A big money scandal at the Bank of Uganda has everyone talking. A whopping $21,013,562.31 went missing through some shady dealings in the country's financial system. The fraud happened in the Integrated Financial Management System and led to officials from the finance ministry, including the top accountant, getting arrested. The case blew up so much that even the president and security agencies had to get involved.
The head of the Criminal Investigations Directorate wasn't messing around. On October 24, 2024, he asked the auditor general to conduct a deep dive into the whole thing. The goal was to support the police as they investigated claims of embezzlement, money laundering, and officials abusing their power. The finance ministry, which runs the IFMS, and the Bank of Uganda, which handles payments, both had some explaining to do.
The scheme involved two separate transactions, in which money meant to pay back loans to the International Development Association and the African Development Fund somehow ended up in the wrong hands. After taking a first look at the finance ministry and central bank records, the auditor general started a full-on investigation. They wanted to figure out just how much money was stolen, how the crooks pulled it off, and who was in on it.
The investigation was also supposed to pinpoint holes in financial security, see if the current safeguards were doing their job, and devise ways to prevent this kind of thing from happening again. The case has many people in Uganda worried about how the government handles money. There are demands for stricter oversight, better cybersecurity, and accountability for public financial institutions.
The first fraudulent deal occurred on September 10, 2024. A legitimate payment of $6,134,137.75 was set up through the IFMS to repay a loan to the International Development Association. But before the money could go through, someone entered the finance ministry's computer system and changed the details. Instead of going to the IDA, the payment was rerouted to a company called "Roadway Tokyo Japan."
The ministry's security controls totally missed the switch, and the Bank of Uganda processed the bogus payment on September 12, 2024. The money was sent out of the country and even though they tried to get it back, that $6.1 million is still missing. It's just gone for good.
Then, on September 26, 2024, lightning struck twice. Another legitimate payment, this time for $8,596,824.26 to the African Development Fund, got tampered with in the finance ministry's system. Once again, the payee info was changed, and the money was sent to "MJS International London" instead.
The central bank treated it like any other payment and sent the money off two days later. This second fraud really made people scratch their heads about how both the finance ministry and the Bank of Uganda could drop the ball again after the first incident.
The investigation showed some big problems with how Uganda keeps an eye on its money, especially when it comes to big transactions and securing government payment systems. The fact that someone could go into the IFMS and change payment details before they were encrypted and sent to the central bank means their cybersecurity and accountability were seriously lacking.
But it's not all bad news. Even though the $6.1 million from the IDA payment is still gone, the government did manage to get back $8,205,103.81 from the second fraudulent deal with the ADF. That means the total loss isn't quite as catastrophic.
The auditor general double-checked and found out that the loan repayment to the IDA was the real deal. It was $4,169,569.42 for the principal and $1,964,568.33 in interest, due in September 2024. The World Bank confirmed that the IDA keeps tabs on loan repayments using the SWIFT details borrowers give them. That way, they can track the money.
But even though the transaction was legit, the finance ministry missed some key steps that could've caught the fraud sooner. The report really came down on Mubarak Nansamba, the acting assistant commissioner of Treasury Services. He didn't bother to ask the Bank of Uganda for a SWIFT message after the payment went through.
Because of that oversight, it took longer to determine that the money had been stolen, and the crooks had more time to get the funds out of the country.
When they examined the Integrated Financial Management System, which the finance ministry is in charge of, they saw that the payment invoice was made on September 4, 2024. Mubarak Nansamba gave it the green light on September 9, 2024.
The report says the payment was processed as electronic funds transfer number 14380401. It was part of a batch of payments in a file called 997201241009.EXT that was set up to be sent out on September 10, 2024. To keep things secure, the IFMS uses the central bank's public keys and the finance ministry's private keys to encrypt the payment files.
Encrypting the files this way ensures that only the Bank of Uganda can unscramble them, but the finance ministry can still prove it sent the transaction. On September 10, 2024, the encrypted payment file with the $6,134,137.75 meant for the IDA loan was put on the finance ministry's server.
The file automatically made its way over a private line to the central bank's managed file transfer server.
Once the Bank of Uganda received the encrypted file, their MFTS grabbed the payment file from the finance ministry's server. They made a backup copy on the same server before decrypting it into plain text and moving it to the BoU's bbsuser directory. From there, the transaction was put into the Uganda Banking System. Another copy was archived to keep a record of it.
Leona Faith Kwikiriza, a senior system analyst at the finance ministry, also emailed the central bank that same day to confirm the transaction. But before the payment was finalized, someone changed the payee details and sent the money to the wrong person.
Those sneaky changes slipped right under the radar, and the $6.1 million left the country without anyone batting an eye.
This whole mess has really shone a light on some big gaps in Uganda's financial security system, especially when it comes to verifying payments and monitoring digital transactions. The fact that the fraud wasn't caught until after the money had already been sent out of the country shows that the internal controls were either not good enough or completely ignored.
The electronic funds transfer process inside the Bank of Uganda's system starts when an unencrypted transaction file from the Managed File Transfer System is put into a waiting area. At that point, the system is supposed to log the transaction and double-check that everything is accurate by examining the format, content, and payment details.
But when the auditor general checked the system logs, they found a huge problem. The transaction that was originally supposed to go to the International Development Association in Washington had been changed before it got processed.
Instead of the IDA, the money was sent from the Accountant General's Office to a company called Roadway Co. Ltd in Tokyo. The description said it was "Payment for recycling plant systems and machinery."
The auditor general's report says somebody took the same EFT number that was meant for loan repayment and used it to pay some fake company in Tokyo instead. This set off major alarm bells about the Bank of Uganda's internal controls and how they verify payments. The fraudulent transaction made it through a bunch of checkpoints without anyone noticing.
They dug a little deeper and found that when they decrypted the transaction files at both the central bank and the finance ministry's IFMS, they were exactly the same. But after some forensic analysis, they could tell that the encrypted file sent from the finance ministry had already been messed with. Roadway Co. Ltd in Tokyo was listed as the payee, and they'd made up some story about buying recycling equipment.
The finance ministry's IFMS application server kept records of what happened during the encryption process. Those records showed that while the file was being encrypted, a plain text version with all the transaction details was left out in the open.
That security mistake allowed the fraudster to change the payment information before encrypting the file. Once it was encrypted, nobody could tell it had been tampered with. The fake file was sent to the Bank of Uganda, and they processed it like it was legit.
That little security slip-up was all it took for government funds to get sent to the wrong place. It made a mockery of all the usual safety nets that were supposed to catch that kind of thing.
The investigation pointed the finger at Tony Yawe, a senior IT officer at the finance ministry, as the mastermind behind the scam. When they looked at the system change logs, they saw someone using Yawe's account "tyawe" had made a bunch of sketchy changes between September 9 and 11, 2024.
On September 9th, Yawe went into the IFMS application host server and messed with some really important system scripts. He gave himself total control as an admin while blocking access for everyone else. Then he moved around encryption scripts and renamed them, making sure any future EFT transactions that went through the system would have fake payment details.
The next day, September 10th, Yawe was at it again. This time he changed up transaction files related to the Bank of Uganda so he'd have complete power over key financial data files. The last step in his master plan went down on September 11th. He took the payment file called BOU_NW_10092024.dat and swapped out the real description that said "Interest Payment for IDA 1" for a phony one about "Recycling Plant Systems and Machinery."
This sneaky switch was supposed to confuse people during reconciliation, so the central bank's system would not flag the bogus payment details.
When the investigators grilled Yawe, he admitted to owning the "tyawe" account but swore he had nothing to do with the actual fraud. He tried to say that on September 8th, he noticed some weird server access that snuck past the firewall controls without leaving any tracks.
But when they examined the firewall logs, which keep track of both inside and outside traffic, they couldn't find any proof of someone breaking in from outside. Despite that, Yawe played dumb about the commands that were run under his username on September 9th, 10th, and 26th.
He even had the nerve to argue that the log file showing all the fraudulent changes looked suspicious to him like it was some random batch file that didn't fit with how the system normally logs stuff. But the digital forensic evidence told a different story. It confirmed the commands came from inside the finance ministry, not some outside hacker.
They double-checked with the Debt Management and Financial Analysis System, and sure enough, 26 loans from the African Development Fund were set to be paid back on October 1, 2024. The outstanding balance was $5,698,895.35 for the principal and $2,897,928.91 in interest.
On September 23rd, an accountant at the finance ministry using the name "MKICONCO" created an invoice for the payment in the Integrated Financial Management System. Mubarak Nasamba, the acting assistant commissioner of Treasury Services, gave it the thumbs-up the very next day.
They processed the payment as electronic funds transfer number 14547957 on September 25th and tossed it in with a bunch of other payments in a file called 997201242609.EXT. That file was set to be sent out on September 26th.
Just like always, the IFMS encrypted the payment files using the central bank's public keys and the finance ministry's private keys. That way, only the Bank of Uganda could unscramble and process the file. On September 26th, they generated a plain text version of the EFT file called 997201242609.EXT, along with an encrypted one called 997201242609.EXT.gpg. Both of those ended up on the IFMS application server.
The files contained nine different transactions, including the ADF loan repayment. After the encryption was completed, they zipped the files through a secure line to the Bank of Uganda's Managed File Transfer System. The central bank's servers automatically snatched them up, made a backup, unscrambled them, and sent them to the internal Banking and Payment Systems.
On September 26th, Eriphaz Sebiyonga, a senior systems analyst at the finance ministry, emailed the central bank to confirm they'd sent the external payment file 997201242609.EXT. He said nine transactions totaling $12,913,674.30 were in the file and ready to be processed.
But when the auditor general took a closer look, something wasn't adding up with the payments the Bank of Uganda handled. The original EFT file said the $8,596,824.26 was supposed to go to the ADF for loan repayment in Abidjan. But the central bank's records showed that same EFT number paying a company called "MJS INTERNATIONAL" in London with a reference number of "AE300824-ZRS".
The auditor general's findings show that the transaction was tampered with before it reached the central bank. That means the bogus changes happened at the Accountant General's Office before they hit send.
They said point blank, "I confirmed that the Accountant General's Office sent an encrypted file in which the payee for the transaction was 'MJS INTERNATIONAL, London,' with the reference AE300824-ZRS. This confirms that the change in payment details was made at the Accountant General's Office before the file was sent to BoU."
When they forensically analyzed the IFMS system logs from September 25-26, 2024, they found that some seriously shady stuff went down using the account "mkasiiku." That username belongs to Mark Kasiiku, a data center consultant at the finance ministry.
It turned out Kasiiku had made all kinds of changes to important system files that he had no business messing with. He changed permissions, moved encryption scripts around, and replaced transaction details straight up. Oh, and he was slick enough to delete logs and system backups to cover his tracks.
Specifically, he got into the transaction scripts and rewrote them to send payments to different people, changing up who was supposed to get paid for high-value transfers. He also moved crucial financial files from where they were supposed to be, which screwed up the normal verification process and let him hide his fraudulent changes.
To ensure nobody would catch on, he swapped out encryption files so the sketchy transactions would slide right through without raising any red flags. As the cherry on top, he wiped out system logs that showed who was logging in and doing what. That made it a real pain for investigators to figure out who was pulling the strings behind the scenes.
When investigators slammed Kasiiku, he tried to play it cool and said he had nothing to do with the fraud. He claimed all the shady transactions done under his username went down before he usually showed up to work at 8:30 a.m. He also said he couldn't get into the system remotely to pull any funny business outside the office.
But when they kept digging, a new piece of evidence turned up. Apparently after the Bank of Uganda got the payment invoice, they sent a confirmation email right back to the finance ministry. The investigators compared the files the central bank sent with what was in the ministry's records and spotted a huge red flag.
The Bank of Uganda's records said the payment went to "MJS INTERNATIONAL" in London with reference number "AE300824-ZRS." However, the ministry's internal records still had the payment earmarked as "Uganda Principal and Interest Payment for African Development Fund (ADF)."
That mismatch was the smoking gun that proved the fraud happened at the finance ministry before the payment ever got sent to the central bank.
On November 14, 2024, a SWIFT message from Citibank New York confirmed that they'd recovered $8,205,103.81 and put it back in the finance ministry's account at the Bank of Uganda.
Even though they got most of the money back, the fraudulent transaction still left Uganda holding the bag for $391,720.45. That's because they had to eat the banking fees and got dinged on the exchange rate when the money was being reversed.
But wait, there's more! They also found evidence of another fraud attempt. This one was for $6,674,320.75 and originally had the description "Uganda principal and interest payment for IDA due January 15, 2025."
Some crook tried to reroute the money to an account in Sielska-Poznan, Poland, using the same tricks as the other fraudulent payments.
The good news is that the SWIFT messaging system actually caught the discrepancy this time. It noticed the payee was listed as the IDA, but the bank details were for an account in Poland, not Washington, where it was supposed to go. That raised a big red flag, and the transaction was shut down before the money could slip away.
The auditor general's report basically put Uganda's financial security system on blast. It exposed some major weak spots, especially in how they keep an eye on digital transactions, encryption, and internal controls at the finance ministry and central bank.
They did manage to get some of the stolen money back, but the fact that these fraudsters could manipulate huge transactions so easily is a real wake-up call. The system is vulnerable, and the people in charge aren't being held accountable. This case has lit a fire under Uganda to step up its financial security game.
There's a big push now for reforms to lock things down and ensure more oversight of the money moving through Uganda's financial system.
The head of the Criminal Investigations Directorate wasn't messing around. On October 24, 2024, he asked the auditor general to conduct a deep dive into the whole thing. The goal was to support the police as they investigated claims of embezzlement, money laundering, and officials abusing their power. The finance ministry, which runs the IFMS, and the Bank of Uganda, which handles payments, both had some explaining to do.
The scheme involved two separate transactions, in which money meant to pay back loans to the International Development Association and the African Development Fund somehow ended up in the wrong hands. After taking a first look at the finance ministry and central bank records, the auditor general started a full-on investigation. They wanted to figure out just how much money was stolen, how the crooks pulled it off, and who was in on it.
The investigation was also supposed to pinpoint holes in financial security, see if the current safeguards were doing their job, and devise ways to prevent this kind of thing from happening again. The case has many people in Uganda worried about how the government handles money. There are demands for stricter oversight, better cybersecurity, and accountability for public financial institutions.
The first fraudulent deal occurred on September 10, 2024. A legitimate payment of $6,134,137.75 was set up through the IFMS to repay a loan to the International Development Association. But before the money could go through, someone entered the finance ministry's computer system and changed the details. Instead of going to the IDA, the payment was rerouted to a company called "Roadway Tokyo Japan."
The ministry's security controls totally missed the switch, and the Bank of Uganda processed the bogus payment on September 12, 2024. The money was sent out of the country and even though they tried to get it back, that $6.1 million is still missing. It's just gone for good.
Then, on September 26, 2024, lightning struck twice. Another legitimate payment, this time for $8,596,824.26 to the African Development Fund, got tampered with in the finance ministry's system. Once again, the payee info was changed, and the money was sent to "MJS International London" instead.
The central bank treated it like any other payment and sent the money off two days later. This second fraud really made people scratch their heads about how both the finance ministry and the Bank of Uganda could drop the ball again after the first incident.
The investigation showed some big problems with how Uganda keeps an eye on its money, especially when it comes to big transactions and securing government payment systems. The fact that someone could go into the IFMS and change payment details before they were encrypted and sent to the central bank means their cybersecurity and accountability were seriously lacking.
But it's not all bad news. Even though the $6.1 million from the IDA payment is still gone, the government did manage to get back $8,205,103.81 from the second fraudulent deal with the ADF. That means the total loss isn't quite as catastrophic.
The auditor general double-checked and found out that the loan repayment to the IDA was the real deal. It was $4,169,569.42 for the principal and $1,964,568.33 in interest, due in September 2024. The World Bank confirmed that the IDA keeps tabs on loan repayments using the SWIFT details borrowers give them. That way, they can track the money.
But even though the transaction was legit, the finance ministry missed some key steps that could've caught the fraud sooner. The report really came down on Mubarak Nansamba, the acting assistant commissioner of Treasury Services. He didn't bother to ask the Bank of Uganda for a SWIFT message after the payment went through.
Because of that oversight, it took longer to determine that the money had been stolen, and the crooks had more time to get the funds out of the country.
When they examined the Integrated Financial Management System, which the finance ministry is in charge of, they saw that the payment invoice was made on September 4, 2024. Mubarak Nansamba gave it the green light on September 9, 2024.
The report says the payment was processed as electronic funds transfer number 14380401. It was part of a batch of payments in a file called 997201241009.EXT that was set up to be sent out on September 10, 2024. To keep things secure, the IFMS uses the central bank's public keys and the finance ministry's private keys to encrypt the payment files.
Encrypting the files this way ensures that only the Bank of Uganda can unscramble them, but the finance ministry can still prove it sent the transaction. On September 10, 2024, the encrypted payment file with the $6,134,137.75 meant for the IDA loan was put on the finance ministry's server.
The file automatically made its way over a private line to the central bank's managed file transfer server.
Once the Bank of Uganda received the encrypted file, their MFTS grabbed the payment file from the finance ministry's server. They made a backup copy on the same server before decrypting it into plain text and moving it to the BoU's bbsuser directory. From there, the transaction was put into the Uganda Banking System. Another copy was archived to keep a record of it.
Leona Faith Kwikiriza, a senior system analyst at the finance ministry, also emailed the central bank that same day to confirm the transaction. But before the payment was finalized, someone changed the payee details and sent the money to the wrong person.
Those sneaky changes slipped right under the radar, and the $6.1 million left the country without anyone batting an eye.
This whole mess has really shone a light on some big gaps in Uganda's financial security system, especially when it comes to verifying payments and monitoring digital transactions. The fact that the fraud wasn't caught until after the money had already been sent out of the country shows that the internal controls were either not good enough or completely ignored.
The electronic funds transfer process inside the Bank of Uganda's system starts when an unencrypted transaction file from the Managed File Transfer System is put into a waiting area. At that point, the system is supposed to log the transaction and double-check that everything is accurate by examining the format, content, and payment details.
But when the auditor general checked the system logs, they found a huge problem. The transaction that was originally supposed to go to the International Development Association in Washington had been changed before it got processed.
Instead of the IDA, the money was sent from the Accountant General's Office to a company called Roadway Co. Ltd in Tokyo. The description said it was "Payment for recycling plant systems and machinery."
The auditor general's report says somebody took the same EFT number that was meant for loan repayment and used it to pay some fake company in Tokyo instead. This set off major alarm bells about the Bank of Uganda's internal controls and how they verify payments. The fraudulent transaction made it through a bunch of checkpoints without anyone noticing.
They dug a little deeper and found that when they decrypted the transaction files at both the central bank and the finance ministry's IFMS, they were exactly the same. But after some forensic analysis, they could tell that the encrypted file sent from the finance ministry had already been messed with. Roadway Co. Ltd in Tokyo was listed as the payee, and they'd made up some story about buying recycling equipment.
The finance ministry's IFMS application server kept records of what happened during the encryption process. Those records showed that while the file was being encrypted, a plain text version with all the transaction details was left out in the open.
That security mistake allowed the fraudster to change the payment information before encrypting the file. Once it was encrypted, nobody could tell it had been tampered with. The fake file was sent to the Bank of Uganda, and they processed it like it was legit.
That little security slip-up was all it took for government funds to get sent to the wrong place. It made a mockery of all the usual safety nets that were supposed to catch that kind of thing.
The investigation pointed the finger at Tony Yawe, a senior IT officer at the finance ministry, as the mastermind behind the scam. When they looked at the system change logs, they saw someone using Yawe's account "tyawe" had made a bunch of sketchy changes between September 9 and 11, 2024.
On September 9th, Yawe went into the IFMS application host server and messed with some really important system scripts. He gave himself total control as an admin while blocking access for everyone else. Then he moved around encryption scripts and renamed them, making sure any future EFT transactions that went through the system would have fake payment details.
The next day, September 10th, Yawe was at it again. This time he changed up transaction files related to the Bank of Uganda so he'd have complete power over key financial data files. The last step in his master plan went down on September 11th. He took the payment file called BOU_NW_10092024.dat and swapped out the real description that said "Interest Payment for IDA 1" for a phony one about "Recycling Plant Systems and Machinery."
This sneaky switch was supposed to confuse people during reconciliation, so the central bank's system would not flag the bogus payment details.
When the investigators grilled Yawe, he admitted to owning the "tyawe" account but swore he had nothing to do with the actual fraud. He tried to say that on September 8th, he noticed some weird server access that snuck past the firewall controls without leaving any tracks.
But when they examined the firewall logs, which keep track of both inside and outside traffic, they couldn't find any proof of someone breaking in from outside. Despite that, Yawe played dumb about the commands that were run under his username on September 9th, 10th, and 26th.
He even had the nerve to argue that the log file showing all the fraudulent changes looked suspicious to him like it was some random batch file that didn't fit with how the system normally logs stuff. But the digital forensic evidence told a different story. It confirmed the commands came from inside the finance ministry, not some outside hacker.
They double-checked with the Debt Management and Financial Analysis System, and sure enough, 26 loans from the African Development Fund were set to be paid back on October 1, 2024. The outstanding balance was $5,698,895.35 for the principal and $2,897,928.91 in interest.
On September 23rd, an accountant at the finance ministry using the name "MKICONCO" created an invoice for the payment in the Integrated Financial Management System. Mubarak Nasamba, the acting assistant commissioner of Treasury Services, gave it the thumbs-up the very next day.
They processed the payment as electronic funds transfer number 14547957 on September 25th and tossed it in with a bunch of other payments in a file called 997201242609.EXT. That file was set to be sent out on September 26th.
Just like always, the IFMS encrypted the payment files using the central bank's public keys and the finance ministry's private keys. That way, only the Bank of Uganda could unscramble and process the file. On September 26th, they generated a plain text version of the EFT file called 997201242609.EXT, along with an encrypted one called 997201242609.EXT.gpg. Both of those ended up on the IFMS application server.
The files contained nine different transactions, including the ADF loan repayment. After the encryption was completed, they zipped the files through a secure line to the Bank of Uganda's Managed File Transfer System. The central bank's servers automatically snatched them up, made a backup, unscrambled them, and sent them to the internal Banking and Payment Systems.
On September 26th, Eriphaz Sebiyonga, a senior systems analyst at the finance ministry, emailed the central bank to confirm they'd sent the external payment file 997201242609.EXT. He said nine transactions totaling $12,913,674.30 were in the file and ready to be processed.
But when the auditor general took a closer look, something wasn't adding up with the payments the Bank of Uganda handled. The original EFT file said the $8,596,824.26 was supposed to go to the ADF for loan repayment in Abidjan. But the central bank's records showed that same EFT number paying a company called "MJS INTERNATIONAL" in London with a reference number of "AE300824-ZRS".
The auditor general's findings show that the transaction was tampered with before it reached the central bank. That means the bogus changes happened at the Accountant General's Office before they hit send.
They said point blank, "I confirmed that the Accountant General's Office sent an encrypted file in which the payee for the transaction was 'MJS INTERNATIONAL, London,' with the reference AE300824-ZRS. This confirms that the change in payment details was made at the Accountant General's Office before the file was sent to BoU."
When they forensically analyzed the IFMS system logs from September 25-26, 2024, they found that some seriously shady stuff went down using the account "mkasiiku." That username belongs to Mark Kasiiku, a data center consultant at the finance ministry.
It turned out Kasiiku had made all kinds of changes to important system files that he had no business messing with. He changed permissions, moved encryption scripts around, and replaced transaction details straight up. Oh, and he was slick enough to delete logs and system backups to cover his tracks.
Specifically, he got into the transaction scripts and rewrote them to send payments to different people, changing up who was supposed to get paid for high-value transfers. He also moved crucial financial files from where they were supposed to be, which screwed up the normal verification process and let him hide his fraudulent changes.
To ensure nobody would catch on, he swapped out encryption files so the sketchy transactions would slide right through without raising any red flags. As the cherry on top, he wiped out system logs that showed who was logging in and doing what. That made it a real pain for investigators to figure out who was pulling the strings behind the scenes.
When investigators slammed Kasiiku, he tried to play it cool and said he had nothing to do with the fraud. He claimed all the shady transactions done under his username went down before he usually showed up to work at 8:30 a.m. He also said he couldn't get into the system remotely to pull any funny business outside the office.
But when they kept digging, a new piece of evidence turned up. Apparently after the Bank of Uganda got the payment invoice, they sent a confirmation email right back to the finance ministry. The investigators compared the files the central bank sent with what was in the ministry's records and spotted a huge red flag.
The Bank of Uganda's records said the payment went to "MJS INTERNATIONAL" in London with reference number "AE300824-ZRS." However, the ministry's internal records still had the payment earmarked as "Uganda Principal and Interest Payment for African Development Fund (ADF)."
That mismatch was the smoking gun that proved the fraud happened at the finance ministry before the payment ever got sent to the central bank.
On November 14, 2024, a SWIFT message from Citibank New York confirmed that they'd recovered $8,205,103.81 and put it back in the finance ministry's account at the Bank of Uganda.
Even though they got most of the money back, the fraudulent transaction still left Uganda holding the bag for $391,720.45. That's because they had to eat the banking fees and got dinged on the exchange rate when the money was being reversed.
But wait, there's more! They also found evidence of another fraud attempt. This one was for $6,674,320.75 and originally had the description "Uganda principal and interest payment for IDA due January 15, 2025."
Some crook tried to reroute the money to an account in Sielska-Poznan, Poland, using the same tricks as the other fraudulent payments.
The good news is that the SWIFT messaging system actually caught the discrepancy this time. It noticed the payee was listed as the IDA, but the bank details were for an account in Poland, not Washington, where it was supposed to go. That raised a big red flag, and the transaction was shut down before the money could slip away.
The auditor general's report basically put Uganda's financial security system on blast. It exposed some major weak spots, especially in how they keep an eye on digital transactions, encryption, and internal controls at the finance ministry and central bank.
They did manage to get some of the stolen money back, but the fact that these fraudsters could manipulate huge transactions so easily is a real wake-up call. The system is vulnerable, and the people in charge aren't being held accountable. This case has lit a fire under Uganda to step up its financial security game.
There's a big push now for reforms to lock things down and ensure more oversight of the money moving through Uganda's financial system.
