Bank Negara Malaysia revises policy document on Risk Management in Technology: Rahmat Lim & Partners

19 January 2026

On 28 November 2025, Bank Negara Malaysia issued a revised policy document on Risk Management in Technology (RMiT) (“Policy Document”) which aims to strengthen the management of technology and cyber risks, improve the availability and resilience of financial services, and maintain public trust in the security of the financial system.

The Policy Document has been revised to:

expand its applicability to include non-bank merchant acquirer and intermediary remittance institutions, each having a market share of at least 5% of the total transaction value or volume of their respective services in Malaysia for a given year;
enhance the resilience of financial institutions to service disruptions, including adopting a customer-centric approach to manage intermittent issues;
heighten cyber security controls and practices in line with global standards;
strengthen the security of digital services through stronger fraud detection, proactive monitoring, and customer empowerment; and
facilitate the secure adoption of new or advanced technologies.