National PERSAL Ghost Worker Fraud: R3.9 Billion Per Year Draining Public Payroll

South Africa's public service payroll — the Personnel Salary System (PERSAL) — pays approximately 1.3 million government employees, consuming over R850 billion annually, nearly one-third of all government spending. A 2025 National Treasury crackdown revealed that this system has been systematically compromised by criminal syndicates operating from within the state itself.

**The Scale: R3.9 Billion Per Year**

In September 2025, the National Treasury presented to Parliament an estimate that approximately 1% of the 1.3-million-strong payroll was compromised by ghost worker fraud — amounting to R3.9 billion annually in fraudulent salary payments. This figure, derived from cross-referencing PERSAL data with SARS tax records, Home Affairs population registers, biometric data, and banking information, represents money flowing to people who either do not exist, are deceased, are minors, or are drawing salaries from multiple government departments simultaneously.

One individual was discovered earning salaries from three different ministries at the same time.

**The November 2025 MTBPS Revelation**

Finance Minister Enoch Godongwana used the Medium-Term Budget Policy Statement in November 2025 to reveal that Treasury had flagged 8,854 "high-risk cases" — individuals receiving payments from multiple departments. The Treasury began the process of eliminating nearly 9,000 ghost workers from the payroll.

**The February 2026 Budget Confirmation**

By Budget 2026, the audit had been refined. Of the original 8,854 high-risk cases, 4,323 were confirmed as suspicious after verification. The projected savings for the current financial year stood at R2.6 billion, with R3.7 billion allocated across departmental baselines for 2025/26 and 2026/27.

**How the Fraud Works**

The DPSA chairperson described the mechanics to Parliament in stark terms: creating a single ghost worker on PERSAL requires the collusion of at least three officials — a data inputter who enters fraudulent details, someone to authorise the entry, and a manager to sign off on payroll reports. The system is exploited through shared login credentials, weak oversight, and decentralised payroll structures that make detection difficult.

The DPSA described it as "deliberate and deeply embedded fraud, orchestrated by criminal syndicates operating within the state's own departments."

**Why It Persists**

The root causes are systemic: 1. **Paper-based controls**: Internal registers lack physical or biometric verification 2. **Collusion by design**: The three-official approval system fails when all three are compromised 3. **Decentralised structure**: Many government employees work outside offices, making physical verification impossible 4. **No single sign-on**: Employees can exist on multiple payroll systems without automated cross-checking 5. **Consequence failure**: The Auditor-General repeatedly flags lack of consequences for fraud, perpetuating the cycle

**Reform Measures**

Treasury and the DPSA announced reforms including cross-referencing PERSAL with SARS, Home Affairs, and banking data; facial recognition matching; physical verification of all personnel; a two-month verification window from January 2026 with salaries frozen for unverified employees; and development of a single sign-on system for public servants.

Whether these reforms can overcome decades of embedded fraud remains to be seen. The R3.9 billion annual figure represents only the payroll fraud that can be detected through data matching — the true cost, including productivity losses and systemic damage, is likely far higher.