On the sticky floor of a dimly lit bar in Kabalagala, Suspect 1 sealed the deal with a casual handshake. The deal? A multi-million Uganda Shilling “consultancy project” that existed only on paper and in the minds of two co-conspirators, powered by three invisible forces that fuel every scam you’ve ever heard of: Greed. Guts. And eventually, Gone.
Let’s break it down.
What happened?
In April 2024, a high-ranking officer at a government parastatal in Uganda wired UGX 870 million to a company claiming to offer digitization advisory services. The only digitization that happened was converting public funds into personal pleasure. The company? A freshly registered firm run by Suspect 2, whose only experience with “digitization” was editing PDFs. Summit Consulting Ltd was called in after a whistleblower reported that “consultants” were being paid without ever stepping foot in the organization.
The fraud was already in motion. But the audit trail had cracks, cracks that eventually became confession points.
It starts with greed
Greed is the gateway drug of corruption. It always begins with justification.
Suspect 1, let’s call him “The Fixer”, had a nice salary, a government car, and a per diem habit. But that wasn’t enough. One evening, he told a friend at Panamera, “Okuyiya kwekuggawaza si musaala,” loosely meaning, “it is dealing, not a salary, that makes a man rich.”
So when a dormant procurement budget line showed UGX 920 million unutilized by Q2, he saw opportunity, not mandate. He engineered a fake urgency, “We need digital strategy support”, then co-signed the paperwork to sole-source the work to a “known vendor.”
That vendor? A shell company. Just three weeks old. Owned by his cousin. Who also happened to be Suspect 2.
Then comes the guts
Fraud is not for the faint-hearted. It requires nerves. Precision. And the audacity to say, “Let’s beat the system.”
Here’s how they did it:
- Front company. Registered with URSB with a fake office at a building in Bukoto. Their “office” was a locked storeroom.
- Invoice engineering. They submitted three inflated invoices, UGX 290m each, under different phases of the so-called project. The descriptions were vague: “Digital Readiness Scan,” “Stakeholder Engagement Sessions,” “Cybersecurity Awareness Roadmap.” Not a single actual deliverable was submitted. But the language was seductive enough to lull the internal reviewers.
- Internal collusion. Suspect 3, a mid-level accounts officer, ensured payments were fast-tracked. In return? A crisp UGX 30 million Mobile Money transfer, disguised as “school fees support.” It was sent to his wife’s Airtel line.
- Cash-out strategy. Once funds hit the vendor’s account, they were immediately withdrawn in bits, UGX 50m at a time, using mobile money, cheques to cash, and over-the-counter transactions at a bank in Ntinda. The audit trail vanished under the cloak of informal cash culture.
And just like that… gone
When the procurement committee asked to review the final report, both Suspects 1 and 2 were “on study leave.” The company had de-registered. The bank account was emptied. The funds were gone. Forever.
And yet, it could’ve been caught earlier.
The red flags the auditor spotted
- Vendor vetting was bypassed. The company had no prior contracts, physical inspection reports, or due diligence forms on file, so all were waived under “urgency.”
- Duplicate language across invoices. Copy-paste errors appeared in all three invoices. Same spelling mistakes. Same format.
- No deliverables attached. Payments were made without any accompanying reports. Only proforma invoices were filed.
- Mobile money activity spikes. A suspicious surge in MM transfers by a junior accountant raised eyebrows. One number appeared repeatedly in transaction logs, a number linked to Suspect 2.
- Unusual speed of payment. Most vendors waited weeks. This vendor was paid within 48 hours.
Enter the Summit Consulting Ltd investigation
When Summit Consulting Ltd was engaged, the forensic trail was thin. But we started with three things:
- Bank statements. These revealed transfer patterns and suspicious withdrawal behaviour.
- Mobile money analysis. We used telco data subpoenas to map all large transfers from the key suspects.
- Interview triangulation. Using a personality profiling tool and analysis of all staff statements, we flagged inconsistencies in answers between the procurement officer, finance officer, and line manager.
It took six working days to map the entire fraud ring.
Suspect 2 cracked under pressure. In exchange for immunity, he handed over WhatsApp chats, shared location pins of cash drop-offs, and even voice notes. One voice note from Suspect 1 was chilling:
“Make sure the last payment lands before the board meets. I don’t want questions.”
The total loss
UGX 870 million.
Gone into thin air. Money that could’ve upgraded district health centers, or digitized actual village SACCOs, ended up paying for beach plots and imported whiskey.
Why it worked– internal controls were ignored
- Segregation of duties was non-existent – The same officer initiated, approved, and followed up the payment.
- No vendor onboarding framework – Any company could be selected under the pretext of “urgency.”
- The procurement committee was a rubber stamp – None of the members even attended the so-called vendor pitch.
- Finance never asked questions – They processed all payments without checking for deliverables.
- Board oversight was blind – There was no project performance dashboard or progress reporting mechanism.
The human drivers – greed, guts, and gone
Every scam begins with greed, a want for more than earned. It escalates with guts, the courage to beat the system. And it ends with gone, vanished money, broken trust, and reputations in ruins.
But behind every ghost invoice is a living, breathing human being who looked at ethics and chose expediency. Fraud is not a system failure, it’s a human decision wrapped in paperwork.
Fraud doesn’t hide in spreadsheets. It hides in culture. In that silent nod of approval. In that “it’s just this once” excuse. In that handshake in the backroom.
Want to beat fraud? Don’t just automate. Investigate your people. Build controls around human behaviour. Reward integrity. Audit lifestyles, not just numbers.
Because in Uganda, and beyond, every scam is human.
And until you confront greed and guts, you’ll always end up gone.
To request a fraud investigation, whistleblower protection training, reach out to the Institute of Forensics & ICT Security, the training arm of Summit Consulting Ltd., because when fraud strikes, we don’t guess. We know. Click here