Stanbic Bank Staff remanded over sh10bn electronic fraud

COURT|FRAUD|CRIME 

KAMPALA - An employee of Stanbic Bank, who allegedly masterminded the fraudulent transfer of sh10.4bn from banks' Online Virtual Accounts (OVAs) to various mobile money sim cards, has been charged and remanded to Kitalya Prison.

It is alleged that Alvin Mugerwa, 30, and others still at large, gained unauthorised access to systems of an aggregator Pegasus Technologies that led to a transfer of the money from Stanbic Bank and Bank of Africa OVAs to various mobile money sim cards.

The money is yet to be recovered.

Appearing before Buganda Road Court Grade One Senior Magistrate, Stella Amabilis on Friday (December 11, 2020), Mugerwa who is the bank's Senior Server Administrator, denied the charges.

"Did you access this system without authority," Amabilis asked the accused and he denied.

Mugerwa, a resident of Kyaliwajala, Kiira Municipality, Wakiso district, is battling charges of unauthorised access and access with intent to commit or facilitate the commission of a further offence.

Under Sections 12 and 13 of the Computer Misuse Act, 2011, the offences on conviction attract a fine not exceeding two hundred and forty currency points (sh4.8m) or imprisonment not exceeding 10 years or both.

Clad in a black pair of trousers and blue t-shirt, Mugerwa appeared crestfallen before the magistrate.

State Prosecutor Mariam Njuki informed court that investigations on the matter are incomplete and asked court to adjourn the case to another date.

"I pray that you adjourn the case to allow police complete investigations," she requested.

Although defence lawyer Fahad Siraji said the accused has a right to apply for bail, the magistrate deferred the bail application to December 14. The accused's bail application will be heard through video conferencing.  

Allegations

Prosecution alleges that Mugerwa and others still at large between July 2020 and October 2020 in Kampala intentionally accessed Pegasus Technologies Systems without authority or permission with intent to commit or facilitate the commission of electronic fraud.

It is purported that the hackers used over 2,000 mobile SIM cards to gain access to the mobile money payment system and then instructed the banks to transfer billions of shillings to telecommunication companies who then paid out mobile money to these different sim cards across the country.

Investigations

Enock Kiganira, an investigating officer attached to Criminal Investigations Division (CID) headquarters Kibuli, Kampala, states that the statement of witnesses that come from the districts of Mbarara, Mbale, and Jinja, has not yet been recorded.

Kiganira also said Mugerwa's accomplices have not yet been arrested and more information has not yet been retrieved from the service providers.

MTN's statement

In a statement issued in October, Wim Vanhelleputte, the chief executive officer of MTN Uganda, stated that on October 3, an aggregator, Pegasus Technologies, experienced a security breach that impacted bank-to-wallet transfers.

"Although the incident did not affect any customer money mobile balances, a limited number of other services aggregated through the third party provider were suspended as a precautionary safety measure."

"The core MTN mobile money services, including cash deposits, withdrawals, person-to-person transactions and MoMo payments were never affected at any stage," read the statement.