Ask any South African who has lost money to digital bank fraud what they think happened, and a version of the same answer comes back with striking regularity: someone at the bank must have been involved.
Miranda Young, whose story we told in the second instalment of this series, wrote to Standard Bank that “whoever did this knew exactly what to do and how to do it”.
Similarly, we told of the Cape Town businesswoman whose millions vanished in two days, with payment limits lifted and beneficiaries loaded without her knowledge. Her friend, Simon Mantell, says this “points to internal system compromise or insider access”.
And Robert, whose bedridden wife’s dormant Absa account was drained over weeks via a debit order nobody had authorised, told Daily Maverick: “My opinion is that somebody at the bank saw an account with a substantial balance with no movement and decided to fraudulently produce a debit order.”
The banks are equally emphatic in the opposite direction.
Standard Bank says its investigations examine “every element of the incident, including how funds were moved, which systems or platforms were accessed, the credentials used, device activity and any authentication or security events linked to the transaction”, adding that “no employee can unilaterally override security controls”.
Standard Bank further cites the South African Banking Risk Information Centre’s data: “100% of digital fraud cases analysed in 2024 resulted from customer credentials being compromised through phishing, vishing or social engineering, not unauthorised system access”.
Absa told Daily Maverick that its “role-based access protocols and layered control frameworks prevent employees from committing fraud on customer profiles”, and that it was “the first bank in South Africa to have launched an Insider Threat Programme dedicated to monitoring for insider threats”.
Nedbank says employees “do not have unrestricted access to customer accounts” and that all access is “protected through controlled and monitored system access”. FNB says “any unauthorised access to, or modification of, client information is strictly prohibited and constitutes serious misconduct”.
Both sides – the public conviction and the institutional denial – seem unlikely to be entirely accurate. So where does the reality lie?
The employees who did ‘the impossible’
Court records from the last few years offer at least a glimpse at a counterpoint towards the banks’ position.
In July 2025, Lusanda Qose, a former sales and service consultant at FNB’s Pier 14 branch in Gqeberha, was sentenced to five years’ imprisonment for fraud, cyberfraud and the unlawful use of access credentials.
The case, according to the National Prosecuting Authority (NPA), involved a customer (68) whose cellphone number Qose had changed on the bank’s system using her own employee credentials, diverting all one-time password (OTP) authorisations to herself. She then created a second bank card linked to his accounts and used it to conduct ATM withdrawals over three months, causing a total loss of R245 000. The bank ultimately refunded the customer. Two months earlier, the Hawks had arrested 14 suspects in connection with an alleged R157 million fraud at Nedbank. The main suspect was Nicolette de Villiers, described by the NPA as a former forensic investigator in Nedbank’s group crime, forensic and security division – the very unit tasked with investigating fraud.
She is alleged to have issued instructions for the unauthorised transfer of more than R157 million from Nedbank’s suspense accounts, which are accounts used to hold funds already under investigation, into the accounts of alleged co-conspirators. Instead of returning blocked funds to their rightful owners, the NPA alleged, De Villiers directed them elsewhere.
Read full story at: https://www.dailymaverick.co.za/article/2026-03-25-inside-job-the-fraud-question-south-african-banks-wont-answer/
– Daily Maverick
*Name changed to protect identity.
In an age of information overload, Sunrise is The Namibian’s morning briefing, delivered at 6h00 from Monday to Friday. It offers a curated rundown of the most important stories from the past 24 hours – occasionally with a light, witty touch. It’s an essential way to stay informed. Subscribe and join our newsletter community.
The Namibian uses AI tools to assist with improved quality, accuracy and efficiency, while maintaining editorial oversight and journalistic integrity.
Stay informed with The Namibian – your source for credible journalism. Get in-depth reporting and opinions for
only N$85 a month. Invest in journalism, invest in democracy –
Subscribe Now!
