Financial Crime World

Here is the converted article in Markdown format:

BNM Issues Revised Policy Document for e-KYC Implementation

The Bank Negara Malaysia (BNM) has issued a revised policy document for the implementation of electronic Know-Your-Customer (e-KYC) solutions by financial institutions (FIs). The revised policy document sets out new requirements and guidelines for FIs to ensure effective and accurate customer onboarding through e-KYC.

Document Fulfillment Before Implementation

Before implementing an e-KYC solution, a FI is required to:

  • Review or revalidate the requirements under paragraph 8.22 of the Revised Policy Document at least once every three years
  • Ensure continued relevance where there are any material changes to the e-KYC solution

Independent Assessment and Ongoing Monitoring

A FI must:

  • Conduct an independent assessment on its own processes, procedures, and controls prior to first-time implementation of an e-KYC solution
  • Undertake a review of the independent assessment on a regular basis as may be determined by the FI
  • Continuously monitor, identify, and address potential vulnerabilities in the e-KYC solution

Safeguards for Higher-Risk Products

For products with higher risks arising from inaccurate identification:

  • A FI must observe the considerations and safeguards specified in Appendix 4 of the Revised Policy Document

Reporting Requirements

A FI is required to:

  • Maintain a record of the performance of the e-KYC solution segregated on a monthly basis
  • Make records readily available for review by BNM
  • Submit the record through the electronic platform mentioned in paragraph 9.3 of the Revised Policy Document on a half-yearly basis

Regulatory Process

The regulatory process applicable to FIs seeking to implement e-KYC is as follows:

  1. A licensed person may implement and utilize an e-KYC solution after 14 working days from the receipt by BNM of the complete set of documents and information referred to in Appendix 5 of the Revised Policy Document.
  2. A licensed money-changing operator, licensed remittance service provider, approved non-bank issuer of designated payment instruments or designated Islamic payment instruments is required to obtain written approval from BNM prior to implementing e-KYC.

Enforcement

Where BNM deems that the requirements in the Revised Policy Document have not been complied with, it may take appropriate enforcement action against the FI, including:

  • The directors, officers, and employees of the FI

The revised policy document aims to ensure that FIs implement effective and accurate customer onboarding through e-KYC solutions. The new requirements and guidelines are expected to enhance the robustness and effectiveness of e-KYC solutions in Malaysia.

Consultation

For further information or consultation on the Revised Policy Document, kindly contact Skrine’s Banking and Finance Practice at skrine@skrine.com.