No bullet was fired, no machines were broken into but Sh14 million was gone.
As the puzzle of the Barclays Bank ATM theft deepens, investigators have narrowed the analysis on two probabilities.
The robbers who stole millions of shillings from four ATMs belonging to Barclays Bank during the Easter holiday were so clever that they chose off-site machines, which would have taken time for the bank to discover that money had been stolen.
This comes as an initial forensic analysis of the four affected ATMs on Tuesday raised the amount of money stolen to Sh14 million from the initial Sh11 million.
This is after it emerged that the Kenya Cinema ATM lost Sh3 million during the heist. The other three ATMs lost a total of Sh11 million.
Off-site ATMs are not hosted next to or inside banking halls. They are located in high traffic areas where banks think they have a clientele base that would make financial sense.
On Tuesday, police turned their attention to G4S, the security group contracted to guard the four ATMs, in order to understand how the money disappeared.
It is said the bank’s internal security unit, on being questioned by the police, attempted to absolve themselves from blame by saying all the ATMs that were robbed were under the jurisdiction and management of G4S.
They were however hard-pressed to explain why the bank had not installed CCTV cameras at the Mutindwa ATM, an oversight that is likely to place the financial institution in trouble with its customers.
By Tuesday, detectives from the Cyber Crimes Unit at the Directorate of Criminal Investigations (DCI), who have taken over the investigations, had narrowed down to two theories on how the cash was stolen within three days.
“I can’t comment on an ongoing investigation, which has been taken over by another unit. All I can say is investigations are ongoing,” Nairobi police boss Rueben Ndolo told the Nation.
However, a physical investigation on the ATMs showed that apart from the Kenyatta National Hospital (KNH) ATM, the rest had not been tampered with.
The ATMs at Mutindwa, Mater Hospital and Kenya Cinema were found to be in good condition with no evidence whatsoever of any physical tampering.
This has led detectives to believe that the ATMs might have been hacked into, by a cybercrime ring that has become a headache to banking systems of late.
In order to evade detection, the robbers chose to strike during a holiday when there were few people.
Additionally, they chose to strike just after two of the ATMs had been reloaded with cash.
This has heightened suspicion that someone on the inside must have tipped them off. On-site ATMs, which are located at banking halls, are loaded directly by the bank.
However, off-site ATMs like the ones that were robbed are loaded by the security company contracted to guard them.
The security company monitors the cash level inside the machine on a daily basis and then requests for money or technical assistance from the bank whenever required.
In case an off-site ATM needs to be reloaded, all the security company does is to make a requisition and then go pick the money.
Like a day before the ATM at Mutindwa was robbed, G4S personnel had just loaded it with Sh7 million. Out of this, Sh6.2 million was discovered missing 24 hours later.
The bank has, however, declined to say how much money was in the four ATMs at the time of the robbery.