The Auditor General (AG) is expediting investigations into the circumstances under which Bank of Uganda paid Shs 60bn to wrong beneficiaries.
Sources disclosed on Wednesday morning that the “report by the Auditor General is almost ready”.
President Museveni recently directed the AG and Criminal Investigations Department of Police to investigate the Bank of Uganda and other entities over the fraudulent payments.
The AG responded by conducting a forensic investigation covering BoU, the Ministry of Finance and Accountant General’s office.
The Minister of State for Finance, Planning and Economic Development (General Duties), Hon. Henry Musasizi told Parliament on November 28 that the Central Bank systems had been breached.
“It is true that our account was hacked but not to the extent of what is being reported. To avoid misrepresentation of facts, when the audit and CID investigations are finalised, I beg that I come to this House and report,” he said.
However, BoU’s Deputy Governor, Michael Atingi-Ego denied the hacking of its systems and insisted the Central Bank was instructed to make the fraudulent payments.
“These fraud incidents were initiated outside the BoU IT systems to divert the funds. Bank of Uganda is a paying entity. You get instructions to pay, and we pay as instructed. So let me repeat, the fraud incidents were initiated outside the Bank of Uganda IT systems and instructions were received by Bank of Uganda to pay the wrong beneficiaries, leading to the subsequent diversion of the funds,” said Atingi-Ego.
“Now, where the diversion took place, how and who were involved, is a subject matter of the ongoing investigation for which I cannot comment,” said Atingi-Ego.
Although he did not say who instructed the Central Bank to make the payment, it is worth noting that such instruction can only come from the Ministry of Finance.
The Deputy Governor narrated that there were two transactions which were relating to debt service payments.
The payment transactions in question included a payment of USD 6.134 million to the World Bank which was instead paid to a company called Roadway Company Limited through a bank in Japan called MUFG. This happened on September 12, 2024.

The second transaction was meant to be a payment to the African Development Fund of USD 8.596 million. It was instead paid to MJS International London in the UK on September 28, 2024.
Atingi-Ego said upon discovering that the payments had not reached the intended beneficiaries, Bank of Uganda immediately commenced internal investigations and reported the matter to Criminal Investigations Directorate (CID) of the Uganda Police Force, and also the Financial Intelligence Authority (FIA).
Forensic audit
However, it remains unclear how BoU systems, which Atingi-Ego said were solid, could clear payments to wrong beneficiaries.
The AG is trying to establish whether it was the case of human activity or failed/compromised payment systems.
Sources say BoU uses the Linux payment system.
The auditors will also investigate whether BoU staff got wrong account numbers from the Finance Ministry to facilitate fraud or were part of the syndicate.
“Before BoU sends money to any beneficiary, their system and staff are obliged to ensure the correctness of the particulars of the beneficiary (account name and number). If that doesn’t happen, then BoU will have let the country down. As such, the Finance Ministry and BoU staff will all be held accountable,” said a source.
“And if you send money to a wrong account, the money bounces back to the sender (BoU). If there were mistakes in the transactions, banks would have immediately returned money to BoU.”
Recovery
Atingi-Ego told the media last week that the Bank of Uganda took the necessary steps to recover the lost funds.
“That was really our key priority, that of these funds that had been diverted, how quickly can we get back these funds? So that’s what we have been working on. We put all our efforts into trying to recover these funds. So we instructed our correspondent bank, that is CitiBank and the banks where the funds had been credited to the accounts of the fraudsters, instructing them to freeze the said funds due to the suspected fraud that had taken place,” said Atingi-Ego.
“We have since recovered $8.205 million of the funds that had been sent to MJS International, London, UK, and these funds have been credited back to the Uganda government consolidated fund account in Bank of Uganda,” he added.
He, however, added that the Central Bank is pursuing the balance of USD 391,000.
The Deputy Governor said that the Bank of Uganda has not recovered the amount paid to Roadway Company through the MUFG Bank of Japan as the bank was not cooperative.
Atingi-Ego also disputed Musasizi’s report to Parliament that the Central Bank’s systems were hacked.
“It is absolutely not correct that the BoU IT systems were hacked. Hacking involves the act of gaining unauthorized access to computer systems and networks. And I can tell you with all the confidence that there is no evidence whatsoever of any unauthorized access to the BoU IT systems to divert the funds that I have just told you about,” he said.
While the Deputy Governor said, “no staff has so far been implicated”, reports indicated that investigators were also looking into the procurement of the bank’s IT systems led by a compliance officer known as Ronald Ogwal.
NBS TV understands Police have been waiting for the AG’s forensic report to make the right decisions.
“CID doesn’t stampede offices during such investigations. Its operations are now more methodical. By the time CID comes for you, it must have good grounds to ensure your prosecution,” said a source who preferred anonymity to speak freely.