What you need to know:
- In an investigation conducted by Daily Monitor, it was found that Nakacwa was not a lone victim. A number of accounts had been breached at different intervals in similar fashion and some customers had found it difficult to convince the bank to refund their money.
When Edith Nakacwa walked to an agent on April 23 , she never suspected anything could go wrong.
She needed money to offset a pending payment and the last thing on her mind was to fall victim of a suspected fraud ring.
On the fateful day, Nakacwa had approached an Equity Bank agent, seeking to withdraw money from her account to clear a pending payment on a laptop that she urgently needed.
But she was shell-shocked when she was notified that the transaction had been declined on the basis of insufficient balance in her account.
Desperate to find out what was amiss, the 24-year old student and business woman, soon realised that her operating capital with the Equity Bank, amounting to slightly more than Shs21.9 million was fraudulently cashed out, leaving her with a paltry balance of exactly Shs59,100. She further discovered that the account was breached multiple times, with two of such fraud occurring in a space of one week.
Frustrated and restless, Nakacwa on the same day (April 23), wrote to Equity, notifying the bank of the mysterious disappearance of about Shs21.9m from her account.
In her letter to the Equity Church House Branch Manager on April 23, Nakacwa noted that she had found out that the entries through which her money was removed from her account without her knowledge were done using Eazzy Money App which she never initiated.
The internet-powered app, is an innovation that Equity uses to allow 24-hour customer access to banking services, among which include transfers, paying for goods and services and managing loan or bank accounts.
In an investigation conducted by Daily Monitor, it was found that Nakacwa was not a lone victim. A number of accounts had been breached at different intervals in similar fashion and some customers had found it difficult to convince the bank to refund their money.
Whereas Nakacwa told Daily Monitor that the bank yesterday (Wednesday) refunded all her money, it should be noted that it wasn’t without a fight.
Literally, she said, she had to first take matters into her own hands, refusing to give in to blackmail and threats that some bank officials had deployed on her even when she had presented overwhelming evidence showing how her account had been breached.
“I gave them all the time in the world. All I needed was to reimburse my money and a guarantee that this would never happen again,” she told Daily Monitor on Tuesday.
At some point, she says, the bank’s security manager had told her never to call him or engage him again over the matter, something that was a serious test of her patience.
“At this point I felt my patience was being taken for granted. So, I decided to go public with this matter,” she says, noting she found comfort in her social media accounts to highlight her case as she feared that the bank could use its institutional setup to cover up the fraud.
Daily Monitor has since Tuesday engaged Equity on the facts of Nakacwa’s story but the bank has been reluctant to share anything.
By press time, Equity had not presented its side of the story even when it had promised it would revert to this reporter with finer details.
However, when Daily Monitor reached out to Bank of Uganda, the regulator said it was aware of the matter brought to its attention through a letter by Nakacwa’s lawyers.
Ms Charity Mugumya, the Bank of Uganda director for Communications, said when Nakacwa reported the matter, they reached out to Equity Bank with a directive to commission an independent inquiry.
“The delay to conclude this inquiry was due to the lockdown. But nevertheless, it is at the tail end. Once the inquiry is concluded, remedial action will be [taken] by Equity Bank,” she said.
As a regulator, Ms Mugumya noted, Bank of Uganda was at the secondary level of complaint resolution, saying it is only when a solution has not been provided by the concerned bank that it intervenes.
According to a 2020 report by Summit Project Frontline, the annual cost of cybercrime in Uganda for the 2019/20 financial year stood at Shs11.4b.
However, the report notes, that real cost could be much more than reported since a number of fraud cases, especially in the banking sector, are quietly handled.
The cost also include other associated expenses such as incident response, investigations and reputational damage. According to the report, during the period, the combined value of the economic crime cases handled stood at slightly more than Shs171b, with an average of Shs379m direct loss per case. It is worth noting that many cyber incidents in Uganda (and the East African Community at large) go unreported to protect the reputation of affected entities.
In 2019, it was reported that close to Shs9b was lost in a cyber-attack that targeted banks, mobile money operators and payment aggregators.
The 2020 Uganda Police Annual Crime report– indicates that obtaining money by false pretences was the highest crime reported under the category of economic crimes, followed by forgeries and cyber related crimes. During the period, the report noted, the Central Business District, which covers Kampala, registered the highest number of cases of economic crimes. Cyber crime is slowly taking over as the most used form of theft as individuals and businesses take advantage of digital technology to shift their operations online.