BNM KYC Form (Malaysia)

A BNM KYC Form (Malaysia) in Malaysia a BNM KYC (Know Your Customer) Form in Malaysia is a customer due diligence document completed by financial institutions, money services businesses, and designated non-financial businesses to identify and verify their customers' identity, beneficial ownership, business activities, and source of funds in compliance with the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA 2001) and the regulatory standards issued by Bank Negara Malaysia (BNM).

AMLA 2001 imposes mandatory customer due diligence (CDD) obligations on "reporting institutions" — defined in the First Schedule of AMLA 2001 to include all licensed banks and financial institutions under the Financial Services Act 2013 (FSA 2013) and Islamic Financial Services Act 2013 (IFSA 2013), insurance companies, takaful operators, money services businesses licensed under the Money Services Business Act 2011, capital market intermediaries licensed by the Securities Commission Malaysia (SC) under the Capital Markets and Services Act 2007 (CMSA 2007), and designated non-financial businesses including accountants, lawyers, and company secretaries.

The BNM Policy Document on Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) — Industry Specific Sectoral Guidelines, updated in 2023 — specifies the minimum CDD information that reporting institutions must collect. For individual customers, this includes full name as per NRIC or passport, identification number, nationality, date of birth, residential address, and source of funds or wealth. For corporate customers, CDD requires the SSM registration number, business address, nature of business, names and identification of all beneficial owners holding 25% or more of the company under Section 14 of AMLA 2001 (as amended by the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities (Amendment) Act 2023), and source of business funds.

Under the BNM AML/CFT Policy Document, reporting institutions must apply a risk-based approach — classifying customers as low, medium, or high risk — and apply enhanced due diligence (EDD) for high-risk customers including politically exposed persons (PEPs) as defined under the Financial Intelligence and Enforcement Department (FIED) guidelines. The Financial Intelligence and Enforcement Department (FIED) of BNM oversees AML/CFT supervision and receives Suspicious Transaction Reports (STRs) from reporting institutions under Section 14A of AMLA 2001.

Non-compliance with AMLA 2001 CDD obligations exposes reporting institutions to significant penalties: Section 86 of AMLA 2001 provides for a fine of up to RM 3 million or imprisonment of up to 5 years, or both, for failure to perform customer due diligence. The BNM KYC Form is the primary documentation instrument through which reporting institutions evidence compliance with these obligations to BNM examiners during AML/CFT supervisory examinations.

The legal framework governing the BNM KYC Form (Malaysia) in Malaysia draws on several key statutes and regulatory bodies. Under Malaysian law, the Contracts Act 1950 (Act 136) governs contractual obligations. The Companies Act 2016 (Act 777) regulates corporate entities through the Companies Commission of Malaysia (SSM). The Employment Act 1955 (Act 265) and the Department of Labour govern employment matters. The Personal Data Protection Act 2010 (Act 709) and the Personal Data Protection Department protect personal data. The Inland Revenue Board of Malaysia (LHDN) administers tax obligations. The Industrial Court adjudicates employment disputes under the Industrial Relations Act 1967 (Act 177). Parties executing a BNM KYC Form (Malaysia) in Malaysia should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Financial Services Act 2013 (Act 758) sets the foundational requirements.

A BNM KYC Form in Malaysia is required whenever a reporting institution under AMLA 2001 establishes a new customer relationship or carries out a specified transaction for an existing customer.

A BNM KYC Form is required when a licensed bank under the Financial Services Act 2013 opens a current account, savings account, fixed deposit, or investment account for a new individual or corporate customer. BNM's AML/CFT Policy Document requires CDD to be completed before account opening.

A BNM KYC Form is needed when a money services business licensed under the Money Services Business Act 2011 — such as a licensed money changer or remittance operator — processes a single transaction or series of transactions exceeding RM 3,000 in any business day for a walk-in customer.

A BNM KYC Form is required when a capital market intermediary licensed under the Capital Markets and Services Act 2007 (CMSA 2007) by the Securities Commission Malaysia opens a trading account, Central Depository System (CDS) account with Bursa Malaysia, or discretionary investment management account for a new client.

A BNM KYC Form is needed when an insurance company or takaful operator licensed under the FSA 2013 or IFSA 2013 issues a life insurance or family takaful policy, or a general insurance or general takaful policy with a single premium exceeding RM 5,000.

A BNM KYC Form is required when a reporting institution identifies a change in customer risk profile — for example, when a customer classified as low risk begins conducting large cash transactions inconsistent with their declared source of funds — triggering re-verification of KYC information under the BNM AML/CFT Policy Document.

A BNM KYC Form is needed when a legal professional, accountant, or company secretary acting as a designated non-financial business under AMLA 2001 assists a client with company formation, property conveyancing, or trust and company management services.

A compliant BNM KYC Form in Malaysia must contain the following essential elements, as required by AMLA 2001 and the BNM AML/CFT Policy Document.

Customer Identification — Individual: Full name as per MyKad (NRIC) or passport, NRIC number (for Malaysians) or passport number and nationality (for foreigners), date of birth, residential address, contact number, email address, occupation and employer details, and source of funds (employment income, business income, investment returns).

Customer Identification — Corporate: Full legal name and SSM registration number under the Companies Act 2016, date and place of incorporation, registered address and principal place of business, nature of business, SST registration number where applicable, and list of authorised signatories with identification documents.

Beneficial Ownership: Identification of all natural persons who ultimately own or control the customer entity directly or indirectly — defined under Section 14 of AMLA 2001 (as amended) as persons holding 25% or more of shares, voting rights, or the right to appoint the majority of directors. For each beneficial owner: full name, NRIC or passport number, nationality, address, and percentage of ownership.

Source of Funds and Source of Wealth: Documentation or declaration of the origin of the funds being deposited or transacted, and the source of the customer's overall wealth. Under the BNM AML/CFT Policy Document, supporting documents such as salary slips, audited financial statements, property sale agreements, or inheritance documents may be required for medium or high-risk customers.

Politically Exposed Person (PEP) Declaration: A declaration whether the customer or any beneficial owner is a PEP — defined under BNM guidelines as a person who is or has been entrusted with a prominent public function, including senior government officials, senior executives of state-owned enterprises, and members of the judiciary — or a family member or close associate of a PEP. PEPs require enhanced due diligence under the BNM AML/CFT Policy Document.

Risk Classification: The reporting institution's assessment of the customer's money laundering and terrorism financing risk — low, medium, or high — with the basis for the classification documented. High-risk customers require enhanced due diligence and senior management approval under the BNM AML/CFT Policy Document.

Declaration and Consent: A declaration by the customer that the information provided is accurate and complete, and consent for the reporting institution to verify information and file reports with BNM's Financial Intelligence and Enforcement Department (FIED) as required under AMLA 2001.

Additional compliance elements for a BNM KYC Form (Malaysia) used in Malaysia include: Under Malaysian law, the Contracts Act 1950 (Act 136) governs contractual obligations. The Companies Act 2016 (Act 777) regulates corporate entities through the Companies Commission of Malaysia (SSM). The Employment Act 1955 (Act 265) and the Department of Labour govern employment matters. The Personal Data Protection Act 2010 (Act 709) and the Personal Data Protection Department protect personal data. The Inland Revenue Board of Malaysia (LHDN) administers tax obligations. The Industrial Court adjudicates employment disputes under the Industrial Relations Act 1967 (Act 177). Forms-legal.com provides this template as a starting point for Malaysia-compliant documentation.