Central Bank of Malaysia Issues Standards for Electronic Know-Your-Customer (e-KYC)
On 5 September 2017, the Assistant Governor of the Central Bank of Malaysia (BNM) announced that BNM will issue regulatory parameters for the conduct of e-KYC processes for remittance transactions.
Following the announcement, on 30 November 2017, BNM has issued a supplementary document (Supplementary Document) which supplements the policy document on Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) (Existing Policy Document). This would apply to remittance service providers licensed under the Money Services Business Act 2011 which carries on remittance business through online or mobile channels.
As part of the previous AML/CFT framework and under the Existing Policy Document, remittance service providers shall not undertake any transaction without face-to-face contact with the customer unless the business relationship with the customer has been first established and customer due diligence measures have been conducted.
As the Supplementary Document has been implemented, face-to-face verification for onboarding new customers will be dispensed for remittance service providers that have received approval to conduct e-KYC procedures.
Requirements under the Supplementary Document
A remittance service provider is required to:
- obtain the prior written approval of BNM to implement e-KYC for the provision of online or mobile remittance services;
- set and ensure effective implementation of appropriate policies and procedures to address any specific risks associated with the implementation of e-KYC;
- demonstrate on a continuing basis that appropriate measures for identification and verification of a customer's identity are at least as effective as that for face-to-face customer verifications;
- ensure the systems and technologies developed and used for establishing business relationships using e-KYC have proven capabilities to support processes and procedures required for the AML/CFT programme;
- comply with the following additional requirements:
a. ensure that the individual performing the remittance transaction has a bank account with a licensed bank in Malaysia;
b. ensure that the remittance transaction performed by an individual does not exceed the aggregate amount of RM 30,000 per day;
c. ensure that the remittance transaction performed by an individual who is a foreign worker does not exceed the aggregate amount of RM 5,000 per month and that such funds are only remitted to pre-registered beneficiaries in his home country; and
d. put in place robust and appropriate IT security controls.
Many other countries, such as Australia, Thailand and India have established and offer some form of e-KYC regulations. The issuance of e-KYC standards by BNM is a welcomed move as this would keep up to pace with the development of digital transactions.
In the short term following the proposed implementation of e-KYC standards, we anticipate that there will be engagements between BNM and industry players to develop pilot projects, technology platforms and processes to enable e-KYC. As a whole, the new regulatory framework would boost the momentum for innovation in the money services business sector and the Malaysian financial industry.
In the long term, e-KYC will replace the existing manual and paper-based KYC processes with paperless verification of the customer through the internet. Remittance service providers carrying on remittance business through online or mobile channels will need to, in time, revisit the existing operational KYC protocols and further refine these KYC protocols to keep up with the digitization of the process and to include the integration of technology such as biometric scanners. We anticipate that this move will benefit the remittance service providers as it will reduce the long term cost for conducting customer due diligence.