Share with your friends

KPMG urges institutions to assess risks in anticipation of revised AML/CFT guidelines

KPMG urges institutions to assess risks in anticipation


Related content

KPMG in Malaysia is urging institutions to ensure they are well equipped to meet all requirements stipulated in Bank Negara Malaysia’s revised Anti Money Laundering / Counter Financing of Terrorism (AML/ CFT) guidelines. Announced as an exposure draft earlier in September, the revised guideline is targeted to take effect on 1 January 2020.

Institutions will have a grace period of six months to comply with the new regulations. In accordance with the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001, individuals or institutions who are deemed non-compliant are liable to either: a fine not exceeding one million ringgit, imprisonment for a term not exceeding three years, or both.

“The clock has already started ticking as institutions have an incredibly short time frame in which to construct a solid AML/CFT framework,” said Khurram Pirzada, Executive Director of Anti-Money Laundering (AML) and Sanctions practice at KPMG in Malaysia. “This includes time needed for a retrospective implementation, lest institutions risk compromising their operations or effectiveness in mitigating risks and exposure to money laundering and terrorism financing (ML/TF).”

Regulators have expressed an increased readiness to pursue and impose tougher penalties on financial institutions for regulatory breaches. Bank Negara Malaysia (BNM) has recently stated that beyond using enforcement levers to deal with instances of non-compliance, they have also taken to publishing actions taken against financial institutions for non-compliance of rules under their purview .

The new guideline aims to push institutions into taking greater ownership of their AML/CFT controls by moving towards a principle-based application in assessing and setting their own criteria to combat any risks. Though this provides more flexibility for reporting institutions when implementing controls, it can also pose as a challenge for smaller institutions, or small-sized Reporting Institutions (SRIs) , who may have little to no AML/CFT controls in place.

“Institutions should not underestimate how extensive the remediation of their AML/CFT framework can be. Even bigger, more established, institutions may need at least three months just to revamp their policies. But beyond this, institutions must acknowledge that non-compliance increases the risk of which they could unintentionally facilitate ML/TF activities. This itself could result in substantial financial loss and damage to their reputation,” cautioned Khurram.

Khurram further recommends all institutions, regardless of size, to begin with an initial risk assessment to determine any risks they may have as the first step towards building a robust AML/CFT framework.
“Institutions can formulate a list of priorities by first identifying any underlying risk issues in their business practices. This will then enable them to implement appropriate, and sustainable, controls to manage these risks and ensure regulatory compliance. They can also consider approaching professionals who can best guide them and assist in optimizing their compliance costs.” he advised.

This amendment represents strong strides in a positive direction by BNM to curb money laundering and is in line with international standards set by the Financial Action Task Force (FATF). Besides Malaysia, countries worldwide have intensified efforts to develop sustainable and robust AML/CFT regimes that can effectively respond to new and emerging risks and vulnerabilities.

The exposure draft is expected to replace the current AML/CFT regulations for Sectors 1 to 5 with two regulatory documents, capturing institutions into two different categories: Financial Institutions (FI), and Designated Non-Financial Businesses and Professions and Non-Bank Financial Institutions (DNFBPs & NBFIs).

Among others, Khurram noted some interesting points in the new guidelines:

  • Heightened Board Accountability on oversight
    The guidelines place more accountability on the Board to ensure the reporting institution has an effective AML/CFT framework. For instance, the Board will be expected to determine the frequency of internal audits and endorse measures when conducting Simplified Customer Due Diligence (CDD) and establishing non face-to-face business relationships.
  • Expected changes on CDD
    More institutions are now allowed to conduct simplified CDD, which means only minimal customer information needs to be collected for verification purposes. However, as several thresholds have been introduced to segment conditions where simplified CDD is permitted, this raise the complexities to an appropriate method to apply for varying circumstances.
  • Compliance Officer Requirements
    Institutions will be required to assess designated AML Compliance Officer (AMLCO) candidates based on “financial integrity”. However, there is still a lack of information on the scope and extent of the check, as well as an increased expectation for AMLCOs to have relevant certification or professional qualifications. It is in the hopes of shared responsibility that BNM will expand on this when the guidelines come into effect.

For media queries, please contact:

Berenice Then
Director, Markets
KPMG in Malaysia
Direct: +603 7721 3952
Syazlina Nasir
Executive, MARCOM
KPMG in Malaysia 
Direct: +603 7721 3961

© 2021 KPMG PLT, a limited liability partnership established under Malaysian law and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit

Connect with us


Want to do business with KPMG?


loading image Request for proposal