Cryptocurrency Risks Malaysia S Response To Fatf Standards

---

Cryptocurrencies and various virtual assets are transforming the international financial environment by facilitating rapid, decentralised, and borderless transactions.
Even so, these very features also introduce certain vulnerabilities, particularly concerning money laundering, terrorism financing, and proliferation financing.
In response to these challenges, the Financial Action Task Force (FATF) has established global standards aimed at regulating virtual asset service providers (VASPs) and reducing the incidence of financial crime.
Although Malaysia is not a significant centre for crypto-related criminal activities, the nation recognises the escalating risks and has initiated measures to align its regulatory frameworks with the FATF's recommendations.
FATF standards and the global challenge
In 2019, the FATF revised Recommendation 15 and its Interpretive Note to encompass virtual assets and VASPs within the framework of anti-money laundering (AML) and counter-terrorism financing (CFT) regulations.
A significant aspect of this revision is the Travel Rule, which mandates that VASPs disclose identifying information regarding both originators and beneficiaries during virtual asset transfers.
Still, a review conducted by FATF in 2023 indicated that more than 75 percent of jurisdictions are either partially compliant or entirely non-compliant, with over half showing no advancement in the implementation of the Travel Rule ie the information that should accompany transfers of funds and certain crypto assets.
This inconsistency on a global scale enables criminal and terrorist organisations to take advantage of jurisdictions with lax enforcement.
Additionally, emerging technologies such as decentralised finance, unhosted wallets also referred to as cold storage or self-custody wallets and non-fungible tokens (NFTs) further complicate regulatory oversight due to their decentralised and peer-to-peer characteristics.
These trends highlight the pressing need for nations to revise their regulatory and enforcement strategies while fostering greater international cooperation.
Virtual asset risk landscape
Although Malaysia's virtual asset market is relatively small, the 2024 Virtual Asset Risk Assessment (Vara) conducted by the National Coordination Committee to Counter Money Laundering (NCC) identifies emerging threats.
The NCC is the highest governmental committee in charge of coordinating, implementing and monitoring the development of the national AML/CFT regime in Malaysia.
Illicit activities related to virtual assets in Malaysia represent less than one percent of global incidents, primarily involving fraud, drug trafficking, and illegal gambling.
To date, there have been no reported cases of terrorist financing or proliferation financing associated with virtual assets in the country.
However, Malaysia remains indirectly vulnerable to global threats. Foreign VASPs, which frequently offer anonymous services and complex products such as mixers or mining pools, are increasingly exploited for illegal activities, occasionally routing transactions through Malaysian platforms.
As well, cross-border transactions involving widely used cryptocurrencies like Bitcoin, Ethereum, and Tether present further risks.
Despite these challenges, the findings of the 2024 Vara indicate that Malaysia's detection mechanisms, including suspicious transaction reporting and regulatory oversight, are functioning effectively.
Nonetheless, ongoing vigilance is essential to navigate the increasing complexity of the virtual asset landscape.
Enforcement strategies
Malaysia's framework for Anti-Money Laundering and Counter Financing of Terrorism, spearheaded by Bank Negara Malaysia (BNM) and the Securities Commission (SC), has initiated regulatory measures for VASPs.
On the other hand, achieving full compliance with the FATF standards, particularly regarding the implementation of the Travel Rule, remains a critical objective.
It is imperative that amendments to the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) explicitly address the emerging risks associated with unhosted wallets, decentralised finance platforms, and stablecoins.
In the realm of law enforcement, the police, particularly through their Commercial Crime Investigation Department, must establish specialised cybercrime units focused on virtual asset investigations.
These units require comprehensive training in blockchain forensics, transaction tracing, and monitoring of the dark web.
By collaborating with blockchain analytics firms such as Chainalysis or Elliptic, the police can enhance their capabilities to track and disrupt illicit activities involving cryptocurrencies.
Also, the MACC is crucial in identifying public officials who may be involved in corruption or negligence related to cryptocurrencies.
As digital assets are increasingly utilised to obscure wealth, MACC must employ forensic tools to uncover hidden wallets and monitor undeclared holdings effectively.
To optimise these efforts, Malaysia should consider institutionalising a permanent task force that includes representatives from the police, MACC, BNM, and the SC.
Strengthening international cooperation, particularly with Asean partners and Interpol, will facilitate intelligence sharing and bolster cross-border investigations.
By taking a leadership role in regional regulatory harmonisation, Malaysia can help bridge enforcement gaps throughout Southeast Asia, thereby enhancing the overall effectiveness of its AML/CFT framework.
Private sector compliance
An effective AML and CFT framework requires active participation from the private sector. In the context of Malaysia, it is essential for VASPs to implement robust know-your-customer protocols.
These protocols should include the obligation to report any suspicious activities and to adopt technologies that comply with the Travel Rule.
Furthermore, the government can enhance the resilience of these platforms against cyber threats, such as hacking and ransomware, by offering incentives aimed at improving cybersecurity measures.
Beyond enforcement actions, Malaysia should cultivate a forward-thinking regulatory environment. This involves supporting fintech startups through the creation of regulatory sandboxes, which allow for innovation within a controlled framework.
Moreover, specialised training programmes should be developed for AML/CFT personnel to equip them with knowledge regarding the specific risks associated with cryptocurrencies.
Active participation in the FATF working groups that focus on financial technology and regulatory technology is also crucial for fostering collaboration and sharing best practices in this rapidly evolving sector.
In conclusion, by enhancing compliance, strengthening enforcement, and deepening public-private collaboration, Malaysia can lead the region in secure and forward-looking virtual asset governance. - Mkini
R PANEIR SELVAM is the principal consultant of Arunachala Research & Consultancy Sdn Bhd, a think tank specialising in strategic national and geopolitical matters.
The views expressed here are those of the author/contributor and do not necessarily represent the views of MMKtT.

---