BNM imposes million-ringgit fine on Bank Rakyat for inadequate cybersecurity and incident response - The Edge Malaysia

Wednesday 01 Apr 2026 BURSASGX KUALA LUMPUR (April 1): Bank Negara Malaysia (BNM) on Jan 20 fined Bank Kerjasama Rakyat Malaysia Bhd (Bank Rakyat) RM1 million for cybersecurity and customer data breaches brought about by inadequate cybersecurity controls and incident response.  In a statement on its website, BNM said it found that Bank Rakyat breached cybersecurity and consumer data protection rules after a cyberattack allowed unauthorised access to its information technology systems. Bank Rakyat paid the fine on Jan 26, 2026 and has taken remedial measures to strengthen its cybersecurity and information and communication technology controls, resources and governance arrangements, BNM said. The central bank requires all financial institutions to follow two key policies: Risk Management in Technology Policy Document: Banks must have strong cybersecurity to detect, prevent, and respond to threats, with clear plans for handling incidents, recovery, and communication. Management of Customer Information Permitted Disclosures Policy Document: Banks must protect customer data with strong controls to prevent theft, misuse, or unauthorised access, and actively monitor systems to detect any suspicious activity. BNM said it will take strict action against any financial institutions that fail to meet legal or regulatory requirements. Read also: Bank Rakyat says remedial measures taken after BNM fine over cybersecurity incident   Edited ByPresenna Nambiar Most Read Just In Copyright © 1999-2026 The Edge Communications Sdn. Bhd. 199301012242 (266980-X). All rights reserved Print Text Size Share