Skip to main content

Malaysia’s Response to FATF Virtual Asset Risks

Introduction

Cryptocurrencies and various virtual assets (VAs) are transforming the international financial environment by facilitating rapid, decentralized, and borderless transactions.

Even so, these very features also introduce certain vulnerabilities, particularly concerning money laundering (ML), terrorism financing (TF), and proliferation financing (PF).

In response to these challenges, the Financial Action Task Force (FATF) has established global standards aimed at regulating virtual asset service providers (VASPs) and reducing the incidence of financial crime.

Although Malaysia is not a significant centre for crypto-related criminal activities, the nation recognizes the escalating risks and has initiated measures to align its regulatory frameworks with the FATF's recommendations.

FATF Standards and the Global Challenge

In 2019, the FATF revised Recommendation 15 and its Interpretive Note (R.15/INR.15) to encompass virtual assets and VASPs within the framework of anti-money laundering and counter-terrorism financing (AML/CFT) regulations.

A significant aspect of this revision is the Travel Rule, which mandates that VASPs disclose identifying information regarding both originators and beneficiaries during virtual asset transfers.

Still, a review conducted by FATF in 2023 indicated that more than 75% of jurisdictions are either partially compliant or entirely non-compliant, with over half showing no advancement in the implementation of the Travel Rule i.e. the information that should accompany transfers of funds and certain crypto assets.

This inconsistency on a global scale enables criminal and terrorist organizations to take advantage of jurisdictions with lax enforcement.

Additionally, emerging technologies such as decentralized finance (DeFi), unhosted wallets also referred to as cold storage or self-custody wallets and non-fungible tokens (NFTs) further complicate regulatory oversight due to their decentralized and peer-to-peer characteristics.

These trends highlight the pressing need for nations to revise their regulatory and enforcement strategies while fostering greater international cooperation.

Malaysia’s VA Risk Landscape and VARA 2024 Findings

Although Malaysia's virtual asset (VA) market is relatively small, the 2024 Virtual Asset Risk Assessment (VARA) conducted by the National Coordination Committee to Counter Money Laundering (NCC) identifies emerging threats.

The NCC is the highest governmental committee in charge of coordinating, implementing and monitoring the development of national AML/CFT regime in Malaysia.

Illicit activities related to virtual assets in Malaysia represent less than 1% of global incidents, primarily involving fraud, drug trafficking, and illegal gambling.

To date, there have been no reported cases of terrorist financing or proliferation financing associated with virtual assets in the country.

However, Malaysia remains indirectly vulnerable to global threats. Foreign Virtual Asset Service Providers (VASPs), which frequently offer anonymous services and complex products such as mixers or mining pools, are increasingly exploited for illegal activities, occasionally routing transactions through Malaysian platforms.

As well, cross-border transactions involving widely used cryptocurrencies like Bitcoin (BTC), Ethereum (ETH), and Tether (USDT) present further risks.

Despite these challenges, the findings of the 2024 VARA indicate that Malaysia's detection mechanisms, including suspicious transaction reporting and regulatory oversight, are functioning effectively.

Nonetheless, ongoing vigilance is essential to navigate the increasing complexity of the virtual asset landscape.

Enforcement Strategies and Institutional Responses

Malaysia's framework for Anti-Money Laundering and Counter Financing of Terrorism, spearheaded by Bank Negara Malaysia (BNM) and the Securities Commission (SC), has initiated regulatory measures for VASPs.

On the other hand, achieving full compliance with the FATF standards, particularly regarding the implementation of the Travel Rule, remains a critical objective.

It is imperative that amendments to the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) explicitly address the emerging risks associated with unhosted wallets, decentralized finance (DeFi) platforms, and stablecoins.

In the realm of law enforcement, the Royal Malaysia Police (PDRM), particularly through its Commercial Crime Investigation Department (CCID), must establish specialized cybercrime units focused on virtual asset investigations.

These units require comprehensive training in blockchain forensics, transaction tracing, and monitoring of the dark web. By collaborating with blockchain analytics firms such as Chainalysis or Elliptic, PDRM can enhance its capabilities to track and disrupt illicit activities involving cryptocurrencies.

Also, the Malaysian Anti-Corruption Commission (MACC) is crucial in identifying public officials who may be involved in corruption or negligence related to cryptocurrencies.

As digital assets are increasingly utilized to obscure wealth, MACC must employ forensic tools to uncover hidden wallets and monitor undeclared holdings effectively.

To optimize these efforts, Malaysia should consider institutionalizing a permanent task force that includes representatives from PDRM, MACC, BNM, and the SC.

Strengthening international cooperation, particularly with ASEAN partners and Interpol, will facilitate intelligence sharing and bolster cross-border investigations.

By taking a leadership role in regional regulatory harmonization, Malaysia can help bridge enforcement gaps throughout Southeast Asia, thereby enhancing the overall effectiveness of its AML/CFT framework.

Private Sector Compliance and Long-Term Strategy

An effective Anti-Money Laundering (AML) and Counter Financing of Terrorism (CFT) framework requires active participation from the private sector. In the context of Malaysia, it is essential for VASPs to implement robust know-your-customer (KYC) protocols.

These protocols should include the obligation to report any suspicious activities and to adopt technologies that comply with the Travel Rule.

Furthermore, the government can enhance the resilience of these platforms against cyber threats, such as hacking and ransomware, by offering incentives aimed at improving cybersecurity measures.

Beyond enforcement actions, Malaysia should cultivate a forward-thinking regulatory environment. This involves supporting fintech startups through the creation of regulatory sandboxes, which allow for innovation within a controlled framework.

Moreover, specialized training programs should be developed for AML/CFT personnel to equip them with knowledge regarding the specific risks associated with cryptocurrencies.

Active participation in the FATF working groups that focus on financial technology (fintech) and regulatory technology (regtech) is also crucial for fostering collaboration and sharing best practices in this rapidly evolving sector.

Conclusion

The FATF has emphasized the critical need for a cohesive global regulatory framework for virtual assets. However, the extent to which these standards are implemented varies significantly among different jurisdictions.

In Malaysia, the current risks linked to virtual assets are considered manageable; however, there is a discernible increase in these risks, particularly due to the involvement of foreign Virtual Asset Service Providers (VASPs) and the rise in cross-border transactions.

The 2024 VARA report indicates that Malaysia's existing regulatory framework is predominantly effective. For example, the SC oversees digital assets in Malaysia through the Capital Markets & Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019, which has allowed the SC to establish guidelines for the offering and trading of digital assets.

However, it is essential for the nation to implement proactive strategies to address emerging threats.

By improving regulatory compliance, enhancing enforcement capabilities, and promoting collaboration with the private sector, Malaysia can position itself as a regional frontrunner in the secure and innovative governance of virtual assets.

© All rights are reserved.

22.04.2025

https://www.malaysiakini.com/columns/741138

Comments

Popular posts from this blog

Constitution of Malaysia: An Introduction Part 5

7 (1) No person shall be punished for an act or omission which was not punishable by law when it was done or made, and no person shall suffer greater punishment for an offence than was prescribed by law at the time it was committed. (2) A person who has been acquitted or convicted of an offence shall not be tried again for the same offence except where the conviction or acquittal has been quashed and a retrial ordered by a court superior to that by which he was acquitted or convicted.

Brexit: A lesson for Malaysians

Yesterday, Britons through a referendum made a decision to leave European Union. The ruling Conservative Party divided on this referendum and David Cameron in favour of ‘Remain’ was defeated outright. Even though he is disagreed with the decision of Britons, he announced that he is resigning from his premiership in respect of people’s decision. We can expect in a mature democracy country like United Kingdom this is vastly anticipated to be transpired.   A few days ago, the current Chief Commissioner of Malaysian Anti-Corruption of Commission made a statement that he is stepping down from his position and there are some rumours indicating that a few prominent officers from the said Commission will either resign or retire. It’s very eccentric news for Malaysians as it will have a profound impact on bribery and corruption issues in Malaysia as a whole. Recently, the results of two by elections were won by Barisan Nasional, the ruling party of Malaysia. Many promises had been...

Trump's role in the Israel-Hamas ceasefire

As the Israel-Hamas ceasefire, scheduled to commence on Jan 19, 2025, approaches, it is essential to examine the potential impact of president-elect Donald Trump on this event and Middle East security. Considering Trump’s past foreign policy actions, especially those concerning Israel, alongside the wider geopolitical environment, his prospective role in shaping the ceasefire and future peace initiatives is intricate and layered. Historical influence Trump’s initial term as president was characterised by a robust endorsement of Israel, a position that resonated with his domestic political supporters and simultaneously altered US foreign policy, thereby impacting the wider dynamics of the Middle East. Key actions during this period included the formal acknowledgement of Jerusalem as the capital of Israel, the transfer of the US embassy to that city, and the withdrawal from the 2015 Iran nuclear agreement. These measures solidified his rapport with Israeli leadership and exemplified his ...