BoU deputy Governor breaks silence on missing billions
![](/resource/blob/4847720/7bed17a861cfc7a50be3ddfa9038d9dc/latest14pix-data.jpg)
Bank of Uganda Deputy Governor Michael Atingi-Ego
What you need to know:
- Detectives have since confiscated the laptop of a suspect who was reportedly in Nairobi during the fraudulent transactions. An audit firm is currently analyzing the device to establish the credentials used to facilitate the diversion.
Bank of Uganda has said money meant for debt repayments to the Word Bank and African Development Fund was diverted from its intended destinations to two banks in London, UK, and Japan.
In a press briefing on December 5, Bank of Uganda Deputy Governor Michael Atingi-Ego, said two "fraudulent incidents" had diverted money destined for the World Bank and African Development Fund, contrary to what had been reported that the Central Bank’s systems had been hacked and billions of shillings spirited from its accounts in the process.
The two incidents, he added, had been initiated outside Bank of Uganda, of which a debt servicing repayment of $6.134m – to the World Bank – was diverted to Road Way Company in Japan and paid into an account in MFUFG Bank on November 12, while another payment of $8.569m to African Development Fund was diverted to NJS International, a bank in London, UK on September 28.
“There were two transactions, which were relating to debt servicing payments. The payments transactions in question included a payment to the World Bank of $6.134m, which was instead paid to Road Way Company in Japan. And then the second payment was meant to be a payment to the African Development Fund of $8.569m, it was instead paid to NJS International, London, UK on September 28," he said.
Dr Atingi-Ego also said that upon discovering that the payments had not reached the intended beneficiaries, Bank of Uganda immediately commenced internal investigations and reported the matter to relevant government authorities, among which included the police, criminal investigations directorate, and the Financial Intelligence Authority, after which the Central Bank took necessary steps to recover the money.
“Our key priority was that of these funds that have been diverted how quickly can we get back these funds. That is what we have been working on. We put all our efforts in trying to recover these funds. So, we instructed our correspondent bank, that is Citibank and the banks where the funds had been credited instructing them to freeze the said funds due to suspected fraud,” he said, noting that Central Bank had since recovered $8.205 million (about Shs30 billion) of the funds that had been sent to NJS International and credited back to the Consolidated Fund account.
Dr Atingi-Ego also noted that the Central Bank, together with its corresponding bank – Citibank - was pursuing the recovery of the balance of $391,000 is still held by NJS International, but, however noted that Bank of Uganda was yet to recover the $6.134m diverted to Road Way Company and paid into an account in MFUFG Bank in Japan.
“This bank has not been very cooperative that is why we haven’t recovered this money,” he said, dismissing claims that the Central Bank systems had been compromised, but noted that two incidents of fraud had been initiated outside the bank, in which instructions were received by the bank “to pay the wrong beneficiaries, leading to the diversion of funds”.
Monitor last week broke the story in which security agencies were investigating the loss of the money and treating it as an “inside job” that was a result of collusion between officials at BoU, Ministry of Finance’s Treasury department and the Accountant General’s office.
The narrowing down of the probe as an inside job, sources indicated, is also reinforced by findings of an independent audit sanctioned by BoU senior management last week.
In our reporting in earlier we indicated that shadowy individuals in South East Asia had managed to swipe out $17m (Shs62.4 billion) from the Central Bank.
However, new information indicates that a total sum of $13 million (Shs47.8 billion) was taken out, with $6 million (Shs22 billion) sent to an account in Japan and $7 million (Shs25.7 billion) wired to an account in London, the United Kingdom.
The incident is said to have happened in September. When President Museveni got wind of the matter, he directed the security agencies to probe the heist.
At the end of September, a general inquiry file of the probe was opened at the Police’s Criminal Investigations Directorate (CID), with the involvement of counter intelligence detectives from the Defence Intelligence and Security (DIS), formally Chieftaincy of Military Intelligence (CMI) and the Auditor General’s office.
The BoU staff recorded statements at police last week, and yesterday it emerged that a group of Ministry of Finance staff were picked and taken to CID headquarters in Kibuli, Kampala, to record statements.
The Ministry of Finance spokesperson, Mr Jim Mugunga, referred this publication to police.
“I am not privy to any arrest or someone recording a statement from the Ministry.In any case,the designated agencies like the police are most suitable to avail more details on arrests made,”he said.
On Tuesday evening, the BoU deputy director for communications, Dr Natamba Bazinzi, in response to inquiries by this publication said: “Bank of Uganda is waiting for the police report on the reported incident.”
Dr Michael Atingi-Ego, who since January 2022 has been holding forte simultaneously as Governor, Deputy Governor, and BoU board chairperson, was by press time on Tuesday expected to issue a substantive statement on the incident.
However, by last evening, it was not clear whether or not Dr Atingi-Ego had issued a statement, as earlier promised.
The police spokesperson, Mr Rusoke Kituuma,was non-committal on delving into the details.
“I can neither confirm nor deny. But we shall share details when we have reached a certain stage,” ACP Kituuma said.
How it happened
Knowledgeable sources told Monitor last evening that the version of hacking by a shadowy group was a cover for what appears to be an “organised crime” in which the ministry staff instructed BoU to wire the money as payment for waste management in Kampala.
Sources indicated staffers in the Accountant General's office had instructed BoU to wire the money to foreign bank accounts for work done in Kampala.
“They created fictitious expenditures and transferred money from the Bank of Uganda, this was possible because the Central Bank is integrated with other banking systems globally,” a police source said.
After creating the expenditure, multiple sources this publication spoke to over the past week, said the money was sent to Bank of Uganda through an asymmetric file on a secure channel, which had
two keys; one was a public one known to the sender and recipient, and the other was known only to the recipient.
“They then used an intermediary bank to effect the international wire transfer, which occurred between two banks and different countries,” a source added. It is at this point that someone using a private key decrypted the file and created new keys for the file and compromised the system.
Part of the money ($6m) was sent to an account domiciled in Japan, and the other batch ($7m) was sent to an account in the United Kingdom.
When the BoU officials learnt of the mess, they reportedly took the matter to the police and apprehended a staff who had been in Nairobi during that period.
The staff member’s laptop was seized and handed over to a top audit firm. It emerged last evening that detectives were imaging the laptop to download log-in accounts to enable them to establish whose credentials were used in the heist.
The independent audit, sources indicated, had concluded that the Central Bank’s Treasury account network firewalls had not been breached as it was initially reported.
The coded requests for wire transfers are said to have originated from the Accountant General’s office.
The Accountant General's office is charged with budget execution and accountability duties, including releases, government payments, and management information systems to support public financial management.
It remains unclear whether the ongoing probe will widen the scope of the investigations to look into earlier episodes.
But sources said there have been numerous episodes of taking out money and sometimes returning it under such circumstances, which point to long-running schemes of money laundering.
Previously, hackers have penetrated legacy network firewalls of commercial banks and telecom companies, which transact on internet-enabled platforms, but are yet to be upgraded with ransomware that evades detection and circumvents firewalls.
Detectives in CID’s cybersecurity department told this publication that Ugandan commercial banks are being hacked almost every month, with an estimated $3 million (about Shs11 billion) swiped out during the last 12 months.
However, the incidents are kept under wraps as banks fear to scare away customers.