KUALA LUMPUR: Bank Negara Malaysia (BNM) had imposed an Administrative Monetary Penalty (AMP) of RM4.32 million on Malayan Banking Bhd and Maybank Islamic Bhd, as well as RM760,000 on CIMB Bank Bhd and CIMB Islamic Bank Bhd due to prolonged disruptions in several banking services.
In separate statements, the central bank reported that Maybank paid the full penalty for the AMP imposed on 8 August while CIMB settled its penalty on 12 August 2024.
“The AMP was imposed due to non-compliance with paragraph 48(1)(a) of the Financial Services Act 2013 (FSA) and paragraph 58(1)(a) of the Islamic Financial Services Act 2013 (IFSA) in conjunction with paragraph 10.32 of the Risk Management in Technology (RMiT) Policy Document,” BNM stated.
Paragraph 10.32 of the RMiT Policy Document mandates that financial institutions ensure their critical systems are designed for high availability.
Specifically, cumulative unplanned downtime affecting user interfaces must not exceed 4 hours over a rolling 12-month period with a maximum tolerable downtime of 120 minutes per incident.
Maybank’s regional mobile banking platform and MAE applications experienced multiple unplanned downtimes between 1 June 2023 and 31 May 2024 resulting in significant disruptions to customer and counterparty interfaces.
BNM also noted that CIMB’s customers faced prolonged service disruptions on 8-9 April 2024, affecting e-banking channels, ATMs and both debit and credit card services. These disruptions exceeded the thresholds set by BNM.
In response, CIMB acknowledged the central bank’s decision and expressed regret over the unplanned downtime, which impacted its customers and counterparties during those dates.
“Whilst the bank, together with its third parties, took necessary steps to ensure that the downtime was minimised, the incident affected our customers’ banking transactions and we acknowledge that we need to strive to do better,” it added.
CIMB also affirmed its commitment to investing in technology, systems and processes to enhance resilience and ensure its critical infrastructure can consistently meet customers’ needs.
— BERNAMA
