on relevant staff (employees and volunteers) before they take up position. Depending on the role, the position may be eligible for an Enhanced DBS Check or an Enhanced DBS Check that also includes a check against the Children’s Barred List and/or the Adults’ Barred List. Find out more about the DBS eligibility guidance.
Children’s charities should follow the DBS Child Workforce guidance when deciding whether a role is eligible for any level of DBS check. The Department for Education has produced guidance on what is regulated activity with children (which allows for an Enhanced DBS check with a check of the Children’s Barred List).
Adults’ charities should follow the DBS Adult Workforce guidance, paying particular attention to the Annex on page 5 which explains that roles will be eligible for an Enhanced level check only if the adults are in receipt of certain services and the post holder is providing certain activities. The Department of Health and Social Care has produced guidance on what is regulated activity with adults (which allows for an Enhanced DBS check with a check of the Adults Barred List).
If a charity’s workers are in regulated activity with either children or adults, this means that the charity is a regulated activity provider (RAP), which brings obligations under the Safeguarding Vulnerable Groups Act 2016, for example a duty to refer to the DBS when an employer or organisation believes a person has caused harm or poses a future risk of harm to vulnerable groups, including children. Trustees should also report this (and any other abuse or alleged abuse) as a serious incident to the Commission.
The Commission recommends that charities always obtain a DBS Check when the role is eligible as it’s an important tool in ensuring that a person is suitable to act. Charities should also make other checks – for example references and checking any work history gaps – as part of a robust recruitment process.
When an organisation applies to register as a charity, its trustees are required to declare that they have carried out all trustee eligibility checks the law requires and on the basis of those checks are satisfied that the people acting as trustees are both eligible and suitable to act. The Commission checks information provided in the application for charity registration, including any statements about working with vulnerable groups. We may also refer charities for further monitoring after registration.
An employer or volunteer manager is breaking the law if they knowingly employ someone in a role from which they are barred.
Responding to allegations and safeguarding incidents
To comply with their legal duties, trustees must react responsibly to reports of safeguarding risks and incidents of abuse and take steps to make sure they and the people working in the charity know how to deal with these. This includes having adequate systems in place to:
•manage initial reports
•identify and manage risk, including where necessary making reports to and liaising with the police, social services and other agencies, including the Charity Commission as a serious incident report3 , whilst ensuring that they don’t undermine the work of investigating authorities by leading potential witnesses or contaminating evidence
•record and store reports securely and in accordance with relevant legislation
In summary, trustees should make a serious incident report to the Commission if:
•beneficiaries have been, or are alleged to have been, abused or mistreated while under the care of the charity, or by someone connected with the charity, for example a trustee, staff member or volunteer
•there has been an incident where someone has been abused or mistreated (alleged or actual) and this is connected with the activities of the charity
•there has been a breach of procedures or policies at the charity which has put beneficiaries at risk, including a failure to carry out checks which would have identified that a person is disqualified under safeguarding legislation, from working with children or adults
Trustees must also manage and minimise the risk of further incidents happening as far as this is reasonably possible, by making any necessary changes to policies, procedures and work practices.
The contents and detail of a charity’s safeguarding policy will depend on the charity’s activities and the level of risk. This risk will be higher where activities involving children or vulnerable adults are central to the charity’s core purposes and services, or take place frequently. Where the risks are higher, trustees will need to do more to fulfil their legal duties and make sure their policy is adequate within the context of their operations. The policy should always include requirements for trustees, staff and volunteers to learn about protection issues in accordance with the relevant statutory guidance and within the context of their own roles and responsibilities.4
In all cases the Commission expects that, as a minimum, policies are agreed by trustees; are regularly updated; reflect statutory guidance and national and local practice; and are supported by an implementation plan. The policy should be publically available, to provide reassurance and to enable constructive feedback from beneficiaries and other stakeholders.
Some charities will also be subject to a duty under section 26 of the Counter-Terrorism and Security Act 2015 to have ‘due regard to the need to prevent people from being drawn into terrorism’. This duty is known as the Prevent duty and it applies to ‘specified authorities’ that are described in Schedule 6 of the Act.
Not every charity is a ‘specified authority’. However, some charities, for example educational charities, are ‘specified authorities’ and therefore subject to the Prevent duty.
Trustees of charities that are specified authorities should make sure that they are familiar with the government’s statutory guidance on the Prevent duty and (where appropriate) any supplementary guidance produced by relevant authorities, such as the Department for Education’s advice for school and childcare providers or the Higher Education Funding Council for England (HEFCE)’s guidance on how it monitors higher education institutions’ compliance with the Prevent duty.
While the Commission does not directly oversee or monitor compliance with the Prevent duty itself, as with all legal requirements, trustees of specified authorities must make sure that their charities comply. If a charity were identified as failing to comply, the Commission may need to engage, either with other relevant authorities, or directly with the charity, to address any underlying governance problems and ensure future compliance.
Even if a charity is not a ‘specified authority’ itself, it may enter into contracts or work with bodies - such as local councils or health and social care providers - that are bound by the Prevent duty. These organisations may place contractual or other obligations on charities which relate to those authorities’ own compliance with the duty.
Trustees must be aware of these obligations in addition to their broader responsibilities to prevent their charities from being abused for extremist purposes and make sure that these are factored into their charity’s risk assessments, policies and procedures.
•For children, regulated activity comprises unsupervised activities (such as teaching or training) or working for a limited range of establishments with the opportunity for contact. It’s a criminal offence for a barred person to seek to work, or work in, activities from which they are barred. It’s also a criminal offence for employers or voluntary organisations to knowingly employ a barred person in regulated activity. Guidance about regulated activity with children is published by the Department for Education.
•The definition of regulated activity for adults identifies those activities provided to any adult, which, if the adult requires them, will mean that they will be considered vulnerable at that particular time. Information about regulated activity with adults is available from the Department of Health and Social Care.
•For detailed information see the Commission’s guidance How to report a serious incident in your charity.
•These protection issues may include, but are not limited to: harm; physical or sexual abuse including sexual exploitation; negligent treatment; emotional abuse; commercial exploitation; extremism; forced marriage; child trafficking; and female genital mutilation.