DAKAR, Senegal (AP) — An American-based aid group said that approximately $900,000 was stolen from its Congo programs by members of the organization who conspired with outsiders.

GiveDirectly said that it learned that people on its Congo team worked with people outside the organization to defraud the cash transfer program, diverting aid from more than 1,700 impoverished families over six months, starting in August 2022.

“This fraud was only possible because of a specific change we made in our payment process in order to work in this remote, insecure region of (Congo),” according to the statement from Monday. “We feel deep regret for not catching this sooner and take seriously the vulnerabilities it exposed,” it said.

GiveDirectly said that an investigation is ongoing and that it was able to recover “a very small portion of the lost funds,” but the majority of the $900,000 will likely be “uncoverable.” But the group is working to ensure that families impacted by the fraud get their money.

Roughly 1% of money delivered last year was lost to fraud, the highest amount to date, GiveDirectly said.

Eastern Congo, where the group operates, has experienced conflict for decades. About 120 armed groups are fighting in the region mostly for land and control of mines with valuable minerals, while some groups are trying to protect their communities. More than 5.5 million people are displaced in Congo, and more than 26 million are facing hunger, according to the United Nations.

The decades-long crisis and widespread poverty have fueled an environment ripe for corruption among aid organizations, analysts say.

“It is unsurprising that the development sector is a target for corruption given its prominent role in the country’s economy. Billions of development dollars flow into (Congo) every year and it is likely that a sizeable portion of this is lost to corruption,” Benjamin Hunter, Africa analyst for risk assessment firm Verisk Maplecroft, said Tuesday.

GiveDirectly delivers cash transfers globally, delivering more than $650 million to people in roughly a dozen countries, the majority in Africa. It provides aid through mobile money, a technology to send and receive funds using a SIM card, which it says avoids many forms of fraud. Once the money’s deposited, people can withdraw the cash at a mobile money station.

While the group normally registers people with an independent money agent, gives them SIM cards and deposits funds on it, due to the insecurity in eastern Congo’s South Kivu province, where it was operating, GiveDirectly said it made an exception to it’s normal procedures.

Instead of people registering with independent mobile agents, which often meant making them travel long distances, the group used its own enrollment team.

“We now know that while enrolling villages in South Kivu, some staff conspired to register payment SIMs to the recipients’ names (per the special exception granted), pocket those registered SIMs, and put different SIMs in recipients’ phones,” the organization said. GiveDirect sent cash transfers to the registered SIM cards, many of which had been stolen by the staff, who with outside help from money agents and former employees, diverted funds intended for people in need, it said.

Give Directly said that the case was concerning for three reasons:

1. “the scale of the fraud, at the expense of people in extreme poverty

2. “the number of our own team members who participated

3. “the failure of our systems to prevent it.”

The group said it has no reason to suspect this fraud extends beyond its eastern Congo programs.