BNM imposes Administrative Monetary Penalty and Compound on CIMB Bank Berhad and CIMB Islamic Bank Berhad for non-compliances with the Financial Services Act 2013 and Islamic Financial Services Act 2013
Embargo :27 May 2023
<!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-QCXBYX5C31"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-QCXBYX5C31'); </script>
Enforcement Action Publication Notice 02/2019 (P.N.02/2019)
Bank Negara Malaysia (the Bank) had on 22 February 2019 and 17 May 2019 taken enforcement actions against CIMB Bank Berhad (CIMB Bank) and CIMB Islamic Bank Berhad (CIMB Islamic) for contraventions of the banking secrecy provisions and breach of standards issued pursuant to the Financial Services Act 2013 (FSA) and Islamic Financial Services Act 2013 (IFSA).
(a) Enforcement actions against CIMB Bank:
(i) The Bank has imposed an Administrative Monetary Penalty (AMP) of RM3,400,000 against CIMB Bank pursuant to section 234(3)(b)(i) of the FSA for breach of section 48(1)(a) of the FSA read together with standards stipulated in the Policy Document on Management of Customer Information and Permitted Disclosures (MCIPD Policy Document) dated 17 October 2017 specified by the Bank under section 47(1) of the FSA; and
(ii) The Bank has offered a total compound of RM6,400,000 to CIMB Bank pursuant to section 253(1) of the FSA relating to offences of unauthorized disclosure of CIMB Bank’s customers information to third parties committed under section 133(1) of the FSA.
(b) Enforcement actions against CIMB Islamic:
(i) The Bank has imposed an AMP of RM1,700,000 against CIMB Islamic pursuant to section 245(3)(b)(i) of the IFSA for breach of section 58(1)(a) of the IFSA read together with standards stipulated in the MCIPD Policy Document specified by the Bank under section 57(1) of the IFSA; and
(ii) The Bank has offered a total compound of RM3,200,000 to CIMB Islamic pursuant to section 264(1) of the IFSA relating to offences of unauthorized disclosure of CIMB Islamic’s customers information to third parties committed under section 145(1) of the IFSA read together with section 261 of the IFSA.
The above breaches by CIMB Bank and CIMB Islamic relate to incidents which occurred in 2018.
The AMP and compound amounts were determined taking into account relevant aggravating and mitigating factors which include the voluntary reporting of those incidents to the Bank and the immediate remedial steps that were taken by CIMB Bank and CIMB Islamic to address gaps and further strengthen existing controls to ensure the protection of customer information.
Additionally, both CIMB Bank and CIMB Islamic have committed and begun deploying substantial investments in their IT capability to further enhance the management of customer information.
On 26 March 2019 and 31 May 2019, CIMB Bank and CIMB Islamic paid the compound and AMP imposed by the Bank.
Bank Negara Malaysia
27 May 2023
© Bank Negara Malaysia, 2023. All rights reserved.