Despite its mission to provide inclusive financial services and expand wealth-creation opportunities across Africa, Equity Bank has repeatedly been hit by fraud scandals across its major markets, including Kenya, Uganda, and Rwanda. The bank also operates in South Sudan, the Democratic Republic of Congo (DRC), and Tanzania.
Each incident tends to follow a familiar pattern—official statements, staff dismissals, arrests, or executive assurances. Yet the persistence of these breaches underscores systemic vulnerabilities within the institution.
The fraud schemes have taken many forms: hacked payment systems, stolen staff credentials, insider-facilitated transfers, and, most recently, sophisticated cross-border cybercrimes targeting its Rwandan subsidiary. These incidents are eroding public confidence, with potential clients hesitant to open accounts and existing customers questioning the safety of their funds.
Reports indicate that during an aggressive anti-fraud crackdown last year, the bank dismissed over 12,000 employees across Kenya and Uganda, though this figure could not be independently verified.
Regional Pattern and Historical Incidents
Equity Bank, like many large financial institutions, has faced recurring fraud challenges stemming from both internal weaknesses and external cyber threats.
In Kenya, past cases have involved SIM swap fraud—where criminals hijack customers’ mobile numbers to intercept banking transactions—and phishing schemes targeting clients through fake communications. Fraudsters have also exploited mobile banking platforms and agency networks, taking advantage of rapid digital expansion to bypass traditional safeguards.
Industry analysts note that while digital financial services increase access, they also expand the attack surface for cybercriminals, leaving banks operating across multiple jurisdictions particularly vulnerable to cross-border fraud syndicates. Regulators in East Africa have repeatedly urged banks to strengthen cybersecurity, improve staff vetting, and enhance transaction monitoring.
Experts emphasize that Equity Bank’s challenges are part of a broader sector-wide trend: digital transformation is outpacing security adaptation. As fraud evolves from insider collusion to highly coordinated cyberattacks, banks must balance innovation, accessibility, and security.
Kenya: A Trail of Cyber Manipulation
In 2023, unknown actors breached the bank’s payment and fraud management systems. Investigations suggest that three merchant accounts were fraudulently created by manipulating multi-layered verification systems, including three-dimensional security authentication.
Fraudulent credit card scripts were deployed, enabling unauthorized transactions from the bank’s settlement accounts and resulting in estimated losses of Shs 9.1 billion.
The situation escalated on July 10, 2024, when criminals executed 47 transactions disguised as routine salary payments, siphoning Sh1.545 billion from the bank’s salary suspense general ledger, an internal account for processing corporate payroll.
At the center of the investigation is David Kimani Machiri, a general manager in the Group Processing Centre’s Salary Processing Unit. With privileged access to the compromised account, he is under scrutiny as investigators determine whether his credentials were misused or directly linked to the fraudulent transactions.
Uganda: Insider Links and Loan Fraud
In Uganda, fraud cases largely involve insider collusion and manipulation of lending systems. Between 2021 and 2024, five individuals, along with others still at large, allegedly defrauded the bank of Shs 62 billion by disbursing unsecured loans to unqualified beneficiaries.
Those implicated include Musiime Julius (head of agency banking), Erina Nabisubi (relationship manager for telecom clients), Ssemwogerere Fred (banker), Tumuhimbise Crescent (relationship officer), and Wycliff Asiimwe (distribution and marketing consultant).
Prosecutors allege that Nabisubi fraudulently obtained Shs 6.55 billion by fronting a client, Gladys Najjemba, as a qualified borrower. She is also accused of concealing the true beneficiaries of the funds and misrepresenting loan applications to facilitate illegal disbursements. In another instance, she allegedly secured an additional Shs 300 million loan using false documentation.
Musiime Julius is accused of receiving illicit gratification linked to the approval of a Shs 700 million loan processed under questionable circumstances.
Amid the fallout, Anthony Kituuka resigned as managing director after the bank reported a financial loss of Shs 18.8 billion in 2023.
Rwanda: Cross-Border Cyber Heist
Earlier this month, the bank’s Rwandan subsidiary suffered a major cyberattack involving approximately Shs 12.6 billion (Rwf 4.9 billion) in a sophisticated five-day operation spanning Rwanda and Uganda. The funds were reportedly siphoned from the bank’s mobile money float system. Although the bank contained the breach and reversed some transactions within 24 hours, the incident exposed serious weaknesses in cross-border digital banking systems.
Investigators believe the suspects used stolen credentials and fake identities to access multiple accounts, rapidly transferring funds across borders via mobile money platforms. The fraud was detected only after unusual transaction patterns triggered internal alerts, prompting an emergency audit and notification of regulators in both countries.
On March 23, 2026, six Ugandan suspects were arraigned at the Buganda Road Chief Magistrate’s Court, presided over by Magistrate Ritah Naumbe Kidasa, charged with electronic fraud and remanded as investigations continue. The suspects include Solomon Mugisha (alias Nelson), Enock Mpanga Kazige, Benedicto Kateraga, Faruk Kiyimba, Gerard Oketch, and Katamba Isma.
This is not Rwanda’s first encounter with such fraud. In 2019, a similar attempt involving multiple nationalities was foiled, and in 2021, those responsible were convicted and sentenced to eight years in prison.
Growing Concerns
As fraud cases continue across multiple markets, concerns are rising over the resilience of banking systems in the digital era. Analysts warn that as financial institutions expand technologically, cybercriminals are becoming increasingly sophisticated, blurring the line between legitimate transactions and fraud.
For Equity Bank, the challenge is not only to contain breaches but also to restore trust in an era where financial security is paramount.
