By Mandere Onyinkwa
A special audit has uncovered significant financial irregularities and systemic flaws that may have resulted in the loss or mismanagement of billions of shillings on the eCitizen payment platform.
The audit report was conducted by the Office of the Auditor-General and tabled in Parliament and lawmakers discussed it widely yesterday.
The document, seen by KPC paints a troubling picture of poor oversight, untraceable transactions, and ongoing vendor control over a system that is supposed to anchor digital service delivery across the public sector.
One of the most damning revelations is that over Ksh. 7.05 billion is held in various eCitizen collection and settlement accounts without clarity on its management or utilization.
The funds, collected by financial service providers on behalf of government ministries and agencies, remain outside any formal service agreements.
The audit warns that in the absence of Service Level Agreements (SLAs), the funds may be used by these service providers at the expense of public service delivery.
Even more concerning is the discovery of Ksh. 2.57 billion in receipts that could not be linked to any official invoices, raising suspicions of ghost transactions, duplicate payments, or outright fraud.
The audit attributes this to manual processes and a lack of automated reconciliation, undermining the reliability of government revenue reports.
Core system operations
Although the International Finance Corporation (IFC) handed over the eCitizen platform to the Kenyan government in 2017, the audit shows that the private vendor, Webmasters Kenya Ltd, continued to control core system operations.
As recently as 2023, the company was still managing key functions, including user access and service onboarding, even after signing a formal handover agreement.
The audit notes that the government lacks access to vital parts of the platform, including administrative rights and source code, making it overly dependent on the vendor.
This lack of control, according to the report, represents a “single point of failure” for a platform that now supports over 20,000 services.
The audit also uncovered unauthorized financial activity linked to the platform.
On January 25, 2024, four large transactions totaling Ksh. 127.8 million were made from the official government Paybill number 222222 to undisclosed private entities.
No documentation was provided to support these payments. Separately, an unapproved account named “pesaflonz” collected Ksh. 68.7 million and USD 48,142, but the total amount handled through this rogue account could not be determined due to missing bank statements.
Irregular, excessive charges
Kenyans using government services through the platform were also subjected to irregular and, in some cases, excessive charges.
Between 2014 and 2024, the Treasury collected Ksh. 1.8 billion and USD 3.3 million in fixed convenience fees of Ksh. 50 per transaction, despite earlier directives requiring prorated fees based on the value of services.
In healthcare, users were charged separately at every service point—raising costs for the sick and vulnerable. In some cases, the fee increased the price of small items by over 250 percent.
Compounding these issues is the absence of a legal framework, standard operating procedures, and an integrated Helpdesk system.
Without such structures, the platform’s governance remains fragmented across different government units, none of which seem to have full oversight.
The Treasury also declined to provide auditors with backend system access, further obstructing efforts to assess IT security and data protection.
The Auditor-General recommends an urgent overhaul of the platform’s governance, including full system takeover by government, recovery of irregular payments, and the automation of revenue settlements.
She also calls for investigations into the irregular transactions and stronger legal safeguards to prevent future abuse.