Absa Bank Kenya Faces Mounting Internal Fraud Storm as Parliament Demands Answers Over Sh3 Million Vanishing From Customer Accounts

Kenya’s National Assembly has once again been forced to confront the uncomfortable question of whether the country’s banking halls are as safe as the marketing campaigns claim.

On the floor of Parliament on February 24, 2026, Hon. John Waithaka, the Member of Parliament for Kiambu, rose under Standing Order 44(2)(c) to demand a formal statement from the Departmental Committee on Finance and National Planning regarding the disappearance of approximately three million shillings from two accounts belonging to Mr. Kennedy Karanja Macibu, a customer of Absa Bank Kenya.

According to the statement read before the House, Mr. Macibu, identified through his national identification number, was going about his evening on September 15, 2025, at around eight o’clock, when his phone began lighting up with transaction alerts he had neither initiated nor authorised.

By the time the dust settled, close to three million shillings had vanished from his two Absa accounts.

He moved quickly, contacting the bank to lock down what remained, lodging a formal complaint with Absa and reporting the matter to the Nairobi Central Police Station, where it was logged under OB Number 81 of 16/09/2025. Months later, Mr. Macibu is still waiting for the kind of clarity that should have come within days.

On paper, this looks like an isolated misfortune, the kind of unlucky episode that could befall any bank in any country.

But a closer examination of Absa Kenya’s recent history, drawn from court judgments, regulatory disclosures, whistleblower testimony and a string of separate customer disputes, suggests something far less comforting. Mr. Macibu’s ordeal fits inside a much larger and uglier picture, one in which the bank’s own staff, systems and digital lending arms have repeatedly been implicated in the very fraud the institution claims to be fighting.

The Karen Prestige branch and the manager who opened the vault to strangers

Perhaps the most damning evidence of internal rot at Absa Kenya is not speculation or anonymous chatter but a written judgment of the Employment and Labour Relations Court. The case centres on Lilian Adhiambo, the former branch manager of Absa’s Karen Prestige branch, whose dismissal the court upheld after forensic investigators tied her to the loss of millions from customer accounts.

Court records show that on October 13, 2019, a withdrawal of Sh3.6 million was processed from a customer account at the Karen Prestige branch.

In the days that followed, additional withdrawals and electronic transfers pushed the total loss past Sh6.3 million, all of it bearing Adhiambo’s authorisation. When the matter reached the Employment and Labour Relations Court, Justice Radido Stephen delivered a verdict that left little room for ambiguity.

The judgment described gross misconduct, negligence and failure of due diligence on the part of a senior banking officer who, after two decades inside the institution, used her authority to wave through transactions that should have triggered alarm bells across the bank’s control systems.

The forensic investigation behind the case was conducted by Absa’s own internal investigations unit, which means the bank’s findings and the court’s findings are aligned: a senior manager, entrusted with safeguarding customer deposits, instead became the weak link through which Sh6.3 million walked out the door.

The court upheld her dismissal as fair and lawful, closing one legal chapter while opening a far bigger institutional question. If a branch manager with two decades of tenure could move millions out of customer accounts before anyone noticed, what does that say about the controls protecting every other account in the branch network, including the two accounts belonging to Mr. Macibu more than a thousand kilometres and six years removed from Karen?

Timiza and the allegations of a black market for customer data

If the Karen Prestige case shows what a single rogue manager can do with the keys to the vault, a separate and far more explosive set of allegations points to something organised, sustained and operating at a much higher level inside the bank’s digital lending arm.

A whistleblower from within Absa Kenya’s Timiza digital credit department came forward with claims that strike at the heart of the bank’s ability to protect the personal and financial information of millions of customers.

The whistleblower alleged that since 2023, Timiza had been collecting customer data without consent, and that this data was being exploited well beyond the bounds of any loan application. The allegations named senior figures inside the credit and risk functions and accused them of fostering a culture in which customer information became a tradeable commodity.

According to the whistleblower account, Absa’s data centre in Westlands, referred to internally as the Data Office, became a hub where customer records, including credit card details and mobile banking information, were allegedly extracted and sold for as much as one thousand shillings per record.

The claims extended to a senior technical lead within Timiza, who was accused of acquiring more than one hundred thousand customer records for personal use, while other senior figures allegedly explored ways to monetise the stolen data during internal meetings. The whistleblower further claimed that attempts to raise these concerns through Absa’s own internal reporting channels were met with intimidation and obstruction, leaving the individual no option but to go public.

The timing of these revelations was not accidental. They emerged amid a Central Bank of Kenya investigation into a cluster of complaints against Absa covering insider fraud, sexual harassment and other ethical failures, an investigation that itself followed an internal probe ordered by Absa Group in South Africa into the conduct of its Kenyan operations.

Sources familiar with that probe described a culture in which junior staff were allegedly expected to pay their way into promotions and in which favours of a deeply troubling nature were said to function as currency for career advancement inside certain branches.

A death that still casts a shadow over the Nyali branch

Among the most unsettling threads connected to this wider picture is the death of Oscar Owino, an employee at Absa’s Nyali branch, who died in August 2023 under circumstances that colleagues reportedly found suspicious.

Accounts circulating among insiders link his death to a romantic dispute involving a fellow employee, and the case has since been cited repeatedly by whistleblowers as part of a broader pattern of dysfunction inside branches where personal entanglements, internal politics and financial irregularities appear to overlap in ways that have never been fully and publicly explained.

When fraudsters know more than they should

For ordinary Absa customers, the most frightening dimension of this unfolding story is not the size of any single loss but the sophistication of the fraud being reported. Accounts shared in connection with the wider scandal describe customers receiving phone calls that appear, on caller ID, to come directly from Absa’s official customer care line.

The caller, claiming to be investigating an unauthorised withdrawal attempt, asks the customer to confirm account details in order to protect the very funds that are then drained shortly afterward.

This is precisely the scenario the Timiza whistleblower warned about: that stolen customer data, once in the wrong hands, can be weaponised to give external fraudsters enough personal detail to walk straight past the suspicion threshold of even the most careful account holder.

When a fraudster already knows your name, your account numbers, your recent transaction history and your registered phone number, the line between an external scam and an inside job becomes almost impossible for the victim to detect, and arguably impossible for the bank to credibly deny.

A bank already under siege from multiple directions

Mr. Macibu’s case and the Karen Prestige scandal are not occurring in isolation. Absa Kenya is currently the subject of a separate High Court matter brought by Phyilis Osoro Kemunti, who is seeking to have historical references listing her as a defaulter on a credit card account expunged, alongside damages for what she describes as reputational harm.

Online, the picture is no less flattering. Customers describing their experiences on social media and discussion forums have ranked Absa among the most frustrating banks to deal with in Kenya, citing transaction failures, unresolved money disputes, unexplained penalties on loan accounts and what many describe as a wall of silence when something goes wrong.

Even the bank’s commercial relationships have not been spared.

In May 2026, Absa was drawn into a governance dispute at Nairobi’s century-old Vetlab Sports Club, where rival factions accused the bank of altering the signatories on the club’s main account, which held approximately Sh26 million, without proper authority and despite ongoing litigation over who actually constituted the club’s lawful leadership.

The club’s chairman and honorary secretary took the matter to the High Court’s Commercial and Tax Division, and court papers reportedly showed that Absa had previously resisted similar requests during earlier phases of the same dispute, making the sudden reversal difficult for the bank to explain.

Separately, the bank finds itself entangled in one of the largest alleged loan fraud cases in recent Kenyan banking history.

Industrialist Benson Sande Ndeta and an American co-accused are facing twelve criminal counts over an allegedly fraudulently obtained Sh4.5 billion facility, originally advanced when Absa still operated under the Barclays brand in Kenya, secured using what prosecutors describe as forged corporate guarantees and fabricated board resolutions.

Arrest warrants were issued for both men in March 2026 after they failed to appear in court, and the warrants were extended later that month after continued defiance of court orders. Whatever the eventual outcome, the case is a reminder that a lender which prides itself on rigorous documentation and credit discipline was, on its own telling, deceived at the highest level by paperwork its own systems failed to catch.

The numbers behind the headlines

All of this is unfolding against a backdrop of deteriorating financial performance and a sector-wide fraud surge that regulators have struggled to contain.

Absa Kenya’s profit after tax for the first quarter of 2026 fell to Sh5.31 billion, down from Sh6.17 billion a year earlier, marking the bank’s first first-quarter profit decline in nine years.

The Central Bank of Kenya’s own Financial Sector Stability Report for 2025 documented that cyber fraud cases across the banking sector more than doubled in a single year, rising from 153 to 353 incidents, with total losses jumping from Sh412 million to Sh1.59 billion.

Mobile banking fraud alone accounted for Sh810.68 million of those losses, a rise of 344 percent, while card fraud surged sixteen-fold to Sh263.29 million and identity theft losses rose sixfold to Sh199.08 million.

Against figures like these, Absa’s own 2022 disclosure that it lost Sh107.7 million to fraudsters, of which only a portion was recovered, no longer reads as an unfortunate one-off. It reads as an early data point in a trend line that has only steepened since, a trend line into which Mr. Macibu’s Sh3 million now slots with grim familiarity.

A voluntary exit programme that raises more questions than it answers

The timing of Absa’s broader restructuring has not gone unnoticed either.

Earlier in 2026, the bank ran a voluntary exit programme that saw 82 employees leave with a combined Sh717 million in severance packages, officially framed as part of a technology-driven streamlining of the workforce.

For a bank simultaneously facing whistleblower allegations of data theft inside its digital lending division, a Central Bank investigation into insider fraud and sexual harassment, and a court judgment confirming that a senior branch manager helped drain millions from customer accounts, the exodus of dozens of staff raises an obvious question that Absa has yet to answer publicly: how many of those departures were genuinely voluntary, and how many were the quiet conclusion of internal disciplinary processes the bank would prefer not to discuss in public?

What Absa owes Mr. Macibu, and everyone else

None of this excuses or explains away what happened to Mr. Macibu specifically. His case stands on its own and deserves its own forensic accounting. But it cannot be assessed in a vacuum, and Parliament’s intervention should not be treated as a routine, one-off inquiry into a single customer’s bad luck.

Taken together with the Karen Prestige judgment, the Timiza whistleblower allegations, the Vetlab Sports Club signatory dispute, the Sh4.5 billion Ndeta case and the broader sector-wide fraud data, Mr. Macibu’s three million shillings looks less like an anomaly and more like the latest visible tip of an iceberg that Absa Kenya has spent years trying to keep below the waterline.

Absa Bank Kenya does maintain whistleblowing channels, directing concerns to dedicated email addresses for anonymous tip-offs and priority investigations, and the bank’s security communications continue to emphasise customer vigilance, multi-factor authentication and prompt reporting of suspicious activity. Mr. Macibu did everything right.

He noticed the alerts, secured his accounts, filed a formal complaint and reported the matter to police within hours. If a customer who follows every recommended step can still be left waiting months for answers, then the failure is not his, and it is not external. It sits squarely inside the bank’s own walls.

Parliament has now asked the question publicly. The Central Bank of Kenya, already investigating Absa over insider fraud and ethical failures on multiple fronts, has the evidence and the mandate to demand a full forensic audit of the Macibu case, including transaction logs, staff access records and verification protocols at the time of the withdrawals, and to examine whether any link exists between his case and the data practices the Timiza whistleblower described.

Kenyan depositors are watching, and after years of mounting allegations, vague reassurances about ongoing investigations will no longer be enough. Absa Kenya now has a choice: open its books, name names, and show its house is in order, or continue to watch its reputation erode one drained account at a time.