Print Friendly, PDF & Email

Regulatory Framework Updates on FinTech


In our past edition, two aspects of FinTech in Malaysia were discussed, namely the potential and regulation of Blockchain in FinTech in Malaysia, as well as the Peer-to-Peer (P2P) financing legal framework in Malaysia.

In light of Blockchain’s robust development and strong appeal in today’s world because of its characteristics of disintermediation, immutability, security, as well as quasi-anonymity, the growing use of Blockchain technology in the Malaysian financial industry has finally attracted updates to the relevant regulatory framework.

This article taps into three of the latest major regulatory developments on digital currency that is relevant to industry players.


[1]. Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) Policy on Digital Currencies (Sector 6) [February 2018]

Due to the rapid development, growing adoption, global nature, and increasing functionality of use of digital currencies, governments around the world have adopted various approaches and regulatory measures to address risks associated with and posed by digital currencies.[1]

In response to the global demand, Central Bank of Malaysia on 27 February 2018 has issued a policy of Anti-Money Laundering and Counter Financing of Terrorism on Digital Currencies Sector 6 (known as “AML/CFT Sector 6”).

AML/CFT Sector 6 outlines the proposed requirements and standards that a digital currency exchanger as defined under the First Schedule of the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (“AMLA”) that carry out the related services must act as ‘reporting institutions’.

This is to ensure that the effective and robust Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) control measures are in place to safeguard the safety and integrity of the financial system as well as to promote greater transparency in the conduct of digital currencies transactions.[2]

AML/CFT Sector 6 sets out the minimum requirements and standards that a reporting institution must observe to increase the transparency of activities relating to digital currencies and ensure effective and robust AML/CFT control measures are put in place to mitigate the risk that reporting institutions may be used as conduits for illegal activities.

The requirements and standards will also support law enforcement activities.

The reporting institution must take appropriate steps to identify, assess and understand their Money Laundering / Terrorist Financing risks in relation to their customers, countries or geographical areas and products, services, transactions or delivery channels. Once a ‘red flag’ or suspicious transaction is detected based upon such risk-based assessment, such reporting institution will need to lodge a report to the Central Bank using the template in Annexure 3 of AML/CFT Sector 6.

According to Part C of Annexure 3, a suspicious transaction is determined based on several grounds, such as a reactivated dormant account, large/unusual cash deposit/ withdrawal, activity inconsistent with customer profile, payment is credited into a customer’s account by a third party with no apparent relation to the customer, and an unwillingness of a customer or third party to disclose their identity.


2. Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019 [January 2019]

The Malaysian Minister of Finance announced the coming into force of the Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019 (“Order 2019”) on 15 January 2019[3] as an ongoing joint effort between the Central Bank of Malaysia and the Securities Commission for cryptocurrencies, tokens and other digital assets to be categorised as securities henceforth, and to accordingly fall under the regulation of the Securities Commission.

It was reported in the Minister’s statement that digital assets, to the Ministry of Finance, has a role to play as an alternative fundraising avenue for entrepreneurs and new businesses, and is deemed as an alternative asset class for investors.[4] However a huge penalty (i.e. a maximum sentence of 10 years of imprisonment and a RM10 million fine) will be imposed if a person is caught operating unauthorised initial coin offerings (“ICOs”) or digital asset exchanges.

The coming into force of Order 2019 is expected to resolve the confusion of crypto assets as securities. The same cryptocurrency, for example Bitcoin, could be captured as securities based on how it is used. If the Bitcoin is being traded, then it falls under the purview of securities laws.

Whereas, if the same Bitcoin is used to pay for a packet of nasi lemak, then it is not captured under the prescription order and is not considered as securities. The prescription is activity-based. Therefore, if the Bitcoin is being traded, then it is a security.

However, if the same Bitcoin is being used as a payment, then it is not recognized as securities, hence would require a license from Bank Negara.[5]

The interested parties operating in crypto-space should approach the Securities Commission to ensure that their business(es) are within the purview of Order 2019 by 1 March 2019, failing which the said business(es) will be deemed illegal and legal action will be taken for non-compliance with the Order.[6]


3. Guidelines on Recognized Markets – Chapter 15 (Digital Asset Exchange) [January 2019]

The Securities Commission had on 31 January 2019 issued amended guidelines or regulations for digital asset or crypto exchanges, the framework for which is a new category under Chapter 15 of the Guidelines on Recognised Markets[7]. It is worth noting that such Guidelines on Recognised Markets is the same one used to also regulate Equity Crowdfunding (“ECF”)[8] and Peer-to-Peer (“P2P”)[9] lending players.

The new framework is part of the efforts of the Securities Commission to promote innovation and facilitate the trading of digital assets while ensuring investor protection in the trading of digital assets. However, investors are reminded to be mindful of the risks when dealing in digital assets such as sudden price fluctuations and liquidity risks.[10]

Based on the recent guideline, any person who is interested in operating a digital asset platform is required to apply to the Securities Commission to be registered as a recognized market operator by 1 March 2019.

The applicant must have RM5 million paid capital in a company incorporated in Malaysia and is also subject to additional financial requirements on a case-by-case basis based on the operations and risks posed by the exchange.

Apart from that, the cryptocurrencies and digital assets have to be approved by the Securities Commission prior to listing on the exchange, and clear, concise and fair disclosures that are not misleading to investors must also be provided. On another note, the Securities Commission is expected to release the guideline for Initial Coin Offerings (“ICOs”) at the end of March 2019.



The regulator will continuously facilitate the digital assets industry by revising the relevant regulation and guidelines. At the same time, the Central Bank of Malaysia will ensure the compliance of AML/CFT to prevent the occurrence of financial crimes.



  8. Chapter 13, Guidelines on Recognised Markets.
  9. Chapter 14, Guidelines on Recognised Markets.


Written by:

Dr. Noorfajri Ismail (