Police are currently holding nine suspects over an audacious white-collar crime, which led to the substantial loss of $6,134,137, the equivalent of UGX 22.4 bn. A substantial amount of the second payment of $8,596,824.24, worth UGX31.7bn, which was diverted to a bogus account, MJS International, London, was recovered, meaning that only UGX1.42bn is still missing.
Based on various highly placed sources, Vox Populi has sifted through layers of evidence in the hands of sleuths to show how this joint criminal enterprise was pulled off. We have established that the fraud was orchestrated by a syndicated cartel at the Finance Ministry, Bank of Uganda (BoU), and some actors believed to have previously worked in the ICT department of the Uganda Police Force. We understand that the latter are now based in the United States.
One of the major leads the Criminal Investigations Directorate (CID) is probing is an earlier attempt to steal funds from the Central Bank. In January 2024, the Assistant Commissioner for Accounts, at the Finance Ministry, Pedson Twesigomwe, brought it to the attention of his superiors that $6mn had been illegally diverted to recipients in Poland, a country in Central Europe. The funds were rewired.
Was this a rehearsal, which was meant to test whether the Treasury and the Central Bank had robust systems to detect the fraud? The Poland incident, according to detectives, is one of the sticking points of the investigation and could form part of the inculpatory evidence to prove the culpability of some of the key suspects.
Responding to the irregular transaction, the Accountant General at the Finance Ministry, Lawrence Ssemakula, authored a memo to his boss, the Secretary to the Treasury, Ramathan Ggoobi, informing him about the illegality that had transpired. During interrogations by CID detectives, Ssemakula who is currently in detention, claimed that Ggoobi received the memo and responded, ‘noted.’ However, Ggobi told CID detectives that he did not receive the handwritten memo from Ssemakula.
Twesigomwe was expected to report to CID on 4 February 2025. While his phones were switched off, Vox Populi understands that he remains on the police radar. He had earlier accessed a number of servers at his office and, according to sources at the Finance Ministry, acted ‘inquisitive’ after learning of the fraud. His absence is what prompted the CID to order the detention of those who had been summoned to record more statements on Tuesday, including the Accountant General.
Among those arrested are individuals who are gravely linked to the shady transactions. There are also those who are remotely linked to the fraud or may not have any criminal culpability, including what sources claim is the Accountant General and female suspects who signed reconciliation emails from BoU after the payments had been made.
Swinging into action
The key detainees in the investigation are the duo of Mubarak Nansamba, who is the principal accountant, and Tony Yawe, who is in charge of the sensitive encryption key at the Treasury, which was manipulated to replace genuine recipients—the International Development Agency (IDA) and African Development Bank (ADB)—with bogus companies.
Highly placed sources reveal that there is a need to further probe some officials at BoU who may be in possession of Swift codes, and there is a need to hire a forensic and a cybersecurity expert to probe the email spoofing that originated from the Central Bank. Email spoofing is a deceptive technique where a malicious actor forges the sender address in an email to make it appear as if it’s coming from a trusted source, like a colleague, bank, or company, with the goal of tricking the recipient into clicking malicious links, sharing sensitive information, or downloading malware.
It is not clear yet why the payments, which were made in the dollar currency to the UK account and Japan accounts, did not raise a red flag at BoU. The practice is that payments are dispensed in British pounds and yen for accounts in England and Japan, respectively.
The suspects were held at different police stations, including Kira Division Police Station and Nateete Police Station. On Wednesday, 5 February 2025, a search was conducted at the various homes of the suspects. In his communication dated 4 February 2025, Ggoobi revealed thus: “Some officers attached to the Accountant General’s Office (AGO) were summoned and detained by the Criminal Investigation Department (CID) to facilitate [the] conclusion of the investigations.”
He added, “We wish to assure everyone concerned that all our services, including those provided by the AGO, are operating normally.”
Later in the afternoon of 5 February 2025, Ggoobi called a crisis meeting, which deliberated on who amongst the senior officials at the ministry should be appointed to plug the gap in the coveted role of Accountant General. It is not clear yet whether this issue was resolved.
The red flags
One of the leads that is of key interest to the detectives is the movements of high-profile officials who, according to sources, made trips to Japan and South Africa during the time the funds went missing. The funds, which were wired to Roadway Company Limited through MUFG Bank of Japan (BoJ) in September 2024, were entirely withdrawn.
Highly placed sources revealed that the Director of Public Prosecutions (DPP), Jane Frances Abodo, who recently returned from England and Japan, where she had been conducting investigations, had not yet read the voluminous pages of evidence to be able to sanction the files. Irene Nakimbugwe, the deputy spokesperson at the Office of the DPP (ODPP), who spent much of the day handling court assignments, told Vox Populi on 4 February 2025 that she needed to get the details before she could comment on the matter.
Vox Populi has learnt from sources that the Internal Security Organisation (ISO) and the Financial Intelligence Authority (FIA) completed investigations into the matter and handed their reports to the President. The Accountant General himself had authored a letter to President Museveni in which he complained that the current probe had reignited internecine boardroom fights at the Finance Ministry and the fraud claims had been weaponised against him.
Other sources claim that beneath the veneer, some senior officials at the Treasury are using the probe to divert the spotlight from their roles in the multi-billion-shilling fraud.
These investigations followed a forensic probe conducted by the Auditor General. The details of the audit indicate that there was a transaction to settle a debt due to the International Development Agency (IDA), which is the finance arm of the World Bank based in Washington, DC. A sum to the tune of $6,134,137 was initiated on 12 September 2024, through the Integrated Financial Management System (IFMS). Using the encrypted key, the officials at the Treasury replaced the correct recipient with a bogus company, Roadway Tokyo, Japan, to pay for recycling plants and machinery.
The officials also failed to immediately request a swift message from the Central Bank officials, which could have detected the erroneous payments. Detectives may have to probe this anomaly after the request for the swift message came 28 days later.
According to the forensic report, the second transaction was made on 26 September 2024, initiated at the Treasury to settle a debt worth $8,569823 owed to the Tunis-based Africa Development Bank. The officials at the Finance ministry altered the encrypted file and diverted the funds to a shadowy company, MJS International Limited. Most of these funds were recovered and rewired, though UGX1.4bn is still missing.
The Deputy Governor, Dr. Michael Atingi-Ego, has repeatedly claimed that, “It is not correct to say that the BoU IT systems were hacked because hacking is the act of gaining unauthorised access to computer systems or networks, and to date, there is no evidence of unauthorised access to the BoU IT systems to divert funds.”
