David Loxton

Jul 25, 2019, 8:00 AM

New Fundraising Code of Practice – Good news, and a helpful reminder

The Fundraising Regulator has released a new Code of Practice that takes effect in October 2019. It is a big step forward in bringing together the existing Code and rule books into one, better written and better organised document.

Finding what you want in the existing Code and rulebooks is a bit like the Isla de Muerta in Pirates of the Caribbean – ‘a place that cannot be found except by those who already know where it is’.

With three parts and fifteen chapters, the new Code is still a hefty document, but everything is now brought together in one text. Its three parts cover:

  • standards that apply to all fundraising
  • standards that apply to working with others
  • standards that apply to specific fundraising methods

There are still a few areas where you need to move back and forth between sections to capture all the relevant points, but these are generally well signposted and the ‘Crystal Mark’ standard of writing makes it easier to follow, especially for those with less experience of fundraising jargon.

But whilst the launch of the new Code provides a better resource, it may also be a helpful reminder to make sure that our fundraising teams have engaged fully with the Fundraising Code and for that matter, the needs of GDPR.

There can be a tempting assumption in our sector to feel that, as we are ‘good people’ doing ‘good things’, we’re probably getting our fundraising processes right and therefore our supporters are bound to understand our communications and be prepared to overlook any of our limitations. Combine this with the ever-present work pressure on staff and volunteers, and it’s easy to see any appraisal of fundraising regulation compliance slip down the agenda. To some extent, the same (false) optimism can apply to our response to GDPR - although the imperatives of a new law and more active regulator have probably goaded us into a more organised response.

But assumptions that we are ‘the Goodies’ and that our supporters adore us with a ‘love that asks no questions’ can make us complacent. We live in a society that is more aware of individuals’ rights on fairness, privacy and use of personal data. Ours is also a society that makes fewer assumptions on respect for established institutions such as government, church or charity. So whilst our work does generally command respect, both supporters and the media are interested in how we fundraise and what we do with their data.

So what should you do next, if you don’t feel confident that your charity has done enough to address fundraising compliance and/or GDPR?

Auditing your fundraising process

You need to audit the ‘journeys’ that your supporters take in their relationship with your organisation - from the point where you first capture their data, through all the operational steps you want them to follow. Does each process support the standards set out in the Fundraising Code of Practice, and follow data protection principles?

Tips to remember:

  • supporters don’t always follow the journey that you planned for them. Think about the different routes they could take – for example through old webpages and forms.
  • the people you are recruiting for an activity now, might also be an ideal audience for different activities later. Are you getting the right consent, or creating the right expectations, for future communications?

Changing culture

Getting this right isn’t just about processes - your organisational culture needs to encompass acceptance of and enthusiasm for treating supporters and their data as you would expect any organisation to treat you. Without this, good process will stagger under the weight of other priorities.

You need to think about: 

  • leadership - both formal and informal
  • linking any necessary changes to success in delivering other strategic goals
  • creating a shared understanding of the standards required

How are you going to do it?

There are resources available to help you from:

  • The Fundraising Regulator
  • The Information Commissioner – charity specific resources
  • The Chartered Institute of Fundraising – has guidance for member and non-members

But if fixing a problem were just about knowing where to find the instructions – life would simple! You may need some additional support to overcome a shortage of management time or current staff experience. Action Planning can help in a number of different ways to suit your requirements. For example:

  • We can provide a structure and support for a scoping exercise to identify the relevant areas of regulation specific to your activities, and build a checklist for review.
  • We can work with your team to carry out an audit, identifying gaps in compliance with the Code of Practice and/or GDPR, and developing an action plan to address any gaps, providing expertise in any areas that you don’t have available in-house.
  • We can facilitate internal training sessions for trustees, senior staff, or all staff, to increase awareness and understanding of the implications of the Fundraising Code of Practice and the key practice changes brought in by GDPR.


David Loxton MBE MBA MInstF is an experienced fundraiser and senior manager with over twenty-five years in the sector behind him. He recently re-joined the Action Planning team after three years as Director of Fundraising & Marketing at Spinal Injuries Association, a period that saw the launch of the Fundraising Regulator and GDPR. 

In his previous period at Action Planning he delivered training on both fundraising regulation and data protection, and worked with a wide range of clients including the British Paralympic Association, Royal College of Surgeons, Mission Without Borders International and regional YMCAs.


For more information on the new fundraising code, contact us now

Contact Us