Charities have been thrown into confusion and could stand to lose large sums of money as a result of changes to credit and debit card donations, according to the Institute of Fundraising (IoF).

The changes, which acquirer banks are attempting to impose on customers at various dates before and after the official implementation date of 1 April following a directive from the major card schemes, Mastercard and Visa, require charities to capture the three digit CVV2 security code on the back of a credit or debit card when accepting donations from cardholders not physically present - so affect online, telephone and, most awkwardly, postal donations.

A number of charities of different sizes have expressed grave concerns over the short notice being given to implement the changes, which may require costly changes to computer systems and printed materials. The IoF is also very concerned about a requirement that stipulates that records containing the card security codes be destroyed after a transaction is completed, as this may make it difficult to comply with Gift Aid regulations.

The IoF expressed its concerns after receiving reports from charities and fundraising organisations to the effect that the acquirer banks were giving them contradictory information about the changes, with some banks saying they will not honour charity donations without the three digit security code.

Children’s charity Kids Out was told of the changes just as it sent out its second major mail campaign of the last few months, incorporating donor response forms into which new donors are asked to write their credit card details - without the three digit code. Its acquiring bank, Streamline, part of the Royal Bank of Scotland Group, has told it that only donations with the three digit code will be accepted. The last mail campaign generated 3,000 donations, of which 300 were credit card donations. The charity fears an administrative nightmare is a similar number of donors choose to send in credit card details this time.

“We can’t ask donors to write the security codes on the piece of paper which has their credit card details on it, because obviously that’s not very secure,” said Emma Sambrook, chief executive of Kids Out. “So we might have to phone 300 donors to ask them for the codes. We only have 14 members of staff, most of whom work part-time. Or we would have to write to all the donors."

“The bank have just said we must have the security code number,” Sambrook continues. “They don’t appear to be very flexible. I don’t think they really understand how much of an issue this is for us."

Anthony Baumann, head of fundraising at the RSPCA was also unimpressed by the way the banks have handled the issue. “About a month ago there were little rumblings suggesting something like this might happen,” he said. “Then we had a press release from the IoF last Friday, at which point one began to take it seriously.

“We’re in a world of rumour and confusion. One would hope the banks come up with some sort of definitive statement and say we’re putting this off until a later date.

He added: “Given time, I think most charities can cope with this. But it requires system redesign and testing for the big charities. I know that when we put this to our software suppliers they said there was not a hope of doing something in time for this deadline. And then there are creative ways you’ll have to look at how you destroy a security number while retaining all the other information on the form for Gift Aid.”

“If you collect the three digit code you have to destroy the code immediately, but you’ve got the Gift Aid Declaration on the same piece of paper,” said Megan Pacey, director of policy and campaigns at the IoF “There probably is a way round it, but that would require technology that charities don’t have. The bulk of charities don’t have the capacity to do that.”

“We have not mandated the use of CVV2 for charity donations,” insisted Paul Ravenscroft, corporate media relations manager for Visa. “We do recommend its inclusion, because it protects the banks and the donors themselves, and we have mandated its use in other areas where there is a significant fraud problem, but not for charities. If the charities have an issue with their banks they need to talk to the banks about that. The way the Visa system works is that we don’t have any contact with either the cardholders or the merchants – in this case the charities.”

He pointed out that card fraud is falling overall, in part because of the spread of chip and PIN technology, but that criminals were targeting card not present transactions as a result, meaning the use of security measures like the CVV2 number became more important.

A spokesperson for Streamline said: “we have discussed the impact of the new requirements with a number of our charity fundraising customers. We will work with the card schemes to provide sensible solutions to the problems that some of our customers face, in particular to donations made by post.”

The IoF’s Pacey said attempts to seek clarification from Visa and Mastercard had so far failed to elicit any adequate response. She felt the card schemes had to take some responsibility for the confusion: “They’ve changed the rules, which has put the banks in this position, so from where I’m sitting they’ve got to take some responsibility.

“I think the real problem is that charity donations make up a very small percentage of overall credit and debit card transactions,” she added. “I don’t think the credit card companies want to engage with the issues we’ve raised. But for the sector if this means that these donations become difficult then the effects could be enormous.

“I think the moral is that when you give ultimatums you get problems, particularly with a short time-frame,” said the RSPCA’s Baumann. “Hopefully we will get some clarification with a longer timeframe to make the changes.”