Malaysia Archives

In Cybersecurity

Malaysia: The Cyber Security Bill 2024 – A new era for cyber security

March 26, 2024 by Kherk Ying Chew, Serene Kan, Kean Lynn Tai and Nicole Oh 6 Mins Read

The new Cyber Security Bill 2024 (“Bill”) was tabled for first reading at the Malaysian Parliament on 25 March 2024. The Bill aims to provide a regulatory framework for the safeguarding of Malaysia’s cyber security landscape by requiring national critical information infrastructure entities to comply with certain measures, standards and processes in the management of the cyber security threats and cyber security incidents. To achieve such objectives, the Bill provides for, among others, the establishment…

In Communications & Mobility

Malaysia: Online content and related developments

March 26, 2024 by Kherk Ying Chew, Serene Kan and Chun Hau Ng 5 Mins Read

Proposed licensing of social media and internet messaging services providers and a new draft bill on digital safety – these are some of the recent updates in the online content space for Malaysia. On 15 December 2023, the Malaysian Communications and Multimedia Commission (MCMC) reported that there was a significant increase in harmful content on social media and over-the-top platforms in 2023 as compared to in 2022.1 Against this backdrop, the Malaysian Government (as with its…

In Financial Institutions

Digital Currencies and Digital Tokens are Regulated as Securities under Malaysian Securities Laws

January 16, 2019 by Sue Wan Wong 2 Mins Read

Pursuant to the Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019 (the Prescription Order), which came into force on 15 January 2019, digital currencies and digital tokens which are not issued or guaranteed by any government body or central bank, and fulfils other specific features, are prescribed as securities.The implications of treating digital currencies and digital tokens as securities are significant as the Malaysian Capital Markets and Services Act…

In Data Privacy

New Cyber Security obligations on Financial Institutions proposed by Bank Negara Malaysia

October 11, 2018 by Sue Wan Wong 3 Mins Read

Given the increasing reliance of Financial Institutions (FIs) on technology and online systems and the increasing threat of cyber attacks, it is timely that the Bank Negara Malaysia (BNM) issued, on 4 September 2018, a set of minimum standards on technology risk and cybersecurity management by FIs in Malaysia – the Risk Management in Technology policy document (RMiT). The RMiT has been issued as an exposure draft which it is intended will come into force on…

In FinTech

e-KYC standards issued by Central Bank of Malaysia

January 16, 2018 by Brian Chia 3 Mins Read

On 5 September 2017, the Assistant Governor of the Central Bank of Malaysia (BNM) announced that BNM will issue regulatory parameters for the conduct of electronic know-your-customer (e-KYC) processes for remittance transactions.Following the announcement, on 30 November 2017, BNM issued a supplementary document (Supplementary Document) which supplements the policy document on Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) (Existing Policy Document). This will apply to remittance service providers licensed under the Money Services Business…

In Financial Institutions

Interoperable Credit Transfer Framework – Developments in Malaysia

January 16, 2018 by Sue Wan Wong 3 Mins Read

On 7 December 2017, Bank Negara Malaysia (ie, the Central Bank of Malaysia) (BNM) issued an exposure draft of the Interoperable Credit Transfer Framework (Exposure Draft) to invite public and industry feedback on the proposed introduction of interoperable credit transfer services that leverage on a shared payment infrastructure in Malaysia. The Exposure Draft is part of BNM’s continuous efforts to migrate the nation towards the use of electronic payments. Through the proposed Interoperable Credit Transfer Framework…

In FinTech

The Central Bank of Malaysia issues FinTech Regulatory Sandbox Paper

November 17, 2016 by Sue Wan Wong 3 Mins Read

On 18 October 2016, the Central Bank of Malaysia (“BNM”) issued the Financial Technology Regulatory Sandbox Framework (“Framework”), which sets out the requirements for participating in the regulatory sandbox (“Sandbox”). The Sandbox allows regulatory flexibilities to be granted to financial institutions and FinTech companies (“Applicants”) to experiment with FinTech solutions in a live controlled environment which is accompanied by the appropriate safeguards, for a limited period.The concept of a regulatory sandbox framework is not new…

In FinTech

Malaysia Regulates Peer-to-Peer Lending

June 5, 2016 by Sue Wan Wong 4 Mins Read

Technology is evolving and extending its reach increasingly into the financial sector, businesses are being disrupted by its changes. One example are savvy entrepreneurs looking to provide online platforms to match lenders and borrowers The Securities Commission Malaysia (“SC”), the regulator that oversees the securities and capital markets industry, took note of the flourishing peer-to-peer lending model. In April 2016, it revised the Recognized Markets Guidelines (“Guidelines”) by adding a specific regulatory regime that appears…

In Data Privacy

Malaysia Introduces Alternative to Prosecution of Data Protection Breaches

April 20, 2016 by Kherk Ying Chew 3 Mins Read

Malaysia has introduced a new mechanism for sanctioning data protection breaches. Under section 132 of the Personal Data Protection Act 2010 supplemented by the Personal Data Protection (Compounding of Offences) Regulations 2016 (“the Regulations”), enacted on 16 March 2016, certain data protection offences may be “compounded” instead of being formally prosecuted. In other words, offenders may be given the option to pay a certain amount of money and in return no prosecution will be instituted…

In Data Privacy

Data Protection Compliance in Malaysia Set to Cause Headaches to Businesses

October 7, 2015 by Kherk Ying Chew 4 Mins Read

Malaysia’s data protection law, still in its infancy, is set to take some noteworthy next steps. These come in the form of mandatory minimum standards with regard to data security, data retention and data integrity which the Malaysian Data Protection Commissioner is expected to issue later this year. The standards will likely provide private sector organisations subject to the Malaysian Personal Data Protection Act (the “PDPA”) with much-needed guidance on how to comply with their…