Cryptocurrency regulation in Malaysia began with the Securities Commission Malaysia (SCM) publishing the Capital Markets and Services Order of 2019, which classified certain digital currencies and tokens as securities. In 2021, the SCM transposed crypto Travel Rule requirements to the Malaysia national framework through an amendment to the Guidelines on Prevention of Money Laundering and Terrorism Financing for Reporting Institutions in the Capital Market, Guidelines SC-GL/AML-2014 (R2-2021. The Crypto Travel Rule came into force in Malaysia on April 1, 2022.

Timeline of regulatory action:

• January 8, 2019: The SCM published the Capital Markets and Services Order of 2019 (Order 2019), which classified certain digital currencies and tokens as securities.
• April 26, 2021: The SCM introduced Travel Rule requirements in amendments to the Guidelines on Prevention of Money Laundering and Terrorism Financing for Reporting Institutions in the Capital Market.‍
• April 1, 2022: The Crypto Travel Rule entered into force in Malaysia.

‍

1. Is cryptocurrency legal in Malaysia?

In Malaysia, cryptocurrencies are legal and classified as securities under Order 2019, but they are not recognized as legal tender or payment instruments by the country's central bank, Bank Negara Malaysia.

‍

2. Are there any AML crypto regulations in Malaysia?

Yes. Malaysian VASPs must comply with the AML guidelines outlined in the Guidelines SC-GL/AML-2014 (R2-2021).

‍

3. Who regulates cryptocurrency in Malaysia?

The Securities Commission Malaysia (SCM) regulates cryptocurrencies through Order 2019.

‍

4. Are there licensing or registration requirements for VASPs in Malaysia?

Cryptocurrency exchanges in Malaysia must register with the SCM to operate per the Guidelines on Recognized Markets.

‍

‍

FATF Travel Rule Requirements in Malaysia

‍

1. Is the Crypto Travel Rule mandated in Malaysia?

Yes. On April 26, 2021, the SCM introduced amendments to the Guidelines SC-GL/AML-2014 (R2-2021) that set forth Travel Rule requirements in the region.

‍

2. Did Malaysia permit a grace period to comply with the Crypto Travel Rule?

Yes. Travel Rule requirements entered into force in Malaysia on April 1, 2023, roughly 11 months after the AML Guidelines were published.

‍

Complying with the Crypto Travel Rule in Malaysia

‍

1. What is the minimum threshold for the Crypto Travel Rule in Malaysia?

No de minimis threshold applies, according to Malaysia’s Crypto Travel Rule requirements; the same scope of information is to be transmitted regardless of the transaction amount.

‍

2. What personally identifiable information is required to be shared for the Crypto Travel Rule in Malaysia?

Malaysian Originator VASPs must collect and share the following personally identifiable information with the Beneficiary VASP:

‍

From our workshops with Malaysian VASPs, we have learned that collecting and verifying the Place of Birth is not standard practice as part of the customer due diligence process. Hence, Malaysian VASPs routinely opt to transmit the Originator’s Address instead of Date and Place of Birth.

‍

3. Are there differences in customer PII requirements for cross-border transfers versus transfers within Malaysia?

Although paragraph 9.2.1 of the Guidelines specifically mentions cross-border transactions. "A reporting institution which is an ordering institution must ensure that the message or instruction for cross-border wire transfer are accompanied by the following: (...)"), the current stance of the SCM is that the same scope of Travel Rule information transmission obligations apply regardless of whether the transaction is cross-borders or with a Malaysian counterparty.

‍

{{training2="/cta-components"}}

‍

4. What are the non-custodial or self-hosted wallet requirements in Malaysia?

There is no written rule on the requirements applicable when transacting with self-hosted wallets. However, this is part of VASP's travel rule policies & procedures reviewed by the supervisory authorities. 

‍

5. What are the Beneficiary VASP obligations in Malaysia?

A beneficiary institution must take reasonable measures, including post-event or real-time monitoring where feasible, to identify transfers that lack the required originator information or beneficiary information. [1]

A beneficiary institution must have effective risk-based policies and procedures for determining- (a) when to execute, reject, or suspend a wire transfer lacking the required originator or beneficiary information; and (b) the appropriate follow-up action. [2] 

‍

Why choose Notabene for Crypto Travel Rule Compliance in Malaysia?

Notabene stands as the optimal solution for Crypto Travel Rule compliance in Malaysia. Its trusted partnerships with registered digital asset exchanges, wide reachability with the Notabene Network, and comprehensive compliance solutions tailored to Malaysia's regulatory requirements make it the ideal choice. Notabene has a proven track record of assisting VASPs globally and locally, further solidifying its reliability.

Currently, there are four registered digital asset exchanges operating under cryptocurrency regulations in Malaysia: Luno Malaysia, MX Global, SINEGY Technologies, and Tokenize Technology. All of these exchanges have selected Notabene to fulfill their Travel Rule compliance needs. To engage with them and send Travel Rule-compliant transactions, simply utilize the Notabene Network.

By opting for Notabene, VASPs can ensure the efficient and secure transmission of Travel Rule-compliant transactions. This demonstrates their commitment to meeting the regulatory obligations set by the Securities Commission Malaysia.