The Malaysian finance industry is governed by Bank Negara Malaysia (BNM) and Securities Commission Malaysia (SC). BNM governs the banking and insurance industries and the SC regulates and develops its capital market. Both authorities have issued regulations to cater for the proliferation of fintech businesses. For example, BNM issued regulations on digital currency exchanges, electronic-know your customer requirements for fintech companies facilitating remittances, and a regulatory sandbox framework for fintech businesses. Similarly, the SC issued a digital investment management framework, another to facilitate equity crowdfunding, peer-to-peer lending, and digital asset exchanges, and the instrumental digital currency and digital token order. All were issued to encourage innovation in the industry, manage disruption, mitigate risks, and ensure consumer protection. This chapter will explain the steps taken by Malaysia's financial regulatory authorities in dealing with fintech-based companies, critically review the regulations, and recommend some ways forward.
TopIntroduction
Research has shown that regulation and in particular macroprudential regulation, is one way to deal with systemic risks and ensure financial stability of a financial system (Allen & Gu, 2018). While regulation alone cannot ensure financial stability it is one of the tools available that is effective (Allen & Gu, 2018). Research also shows that markets and institutions that fell outside the regulatory perimeter of governance during the financial crisis in 2008-2009 was a cause for financial instability (Lipsky, 2012). Following this it is only relevant to the topic of this book that regulatory steps taken to mitigate against risks associated with fintech should be reviewed as a tool to ensure financial stability of the Islamic financial system. In this chapter regulations that Malaysia has recently issued to include fintech within the purview of its regulators will be reviewed. This introduction will proceed with explaining the benefits and risks associated with fintechs and the layout of this chapter.
The use of technologies in financial services, known as fintech, holds many benefits for business, whether small, medium, or large. In particular, fintechs offer more efficient and cost-effective solutions for businesses seeking financing through equity crowdfunding (ECF) or peer-to-peer lending (P2P) platforms. For example, Nusa Kapital claims to be the world’s first fully Shariah compliant P2P platform operating in Malaysia. Regulated by the Securities Commission Malaysia (SC), it performs the role of an intermediary between businesses and investors seeking alternative means of financing and investment (Nusa Kapital, 2017). Other solutions fintechs can offer are online trade finance, online supply chain finance, and invoice finance (Australian Government Treasury, n.d).
The global rise in fintech start-ups, thus, comes as no surprise (KPMG, 2018). Indeed, KPMG reported that investment in fintech companies in the first 6 months of 2018 alone surpassed the total number of fintech investments in 2017 (KPMG, 2018). However, with the proliferation of fintechs comes the need to ensure adequate regulation. As such, an appropriate legal framework is necessary to protect and safeguard the interests of the public and businesses alike as a number of risks arise with its introduction, many of which may not be easily identifiable due to the technology’s newness (Kovas, n.d). The creators and providers of fintech must therefore include proper risk identification and management systems.
The risks that have been identified thus far can be categorized into three broad categories: speed, safety, and illegal activity. Ideally, the improved speed of transactions must be commensurate with the speed at which fraud or other malpractice is identified and reported necessitating fintech’s creators to include efficient systems for the specific purpose of identifying and reporting wrongdoings (Kovas, n.d). Safety from cyberattacks and hacking is another concern that needs addressing, an example of which can be seen in the 2018 theft, through cyberattacks, of USD500 million from the Japanese digital currency exchange, Coincheck Inc (Star Online, 2018). Also a survey in 2018 by PricewaterhouseCoopers on Malaysian companies, 48% stated that they had been targeted by cyberattacks in the past two years (PwC, 2018). Moreover, the array of customer data and information as stored by fintechs is similarly at risk of misuse. Finally, the risks of money laundering and terrorist financing must also not be ignored as fintech may be exploited for illegal activities (Griffin, 2018, Kovas, n.d).
Accordingly, regulation and a conducive legal environment are necessary to mitigate the particular risks relating to fintechs.
At the same time, over-regulation can stifle innovation and the benefits associated with such technology; thus, a careful balance must be struck between the two. Consequently, Malaysia has introduced regulations or provisions expressly to mitigate such risks while simultaneously encouraging innovation in the field of fintech related services.
The objective of this chapter is to explain the steps taken by Malaysia’s financial regulators to deal with fintech based companies, critically review the regulations, and lastly, to offer recommendations and suggest some specific ways forward.