Country Coverage
AML/CTF Legislation in Malaysia

AML/CFT regulations in Malaysia

MemberCheck's solutions in Malaysia​
PEP and Sanction Check
Scan your clients aga inst global PEP & Sanction data sources.
Learn More
Adverse Media Check
Keep up to date on risks your clients face by using reliable worldwide media.
Learn More
Customer Identity Verification
Verify the identity of your Malaysia customers and avoid the consequences of non-compliance.
Learn More
AML Consulting Service
Work with our accredited consultants to assess the money laundering and terrorism financing risk to your business.
Learn More
Jurisdictional Risk Checks
You can ensure compliance and protect your business with our expert Jurisdictional Risk Checks service.
Learn More
Compliance as a Business
Start your own compliance business using MemberCheck's tried and tested compliance software
Learn More

AML/CFT Supervisors in Malaysia

Bank Negara Malaysia (BNM)​

Bank Negara Malaysia (BNM) s the competent authority under the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA). Among others, BNM leads national efforts in AML/CTF, formulates AML/CTF regime/policies and receives and analyses Suspicious Transaction Reports (STRs)

How to comply with AML/CTF regulations in Malaysia?

The AMLA establishes a series of duties for reporting institutions. These include:

 Duty to undertake customer due diligence measures in all or any of the following circumstances:

  1. Establishing or conducting a business relationship, conducting any transaction with a customer, or carrying out any activity for or on behalf of a customer, whether they are an occasional or usual customer.
  2. The transaction or activity to be carried out exceeds the amount a competent authority may specify.
  3. There is reasonable suspicion of the commission of a ML/TF offence.
  4. There is reasonable doubt about the authenticity or adequacy of previously obtained customer identification data. 

In undertaking customer due diligence measures, a reporting institution shall:

  1. Identify the customer
  2. Verify their identity
  3. Verify the identity and authority of any person claiming to act on behalf of a customer
  4. Take reasonable steps to obtain and record information about the true identity of any person whose account is opened on their behalf, or a transaction or activity is conducted if there is reasonable doubt that the person is not acting on their own behalf
  5. Take reasonable steps to verify the identity of a natural person [SS1] who owns or exercises effective control over a customer that is not a natural person.

 Duty to conduct ongoing due diligence on all accounts, business relationships, transactions, and activities. 

Duty to record any information, data or details obtained during the course of the customer due diligence and, upon request, in writing, provide a copy of such record to a competent authority. 

Duty to maintain any account, record, business correspondence and document relating to an account, business relationship, transaction or activity with a customer or any person as well as the results of any analysis undertaken. This may be the case for a period of at least 6 years from the date the account is closed or the business relationship, transaction or activity is completed or terminated. 

Duty to keep a record of any transaction involving the domestic currency or any foreign currency exceeding the amount specified by a competent authority for a period of at least six years from the date the transaction is completed or terminated. 

Duty to adopt, develop and implement internal programs, policies, procedures and controls to guard against and detect any offence under the Act. The programs shall include:

  1. The establishment of procedures to ensure high standards of integrity of its employees and a system to evaluate the personal, employment and financial history of these employees.
  2. On-going employee training programs, such as “know-your-customer” programs, as well as instructing employees on the record-keeping, reporting, due diligence and retention of records obligations.
  3. An independent audit function to check compliance with such programs. 

Duty to designate compliance officers at management level in each branch and subsidiary who will be in charge of the application of the internal programs and procedures, including proper maintenance of records and reporting of suspicious transactions. 

Duty to develop audit functions to evaluate policies, procedures and controls implemented to comply with the Act. 

What are my AML/CTF reporting obligations? 

A reporting institution shall promptly report to the competent authority:

Any transaction exceeding the amount a competent authority may specify (RM 25,000 and above in one day).

Any transaction where the identity of the person involved, the transaction itself or any other circumstance concerning that transaction gives any officer or employee of the reporting institution reason to suspect that the transaction involves proceeds of an unlawful activity or instrumentalities of an offense.

Any transaction or property where any officer or employee of the reporting institution has reason to suspect that the transaction or property involved is related or linked to, is used or is intended to be used for or by any terrorist act, terrorist, terrorist group, terrorist entity or person who finances terrorism. 

 More information:


How can MemberCheck Help?

Our clients are provided with a secure and simple solution in regard to scanning for politically exposed or high-risk individuals, as well as checking names against sanction, regulatory, law enforcement, and other official lists.

Use our sophisticated scan filters and due diligence workflow to minimise the amount of time you spend sorting through, false matches. Scan results and reporting sections allow you to access customer details, whenever and wherever required, as well as download reports, to customise for further investigation or to provide evidence of your AML program compliance for auditing purposes.

Request a demo

* This page is intended as general information only and should not be relied on as the sole source of information for your AML obligations and AML program. Please visit your local regulatory authority sites for the latest relevant and full information.

Learn about our easy-to-implement trust solutions
Request a Demo