Both the Companies Commission of Malaysia (SSM) and Bank Negara Malaysia (BNM) play pivotal roles in Malaysia’s Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) efforts. While they share the common goal of combating financial crimes, their regulatory frameworks differ significantly. This article outlines the key distinctions between the two, focusing on regulatory scope, risk-based approaches, and reporting requirements, including beneficial ownership. By understanding these differences, organizations subject to both regulators can ensure compliance, mitigate risks, and avoid potential legal and financial penalties.

1. Regulatory Scope

Aspect	SSM	BNM
Regulated Entities	Company secretaries, Trust companies	Financial institutions, nonbank financial institutions (NBFIs), Designated Non-Financial Businesses and Professions (DNFBPs)
Main Activities	Company formation, Trustee services, Nominee shareholders	Broader financial and non-financial services
Legal Framework	AMLA 2001*, Companies Act 2016	AMLA 2001*, Financial Services Act 2013, Islamic Financial Services Act 2013

*AMLA 2001 refers to The Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA).

2. Applicability of AML/CFT Obligations

Companies Commission of Malaysia (SSM):
Focuses primarily on company secretaries and requires them to maintain beneficial ownership (BO) records, conduct Customer Due Diligence (CDD), and file Suspicious Transaction Reports (STRs) if necessary. Additionally, they must perform comprehensive Institutional Risk Assessment (IRA) to identify and mitigate risks related to money laundering and terrorism financing.
Bank Negara Malaysia (BNM):
Broader AML/CFT obligations for all financial institutions, DNFBPs, and NBFIs. BNM’s guidelines cover a wide range of reporting institutions and include detailed CDD, STRs, and compliance management systems.

3. Beneficial Ownership (BO) Reporting

A Beneficial Owner refers to the individual or entity that ultimately owns, controls, or benefits from an asset, transaction, or legal entity, even though the asset or legal entity may be registered in the name of another party. In many cases, the beneficial owner is not the same as the legal owner (i.e., the individual listed in official records) but has significant influence or control over the operations or assets of an entity.

Aspect	SSM	BNM
Threshold for Ownership	20% equity interest or voting shares	25% ownership interest or controlling ownership
Filing Requirements	Required to file BO information annually with SSM and update changes	BO information must be maintained but only reported to BNM if requested
Register of Beneficial Owners	Mandatory to maintain at the company’s registered office	BO information maintained as part of CDD records

4. Risk-Based Approach (RBA)

Companies Commission of Malaysia (SSM):
Company secretaries are required to adopt a Risk-Based Approach by conducting an IRA to assess risks related to customers, geographical areas, and products. A review of the IRA is permitted when necessary. Policies for high-risk customers must be robust to mitigate ML/TF risks.
Bank Negara Malaysia (BNM):
Institutions must implement a comprehensive RBA, conducting risk assessments throughout the customer lifecycle, including onboarding and ongoing due diligence. Enhanced measures are mandated for high-risk customers and jurisdictions.

5. Reporting Obligations

Aspect	SSM	BNM
Suspicious Transaction	Company secretaries report suspicious transactions to BNM	All reporting institutions report suspicious transactions to FIED, BNM
Record Retention Period	Seven years for all CDD and related AML/CFT documentation	Six years, but may be extended if records are under investigation

6. Exemptions and Simplifications

For these small-sized reporting institutions, certain exemptions are allowed. Specifically, the requirement for Policies, Procedures, and Controls (PPC) under Section 11.2 does not apply. Instead, these institutions can adopt Bank Negara Malaysia’s (BNM) policy documents as their own. While these firms are exempt from creating detailed internal AML/CFT frameworks, they are still required to implement core elements of AML/CFT compliance.

Reporting Institution	Exemptions Provided	Requirements
Lawyers and Accountants (5 or fewer practising certificate holders)	Exempt from developing new internal PPC, can adopt BNM policy documents directly.	Exempt from periodic review of AML/CFT policies, no audit function required.
Company Secretaries (≤ 5 licensed)	Exempt from detailed internal policies; may use simplified CDD and screening.	No need for audit; employee screening required only during hiring.
Dealers in Precious Metals or Precious Stones (DPMS) (Turnover < RM 10 million, ≤ 30 employees)	Simplified AML/CFT procedures allowed, adopting BNM policy documents without additional frameworks.	Exempt from periodic policy reviews, audit requirements, and detailed employee training, except for initial screening.

Conclusion

Understanding your specific AML/CFT obligations is key to compliance. While SSM focuses on DNFBPs like company secretaries, and BNM oversees broader financial and non-financial institutions such as legal, Accountant, Dealers in Precious Metals or Precious Stones and so on. Their requirements are complementary but distinct. The differences in thresholds, reporting, and risk-based approaches reflect each regulator’s unique focus. Together, these frameworks strengthen Malaysia’s defenses against money laundering and terrorism financing.

About Ingenique Solutions

Ingenique Solutions Pte Ltd delivers Anti-Money Laundering & Know Your Customer (KYC) screening and due diligence solutions to help small businesses and large enterprises meet their AML/CFT compliance requirements. It is trusted by 1,600+ companies in Hong Kong, Singapore, Malaysia, China and Taiwan, including government Ministry/ Agency, public listed companies, and top leading firms in various sectors.

Recent Posts: