What is AIWiki Malaysia?

AIWiki Malaysia is a free, open AI knowledge base covering artificial intelligence concepts, tools, models, and use cases — written specifically for Malaysian professionals and students. It is maintained by AITG Sdn Bhd, an AI company based in Penang.

Who maintains AIWiki Malaysia?

AIWiki Malaysia is maintained by AITG Sdn Bhd (Registration: 202601016521 (1678618-W)), an AI company headquartered in George Town, Penang, Malaysia. The editorial team continuously updates and expands the knowledge base.

What topics does AIWiki Malaysia cover?

AIWiki Malaysia covers a wide range of AI topics including large language models (LLMs), AI agents, machine learning fundamentals, prompt engineering, AI automation, generative AI tools, Malaysian AI regulations, local vendor landscape, and real-world AI use cases relevant to the Malaysian market.

How do I search for AI topics on AIWiki Malaysia?

You can use the search bar at the top of the site to find articles by keyword or topic. Articles are also organised by category, so you can browse by subject area such as Models, Tools, Concepts, or Use Cases.

Is AIWiki Malaysia available in Bahasa Malaysia?

Yes. AIWiki Malaysia publishes content in both English and Bahasa Malaysia to serve the full breadth of the Malaysian professional and student community. Language availability is indicated on each article page.

How can I submit a topic or suggest an article?

You can suggest topics or submit article ideas by contacting the AIWiki Malaysia team at admin@aiteragrid.com. AITG Sdn Bhd reviews all submissions and publishes content that meets editorial accuracy standards.

BNM AI Guidelines

Bank Negara Malaysia's AI guidelines provide a regulatory framework governing the responsible adoption of artificial intelligence in Malaysia's financial sector, covering risk management, governance, and accountability requirements for licensed institutions.

6 min readLast updated June 2026Malaysian Context

BNM AI Guidelines refers to the regulatory guidance issued and proposed by Bank Negara Malaysia (BNM), the country's central bank, governing the use of artificial intelligence in Malaysia's financial sector. Rather than a single standalone regulation, BNM's approach to AI oversight is layered across its existing Technology Risk Management (TRM) framework, supplemented by a formal Discussion Paper on AI in the Financial Sector published in August 2025 and an industry-led AI Governance Framework developed by the Association of Banks in Malaysia (ABM) and the Asian Institute of Chartered Bankers (AICB).

Background

Malaysia's financial sector began adopting machine learning and AI tools at scale from approximately 2018, initially for fraud detection, credit scoring, and customer service automation. By the end of 2024, BNM's own AI Survey found that 71 percent of banking institutions and development financial institutions (DFIs) had implemented at least one AI application — up from approximately 56 percent the prior year. Among insurance and takaful operators, adoption rose from 58 percent to 77 percent of companies over the same period.

This rapid adoption prompted BNM to formalise its regulatory expectations. The central bank recognised that existing frameworks — principally the 2020 TRM framework and the Risk Management in Technology (RMiT) policy document — provided a foundation but required AI-specific elaboration to address risks unique to machine learning systems, including model drift, unexplainability, data bias, and the use of third-party AI models.

Discussion Paper (August 2025)

In August 2025, BNM published a Discussion Paper on Artificial Intelligence in the Malaysian Financial Sector, launching a 10-week public consultation period closing on 17 October 2025. The paper articulated BNM's regulatory philosophy: AI oversight should be proportionate to the materiality and risk profile of each AI application, and should avoid stifling innovation while ensuring financial system stability and consumer protection.

The Discussion Paper identified five principal risk dimensions associated with AI in finance. The first is model risk — the potential for AI models to produce inaccurate or biased outputs, particularly when deployed outside the distribution of their training data. The second is operational risk arising from system failures, adversarial inputs, or inadequate human oversight of automated decisions. The third is third-party risk, reflecting the widespread use of external AI vendors and cloud-based model APIs. The fourth is consumer harm risk, including discriminatory outcomes in lending, insurance underwriting, or customer service. The fifth is systemic risk, where correlated AI behaviour across multiple institutions could amplify market volatility.

Key Regulatory Principles

BNM's emerging AI governance expectations, as outlined in the Discussion Paper and reinforced by AICB's framework, coalesce around several principles.

Accountability requires that financial institutions designate clear ownership of AI systems, with board and senior management accountable for material AI risks. This extends to third-party models — institutions cannot outsource accountability to AI vendors.

Explainability requires that decisions materially affecting customers — such as credit denials or insurance claim rejections — be explainable to the affected individual in plain language. This aligns with the rights established under the Personal Data Protection Act (PDPA) 2010 and anticipated amendments.

Fairness mandates that AI models be tested for discriminatory bias across protected characteristics, including ethnicity, gender, and religion, reflecting Malaysia's diverse demographic context.

Robustness requires that models be monitored continuously for performance degradation and distribution shift, with defined thresholds for human intervention or model retraining.

Human oversight dictates that AI systems operating in high-stakes domains — such as credit underwriting or anti-money laundering detection — retain meaningful human review at critical decision points.

Technology Risk Management Framework

BNM's TRM framework, first issued in 2020, remains the primary binding instrument under which AI systems are governed. The RMiT policy document requires institutions to conduct technology risk assessments, maintain up-to-date system inventories, and ensure that third-party technology arrangements — including AI APIs — meet defined security and resilience standards.

AI systems are classified within the TRM framework according to their criticality and potential impact. Systems classified as critical require enhanced governance, including independent validation and board-level reporting. The framework also mandates incident reporting to BNM for AI-related failures that cause material disruption or customer harm.

AICB AI Governance Framework

The AICB AI Governance Framework, developed with BNM's endorsement and adopted by ABM member banks, provides practical implementation guidance complementing BNM's regulatory requirements. The framework sets out high-level principles — transparency, accountability, fairness, privacy, and robustness — and provides illustrative use cases drawn from Malaysian banking practice, covering retail credit assessment, fraud detection, and customer engagement analytics.

Malaysian Context — AI Regulation Across the Malaysian Financial Sector

BNM's AI guidelines sit within a broader ecosystem of AI governance in Malaysia's financial sector. The Securities Commission Malaysia (SC) separately regulates AI applications in capital markets, including robo-advisory services, algorithmic trading, and AI-driven investment analytics, through its Digital Markets Framework and fintech regulatory sandbox. Financial institutions operating across banking and capital market functions must navigate both BNM and SC expectations.

Maybank, CIMB, Public Bank, and RHB — Malaysia's four largest domestic banks — have all disclosed AI governance programmes aligned with BNM's expectations. Maybank's AI initiatives, including its MAE digital banking platform and AI-driven credit decisioning, are subject to internal model risk management committees and periodic independent validation as required under RMiT.

Smaller digital banks licensed under BNM's Digital Banking Framework — including GXBank (backed by Grab and Kuok Group), AEON Bank, and Boost Bank — are intensively AI-driven by design, and BNM's oversight of these institutions has provided a test bed for proportionate AI regulation of fintech-native entities.

The Insurance and Takaful sector, regulated by BNM alongside the banking sector, is adopting AI for claims automation, underwriting, and fraud detection. BNM's guidance on AI explainability is particularly relevant here given takaful customers' rights under Shariah governance frameworks to understand the basis of coverage decisions.

Malaysia's PDPA amendments, anticipated in 2026, are expected to introduce explicit provisions on automated decision-making and profiling — aligning Malaysian consumer data rights more closely with the EU's GDPR framework and reinforcing BNM's explainability expectations for AI in finance.

References

Bank Negara Malaysia. (2025). Discussion Paper on Artificial Intelligence in the Malaysian Financial Sector. BNM, Kuala Lumpur.
AICB. (2024). Driving Responsible AI Adoption: AI Governance Framework. aicb.org.my.
HHQ. (2025). Bank Negara Malaysia's Discussion Paper — Artificial Intelligence in The Malaysian Financial Sector. hhq.com.my.
Tech Wire Asia. (2025). Malaysia's Central Bank unveils AI financial regulation framework at MyFintech Week 2025. techwireasia.com.
OECD. (2025). Artificial Intelligence in Asia's Financial Sector: A Review of Country Policies. OECD Publishing.

Tags:malaysia regulation banking fintech

Issuing body	Bank Negara Malaysia (BNM)
Scope	Licensed banks, insurers, takaful operators, DFIs
Discussion paper	August 2025
Related framework	Technology Risk Management (TRM)
Related	PDPA, Malaysia AI Governance Framework, AICB