A widening corruption investigation has exposed what authorities describe as a fraudulent software procurement scheme inside Sri Lanka’s Department of Immigration and Emigration, where nearly Rs. 9.83 million in state funds was allegedly paid for a digital system that investigators claim never existed.
The Criminal Investigation Department’s Financial Crimes Investigation Division arrested the department’s IT and Border Control Controller, K. Herath, on May 14, 2026, following an extensive forensic audit into the agency’s internal technology procurement process.
Investigators allege that the official approved and certified the completion of a critical “User Management Module,” a software platform intended to strengthen cybersecurity and regulate employee access to sensitive immigration databases. According to investigators, those certifications enabled government payment approvals despite no evidence that the system had ever been developed or installed.
Authorities say the disputed software was designed to manage staff credentials, monitor internal audit activity, and secure access controls linked to national immigration operations. However, forensic investigators reportedly found no installation records, deployment logs, or operational traces during examinations of departmental servers and procurement archives.
The findings have raised suspicions that fabricated technical documentation may have been used to falsely portray the project as complete, allowing public funds to be released without independent verification of the software’s existence.
According to investigators, multiple written approvals signed by the suspect confirmed that the project had been successfully integrated into the department’s network infrastructure. Those approvals allegedly formed the basis for authorizing a payment totaling Rs. 9,831,250 to the supplier involved in the transaction.
The arrest was carried out under provisions of the Prevention of Money Laundering Act and the Public Property Act, laws commonly invoked in cases involving alleged misuse of government assets and financial misconduct. Legal analysts note that offences prosecuted under the Public Property Act carry strict bail conditions and significant custodial penalties upon conviction.
The suspect was later produced before the Kaduwela Magistrate’s Court as investigators intensified efforts to trace the movement of public funds linked to the controversial payment.
Sources familiar with the inquiry say CID officers are now collecting procurement contracts, departmental correspondence, server activity records, and payment documentation in an attempt to reconstruct the approval chain behind the transaction. Investigators are also examining whether additional public officials, private contractors, or intermediaries may have played a role in facilitating the alleged fraud.
The case has triggered renewed concern over weaknesses in public-sector technology procurement, particularly within high-value digital infrastructure projects where technical assessments often depend heavily on internal certification by senior officials.
Critics argue that government institutions handling sensitive national databases remain vulnerable to procurement manipulation when oversight mechanisms fail to independently verify software implementation before payments are approved.
Authorities say the forensic audit remains ongoing and that the investigation may expand into other procurement activities connected to the department’s IT operations as detectives continue tracking the financial trail behind the disputed transaction.