Bank Negara Malaysia (‘BNM’) is seeking written feedback on the exposure draft of a policy document, Electronic Know-Your-Customer (e-KYC) (‘Proposed Policy Document’), issued on 16 December 2019.

The Proposed Policy Document will apply to each of the following entities (‘Financial Institution’) which proposes to implement electronic Know-Your-Customer (‘e-KYC’) solutions for on-boarding of customers who are individuals –

  • licensed bank;
  • licensed investment bank;
  • licensed Islamic bank;
  • licensed life insurer;
  • licensed family takaful operator;
  • prescribed development financial institution;
  • licensed money-changing operator;
  • licensed remittance service provider; and
  • approved non-bank issuer of designated payment instruments and designated Islamic payment instruments.

Among the requirements set out in the Proposed Policy Document are the following –

  1. A requirement for a Financial Institution to obtain its board approval before implementing e-KYC for each type of financial product;
  2. The board is to set and ensure the effective implementation of appropriate policies and procedures to address any risks associated with the implementation of e-KYC (including operational, information technology and money laundering and terrorism financing risks);
  3. The requirement to adopt an appropriate combination of authentication factors to verify the identity of a customer being on-boarded;
  4. Where artificial intelligence, machine learning and other forms of predictive algorithms are used to verify a customer’s identity, a Financial Institution must ensure that the e-KYC solution is capable of accurately distinguishing between genuine and non-genuine cases of customer on-boarding; for this purpose, BNM has proposed a formula to be applied to determine False Acceptance Rates (FAR) and provided considerations and parameters to be observed by a Financial Institution in Appendix 1 of the Proposed Policy Document;
  5. Additional procedures are set out in Appendix 2 of the Proposed Policy Document for on-boarding of customers for current account and savings account due to the higher risks that may arise from inaccurate identification of such customers;
  6. To monitor the effectiveness and accuracy of e-KYC solutions that use artificial intelligence, machine learning and other forms of predictive algorithms, a Financial Institution that uses such solutions is required to submit half-yearly records to BNM in the template set out in Appendix 3 of the Proposed Policy Document;
  7. A licensed person under the Financial Services Act 2013 or the Islamic Financial Services Act 2013 (i.e. a licensed bank, licensed investment bank, licensed insurer, licensed Islamic bank, licensed international Islamic bank, licensed takaful operator, licensed international takaful operator)[1] and a prescribed development financial institution under the Development Financial Institutions Act 2002 may proceed to implement e-KYC upon submission to BNM of the documents set out in Appendix 4 of the Proposed Policy Document and utilise e-KYC after 14 working days from receipt by the relevant departments of BNM of the complete submission of the information listed in Appendix 4 (“file-and-use” system).
  8. A Financial Institution other than a licensed person or a prescribed development financial institution is required to obtain the written approval of BNM before implementing e-KYC.

The deadline for submission of feedback to BNM is 17 February 2020.