Malaysia Anti Money Laundering Guidelines – Overview and Summary of Requirements

• By: Staff Editor
• Date: March 19, 2013

• Every reporting institution should develop customer acceptance policy and procedures to address the establishment of business relationship with the customer.
• The reporting institution should take into consideration the following factors when creating the risk profile of a particular customer
  • the origin of the customer and location of business
  • background or profile of the customer
  • nature of the customer’s business
  • structure of ownership for a corporate customer
  • any other information suggesting that the customer is of higher risk.

• Every reporting institution must obtain satisfactory evidence in terms of the identity and legal existence of any person applying to do business with it.
• The customer due diligence should be conducted for individual and corporate customers as well as clubs, societies and charities.
• The customer due diligence should comprise the following -
  • identify and verify the customer
  • identify and verify beneficial ownership and control of such transaction
  • obtain information on the purpose and intended nature of the business relationship/transaction
  • conduct ongoing due diligence and scrutiny, to ensure the information provided is updated and relevant.

• The reporting institution should have in place policies and procedures to address any specific risks associated with non-face-to-face business relationships.
• The reporting institution should establish effective appropriate measures for customer verification which may include:
  • requisition of additional documents to complement those which are required for face-to-face customers
  • independent contact with the customer
  • verification of customer information against databases maintained by the authorities.

• The reporting institution should have a risk management framework to determine whether current or new customers are PEPs.
• The decision to enter into or continue business relationships with PEPs should be made by the Senior Management of the reporting institution at the head office.
• The reporting institution should conduct enhanced ongoing due diligence on PEPs as well as their family members or close associates, throughout its business relationships with such PEPs.

• Higher risk customers include - High net worth individuals; Non-resident customers from locations known for their high rates of crime (e.g., drug producing, trafficking, smuggling) and cash-based businesses etc.
• The reporting institution should conduct enhanced customer due diligence on high risk customers.
• These should be approved by the Senior Management of the reporting institution prior to establishing any business relationship with the customer.

• The reporting institution should have in place an adequate management information system to complement its customer due diligence.
• The purpose of management information system is to provide the reporting institution with timely information about any suspicious activity.

• The reporting institution should establish internal criteria (“red flags”) to detect suspicious transactions.
• The reporting institution should also monitor transactions with regards to business relationships and transactions with individuals, businesses, companies and financial institutions from countries highlighted as insufficiently implementing the internationally accepted AML/CFT measures.

 Suspicious Transaction Reporting

• The reporting institution is required to promptly submit a suspicious transaction report to the Financial Intelligence Unit in Bank Negara Malaysia
• The reporting institution should provide the necessary information surrounding the suspicious transaction as required in the suspicious transaction report form.

• The reporting institution should appoint one or more officers at the Senior Management level to be the compliance officer responsible for the submission of suspicious transaction reports to the Financial Intelligence Unit in Bank Negara Malaysia.
• Similarly, the reporting institution should appoint a compliance officer at each branch and subsidiary.

• The reporting institution should consider submitting a suspicious transaction report when it is unable to complete the customer due diligence process on any new or existing customer that is unreasonably evasive or uncooperative.
• The reporting institution should also consider submitting a suspicious transaction report when any of its customer’s transaction or attempted transaction fits the reporting institution’s list of “red flags”.

• The reporting institution’s Board of Directors and Senior Management should be aware of the money laundering risks associated with all its business products and services.
• The Board of Directors should establish an effective internal control system for AML
• The Senior Management should establish an appropriate employee assessment system to ensure staff integrity.
• The reporting institution should ensure that the roles and responsibilities of the compliance officer are clearly defined and documented.
• The reporting institution must conduct awareness and training programs on AML practices and measures for its employees.
• The Board of Directors is responsible to ensure regular independent audit of the internal AML measures and processes.

Additional Resources

Read the Malaysia Guidelines on Anti Money Laundering in full here.