Originally published in legal500.com, check the link here
The convergence of financial services and technology is not new as the use of digital innovation in finance sector can be traced back to the 1990s. As advances in technology is evolving, combined with the shift in consumer behaviour and social-economic activities around the world, new business solutions and market opportunities for FinTech have emerged. Over the past decade, we saw large organisations, leading banks and financial institutions in Malaysia expanding their footprint by adopting new technology for their front and back-office systems to meet customers’ demands. Meanwhile, a range of new entrants comprising of local and foreign startups, specialised FinTech companies, consortiums of financial firms in collaboration with technology companies have sprouted rapidly to compete alongside with the traditional financial services providers. These FinTech players are the cornerstones in reshaping payments, money-exchange, lending and wealth management to be more diverse, inclusive, competitive and accessible.
In 2020 and 2021, the FinTech sector thrived significantly as the Covid-19 pandemic and implementation of the Movement Control Order in Malaysia intensified the need for digital connectivity to replace physical interactions between service providers and consumers. According to the Malaysia Fintech Report 2021 published by the Fintech News Malaysia (with reference to statistics obtained from the Central Bank of Malaysia and the Securities Commission Malaysia), the number of FinTech companies in Malaysia have reached 233 in 2020, while the spike in mobile banking usage and cashless payment options became an inevitable trend as consumers continue to adapt the ‘new normal’ to fit their lifestyle. Consequentially, mobile banking transactions grew more than double from RM200 billion in 2019 to RM460 billion in 2020 given the increase in mobile banking subscribers to 20.2 million in 2020 as compared to 17.2 million in 2019. The transaction volume for online banking, e-wallet, and merchant registration for QR code acceptance surged by 49%, 131% and 164% respectively compared to 2019.
Electronic payments and e-wallets are currently leading the FinTech space in Malaysia. Other FinTech sub-sectors are progressively gaining popularity amongst technological-savvy users and retail investors. These sub-sectors include:
Digital fundraising through the Malaysian capital markets
Equity crowdfunding (“ECF”) platforms, which broaden the ability for startups to obtain capital from a pool of individual investors in exchange for shares in startups. Since the SC’s inception and as of 30 September 2021, ECF platforms have raised a total of RM352.11 million, benefiting 222 issuers through 236 campaigns.
Peer-2-peer (“P2P”) financing, where an individual could lend money to enterprises or SMEs via online platform without the use of a bank or financial institution as intermediary. As of 30 September 2021, P2P platforms have provided financing to 3,824 issuers through 25,259 campaigns and raised a total of RM1.94 billion.
Property crowdfunding (“PCF”) platforms, which facilitates a homebuyer to obtain funds to pay for property purchase price through investments from multiple investors.
Digital trading and advisory (‘WealthTech’)
Digital assets (cryptocurrencies limited to BitCoin, Etherum, Ripple, Litecoin and Bitcoin Cash) are traded through digital assets exchanges (“DAX”). In 2020, there were more than 450,000 accounts opened across the registered DAX platforms, namely LUNO, Sinegy and Tokenize Xchange.
Online platforms harness the benefits of machine learning, algorithms and big data to enhance portfolio risks assessment and investment accessibility such as robo-advisors, digital investment management platforms (“DIM”) and digital broker. By end-December 2020, DIM have acquired 199,224 clients compared to 23,803 clients in 2019.
There have been significant interests from various startups and companies offering InsurTech solutions such as end-to-end digital insurance, digital insurance broker and financial aggregation business.
Regulators’ Approach to FinTech
The key regulators are the Central Bank of Malaysia (“BNM”) and the Securities Commission Malaysia (“SC”). Both BNM and SC have been supportive of the FinTech ecosystem, working collaboratively with the Malaysia Digital Economy Corporation (“MDEC”) to facilitate digitalisation and create conducive environment for the ecosystem.
In September 2015, the Alliance of FinTech Community (aFINity) was launched by the SC to nurture FinTech development in capital markets. It aims to facilitate interactions between the SC and various FinTech players (including financial institutions, government agencies, startups and investors), where constructive discussions can take place for the FinTech community to explore new ideas and solutions, exchange insights with the SC at policy formulation stage, and obtain clarity on regulatory matters.
The SC also organizes a FinTech conference annually, commonly known as SCxSC Conference (which stands for Synergistic Collaborations by the SC), for policymakers, innovators, investors and financial service providers to come together and promote awareness on local, regional and global FinTech developments and trends.
As the BNM recognises that certain FinTech business models do not fit into any specific legislation, the Regulatory Sandbox was introduced in October 2016 to enable companies and startups to test new ideas and business models in a live environment without worrying about the regulatory impediments, within a tailored authorization process. According to the BNM’s Annual Report 2020, a takaful operator has recently received approval to live test its peer-to-peer family takaful product through the BNM’s Regulatory Sandbox, and 4 other fintech companies have advanced to the preparation stage for live testing of their solutions.
In the third quarter of 2020, MDEC in collaboration with BNM, established FinTech Booster Programme, to assist FinTech startups (both local and foreign) with insights in respect of regulatory compliance, business and technology relevant for developing new products and services.
In order to promote the P2P financing and ECF markets, the Government also plays a part by increasing its investment through the Malaysia Co-Investment Fund (MyCIF) by allocating RM50 million in matching grant for P2P financing and RM30 million matching grant for ECF respectively.
Although the regulators are aware that they need to be flexible to welcome new entrants and take a more business-friendly approach in allowing sectorial growth, both the BNM and the SC are also cautious in their licensing and approval processes, where only new operators with proper capability and resources will be selected to ensure adequate safeguards and system integrity are in place, and to prevent over-crowding in the FinTech space in Malaysia.
Malaysia’s FinTech Regulatory Framework
There is no specific legislation governing the FinTech sector. FinTech companies remain subject to the existing legislations and regulatory framework applicable to the traditional financial services companies depending on the nature of activities undertaken and types of products or services they offer.
It is pertinent to carefully assess the activities in determining which framework would apply. For example, if a FinTech company carries on any regulated activity which involve banking, investment banking, insurance or takaful, payment system and payment instruments, or related activities under the Financial Services Act 2013 (“FSA”) or the Islamic Financial Services Act 2013 (“IFSA”), and money changing and remittance businesses governed under the Money Services Business Act 2011 (“MSBA”), then such FinTech company must observe and comply with the relevant provisions under the FSA / IFSA and MSBA, which are under the BNM’s administration and supervision.
On the other hand, the SC regulates activities that fall under the Capital Markets and Services Act 2007 (“CMSA”) which include, amongst others, the provision of corporate finance, financial planning and/or investment advice, dealing with derivatives, fund/asset management and stockbroking.
It is noted that the licensing regime for FinTech activities can be broadly divided into 3 categories: ‘License’, ‘Approval’ or ‘Registration’, each represents the degree of the regulatory standards based on the risks they may pose to financial and monetary stability, consumer/investor protection and credit/market risk components that may impact the Malaysian economy. “License” being the most stringent and “Registration” are for less risky activities. Some sub-sectors are regulated by more strictly than others. For example, remittance and money exchange service provider are subjected to licensing by BNM as compared to the registration requirement for the provision of merchant acquiring services.
In addition to the above, there are various guidelines and policies formulated by the BNM (issued pursuant section 266 of the FSA and section 277 of the IFSA) and the SC (section 377 of the CMSA confers the power to issue guidelines as the regulator deems fit) respectively. These guidelines and policies serve as guidance for the FinTech players to address issues applicable to their activities.
Below are some of the pertinent regulatory guidelines and policies (non-exhaustive) issued by the BNM:
Guideline on Electronic Money (E-money and E-Wallets)
Operational Risk Integrated Online Network
Interoperable Credit Transfer Framework
Risk Management in Technology
Participation Rules for Payments and Securities Services
Merchant Acquiring Services
Framework on Electronic Trading Platforms
Business Continuity Management (Exposure Draft)
Payment System Operator (Exposure Draft)
Payment Cards Framework (Exposure Draft)
Anti-Money Laundering Policy
The Anti-Money Laundering, Anti-Terrorism Financing, and Proceeds of Unlawful Activities Act 2001 (the AMLA 2001), which took effect on January 2, 2018, any transaction involving the local currency or any foreign currency above the amount specified by the competent authority must be kept on file or promptly reported to the competent authority. The BNM also released the Digital Currencies (Sector 6) Anti-Money Laundering and Counter-Terrorism Financing Regulations. The Sector 6 Policy Document establishes minimal rules and standards that a reporting institution must adhere to in order to improve the transparency of digital currency transactions, including risk assessment and customer due diligence.
The BNM issued an electronic know-your-customer (e-KYC) policy document (e-KYC Policy Document) on June 30, 2020, that is applicable to all financial institutions and sets out the minimum requirements and standards that a financial institution must follow when implementing e-KYC for the identification and verification of individuals. The e-KYC Policy Document, outlines the requirements for FinTech services providers to obtain board approval on its overall risk appetite and internal mechanism governing the implementation of e-KYC which impose accountability on the board, to use an appropriate combination of authentication factors to verify a customer’s identity through e-KYC, and to use artificial intelligence to automate the decision to verify a customer’s identity through e-KYC.
Other than the above, the SC issued comprehensive regulatory guidelines and policy documents for recognised market operators (“RMOs”), digital currencies and digital assets ecosystem players, digital investment management (“DIMs”) and the most recently, the licensing framework for digital banking.
The SC first issued the Guidelines for Recognised Market Operators on 11 December 2015 (“RMO Guidelines”). A recognised market covers alternative trading venue, marketplace or facility that brings together purchasers and sellers of capital market products. Save for an IEO operator which is subject to registration under the DA Guidelines, all operators for ECF, P2P, DAX, PCF and E-Services platform (“ESP”) are required to register as a recognised market operator pursuant to section 34 of the CMSA, and adhere to the ongoing terms and obligations set out in the RMO Guidelines. The RMO Guidelines have been recently revised effectively on 22 November 2021 aim to:
Increase the fundraising limit on ECF platforms from RM10 million to RM20 million.
Expand the list of permitted issuers on ECF platforms to include unlisted public companies (“UPCs”).
Introduce prospectus requirements for UPCs seeking to raise funds on the ECF platform.
Expand the obligation of an ECF operator to assess and register prospectus prepared by UPCs.
Making editorial amendments and rephrasing certain provision to enhance clarity.
Digital Currencies and Digital Assets
The Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019 came into force on 15 January 2019 (“Order”). Pursuant to the Order, all digital currencies and digital tokens that satisfy the requirements in the Order are prescribed as securities for purposes of securities laws. Additionally, the SC issued the Guidelines on Digital Assets (“DA Guidelines”) in October 2020. In line with digital currencies and digital tokens being prescribed as securities, these DA Guidelines set out the requirements relating to fundraising activity through digital token offering, operationalisation of IEO platform and provision of digital asset custodian (DAC) functions. Any person who intends to make available, offer for purchase, or issue an invitation to purchase digital currencies or tokens needs to seek the SC’s authorisation and obtain prior approval from an IEO operator. An IEO operator acts as an adviser, book runner and underwriter for companies that wish to raise up to RM100 million for innovative blockchain projects through digital tokens issuance. As IEO operator has similar roles as investment banks, it would require an IEO licence and compliance with the stringent requirements relevant to IEO as set out under the DA Guidelines. Since the SC’s introduction of a new framework for IEO operators in October 2020, companies that have applied for an IEO licence, amongst others include, Green Packet Bhd, Managepay Systems Bhd, MyEG Services Bhd and Wetokenize Sdn Bhd.
The CMSA 2007 regulates a DIM, which is a type of fund management. Section 58 of the CMSA 2007 requires DIM firms who provide automated discretionary portfolio management services to apply for a Capital Market Services Licence (“CMSL”) from the SC. Chapter 13 of the Compliance Fund Management Companies Guidelines imposes additional requirements on the DIM, as well as its board of directors and compliance officer, in addition to the requirements that fund management companies are typically subject to in the Guidelines on Compliance Function for Fund Management Companies issued on 14 March 2005 (revised on 4 May 2019, and the latest revision issued on 21 December 2021 with specific amendments relating to rebates and soft commissions to streamline the Guidelines on Unit Trust Funds is scheduled to take effect by 1 March 2022) (“FMC Guidelines”). StashAway Malaysia was the first DIM to get a CMSL in order to begin operations in 2018.
Digital banks and Islamic digital banks must apply for a licence with the BNM pursuant to Section 10 of the FSA or Section 10 IFSA (whichever applicable). BNM issued the a more simplified Licensing Framework for Digital Banks (“DBL Framework”) in December 2020, which outlines the procedures for applications to establish a digital bank in Malaysia. The DBL Framework emphasises on financial inclusion, requiring applicants for a digital banking licence to provide quality access and responsible use of financial services, particularly to underserved or unserved markets such as retail, micro, small, and medium businesses, in a long-term manner.
Future of Malaysia’s FinTech
On July 2, 2021, the BNM announced via its press release that a total of 29 applicants have submitted proposals for digital banking licences. Barring any difficulties, the highly anticipated event for 2022 would be that, Malaysia will become the second country in ASEAN to issue digital banking licenses, after Singapore which issued 4 digital banking licences in 2020. In 2019, Hong Kong led the Asia Pacific area with 8 licences issued. The BNM intends to grant a maximum of 5 digital banking licences to qualifying candidates, each with a RM3 billion asset threshold requirement for the first 5 years of operation. This serves as a fundamental phase for licensees to establish their viability and solid operations, as well as for the Bank to monitor the licenced digital banks’ performance and associated risks.
In line with industry digitalisation efforts, the regulators have been playing pivotal roles to strengthen Malaysia’s capabilities and growth in the areas of FinTech and enforcement:
SC entered into a new Fintech Bridge agreement in 2020 to expand regional collaboration with the Indonesian financial regulator, Otoritas Jasa Keuangan (OJK). The agreement sets out a mechanism between both regulators to refer innovative businesses that wish to operate in the other’s jurisdiction and thus, it is envisage that there will be future joint-innovation projects and regular information sharing between both regulators on any emerging developments or regulatory issues in the fintech space going forward.
The BNM also laid out the major developmental and regulatory priorities for the following five years (2022-2026) in a new financial sector roadmap (Blueprint 3.0). These goals will include supporting technology and data-driven innovation, improving the financial sector’s competitiveness, extending access to and responsible use of financial solutions, and ensuring that financial intermediation stays effective to meet the economy’s future demands. The financial sector’s catalytic role in pushing the sustainability agenda, particularly climate-related risks, will be highlighted in Blueprint 3.0 to promote a smooth transition to a greener economy.
In conclusion, the competition in the banking and finance sector will undoubtedly be very steep going forward. Balancing competition, service efficiency and market stability would likely be a challenge given that FinTech in Malaysia is still in its infancy stage, while regulators will have to constantly adapt and change its regulatory perimeters to deal with emerging providers from time to time.