A platform meant to clean up graft becomes a crime scene

On August 5, 2025, Kenya’s digital governance was rocked by revelations of massive fraud on President William Ruto’s Government’s flagship eCitizen platform. Auditor General Nancy Gathungu flagged irregular transactions worth KSh11 billion, exposing the system, once hailed as a solution to corruption, as a hotbed of misappropriation and revenue leakages.

Parliament’s Public Accounts Committee called for an immediate shutdown, branding it a “crime scene of monumental proportions.”

Among the findings: KSh44.8 billion collected in 2023/2024 remains unaccounted for, KSh144 million vanished across key agencies, and KSh1.8 billion in illegal convenience fees was unlawfully charged. Contracts were signed by junior staff without oversight, and private vendors now hold the power to dismantle critical infrastructure if terminated without liability. Over KSh7 billion lacked reconciliation statements, and multiple ministries failed to submit audited reports or reconcile revenues.

The 2019 Tech Policy: A promise that’s just wont take off

This scandal is not an anomaly, it is the inevitable result of a broken system. Kenya’s National ICT Policy of 2019 was built on four pillars:

1. Mobile First: universal broadband and mobile-centric service delivery
2. Market Development: local device manufacturing and fintech growth
3. Skills & Innovation: digital literacy, research labs, and startup support
4. Public Service Delivery: digitized government services and platforms like eCitizen

It aimed to position Kenya as a regional tech leader, grow ICT’s contribution to GDP to 10% by 2030, and align with Vision 2030 and the UN SDGs. But six years later, the policy’s promises remain largely unfulfilled not because of lack of ambition, but because of persistent structural rot.

And now, six years after the launch of the ICT Policy and 17 years after the Anti-Corruption Commission’s landmark report, the scandal engulfing eCitizen is not just another failure—it’s proof that Kenya’s digital governance has learned nothing and protected no one.

This shows that despite Kenya’s digital ambitions, the same vulnerabilities flagged in 2008 by the Kenya Anti-Corruption Commission — poor governance, weak oversight, and opaque procurement — continue to undermine the very policy meant to fix them. That report warned of shared passwords, dormant accounts, manual-digital hybrids, and revenue systems without audit trails. It exposed how ICT projects were launched without feasibility studies, awarded to ghost vendors, and operated without disaster recovery plans.

Nearly two decades later, the same playbook is still in use only now with bigger budgets and deeper consequences.

Without urgent reforms, digitization risks becoming a new frontier for corruption, not a solution to it. The myth that technology inherently brings transparency has been shattered. What we’re witnessing is not digital progress it’s fiscal sabotage.

A system bleeding billions

Kenya loses an estimated one-third of its annual budget to corruption, Philip Kinisu, the then-chairman of the EACC, said in 2016. Unfortunately, digital platforms are now part of the problem. The 2025 regulatory updates meant to fix this? Toothless. Narrow in scope, weak in enforcement, and devoid of public participation.

Marginalized communities remain digitally excluded, while billions vanish into ghost systems and untraceable accounts. This is not a failure of innovation, it is a failure of integrity.

What must change: No exceptions, no excuses

Kenya doesn’t need another policy paper or half-hearted reform. It needs a systemic purge and structural overhaul.

Starting immediately:

1. Mandatory forensic audits of all ICT platforms and digital revenue systems conducted by independent, non-governmental bodies with prosecutorial oversight;
2. Immediate suspension of all digital platforms flagged for irregularities, pending full accountability reviews;
3. Criminal prosecution of procurement officers, contractors, and public officials involved in ghost contracts, unauthorized payments, or data manipulation—no plea bargains, no political shielding;
4. Permanent blacklisting of vendors and firms found complicit in digital fraud, with asset recovery proceedings initiated to reclaim stolen public funds;
5. Real-time public dashboards for every digital tender, contract, and transaction accessible to citizens, media, and civil society watchdogs;
6. Legally binding citizen oversight boards for all major ICT projects, with veto power over procurement and implementation decisions;
7. Constitutional amendment to classify digital infrastructure as critical national security assets, subject to parliamentary control and independent risk audits; and
8. Mandatory jail terms for any official who signs contracts without legal and financial clearance, regardless of rank or political affiliation.

These are not suggestions, they are survival measures. Kenya’s digital future is bleeding, and only radical transparency, ruthless enforcement, and citizen control can stop the hemorrhage. Anything less is complicity.

Conclusion: No more excuses

Seventeen years after the corruption warnings and six years into a failed ICT policy, Kenya’s digital future is bleeding. The eCitizen scandal proves we are not at a crossroads, we are in freefall. Without ruthless accountability and structural overhaul, digitization will remain a gateway for theft, not transformation. This is no longer about reform. It is about rescue.