BETWEEN the 14th and 18th of February 2026, a criminal network is alleged to have done something that should have been impossible: it penetrated the digital core of one of East Africa’s largest banks, manipulated
its systems in real time, and moved what investigators now believe to be approximately Rwf 4.9 billion – roughly USD 3.4 million – across an international border without ever entering a branch.
Six Ugandan suspects were formally charged on Monday and were set to appear before the courts in Kampala on 23 March 2026, under Uganda’s Computer Misuse Act, Cap 96. Charged with electronic fraud contrary to Section 18(1) and (2), they face allegations that they — together with others still at large — “manipulated the banking system of Equity Bank Kigali” and secured unlawful financial gains in the process. The case has been registered under CRB: 215/2026 at Kampala Metropolitan Police.
It marks the most consequential banking cybercrime to publicly emerge in the East African region in years, and its implications run far deeper than the arrest sheet.
“In a digital banking system spanning multiple countries, fraud is no longer just a control failure — it is an ecosystem risk.”
THE ACCUSED
The six individuals named in Ugandan charge documents span a wide range of occupations and backgrounds, a profile that analysts say is increasingly typical of structured financial cybercrime. They include Mugisha Solomon, 33, a businessman from Wakiso District also known as Nelson; Enock Mpanga Kazige, 34, a farmer from Namulondo Village in Wakiso; Katerega Benedicto, 35, a businessman from Matuga; Kiyimba Faruk, 30, a farmer from Bunamwaya; Oketcho Gerard, 31, a supporting engineer at Medix Ltd who also drove for Uber; and Katamba Isma, a businessman from Nansana.
The profile is telling. This was not a group of elite hackers operating in isolation. It was a network — one that, police allege, formed part of a broader operation with additional suspects still being sought. The cross-border architecture of the alleged fraud, spanning Kigali and Kampala simultaneously, suggests a level of coordination that goes well beyond opportunistic crime.
HOW THE HEIST UNFOLDED
The charge sheet indicates that the fraud was executed through the manipulation of computer systems — what investigators characterise as a system-level intrusion rather than conventional payment fraud. The timeline is stark: a five-day window in which, allegedly, digital channels were weaponised to shift enormous sums across East Africa’s financial infrastructure.
Equity Bank Rwanda first disclosed, on 15 March 2026, that it had identified suspicious activity within its systems and activated internal security protocols. The bank stated at the time that the irregular transactions had been detected and contained — and crucially, that customer funds had not been lost.
That claim is significant: it implies the bank itself absorbed the financial exposure. Any unrecovered amounts, the bank indicated, would sit on its own balance sheet.
Early media reports had placed the alleged sum at around Rwf 4.7 billion. The figure cited in the Uganda Police charge sheet — Rwf 4.9 billion — provides the first formal, prosecutorial confirmation of the scale of the alleged theft. The bank had not publicly disclosed the amount.
KEY FACTS
Alleged fraud value: Rwf 4.9 billion ˜ USD 3.4 million
Fraud window: 14–18 February 2026 (five days)
Jurisdictions: Kigali, Rwanda & Kampala, Uganda
Charge: Electronic fraud, Computer Misuse Act Cap 96, Sec. 18(1) & (2)
Case reference: CRB 215/2026, Kampala Metropolitan Police
Equity Bank position: No customer funds were lost
Additional suspects: Still at large, per charge documents
A PATTERN EQUITY GROUP CANNOT IGNORE
For Equity Group CEO Dr James Mwangi, the Rwanda case arrives at a painful moment. Just months ago, the group undertook one of the most aggressive internal integrity purges in East African corporate history, dismissing more than 1,000 employees suspected of collusion and misconduct. The message from the top was unambiguous: fraud would not be tolerated from within.
Yet the incidents have continued. In Uganda, 2024 brought reports of suspected irregular transactions estimated at UGX 65 billion tied to the group’s digital lending platform, alongside roughly UGX 4 billion in unreconciled card transactions. Earlier cases included an operations manager charged over the alleged theft and laundering of USD 2.8 million; fraudulent teller transactions exceeding Sh39 million; forged payment instructions worth Sh26.2 million; and title deed fraud schemes amounting to approximately Sh490 million.
Each incident, taken alone, might be explained as an outlier. Together, they form a pattern — one that cuts across digital lending, card systems, internal controls and collateral verification, and now, external system intrusion. The question Equity Group’s board must confront is whether it faces a discipline problem, a structural vulnerability problem, or both.
“Rapid digitalisation has expanded both financial inclusion and exposure to cyber threats. For Equity, these two realities are now in direct collision.”
A REGIONAL CRISIS IN THE MAKING
The Equity Bank Rwanda case is not an isolated shock. It is a symptom of a rapidly deteriorating security environment across East Africa’s digital financial infrastructure.
In Uganda alone, economic crimes cost the economy over USD 272 million in 2024 — a 16.4% year-on-year increase — according to the Uganda Police Annual Crime Report 2024. Within that figure, cybercrime has exploded at a pace that should alarm every regulator in the region: losses surged from UGX 1.5 billion in 2023 to UGX 72.1 billion in 2024, a 4,700% increase. The number of cases nearly doubled, from 245 to 474. And despite the scale of those losses, less than 1% of stolen funds were recovered.
The shift in criminal methodology is equally telling. Traditional fraud — obtaining by false pretences — still accounts for the largest aggregate losses, at UGX 474.7 billion in 2024. But newer, technically sophisticated forms of fraud are rising sharply. Losses tied to document forgery alone jumped from UGX 580 million in 2023 to UGX 74.2 billion in 2024. In almost every category, the trend is the same: fewer, faster, and vastly more lucrative attacks.
What makes this particularly difficult to prosecute — and therefore to deter — is the asymmetry between perpetration and accountability. Of the 474 cybercrime cases reported in Uganda in 2024, only 67 reached the courts and just 21 resulted in convictions. For organised criminal networks operating across borders, that conviction rate is a calculated business risk, not a deterrent.
THE DEEPER VULNERABILITY
At the heart of the Equity Bank Rwanda incident lies a question that no African bank has yet answered satisfactorily: as financial systems scale across mobile money platforms, agent networks and third-party digital infrastructure, are the controls keeping pace?
Equity Group has built one of the continent’s most impressive financial inclusion models. It has reached millions of unbanked Africans through the very digital channels — mobile lending, agent banking, API integrations — that are now being weaponised against it. The model is not the problem. But the model creates an attack surface of extraordinary complexity, and the Rwanda heist — allegedly executed in five days, across two countries, through system-level manipulation — suggests that surface is not yet adequately defended.
The six suspects set to appear in a Kampala court on 23 March represent the visible face of a much larger and still unresolved problem. Investigators are still pursuing additional suspects. The full methodology has not been publicly disclosed. And the fundamental question — how, precisely, did they get inside? — remains unanswered.
Until it is, every bank operating a digitised footprint in East Africa has reason to look inward.
