Giving Pattern Analyzer
Pastoral signal from giving data — never surveillance. Aggregates public; a two-person check-in list private.
Pastoral signal from giving data — never surveillance. Aggregates go public; a two-person check-in list stays private, and nothing else.
| Category | Operations |
| Church-health domain | Close the Back Door |
| Data-privacy tier | Maximum — donor giving is among the most sensitive data a church holds; no LLM on donor data |
| Mastery-ladder target | Level 5 · Systems |
| Build stack | MortarStone / Planning Center Giving export → statistical analysis (no AI); aggregate dashboard + 2-person list |
The problem
Giving trends carry early signals of congregational and personal change, but raw individual giving is among the most sensitive data a church holds — so most XPs avoid it entirely. That's an overcorrection. Pastors often want to know about "any major change from the norm... an indicator of a change in spiritual or financial well-being which might merit pastoral attention." The challenge is getting that signal without building a surveillance machine.
What good looks like
Two distinct layers:
- A public aggregate layer — cohort retention, recurring-vs-one-time mix, and lapsed-giver anomaly counts — that exposes no individual.
- A private list of "households worth a pastoral check" that goes to exactly two named people (senior pastor + one elder) and appears nowhere else.
Giving stays "private, but not secret": the church gets pastoral signal, and no one builds a donor-targeting tool out of it.
Market scan
| Tool | Fit | Pricing (verify) |
|---|---|---|
| MortarStone | Giving analytics; new/lapsed givers, retention | Subscription + setup; free tier for PC churches |
| Pushpay / ChurchStaq Insights | Giving trends, "at-risk donation" recovery | Enterprise; ~$1,475/mo cited |
| Planning Center Giving | Giving + added analytics | From 2.15%+$0.30/txn; $14–199/mo |
| Tithely | Giving + ChMS | Plus $149/mo |
| Vanco | ACH/text giving; limited analytics | From under $10/mo |
The gap: incumbents push toward individual donor targeting and "at-risk donation" recovery — more granular surveillance, framed for revenue. None defaults to aggregate-public plus a 2-person named list and nothing else. The gap is an explicitly anti-surveillance posture.
Data privacy & security — the core of this build
The governing norm: giving should be "private, but not secret." Financial commitment shouldn't be public record, yet the financial secretary may flag families needing pastoral attention.
- Aggregate-only public layer. Cohort/retention/mix charts expose no individual.
- The named list goes to two people only. Senior pastor + one elder; names appear nowhere else, are never emailed in plaintext to a list, and access is logged.
- No LLM on donor data, ever. Anomaly detection here is plain statistics (e.g., a z-score on giving cadence) — not an AI prompt. Donor data never leaves church infrastructure.
- Anti-surveillance discipline. A lapsed-giver list is pastoral only if it never becomes a solicitation or judgment tool. ECFA's 2025 guidance emphasizes donor privacy; GDPR/CCPA can apply. Encrypted storage, locked records.
- Build and demo on synthetic donor data.
How to build it
- Weekly authenticated pull from MortarStone / Planning Center Giving.
- Compute aggregate metrics — cohort retention, recurring-vs-one-time mix, lapsed-giver z-score anomalies — with plain statistics. No AI.
- Publish only the aggregate dashboard to a broad leadership role.
- Generate a separate, access-logged "households worth a pastoral check" list visible to exactly two named accounts; store names nowhere else.
- Build and demo on synthetic data.
Rollout plan
- Q1: Agree the governance model first — who sees what, the 2-person rule, the anti-surveillance commitment. Then build the aggregate layer.
- Q2: Add lapsed-giver anomaly detection and the tightly gated check-in list.
- Q3: Review quarterly that the list stays pastoral and the access log is clean.
Effort & cost
- Build: ~1–2 weeks (most of it in the aggregation/anomaly logic and the strict 2-person access gate).
- Run: existing giving platform / MortarStone (free tier possible for Planning Center churches) + modest hosting. The real cost is governance discipline.
Sources
- UMC Discipleship, privacy of giving — https://www.umcdiscipleship.org/resources/privacy-of-financial-giving
- MortarStone analytics — https://mortarstone.com/analytics/
- Who should see giving records — https://churchanswers.com/blog/who-should-be-able-to-see-individual-church-giving-records/
- Ethical donor analytics — https://grassrootsdigital.org/using-donor-analytics-to-grow-your-impact/
- ECFA 2025 developments — https://ministrywatch.com/ecfa-report-lists-tax-and-legal-developments-for-2025/
Honesty flag: Pushpay/MortarStone don't publish standard pricing; figures are from third-party roundups. Treat as estimates.