<!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-QCXBYX5C31"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-QCXBYX5C31'); </script>

Navigation

  • Skip to Content
BNM Logo BNM Logo
  • About Us
      Our Roles Board of Directors Governor Management Committee Senior Officers of BNM Organisation Structure Statutory Committees
  • Topics
  • News & Events
      Press Releases Public Notices Speeches Calendar of Events Events at BNM Procurement
  • Rates & Statistics
  • Publications
  • Regulations
      Legislation Standards & Guidelines FSP Directory Enforcement Actions
  • Careers
      Join Us Job Vacancies Kijang Graduate Programme Internships Scholarships
  • Contact Us
      Contact Us BNM Offices Whistleblowing Policy
Search

Language Selector

melayu

Breadcrumb

  1. Home
  2. News & Events
  3. Press Releases
  4. Bank Negara Malaysia imposes Administrative Monetary Penalty on Malayan Banking Berhad and Maybank Islamic Berhad for non-compliance with the Financial Services Act 2013 and Islamic Financial Services Act 2013

Asset Publisher

null Bank Negara Malaysia imposes Administrative Monetary Penalty on Malayan Banking Berhad and Maybank Islamic Berhad for non-compliance with the Financial Services Act 2013 and Islamic Financial Services Act 2013

Bank Negara Malaysia imposes Administrative Monetary Penalty on Malayan Banking Berhad and Maybank Islamic Berhad for non-compliance with the Financial Services Act 2013 and Islamic Financial Services Act 2013

Embargo : For immediate release Not for publication or broadcast before 0040 on Thursday, 15 August 2024
15 Aug 2024

Bank Negara Malaysia (BNM) had on 29 July 2024, imposed an Administrative Monetary Penalty (AMP)[1] of RM4,320,000 on Malayan Banking Berhad and Maybank Islamic Berhad (collectively referred to as Maybank) for non-compliance with paragraph 48(1)(a) of the Financial Services Act 2013 (FSA) and paragraph 58(1)(a) of Islamic Financial Services Act 2013 (IFSA) read together with paragraph 10.32 of the Risk Management in Technology (RMiT) Policy Document.

Under paragraph 10.32 of the RMiT Policy Document, financial institutions must ensure their relevant critical systems are designed for high availability, specifically:

(a) cumulative unplanned downtime that affects user interface must not be more than four hours on a rolling 12-month basis; and

(b) maximum tolerable downtime of 120 minutes per incident.

Between 1 June 2023 and 31 May 2024, Maybank’s Regional Mobile Banking Platform (RMBP) and MAE applications experienced multiple unplanned downtime that caused prolonged disruptions in several banking services interface with customers and counterparties. The duration of the disruption breached the thresholds specified in paragraph 10.32 of the RMiT Policy Document. Upon investigation into the root cause leading to the incidents, it was found that Maybank’s non-compliance resulted from its inability to recover effectively and promptly from the unexpected system disruptions, which severely impacted the interface experience of online banking services for its customers and counterparties. Measures by Maybank to further strengthen its application and infrastructure resiliency as required by BNM were also incomplete at the time of the incidents which impeded recovery effects.

Maybank has taken the necessary actions to close these gaps as part of its multi-year infrastructure investments to prevent future non-compliance. 

Aggravating and Mitigating Factors

In deciding to impose the AMP, BNM has considered the relevant aggravating and mitigating factors, which include:

  1. failure to take reasonable steps to mitigate the downtime incidents and avoid non-compliance;
  2. severity of the non-compliance, including the impact of the service disruptions on customers and counterparties; and
  3. past compliance record and history of formal enforcement actions imposed.

BNM expects all financial institutions to maintain a high level of their technology resilience against operational disruptions to ensure the continuous availability of essential financial services. BNM will not hesitate to take appropriate supervisory and enforcement actions when financial institutions fall short of regulatory expectations. 

Maybank paid a total of RM4,320,000 for the AMP imposed by BNM on 8 August 2024.

The enforcement action taken is in line with the approach and processes outlined in the published Enforcement Approach document. For more information, please visit Enforcement Approach.

 


[1] BNM imposed the AMP pursuant to subsection 234(3)(b)(i) of the FSA and subsection 245(3)(b)(i) of the IFSA.

 

Bank Negara Malaysia
15 August 2024

© Bank Negara Malaysia, 2024. All rights reserved.

Follow us
  • facebook social icon
  • twitter social icon
  • instagram social icon
  • youtube social icon
  • medium social icon
  • telegram icon
  • tiktok icon
Website Tools
  • Search
  • Email Alert
  • Contact Us
  • Download Forms
Legal Notices
  • Terms of Use for BNM Website
  • Terms of Use for BNM Datasets
  • Disclaimer
  • Privacy & Cookie Policy
BNMLINK Contact Centre
  • call-1 icon
    1-300-88-5465 Monday - Friday 9am - 5pm
  • decoration
    e-LINK Form
  • BNM General Line
  • call-1 icon +603 2784 8888
© Bank Negara Malaysia. All rights reserved.
arrow-up icon