Malaysia’s Budget 2026, unveiled by Prime Minister Datuk Seri Anwar Ibrahim on October 10, arrives at a defining moment for the nation’s digital security. Between January and October 2024, Malaysians lost an estimated RM1.22 billion to scams, an amount that dwarfs the RM20 million allocated last year to the National Scam Response Centre (NSRC).
These losses are not mere
statistics; they represent shattered livelihoods, broken trust, and the erosion
of public faith in Malaysia’s digital economy. Against this backdrop, Budget
2026’s expanded allocation of RM21.2 billion to the Home Ministry with a focus
on strengthening national security, modernising enforcement, and tackling cyber
threats marks a pivotal shift.
The inclusion of a new Cybercrime
Bill, alongside fresh funding for digital enforcement units, signals that the
government finally recognises cybercrime not just as a policing issue, but as a
national integrity and economic resilience challenge.
Yet the real test lies in
execution. Budget 2026’s commitments must translate into a smarter, more
coordinated, and data-driven approach to fighting scams one that balances
prevention, rapid disruption, and victim recovery. Legislation, technology, and
enforcement must now converge into an ecosystem capable of protecting citizens
in an increasingly digital Malaysia.
Building Prevention by Design
Prevention remains the most
cost-effective and enduring defence against scams. While the Cybercrime Bill
and new enforcement assets will empower agencies, the first line of protection
begins with citizens. Budget 2026 should transform public education on scams
from sporadic awareness drives into a sustained national literacy effort.
Digital safety should be taught
in schools, community centres, and workplaces, integrated into both curriculum
and lifelong learning programmes. Malaysia’s diverse demographic landscape
demands customised outreach materials in multiple languages, content tailored
for rural and senior populations, and partnerships with religious and community
organisations.
Grassroots networks and NGOs,
particularly those working with high-risk groups such as retirees or new
digital users, should receive dedicated grants to run local cyber-awareness
initiatives. By empowering communities with knowledge and vigilance, Malaysia
can shrink the pool of potential victims over time.
However, awareness alone is
insufficient without structural safeguards in digital platforms. Budget 2026
must encourage or mandate financial institutions, fintech platforms, and telcos
to adopt “scam-resistant” design measures. These include pop-up warnings during
risky transfers, temporary delays for large transactions, AI-driven pattern
detection, and confirmation prompts for new payees.
These small frictions “speed
bumps” in the user journey that create crucial moments for reflection,
potentially saving thousands from impulsive fraud transfers. The government
should provide tax incentives, innovation grants, or co-funding schemes to accelerate
adoption, particularly for smaller financial platforms that lack in-house
R&D budgets.
Ultimately, prevention must be treated as digital infrastructure no less essential than cybersecurity firewalls or police patrols. Every ringgit spent educating the public or embedding safety features in platforms prevents many more in losses downstream.
Disruption Through
Coordination and Technology
While prevention addresses human
behaviour, disruption targets the criminal ecosystem. The NSRC’s success in
blocking RM380 million in suspicious transactions is commendable, yet the
figure pales against the national scale of losses. Budget 2026 rightly acknowledges
this gap, allocating RM12 million to strengthen the NSRC, now placed directly
under police management.
This restructuring can enhance
speed and coordination, but Malaysia must go further by building a Unified
National Analytics and Disruption Platform, a technological “nerve centre”
linking banks, telcos, fintech firms, customs, police, and regulators.
This platform, powered by
artificial intelligence and network analysis, would detect anomalies, flag mule
accounts, trace cross-border money flows, and trigger asset freezes in real
time. It should integrate blockchain forensics to track digital wallets and use
predictive analytics to identify scam networks before they strike. Crucially,
the platform must feature a “kill switch” function, an automated system capable
of halting high-risk transactions mid-stream when red flags are triggered.
The forthcoming Cybercrime Bill
is expected to provide the legal scaffolding for this integration, clarifying
the authority to share data across institutions, standardising digital evidence
handling, and empowering enforcement agencies to freeze assets held overseas.
Yet legislation must be matched
by operational capacity. Budget 2026’s allocations should include funding for
specialised training in cyber forensics, data analytics, and cross-border
investigation. Too often, technology investments fail because agencies lack the
expertise or coordination to use them effectively.
To complement these technological
upgrades, Anwar announced RM1 billion for enforcement assets, including police
intelligence vehicles, maritime patrol vessels, and surveillance aircraft.
While these assets primarily strengthen physical security, the integration of
intelligence capabilities across land, sea, and digital domains could form a
new hybrid enforcement model, one that recognises the fusion of online and
real-world crime.
Victim Recovery as a Core
Measure of Justice
Beyond prevention and
enforcement, Budget 2026 must redefine success in combating scams by placing
victims at the centre. Financial crime leaves deep psychological and emotional
scars. Yet victims often face a maze of reporting channels and legal processes
that compound their trauma. A national anti-scam strategy must therefore
include mechanisms for restitution and recovery.
The government should establish a
Victim Recovery Fund, possibly financed through a mix of federal funds and
levies on regulated financial institutions. This fund would provide partial
compensation while investigations are ongoing, ensuring victims are not left
destitute. A one-stop online portal should also be created to streamline
reporting, track case progress, and provide access to legal advice and
counselling.
Budget 2026’s focus on
modernising the police’s Criminal Investigation Department, including RM20
million for the D11 Division which investigates sexual, women, and child
exploitation crimes, demonstrates growing awareness that digital crime has
human costs.
The division’s upgrades, such as
advanced forensic systems and a new Behavioural Science Unit, should serve as a
model for a similar Digital Victim Support Unit within the NSRC. Success should
be measured not just by arrests or seizures, but by recovery rates, resolution
times, and victim satisfaction.
Institutional Incentives and
Accountability
No strategy will succeed if
enforcement remains fragmented. Malaysia’s anti-scam response currently spans
multiple agencies like the police, Bank Negara, MCMC, NACSA, and others often
operating in silos. Budget 2026 can realign these structures by tying funding
to cooperation. Joint task forces could receive shared performance-based
grants, and co-budget lines could require multi-agency participation.
Establishing a permanent Public Safety and Cybercrime Coordination Centre, with
embedded liaisons from the police, central bank, customs, and regulators, would
institutionalise collaboration.
The RM1.5 billion allocated for
upgrading enforcement facilities including police headquarters, marine
complexes, and border posts presents an opportunity to integrate cyber
capabilities within these hubs. Digital command rooms, forensic labs, and
secure data-sharing networks should be standard in new infrastructure.
Accountability must be equally
rigorous. Budget allocations should include sunset clauses, midterm
evaluations, and independent audits. Transparency dashboards showing funds
recovered, case closure rates, and response times would enhance public
confidence. Procurement of cyber tools should follow strict competitive
bidding, with lifecycle budgeting to prevent waste and corruption.
Preparing for the Next
Frontier
Scam networks today are
intertwined with money laundering, illegal gambling, and organised
transnational syndicates. Budget 2026’s provisions for the National Cyber
Security Agency (NACSA) which will establish a Cybersecurity and Cryptology
Development Centre reflect foresight in reinforcing Malaysia’s digital
sovereignty. The centre should lead research in AI-driven threat detection,
quantum security, and cyber forensics, while serving as a regional hub for
ASEAN-level cooperation.
To protect the nation’s borders
and digital perimeters alike, the Malaysian Border Control and Protection
Agency (MCBA) have received RM45 million to strengthen operations and manpower.
This investment must also include digital surveillance integration, as many
smuggling and trafficking operations now rely on cyber-enabled coordination.
Furthermore, the government
should establish a contingency innovation fund - a rapid-response pool for
testing emerging technologies against novel threats such as AI-generated
impersonations and deepfakes. Investing in adaptive innovation will ensure
Malaysia’s cyber defences remain one step ahead of evolving criminal tactics.
A Strategic Path Forward
Budget 2026 is not merely an
accounting document but it is a reflection of Malaysia’s priorities in an era
where crime no longer respects borders, institutions, or technologies. The
government’s RM21.2 billion allocation to the Home Ministry and its commitment
to the Cybercrime Bill signify a shift toward holistic security - physical,
digital, and psychological. Yet the impact of these measures will depend on
execution: how effectively funds are deployed, agencies are aligned, and
victims are protected.
If Budget 2026 transforms these
commitments into an integrated national ecosystem that anchored on prevention
by design, disruption through coordination, and recovery centred on victims, Malaysia
can reclaim its digital future. But if implementation falters, the next billion
in losses will be only a matter of time. The choice before policymakers is
stark: treat scams as a persistent nuisance, or as a defining test of national
integrity in the digital age.
10.10.2025
Kuala Lumpur.
© All rights reserved.
Comments