top of page
  • Writer's pictureRajvin Singh Gill

E-Money in Malaysia: An Overview and Bank Negara's New E-Money Policy Document

What is E-Money?

E-money refers to any payment instrument that stores monetary value electronically, including prepaid cards, e-wallets, and mobile payment apps. Ever since the Covid-19 pandemic had hit our shores, the use of e-money has become increasingly popular in Malaysia, with the government promoting its use as part of its push towards a cashless society.


One of the most widely used e-money services in Malaysia is the Touch 'n Go e-wallet, which allows users to store funds electronically and make payments at participating merchants using their smartphones. Other popular e-wallets in Malaysia include Boost, GrabPay, and MaybankPay.


Evidently, E-money is regulated in Malaysia pursuant to the Financial Services Act 2013. Section 11 of the FSA provides that an approval by BNM is required for the issuance of any designated payment instruments in Malaysia. Under the Financial Services (Designated Payment Instruments) Order 2013, E-money is one of the designated payment instruments governed by the Act.


An update to the E-money regulatory framework

The Central Bank of Malaysia, known as Bank Negara Malaysia ("BNM"), released a new Policy Document on Electronic Money on December 30th, 2022 ("Policy Document"). This Policy Document replaces the previous Guidelines on Electronic Money that BNM issued on July 31st, 2008 ("Superseded Guidelines"). It went into effect on December 30th, 2022, except for certain paragraphs that will be implemented on December 30th, 2023.


The recently introduced Policy Document has brought about several modifications to the regulatory framework concerning e-money. These changes comprise:

- a re-categorization of e-money issuers,

- stricter corporate governance standards,

- updated requirements for operational and risk management; and

- increased Information Technology (IT) requirements


Re-categorisation of E-money issuers

In the past, EMIs were classified into two e-money schemes, namely "small schemes" and "large schemes," based on their wallet size and the overall amount of outstanding e-money liabilities. However, under the new Policy Document, EMIs are now classified into three categories as follows:


Standard EMI – refers to an EMI other than an Eligible EMI;


Limited Purpose EMI – refers to an EMI that issues E-money as described in Appendix 2 of the Policy Document (e.g. money which can only be used within a single set of premises in Malaysia). Generally a limited purpose EMI will not be subject to the Policy Document other than, inter alia, the requirement imposed on a non-bank EMI to maintain minimum capital funds; and


Eligible EMI - refers to an EMI which fulfils the criteria set out in Appendix 1, that is, an EMI that has:

  1. At least 500,000 active users for a consecutive period of 6 months beginning 2017;

  2. A market share of at least 5% of the total e-money transaction volume in Malaysia for a given year, beginning 2017;

  3. A market share of at least 5% of the total e-money transaction value in Malaysia for a given year, beginning 2017,

  4. A market share of at least 5% of the total outstanding e-money liabilities in Malaysia for a given year, beginning 2017

Compared to Standard and Limited Purpose EMIs, this category of EMI is subject to higher regulatory compliance expectations.


Enhanced Corporate Governance Requirements

Part B of the Policy Document outlines BNM's expectations concerning the governance structure of an e-money issuer (EMI). These requirements encompass everything from the composition of the EMI's board to the responsibilities and prerequisites of senior management positions.



Essentially, the board shall function in such a way so as to undertake the overall responsibility for promoting the sustainable growth and financial soundness of an EMI, and for ensuring reasonable standards of fair dealing, without undue influence from any party. In achieving so, the Policy Document sets out detailed requirements right from the appointment of board members to the manner in which board meetings are to be carried out.


The Policy Document also sets out the elements of an EMI’s control function including the appointment, roles and responsibilities of compliance, risk management and internal audit departments.


Revised Operational and Risk management requirements

Part C of the Policy Document sets out additional operational and risk management- related conditions to be satisfied by EMIs. Some of the salient conditions are set out below:


Revised minimum capital funds requirements

Presently, a significant e-money issuer must have a minimum capital reserve of either RM5,000,000.00 or 8% of its total electronic money liabilities, whichever is higher. On the other hand, a small e-money issuer must have a minimum capital reserve of RM100,000.00. However, starting on December 30th, 2022, the minimum capital reserves for EMIs will be as follows:

  • Standard EMI: RM1,000,000.00 or 8% of its outstanding electronic money liabilities, whichever is higher,; and

  • Eligible EMI: RM5,000,000 or 8% of its outstanding electronic money liabilities, whichever is higher.

Revised Threshold for approval requirement with respect to increase in purse limit

In the past, a significant e-money issuer had to receive approval from BNM to raise its maximum purse limit to any amount above RM1500. However, under the new Policy Document, an EMI only has to obtain BNM's approval if the purse limit increase exceeds RM5,000.00, or if there are any changes to the E-money's functionality or product features.



Nonetheless, a notification requirement applies to any increase in wallet limit below the RM5000.00 threshold, provided that there are no changes to the E-money's functionality or product features.


Safeguarding of Funds

Notwithstanding the issuance of the new Policy Document, the following requirements under the Superseded Guidelines will continue to apply until 30 December 2023.


According to the Superseded Guidelines, the Issuer of a large e-money scheme was required to place collected funds from the e-money issued in a trust account with a licensed banking institution. These funds were to be utilized only for user refunds and merchant payments, and investments were restricted to high-quality, liquid ringgit assets such as deposits placed with licensed banking institutions, debt securities, and so on. EMIs who were unable to limit their operations to e-money business exclusively had to deposit and sustain an additional 2% of their outstanding e-money liabilities in the trust account at all times.



In the case of issuers of a small e-money scheme, funds collected from the issued e-money must be placed in a deposit account with a licensed banking institution, kept separate from other accounts and managed in a manner similar to a trust account arrangement. The issuer is responsible for ensuring that the funds in the deposit account are solely used for user refunds and merchant payments, and they should not be invested in any assets other than bank deposits.


Starting from December 30, 2023, EMIs will be subject to safeguarding requirements outlined in Paragraph 16 of the Policy Document. Additionally, the Policy Document has introduced new requirements, including the following:

  • If a non-bank EMI's total outstanding e-money liabilities exceed the funds held in the trust account, the EMI will be encouraged to deposit additional funds into the trust account within one working day to ensure that there are enough funds in the trust account to cover the outstanding e-money liabilities at all times.

  • An EMI is recommended to spread out the placement of funds received for issued e-money among bank accounts maintained at various banking institutions to reduce risk exposure to a single banking institution.

  • A non-bank EMI must ensure that it has enough liquidity for its daily operations. The EMI must maintain a minimum liquidity ratio of 1.


Refunds and Withdrawals

The Policy Document has introduced new requirements regarding the withdrawal and refund of e-money. In relation to the withdrawal of e-money, an EMI must ensure the following:

  • Any physical cash withdrawal outside of Malaysia using e-money must only be in foreign currency.

  • If e-money balances are transferred to a bank account, any withdrawal of funds from the e-money account must be deposited into the customer's own bank account with a banking institution, unless the EMI is part of the Real-Time Retail Payments Platform and offers credit transactions that allow e-money balances to be withdrawn to other bank or e-money accounts.


Outsourcing Arrangement

Starting from 30 December 2023, prior approval from BNM will be necessary for EMIs to establish new material outsourcing agreements or make any significant amendments to current material outsourcing contracts. The Policy Document introduces improved requirements for outsourcing agreements that outline the specific provisions to be incorporated in such contracts, as well as the conditions for outsourcing beyond Malaysia and outsourcing utilizing cloud services.


White Labelling

Before an EMI can enter into a white labelling agreement for the first time or make any significant changes to its existing white labelling agreement, it is necessary to obtain written approval from BNM beforehand. An EMI also should at a minimum, conduct, amongst others, proper due diligence on the partner or entity that it plans to offer the white labelling solution to, which includes assessments on their credibility and capability.


Prohibition of promotion or cross-selling of financial products or services

A non-bank EMI is not allowed to use its e-money platform or system to promote or cross-sell any financial products or services, unless it has obtained written approval from BNM beforehand


Enhanced IT Requirements


The Policy Document's Part D covers extensive IT-related requirements, including technology operational management, cybersecurity management, technology audit, internal awareness and training, and control measures for mobile technology such as internet and mobile applications and devices, as well as Quick Response (QR) codes. These regulations will take effect on December 30, 2023.

The Policy Document is available on BNM’s website www.bnm.gov.my. and downloadable by clicking on the button below.




Comments


bottom of page