Cybercrime Probe Hits Equity Bank Rwanda

No photo availableCIO Africa authorByKevin Namunwa
2 min read
A major cyber-fraud incident at Equity Bank Rwanda has sparked one of East Africa’s most assertive responses to digital financial crime, with authorities arresting 35 suspects
A major cyber-fraud incident at Equity Bank Rwanda has sparked one of East Africa’s most assertive responses to digital financial crime, with authorities arresting 35 suspects
A major cyber-fraud incident at Equity Bank Rwanda has sparked one of East Africa’s most assertive responses to digital financial crime, with authorities arresting 35 suspects

A major cyber-fraud incident at Equity Bank Rwanda has sparked one of East Africa’s most assertive responses to digital financial crime, with authorities arresting 35 suspects, including six in Uganda, as investigations intensify into a cross-border fraud network.

The probe, led by the Rwanda Investigation Bureau, centres on a sophisticated scheme that exploited digital banking channels and mobile money float mechanisms to siphon approximately $3.4 million (Rwf4.7 billion). While around $900,000 (Rwf1.2 billion) has been recovered, most of the funds remain unaccounted for, highlighting both the scale and speed of the breach.

Equity Bank Rwanda said its internal monitoring systems flagged irregular transaction patterns, prompting immediate containment measures. The bank managed to reverse a majority of the transactions within 24 hours, but forensic investigations are ongoing, with teams analysing system logs, servers and seized devices to determine how the attackers gained access.

James Mwangi, Group CEO of Equity, emphasized a zero-tolerance stance on financial crime as the investigation unfolds.

We have zero tolerance for financial crime. I will be ruthless in ensuring that everyone involved, whether internal or external, is brought to justice,” he said, adding that the bank is working closely with law enforcement and regulators to track and prosecute those responsible.

Preliminary findings suggest the attackers may have exploited vulnerabilities in a vendor-managed digital banking platform, alongside weaknesses in mobile money float purchases. Investigators are examining cases where unusually large values were loaded onto SIM cards, some of which were reportedly unregistered or linked to foreign entities.

The cross-border dimension of the case underscores the evolving nature of cybercrime in Africa’s rapidly growing digital finance ecosystem. Authorities in Uganda are working alongside Rwandan investigators, with digital evidence currently being extracted from suspects’ devices.

The incident reflects a broader regional trend. In Kenya, financial institutions and telecom operators have faced increasing incidents of SIM-swap and mobile money fraud, prompting stricter Know-Your-Customer (KYC) requirements and enhanced real-time transaction monitoring. Rwanda has similarly recorded a rise in digital fraud attempts in recent years.

In response, regulators in Kigali have intensified cybersecurity efforts. The National Bank of Rwanda is strengthening oversight, while investments in digital forensics and public-private partnerships are being scaled up to safeguard the country’s financial infrastructure.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co