How to Comply With Anti-Money Laundering in Malaysia?

Malaysian flag on flagpole

Malaysia is a regional and global political power with the third-largest economy in Southeast Asia, following Indonesia and Thailand. Attracting business interests from across the world, and with high investment in the technology and digital sectors, Malaysian fintech has grown in prominence in recent years. As a result, financial regulators have had to adapt in order to safeguard their financial systems against emerging AML/CFT threats

Accordingly, companies should ensure they understand how to comply with AML in Malaysia and what their priority AML/CFT considerations should be.

1. Financial Authorities

The Malaysian financial system is overseen by Bank Negara Malaysia (BNM), which acts as the country’s regulator and central bank. The bank was established by the Central Bank of Malaysia Act 2009 and operates under the authority of Malaysia’s main articles of banking legislation: the Financial Services Act 2013 and the Islamic Financial Services Act 2013, which covers the Islamic banking sector. BNM sets AML/CFT policy in Malaysia, adopting a risk-based supervisory approach and issuing periodic guidance to Malaysian financial institutions in line with the recommendations of the Asia/Pacific Group on Money Laundering (APG)

BNM is joined in its supervision of the Malaysian financial system by the Securities Commission (SC), which acts as the regulatory authority for the capital market, and the Labuan Financial Services Authority (Labuan FSA), which specifically regulates the Labuan International Business Financial Centre, the special economic zone on the island of Labuan.

2. Malaysia AML Legislation

The Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) is the primary piece of AML/CFT legislation in Malaysia. The Act defines the offenses of money laundering and the financing of terrorism and sets out the measures that financial institutions must take to detect and prevent those criminal activities. It also details the investigatory powers that authorities have in the prosecution of money laundering and terrorism financing cases.

The Labuan Financial Services Authority issues its own guidelines, directives, and circulars to financial institutions within the special economic zone. 

Fintechs: There is no specific AML/CFT legislation applicable to fintechs in Malaysia. All fintech businesses operate under the country’s existing legislative infrastructure. Provisions have, however, been made to extend some AML/CFT regulation to fintechs:

  • BNM launched the Financial Technology Regulatory Sandbox Framework in 2016. The framework aims to eventually deliver a regulatory environment that works with the needs of Malaysia’s fintechs. 
  • The framework adapts existing AML/CFT regulations to the environments in which fintechs operate, aiming to protect their innovative objectives.

3. Data Privacy and the Cloud

The primary piece of data protection legislation in Malaysia is the Personal Data Protection Act 2010 (PDPA), which specifically concerns the treatment of personal data in commercial contexts. The PDPA requires commercial data users, such as banking and financial institutions, to register as data users and comply with the relevant regulations.  

The PDPA is limited to Malaysia, which means that personal data processed outside the country is not subject to its rules. Similarly, the PDPA has no specific provisions for the treatment of personal data online. 

4. Transaction Monitoring

The AMLA imposes certain monitoring obligations on banks and financial institutions in Malaysia that must be integrated into internal AML/CFT programs. Those monitoring programs should reflect the level of risk the institution faces and must monitor continuously to address new and emerging risks. In practice, financial institutions must monitor for:

  • Transactions in unusually large amounts or in unusual patterns;
  • Transactions that have no clear purpose;
  • Transactions that appear illegal or involve proceeds from illegal activities; and
  • Transactions originating or being directed to countries with high levels of AML/CFT risk.

Where suspicious activity is detected, financial institutions must promptly submit a suspicious activity report (SAR) to BNM. 

5. Payment Sanctions Screening

Under the AMLA, sanctions screening is an important priority for banks and financial institutions, which must report any sanctions alerts to BNM. Institutions must not only screen new customers against sanctions lists but conduct regular checks on existing customers to ensure risk profiles have not changed. Sanctions imposed in Malaysia are based on United Nations Security Council resolutions and can be found in the Ministry of Home Affairs’ List of Sanctioned Entities and List of Sanctioned Individuals. 

6. AML Onboarding and Monitoring

AMLA requires banks and financial institutions to conduct ongoing customer due diligence (CDD) checks on all customer accounts, relationships, transactions and activities. CDD checks should establish and verify a customer’s identity during onboarding and then throughout the ongoing relationship to ensure that the customer’s risk profile has not changed. 

AMLA’s risk-based approach also mandates CDD checks on customers’ PEP status and on any adverse media stories against them.

7. Upcoming Regulatory Changes

Malaysia’s Financial Technology Regulatory Sandbox Framework is intended to help integrate fintechs with Malaysia’s wider AML/CFT regime over the coming years. Beyond the framework, an upcoming change to the Anti-Money Laundering and Counter Financing of Terrorism rules will see the introduction of minimum standards for money-changing services during the onboarding of new customers online or via mobile devices. 

How ComplyAdvantage Can Help

The complexity of Malaysia’s AML/CFT regulations means that banks and financial institutions must expend significant administrative effort to achieve compliance and avoid potential errors and penalties. 

To overcome that challenge, ComplyAdvantage employs a range of cutting-edge screening tools: our automated AML/CFT solutions deliver speed and efficiency to your AML program, complementing the expertise of employees with smart technology and passing the benefits onto customers and clients. 

AML Compliance Solutions

Our AML Compliance Solutions help you to compy with AML/CFT Regulations in Malaysia.



Share your thoughts and start a conversation.

Leave a Reply

Related articles:

ultimate beneficial owner
April 4, 2015

Ultimate Beneficial Ownership

What is Ultimate Beneficial Ownership? AML compliance requirements are constantly changing. Firms must keep up with…
Read More
AML Compliance Officer
May 14, 2018

AML Compliance Officer

What Is An AML Compliance Officer? What is an AML Compliance Officer? In order to…
Read More
AML Compliance Program
May 14, 2018

AML Compliance Program

What is AML Compliance Program? In order to combat financial crime, banks, credit unions, and…
Read More
Bank Secrecy Act Officer
May 14, 2018

Bank Secrecy Act Officer

What is a Bank Secrecy Act Officer? What Is A Bank Secrecy Act Officer? A…
Read More
money laundering reporting officer MLRO
May 15, 2018

Money Laundering Reporting Officer

What Is A Money Laundering Reporting Officer (MLRO)? What Is A Money Laundering Reporting Officer (MLRO)?…
Read More
December 4, 2018

AML Compliance Trends for 2019

Anti-Money Laundering Trends for 2019 Two issues shaped AML news in 2018 – huge money…
Read More
AML Checklist Best Practises
June 6, 2019

AML Compliance Best Practices

The Smart AML Compliance Checklist Traditional AML systems are falling behind against evolving threats: a…
Read More
Risk Based Approach AML KYC
August 16, 2019

Risk-Based Approach To AML

Risk-Based Approach To AML A risk-based approach to AML is key to effective compliance programs…
Read More
vendor due diligence aml
January 17, 2020

Vendor Due Diligence

Vendor Due Diligence: What You Need To Know Vendor due diligence (VDD) takes place when…
Read More
aml ctf malaysia framework
February 4, 2020

Malaysia’s 2020 AML/CTF Framework

Malaysia Revises 2020 AML/CFT Framework What is Malaysia's new AML/CFT Framework? In 2019, Malaysia’s central…
Read More
compliance risk management
March 9, 2020

Compliance and Risk Management

Compliance and Risk Management  As financial authorities adapt to evolving criminal threats, risk assessment has become…
Read More
digital banking aml compliance
July 9, 2020

Digital Banking AML Regulatory Compliance

Digital Banking AML Regulatory Compliance As banks and other financial institutions embrace advances in financial…
Read More

To make sure you get a great experience on our website, we use cookies. To confirm you consent to this, please click below. Read more about our Cookie Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.