Skip to article navigation Skip to content

A page refresh occures when a subject is selected.

Skip article navigation.

Risk management and security

Our work is conducted in dangerous and difficult circumstances - and this poses a number of serious safety and security threats to children and staff. These risks also have the potential to impact on our programme delivery and strategy as well as our fundraising ambitions.

Efforts to address these risks see management teams at our Amsterdam and branch offices play a leading role. In addition, risk management is a standing topic on the agenda of all Audit Committee and Supervisory Board meetings. 

Our risk management framework

Wherever we work we identify, rate and - where possible - mitigate all potential risks to our operations. Our risk management framework groups risk into 10 main categories with a defined risk ‘owner’ and risk ‘appetite’ for each category. The framework was approved by management and the Supervisory Board in the first quarter of 2022. Through updated policies and procedures and the implementation of a centralised reporting system, it will be further operationalised in the years to come.

Our risk mitigation is based on three key defence mechanisms put into by place by our subject matter experts:

Speak up! procedure

Our Speak Up! Procedure was developed with input from both international child rights organisations and sector benchmarks. The year saw colleagues across the organisation make a conscious effort to raise awareness of this vital integrity mechanism. See below for a more in-depth overview of our full Integrity Framework.

Internal Audit

In 2022, the Audit Committee approved a revised risk-based internal audit approach. The approach supports an integrated way of working between the different assurance providers within War Child with the aim to increase efficiencies and audit coverage. In turn, this assures internal control effectiveness and oversight across the programme offices.

External Audit

On request of the donor or in compliance with local statutory requirements, War Child projects are frequently subject to external audits. On average, at least 30% of institutional grants are subject to audits spread across our programme areas. They also provide valuable recommendations for further improvement of our internal control environment.

Our integrity framework

Complementary to our Risk Management Framework - and important to mention here - is our Integrity Framework and related policies. The four policies that make up the framework are designed to uphold the safety and fundamental rights of everyone who takes part in our activities. They are as follows:

  • War Child Code of Conduct

  • Child Safeguarding Policy

  • Anti-Fraud and Anti-Corruption (AFAC) Policy

  • Speak Up! Procedure

Our War Child Code of Conduct is a mandatory document that anyone who represents War Child in any capacity must read and sign before entering into collaboration. Any breach of the Code of Conduct will result in appropriate disciplinary action - and this was no exception in 2022.

As we moved towards a shared way of working, we also entered into closer collaboration with War Child UK aligning our separate integrity frameworks and making revisions where needed. Overall, this was a highly transformative process which resulted in several new and stand-alone policies including a Whistleblower Protection Policy and a Policy for the Prevention of Sexual Exploitation, Abuse and Harassment.

What were the main risks in 2022?

Financial Risks

War Child is exposed to a variety of financial risks - including risks related to grant funding, liquidity and foreign currency exchange. A robust system of internal controls is in place to reduce any such risks and is further set out in our Finance and Accounting Policy. War Child's policy is to denominate its contractual obligations as much as possible in the same currency as the donor's currency and to hold bank balances in the donor currency, so that the net foreign currency exposure is limited. War Child does not hedge its forecasted foreign currency exposure. War Child does not apply nor trade in financial derivatives, such as interest rate swaps, forward exchange contracts or options to control its risks.

The year saw large fluctuations in exchange rates especially between the Euro and US Dollar. Most of our unrestricted income is realised in euros while a large part of our unrestricted expenses are incurred in US Dollar and equivalents. As a result, we had to be cautious with year-end spending and longer-term commitments.

War Child’s operations are sustainable regarding reserve and cash balances as well as secured funding for the year 2023 and beyond. This means that War Child has no liquidity concerns and there are no significant doubts about its ability to continue as a going concern.

The general reserve is formed from the surplus of reserves above the target level for the continuity reserve. War Child will spend its general reserve to the benefit of children affected by war in accordance with its objectives. A higher than usual general reserve is maintained at the end of 2022 to cover potentially unforeseen transition expenses related to the War Child Alliance.

War Child does not invest in bonds, shares and/or other publicly traded financial assets. War Child holds it liquidity in cash and deposits only.

Financial reporting

Our financial reporting requires us to make estimates in the areas of the valuation of legacies to be received, the amount of provisions, and cost allocations between fundraising and awareness raising.

Legacies are accounted for as soon as the amount of income for War Child can be reliably estimated, based on a fixed valuation methodology. Provisions concern mostly obligations that can be reliably estimated, but with uncertain payment dates.

War Child’s events and activities for public engagement in the Netherlands may have a fundraising as well as an awareness raising component. The cost allocation percentages are consistently determined and applied in consecutive periods. If percentages change year on year, management justifies this based on a changed nature of the activities.


Maintaining the security and safety of our staff and all who participate in our programmes requires continuous efforts by our country teams. Analysis of our working context and associated risks informs our way of working - seeing us adapt our safety measures as and when needed to allow us to bring fast, quality aid to those in need.

The resurgence of rebel group M23 in North Kivu, DR Congo, an Ebola outbreak in Uganda and the war in Ukraine are examples of the risks that emerged in 2022 when responding to the needs of children worldwide.

In addition to our routine security risk management practices and associated challenges, our preparedness to respond to crisis situations was tested to the max during a simulated scenario conducted by an independent auditor.

Fraud and Corruption

Fraud and corruption pose a significant threat to our organisation - not only in financial terms but also with regard to our reputation and credibility. War Child continuously updates and strengthens its mechanisms to combat fraud - and 2022 was no exception.

Risks in this area remained high due to the fragile governance contexts in which we operate in. Our internal control systems, awareness-raising and Speak Up! Channels were an effective means by which to detect fraud concerns and minimise risks. Reported incidents were fully investigated and key stakeholders including whistle-blowers, donors, the Audit Committee and the International Management Team received regular updates on the outcomes as well as resulting mitigation measures and learnings. A root cause analysis of previous incidents was also conducted in 2022 to address underlying issues and minimise recurrence.

Cyber Security

In 2022, no major cyber security or data risk incidents occurred. In general, inherent risk levels remained high due to ongoing geo-political tensions with the biggest threat observed in phishing mails and ransomware attacks. A cyber incident response plan and cyber security assessment have been undertaken to continuously monitor and address this risk.

Local law and regulations

We are operational in over 10 countries in Africa, the Middle East and Europe, requiring us to comply with a variety of different legal frameworks. We mitigate these risks - including environmental and tax legislation - through thorough self-assessments. We conduct these assessments via external pro-bono lawyer support and internal and external audits.

Strategic risks

Our strategy is to reach more children affected by war and conflict via the scaling of our scientifically proven interventions with the support of a global network of partners. The risk is that these innovations require new technology - such as game-based education technology - and new skills which require investments that are difficult to fund as a non-profit organisation. War Child is accelerating collaboration with a range of partners to address this risk and support our strategy. We also continued to work on the development of a new data platform that will be used to store, analyse and securely share data with implementation partners. The change of War Child into a global networked organisation will in turn help us attract more funds in order to provide quality support to many more children in the years to come.  

The change process in itself is a risk to the organisation due to changes in team set-ups, priorities and ways of working. In 2022, we continued to address this risk through, amongst others, the ongoing work of a dedicated steering group and related sub-groups tackling everything from safeguarding to organisational culture.

(0) article(s) in My report