A suspected cybercriminal has been charged in Nairobi over an alleged Sh52 million fraud involving unauthorized access to financial systems used by a payment service provider, a local bank and a savings and credit cooperative (SACCO), in a case that underscores the rising threat of cybercrime within Kenya’s digital financial ecosystem.
The suspect, Albert Komen Kipkechem, also known as Jonathan Kiptum Barmasai, was arraigned before the Milimani Law Courts where he faced charges of Access with Intent to Commit a Further Offence and Computer Fraud under the Computer Misuse and Cybercrimes Act No. 5 of 2018.
Prosecutors allege that the suspect orchestrated two coordinated cyber incidents in June 2025 that resulted in financial institutions losing more than Sh52 million through unauthorized transactions executed outside normal payment processing procedures.
The alleged fraud affected a payment service provider, a commercial bank and a SACCO, institutions that form a critical part of Kenya’s rapidly expanding digital payments ecosystem.
The case is being investigated by detectives from the Economic and Commercial Crimes Unit attached to the Cyber Fusion Unit at the Central Bank of Kenya.
Authorities say the case highlights the increasing sophistication of cybercriminal networks targeting financial platforms as Kenya continues to digitize banking, mobile payments and financial services.
Eight Key Steps That Led to the Arrest
Investigators outlined a series of investigative steps that ultimately led to the arrest and arraignment of the suspect.
1. Discovery of Suspicious Transactions
The case began when unusual transactions were detected within financial systems used by the affected institutions. Internal monitoring systems flagged irregular payments that did not follow standard transaction flows.
2. Reporting the Fraud to Authorities
Upon identifying the suspicious activity, the affected entities reported the matter to the Economic and Commercial Crimes Unit and the Cyber Fusion Unit at the Central Bank of Kenya.
Investigators immediately opened a formal probe and recorded statements from the institutions involved.
3. Formation of a Multi-Agency Investigation Team
To support the inquiry, detectives partnered with digital forensic experts from the National Forensic Laboratory and the Crime Research and Intelligence Bureau.
The joint investigation focused on tracing the origin of the unauthorized system access and identifying those responsible.
4. Collection of Digital Evidence
Investigators collected digital artifacts from the affected institutions including system logs, transaction records and network access trails.
Forensic analysis was used to reconstruct how the systems were accessed and how the fraudulent transactions were executed.
5. Identification of the Suspected Mastermind
According to investigators, the digital evidence gathered during the forensic analysis linked Albert Komen Kipkechem to the cyber attacks.
Authorities allege he was the primary suspect responsible for orchestrating the unauthorized system access.
6. Examination of the Cyberattack Method
Investigators determined that both incidents followed a similar operational pattern.
Authorities say the suspect allegedly used remote access software to gain unauthorized entry into payment platforms and banking information systems before initiating transactions that bypassed normal payment verification processes.
7. Obtaining Court Orders and Search Warrants
After establishing preliminary evidence, detectives sought and obtained court orders allowing them to conduct searches and collect further evidence linked to the suspected fraud scheme.
8. Arrest and Recovery of Evidence
The suspect was arrested in the Thome area of Nairobi County.
Detectives then escorted him to his residence in Nakuru where a search operation led to the recovery of several items believed to be linked to the alleged cybercrime.
Electronic Devices and Documents Recovered
During the search operation, investigators recovered a range of items suspected to have been used in facilitating the fraud.
These included electronic devices, fraudulently registered identity cards and a money counting machine.
Detectives also seized cash in Kenyan currency, multiple SIM cards from various telecommunications service providers and several ATM cards registered under different individuals.
Authorities further recovered a Congolese passport bearing the suspect’s photograph but registered under the name Katempa Ngoy Alexisa, along with a Congolese identity card carrying the same identity.
Investigators believe the documents may have been used to conceal identities or facilitate financial transactions linked to the alleged fraud.
The suspect was subsequently escorted back to Nairobi where he was formally processed ahead of court proceedings.
Court Proceedings and Bail Directions
During his arraignment at the Milimani Law Courts, Kipkechem pleaded not guilty to the charges.
The court ordered that he be remanded at Capitol Hill Police Station pending further directions on bail and bond terms.
The matter is scheduled to return to court on March 12, 2026.
Rising Cybersecurity Risks in Kenya’s Financial Sector
The case comes at a time when financial regulators and institutions are increasingly concerned about cyber threats targeting banks, fintech platforms and digital payment systems.
Kenya has one of Africa’s most advanced digital finance ecosystems, supported by mobile money platforms, online banking systems and digital payment service providers.
However, the rapid growth of digital financial services has also attracted sophisticated cybercriminal networks seeking to exploit vulnerabilities within financial systems.
Authorities have repeatedly warned that cyber fraud is becoming more organized, with criminals using advanced technologies such as remote access tools, malware and identity manipulation to access financial systems.
The Central Bank of Kenya has in recent years strengthened cybersecurity requirements for banks and payment service providers, including stricter digital security controls and mandatory reporting of cyber incidents.
Law enforcement agencies have also expanded specialized cybercrime units to investigate financial technology crimes and protect the integrity of Kenya’s digital payments infrastructure.
Investigators say the current case demonstrates how cybercriminals are increasingly targeting integrated financial systems where payment platforms, banks and SACCOs interact through digital networks.
Authorities say investigations into the wider fraud network are ongoing as detectives seek to establish whether additional individuals may have been involved in the scheme.
