In Part Two of this series, we examined the WhatsApp market, the alleged movement of samples, the language of buyers and middlemen, and the disturbing ease with which Safaricom customer information appears to have been treated like a product inside a country where ordinary citizens trusted the telco with their identity, M-Pesa activity, location, betting behaviour and private financial habits.
But every serious scandal has a point where the talk must meet the money.
People do not move millions of customer records for jokes. Nobody risks employment, criminal exposure, court cases and corporate embarrassment because they enjoy forwarding spreadsheets. Data of that scale moves because someone has calculated its value, someone has identified buyers, someone has negotiated samples, someone has promised delivery, and somewhere along the way, money changes hands.
That is where Part Three begins.
The Safaricom data scandal must now be understood not only as a data breach, but as a possible commercial transaction involving private information belonging to millions of Kenyans. The records were allegedly not extracted for academic research, public interest or whistleblowing. They were allegedly extracted because betting companies and other commercial actors would find value in knowing who gambled, how often they gambled, how much they staked, where they lived, what devices they used, how their M-Pesa accounts behaved and which platforms they preferred.
That is why the money trail is the most important part of this scandal.
The complaint before investigative and regulatory agencies does not merely allege that Safaricom data was accessed unlawfully. It points to a wider commercial ecosystem where the data was allegedly sampled, discussed, offered, priced and delivered to people connected to betting interests. Once a stolen database enters such an ecosystem, the scandal becomes bigger than the rogue employee. It becomes a chain of benefit stretching from the person who extracted the data to the person who marketed it, the intermediary who negotiated it, the company that received it and the executives who may have gained from the customer acquisition advantage.
In ordinary theft, the stolen item is usually visible. A car disappears. A phone is snatched. Money leaves an account. A shop is broken into. But in digital theft, the stolen item can remain invisible to the victim while being extremely valuable to the buyer. A Safaricom customer could continue using his line, sending M-Pesa, receiving betting messages and placing wagers without ever knowing that his private behaviour may have been copied, packaged and sold somewhere.
That is why this matter is so dangerous. The victim does not even know when the robbery begins.
For betting companies, the value of the alleged 11.5 million punters file was not in the beauty of the data, but in what the data could produce. A company armed with such information would not need to waste millions shouting to the whole country. It could identify the already active gambler, the frequent loser, the repeat depositor, the football addict, the desperate salary earner, the young man chasing losses and the customer most likely to respond to inducements. That is why such data would have a direct commercial value, because every targeted message, bonus, call, promotion or campaign could be aimed at people already known to be vulnerable to betting.
This is where Odibets, Kwikbets and other betting companies enter the financial side of the scandal.
Their customer acquisition records, agency contracts, payment trails, M-Pesa movements, bank transactions, phone communication and internal marketing logs from the period under review now become the most important documents in the room. The question is no longer just how Safaricom customer data allegedly left the telco. The question is how that data was allegedly monetised inside the betting industry, who paid for access, which intermediaries received money, whether payments were disguised as marketing expenses, consultancy fees, data services, technical support, commissions or ordinary supplier invoices, and how the resulting customer intelligence was converted into betting revenue.
Corporate Kenya loves hiding ugly deals behind clean words.
A bribe becomes facilitation.
A kickback becomes consultancy.
A stolen list becomes marketing data.
A middleman becomes a business development agent.
A data broker becomes a strategic partner.
A dirty payment becomes an invoice.
That is why the records matter more than press statements. The money trail will not be found in polished corporate language. It will be found in payment descriptions, repeated transfers, suspicious supplier names, strange consultancy invoices, M-Pesa movements, personal accounts, linked companies, agents who appear suddenly and disappear after delivery, and bank records that show whether people connected to Safaricom insiders, data brokers or betting companies were moving money during the same period the data was allegedly being sold.
Kenya has seen this movie many times.
In the old tender scandals, companies would be created quickly, awarded contracts, paid heavily and then vanish. In the new data economy, the same trick can be done without supplying anything physical. A company can be paid for “marketing leads” or “customer acquisition support” while the real product being delivered is stolen behavioural intelligence from a telco database. This is why the Odibets trail must not only be examined through the lens of gambling regulation, but through the lens of financial benefit, data laundering and possible proceeds of crime.
Data laundering is a very simple concept when stripped of legal language. Dirty data enters a business through unofficial channels, then the company cleans it by using it inside campaigns, databases, customer targeting and revenue generation. By the time the public sees the final result, it looks like normal business growth. More users. More deposits. More betting slips. More withdrawals. More brand visibility. More market share. But behind the growth may sit information that customers never agreed to surrender.
That is the real scandal.
The betting companies did not need to publicly announce that they had a list. They only needed to use it.
If a company receives a file showing active punters, preferred platforms, betting frequency and M-Pesa behaviour, the company can silently fold that information into its own customer acquisition machine. It can send messages. It can target locations. It can design offers. It can call users. It can identify profitable segments. It can build campaigns that appear normal from the outside but are powered by private information stolen from another company’s systems.
This is why the money trail and the customer trail must be read together. A payment to a middleman may look innocent until it is placed next to a data sample, a WhatsApp message, a customer list, a marketing campaign and a spike in user acquisition. A consultant may look harmless until his phone records place him between a Safaricom insider and a betting operator. A bank transfer may look ordinary until its timing matches the movement of files, samples or negotiations. A marketing invoice may look clean until the deliverable behind it turns out to be a stolen punters database.
The complaint has already opened this door by calling for scrutiny of phone records, bank records, M-Pesa records, company records, intermediaries and associated accounts covering the period of the alleged breach. That is the correct direction because this scandal cannot be solved by reading statements alone. It can only be understood by matching communication with money and matching money with commercial benefit.
The Odibets angle is especially important because the company became one of the most visible names in Kenya’s betting boom. The public saw a growing brand. The streets saw promotions. Punters saw odds. Football fans saw the noise. But behind every fast-growing betting company there must be a customer acquisition story, and in this scandal, the documents now force Kenyans to ask whether part of that customer acquisition story was built on unlawfully obtained Safaricom subscriber intelligence.
Kwikbets and other betting companies also belong inside this wider financial examination because the alleged market for Safaricom data was not about one brand alone. It was about an industry where customer knowledge could decide winners and losers. Betting is a numbers game before it is even a football game. The company that knows the punter better has an advantage before the match begins.
That is why the 11.5 million punters file, if used commercially, would have created an unfair and predatory advantage. It would have allowed operators to locate people already inside the gambling habit and approach them with precision. It would have reduced marketing waste. It would have increased conversion. It would have turned private financial behaviour into a business weapon. Such an advantage cannot be treated as ordinary competition because ordinary competition does not involve allegedly buying private data from insiders at the country’s largest telco.
This is also where the role of regulators becomes embarrassing.
A gambling regulator that only checks licences while ignoring customer acquisition methods is not regulating the industry. It is merely issuing permission slips. A Data Commissioner who does not follow how stolen customer information enters commercial platforms is not protecting citizens. A law enforcement system that charges employees but allows alleged corporate beneficiaries to remain comfortable is not investigating crime. It is managing optics.
The betting industry in Kenya has grown fat in a country where oversight has always arrived late. By the time regulators wake up, the adverts have already run, the punters have already lost money, the companies have already built market share, the owners have already bought property, and the victims have already moved on without ever knowing how they were targeted.
That is the genius of this kind of scandal. The harm is hidden inside normal life.
A man receives a betting message and thinks it is just another promotion. He deposits KSh 100 and thinks he is making a personal decision. He loses and returns because that is what addiction does. But behind that message may sit a history of data movement, payments, samples, customer profiling and commercial calculation that began long before he touched his phone.
That is why the money trail must expose not only who paid for the data, but who profited from the people identified by the data. The true value of the alleged Safaricom punters file was not the price paid to insiders or middlemen. The true value was the lifetime revenue that betting companies could extract from targeted gamblers after acquiring the knowledge of their habits.
That is where Kenya must understand the size of the scandal.
The payment for stolen data may have been small compared to the profits generated from it. A file may be bought once, but used for years. A customer may be targeted once, but lose repeatedly. A marketing campaign may be sent in minutes, but the addiction it feeds may last a lifetime. That is why the financial benefit cannot be measured only by the first transaction. It must be measured by the revenues built from the unlawful advantage.
This is the part corporate lawyers will not want simplified for the public.
They will want to reduce the matter to technicalities, jurisdiction, admissibility, procedure, old dates, regulatory language and polite denials. But the ordinary Kenyan understands theft when it is explained properly. If private Safaricom customer data was stolen, sold to betting interests, used to target punters and converted into revenue, then this was not just a breach. It was a business model built on stolen knowledge.
The money trail now becomes the spine of the entire scandal. It can show who moved from conversation to transaction, who moved from sample to payment, who moved from payment to delivery, and who moved from delivery to profit. It can also show why the small people were easier to pursue while the bigger corporate actors remained wrapped in silence.
Kenya cannot keep allowing corporate scandals to end at the lowest level of the chain. The employee who extracts data is important, but the company that allegedly benefits from the data is more important. The middleman who delivers a sample is important, but the executive who approves the commercial use of that information is more important. The M-Pesa transfer is important, but the betting revenue generated from the stolen profile is even more important.
This is why Part Three of this series follows the money.
Not because money is the only evidence, but because money usually tells the truth long after people have started lying. WhatsApp messages can be deleted, phones can disappear, laptops can be formatted, public statements can be written by lawyers, and regulators can pretend to be studying the matter. But bank records, M-Pesa trails, invoices, contracts, supplier payments and linked accounts have a way of exposing the real architecture of a scandal.
The Odibets files now move from data to money. The question is no longer only how Safaricom’s 11.5 million punters file allegedly left the telco. The question is how that file was priced, who paid for it, how the payments were disguised, how the information entered betting operations and how much commercial value was extracted from Kenyans whose private gambling habits were allegedly sold without consent.
In Part Four, we will examine the business empire around Odibets, the ownership questions, the shadow figures, the corporate structures, the wealth built during the betting boom and how the data scandal now follows the money from Safaricom’s servers into the world of gambling profits, private influence and elite property.