By Ingenique Solutions Team
Both the Bank Negara Malaysia (BNM) and Companies Commission of Malaysia (SSM) play pivotal roles in Malaysia’s Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) efforts. While they share the common goal of combating financial crimes, their regulatory frameworks differ. This article outlines the key distinctions between the two, focusing on regulatory scope, risk-based approaches, and reporting requirements, including beneficial ownership. By understanding these differences, organisations subject to both regulators can ensure compliance, mitigate risks, and avoid potential legal and financial penalties.
1. Regulatory Scope
2. Applicability of AML/CFT Obligations
BNM
Broader AML/CFT obligations for all financial institutions, DNFBPs, and NBFIs. BNM’s guidelines cover a wide range of reporting institutions and include detailed CDD, STRs, and compliance management systems.
SSM
Focuses primarily on company secretaries and requires them to maintain beneficial ownership (BO) records, conduct Customer Due Diligence (CDD), and file Suspicious Transaction Reports (STRs) if necessary. Additionally, they must perform comprehensive Institutional Risk Assessment (IRA) to identify and mitigate risks related to money laundering and terrorism financing.
3. Beneficial Ownership (BO) Reporting
The concept of Beneficial Ownership (BO) is critical not only for AML/CFT compliance but also for accounting transparency, corporate governance, and regulatory disclosure. A Beneficial Owner refers to the individual who ultimately owns, controls, or derives benefit from a legal entity or arrangement, even if the ownership is registered under another name. This distinction is essential, as the beneficial owner may not always be the legal owner listed in official records but may still exert significant influence or control over the entity’s decisions or assets. Both Bank Negara Malaysia (BNM) and the Companies Commission of Malaysia (SSM) emphasise the importance of identifying and reporting BO to prevent misuse of legal entities for illicit purposes and to promote transparency across sectors.
4. Risk-Based Approach (RBA)
BNM
Institutions must implement a comprehensive RBA, conducting risk assessments throughout the customer lifecycle, including onboarding and ongoing due diligence. Enhanced measures are mandated for high-risk customers and jurisdictions.
SSM
Company secretaries are required to adopt a Risk-Based Approach by conducting an IRA to assess risks related to customers, geographical areas, and products. A review of the IRA is permitted when necessary. Policies for high-risk customers must be robust to mitigate ML/TF risks.
5. Reporting Obligations
6. Exemptions and Simplifications
Small-sized reporting institutions refer to designated non-financial businesses and professions (DNFBPs) that operate on a smaller scale. Bank Negara Malaysia generally considers the following as small-sized institutions:
- Law firms or accounting firms with five or fewer practising certificate holders.
- Company secretary firms with five or fewer licensed company secretaries.
- Dealers in precious metals and stones (DPMS) with an annual turnover below RM10 million and fewer than 30 employees.
For these small-sized reporting institutions, certain exemptions are allowed. Specifically, the requirement for Policies, Procedures, and Controls (PPC) under Section 11.2 does not apply. Instead, these institutions can adopt Bank Negara Malaysia’s (BNM) policy documents as their own. While these firms are exempted from creating detailed internal AML/CFT frameworks, they are still required to implement core elements of AML/CFT compliance.
Conclusion
Understanding your specific AML/CFT obligations is key to effective compliance. While the Companies Commission of Malaysia (SSM) regulates company secretaries under its AML/CFT framework, Bank Negara Malaysia (BNM) also plays a supervisory role, covering a wider range of reporting institutions—including legal professionals, accountants, dealers in precious metals and stones (DPMS), and company secretaries—especially when their activities fall under the definition of designated non-financial businesses and professions (DNFBPs) as outlined by BNM’s policy documents. Their requirements are complementary but distinct. The differences in thresholds, reporting, and risk-based approaches reflect each regulator’s unique focus. Together, these frameworks strengthen Malaysia’s defenses against money laundering and terrorism financing.
Article written by the Ingenique Solutions.
