<!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-QCXBYX5C31"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-QCXBYX5C31'); </script>

Navigation

  • Skip to Content
BNM Logo BNM Logo
  • About Us
      Our Roles Board of Directors Governor Management Committee Senior Officers of BNM Organisation Structure Statutory Committees
  • Topics
  • News & Events
      Press Releases Public Notices Speeches Calendar of Events Events at BNM Procurement
  • Rates & Statistics
  • Publications
  • Regulations
      Legislation Standards & Guidelines FSP Directory Enforcement Actions
  • Careers
      Join Us Job Vacancies Kijang Graduate Programme Internships Scholarships
  • Contact Us
      Contact Us BNM Offices Whistleblowing Policy
Search

Language Selector

melayu

Breadcrumb

  1. Home
  2. News & Events
  3. Press Releases
  4. BNM has imposed an Administrative Monetary Penalty on Bank Kerjasama Rakyat Malaysia Berhad for non-compliance with the Development Financial Institutions Act 2002 and the Risk Management in Technology Policy Document

Asset Publisher

null BNM has imposed an Administrative Monetary Penalty on Bank Kerjasama Rakyat Malaysia Berhad for non-compliance with the Development Financial Institutions Act 2002 and the Risk Management in Technology Policy Document

BNM has imposed an Administrative Monetary Penalty on Bank Kerjasama Rakyat Malaysia Berhad for non-compliance with the Development Financial Institutions Act 2002 and the Risk Management in Technology Policy Document

Embargo : For immediate release Not for publication or broadcast before 0104 on Thursday, 31 July 2025
31 Jul 2025

Bank Negara Malaysia has imposed an Administrative Monetary Penalty (AMP) on Bank Kerjasama Rakyat Malaysia Berhad (BKRM) for non-compliance with the Development Financial Institutions Act 2002 (DFIA) and the Risk Management in Technology Policy Document (RMiT PD)

On 16 June 2025, Bank Negara Malaysia (BNM) imposed an AMP[1] of RM2,850,000 on BKRM for non-compliance with section 41(4)(a) of the DFIA, read together with paragraph 10.32 of the RMiT PD, which came into effect on 1 June 2023.

Under paragraph 10.32 of the RMiT PD, financial institutions must ensure that their relevant critical systems are designed for high availability. This means a:

a) cumulative unplanned downtime that affects user interface of not more than four hours on a rolling 12-month basis; and

b) maximum tolerable downtime of 120 minutes per incident.

Between 1 June 2023 and 31 December 2024, BKRM experienced multiple unplanned downtimes that caused prolonged disruptions to its banking services, such as e-banking channels, Automated Teller Machines (ATMs), including debit and credit card systems. The duration of these disruptions breached the thresholds specified in paragraph 10.32 of the RMiT PD. BKRM’s non-compliance resulted from lapses in executing the response and recovery process to restore the disrupted systems promptly. This has impacted the availability of essential banking services for its customers and counterparties.

BKRM has since taken necessary actions to enhance its recovery capabilities and strengthen its IT infrastructure as part of its multi-year technology infrastructure investment plan to prevent future non-compliance.

In determining the imposition of the AMP, BNM considered the relevant aggravating and mitigating factors, including:

  1. BKRM’s failure to take reasonable steps to mitigate the downtime incidents, which resulted in the non-compliance;
  2. the severity of the non-compliance, including the impact of the service disruption on customers and counterparties;
  3. BKRM’s past compliance record; and
  4. effectiveness of remedial actions to prevent recurrence of breaches.

BNM expects all financial institutions to maintain a high level of technology resilience against operational disruptions to ensure the continuous availability of essential financial services. BNM will not hesitate to take appropriate supervisory and enforcement actions when financial institutions fall short of regulatory expectations. 

BKRM paid RM2,850,000 for the AMP imposed by BNM on 26 June 2025.

The enforcement action taken against BKRM was carried out in line with the approach and processes outlined in the Enforcement Approach.

 


[1] BNM imposed the AMP pursuant to section 106A(3)(b)(i) of the DFIA.

Bank Negara Malaysia
31 July 2025

© Bank Negara Malaysia, 2025. All rights reserved.

Follow us
  • facebook social icon
  • twitter social icon
  • instagram social icon
  • youtube social icon
  • medium social icon
  • telegram icon
  • tiktok icon
Website Tools
  • Search
  • Email Alert
  • Contact Us
  • Download Forms
Legal Notices
  • Terms of Use for BNM Website
  • Terms of Use for BNM Datasets
  • Disclaimer
  • Privacy & Cookie Policy
BNMLINK Contact Centre
  • call-1 icon
    1-300-88-5465 Monday - Friday 9am - 5pm
  • decoration
    e-LINK Form
  • BNM General Line
  • call-1 icon +603 2784 8888
© Bank Negara Malaysia. All rights reserved.
arrow-up icon