AI policy for charities:

what you need, and why it’s required

Since November 2025, any charity using AI to support fundraising must have an AI policy in place.

That’s a requirement from the Fundraising Regulator.

77% of UK charities are now using AI.

Only 16% have a policy.

If your charity is in that gap, this page is for you.

What an AI policy must cover

The Fundraising Regulator doesn’t prescribe an exact format, but the intent is clear: your policy should show that your organisation has thought carefully about how AI is used, and that someone is accountable for it.

At minimum, a charity AI policy should cover:

Which AI tools you use

and what you use them for. This includes tools used by staff day-to-day, not just formal organisational decisions.

How you handle data.

What personal data, including donor data and beneficiary data, enters AI systems, and what your obligations are under UK GDPR.

Human oversight.

Where and how a person reviews, approves, or is accountable for AI-generated outputs before they are used. This is especially important for donor communications.

How you manage risk.

Bias, factual inaccuracy, and safeguarding implications, and how you identify and respond to problems when they arise.

Your values and limits.

Areas where you will not use AI, and why. Being explicit about limits builds trust and reduces the risk of scope creep.

Review cadence.

AI is changing quickly. Your policy should include a commitment to review it regularly – as a minimum annually, ideally every six months.

The Fundraising Regulator also recommends publishing your AI policy on your website.

Transparency with donors isn’t just good practice; for many charities it’s now the expectation.

Who needs an AI policy?

Any charity that uses AI to support fundraising activities needs a policy in place. That includes:

Charities using AI tools to draft donor communications, appeals, or grant applications.
Organisations using AI for donor segmentation, predictive analytics, or identifying major gift prospects.
Charities using AI-assisted tools in their CRM, email platform, or fundraising software — even if AI is not the primary reason those tools were chosen.

It also applies where third-party fundraisers use AI on your behalf. The Fundraising Regulator is explicit: trustees remain accountable for AI use by third parties acting in your name.

What about charities that don’t use AI for fundraising?

You may still need to consider the implications. The Fundraising Regulator is clear that charities which decide not to use AI for fundraising may still need to assess how AI used by others could affect their fundraising activities.

Opting out is not the same as being unaffected.

What a published AI policy signals

Publishing your AI policy is more than just compliance; it’s a visible signal to the people your charity depends on.

To donors:

that their data is handled responsibly and that humans remain in control of how they’re communicated with. Trust, once lost, is expensive to rebuild.

To funders & commissioners:

that your organisation has governance in place and can be held accountable for its use of technology. Increasingly, this is a due diligence question.

To your trustees and staff:

that there is clarity about what is and isn’t acceptable. A policy reduces the risk of individuals making well-intentioned but unreviewed decisions.

To the regulator:

that you are taking your obligations seriously, and that your organisation is in a position to demonstrate compliance if asked.

Need an AI policy written?

We develop AI policies for charities: tailored to your organisation, compliant with the Fundraising Regulator’s requirements, and written in plain language your trustees can adopt and your donors can read.

What happens without a policy?

Without a policy, AI use in your organisation is ungoverned. That creates several risks:

Staff making individual decisions about which AI tools to use and what data to put into them, without a shared framework.

Donor communications generated or influenced by AI, without any review process or accountability trail.

Trustees who are responsible for the charity’s AI use but have no visibility of what that use actually involves.

A compliance gap with the Fundraising Regulator that could affect your fundraising registration or your standing with donors if a problem arises.

None of these risks require a major AI failure to materialise. They exist the moment you use an AI tool without a policy in place.

How we help

Every charity is different. We develop AI policies for charities from scratch. That means:

Discovery

A short discovery conversation to understand your current AI use, your data environment, and your fundraising activities.

Draft

A draft policy written in plain language. No boilerplate, no generic frameworks; a draft tailored to your mission.

Diligence Checks

A review against the Fundraising Regulator’s current guidance and the Charity Digital Skills Report’s recommendations for responsible AI adoption.

Finalise

A version suitable for trustee adoption and, where appropriate, publication on your website.

Most AI policy engagements complete within 4 to 6 weeks. The output is a document your organisation can actually use.

Start with a conversation

Tell us where you are. We’ll tell you what you need. No obligation, no pitch.

Just a useful 30 minutes.