1. Home
  2. Insights
  3. Alerts
  4. January 2026

Bank Negara Malaysia issues Exposure Draft of Policy Document on Related Party Transactions

05 January 2026

Bank Negara Malaysia (“BNM”) issued an Exposure Draft of the Policy Document on Related Party Transactions (“Exposure Draft”) on 16 December 2025.
 
Application
 
The policy document arising from the Exposure Draft (“Policy Document”) will apply to the following: 
  1. a licensed bank, licensed investment bank, licensed insurer and a financial holding company (“FHC”) under the Financial Services Act 2013;
  2. a licensed Islamic bank (excluding a licensed international Islamic bank), licensed takaful operator and an FHC under the Islamic Financial Services Act 2013; and
  3. a prescribed development financial institution (“prescribed DFI”) under the Development Financial Institutions Act 2002 (“DFIA”), 
(severally “FI” and collectively “FIs”).
 
The Policy Document will set out the regulatory requirements on related party transactions (severally “RPT” and collectively “RPTs”) entered or to be entered into by FIs. It aims to minimise the risk of abuse arising from conflicts of interest involving related parties by requiring FIs to enter into any transactions with related parties on an arm’s length basis through the adoption of sound corporate governance and risk management standards and practices.
 
Related Party Transactions
 
The Exposure Draft includes two key definitions for the purposes of determining the transactions that are RPTs for the purposes of the Policy Document, namely “related party” and “transactions”.
 
A “related party” refers to any of the following persons: 
  1. an FI’s officers;
  2. any persons in a position to control or affect the decisions of an FI;
  3. an FI’s shareholders, including beneficial owners1;
  4. an FI’s board members, senior management and key staff, corresponding persons in affiliated companies, and the parties that can exert significant influence on board members or senior management;2
  5. an FI’s subsidiaries and affiliates, including the subsidiaries, affiliates and special purpose entities of such subsidiaries and affiliates, and any other party that the FI exerts control over or that exerts control over the FI; or
  6. for natural persons identified in paragraphs (a) to (d) above, their relative or dependent, their direct and related interests, and their close family members. 
The expression “transactions” refers to, but is not limited to: 
  1. on-balance sheet and off-balance sheet credit exposures such as financing or investments;
  2. provision of insurance or takaful covers;
  3. reinsurance or retakaful cessions;
  4. support arrangements and dealings such as service contracts, asset purchases and sales, construction contracts and lease agreements;
  5. derivative transactions;
  6. borrowings; and
  7. provisions and write-offs. 
The Exposure Draft further provides that the expression “transaction” shall be interpreted broadly to incorporate not only transactions that are entered into with related parties but also situations in which an unrelated party (with whom a financial institution has an existing exposure) subsequently becomes a related party.
 
Governance and Oversight Arrangements, Limits and Risk Management
 
Among the requirements set out in Part B of the Exposure Draft are the following:
 
General principle governing RPTs
 
An FI is required to exercise due care when entering into an RPT to ensure that the RPT is conducted on an arm’s length basis to prevent abuses arising from RPTs and to address the risk of conflicts of interest.
 
An FI is also required to adhere to the following principles when entering into RPTs3 (including any subsequent changes to the terms and conditions and write-offs of such RPTs): 
  1. the creditworthiness and credibility of the related party is not less than what is normally required of other persons;
  2. the RPT must not be undertaken on more favourable terms and conditions than those entered into with other non-related parties with similar circumstances;
  3. the RPT must clearly and demonstrably be aligned with the best interest of the FI;
  4. the related party is to be excluded from participating, directly or indirectly, in the FI’s approval process for granting and managing the RPT in which the related party has a direct or indirect interest; and
  5. the FI shall comply with all relevant laws and regulatory frameworks or requirements by other relevant regulatory bodies such as Companies Commission of Malaysia (SSM) and Inland Revenue Board of Malaysia (LHDN). 
In addition to the above, a prescribed DFI is not permitted to grant any financing facility (as defined in section 3(1) of the DFIA) to any corporation in the shares of which any of its members, directors or officers has any aggregate interest in excess of 50%.
 
Governance and Oversight Arrangements
 
The Exposure Draft places the responsibility on the board to ensure that risks associated with the FI’s related party exposures are effectively managed. This includes: 
  1. overseeing the effective implementation of policies to control and manage exposures and risk of abuse associated with RPTs; and
  2. establishing and approving a clear internal policy on RPTs and the management of exposures with related parties that is appropriate to its business and risk profile, including the reporting and escalation for non-compliance with the policy; 
The internal policy must at a minimum address the areas set out in Appendix 1 of the Exposure Draft, namely: 
  1. define related parties and types of RPTs, which must at the minimum follow the categories as defined in the Exposure Draft;
  2. the terms and conditions that must be complied with for RPTs;
  3. roles and responsibilities of the board, committees and responsible officers in approving and managing RPTs (including subsequent changes to the terms and conditions and write-offs);
  4. establish an appropriate internal RPT limit to prevent excessive exposures to related parties and facilitate effective monitoring and control; and
  5. internal controls and procedures for the granting and managing of RPTs including, but not limited to: (i) procedures for effective management, review and monitoring of RPTs (including subsequent changes, write-offs and exceptions); (ii) clear controls prohibiting a person with an interest in an RPT from participating in the deliberation, decision making or management of the transaction or exposure; (iii) appropriate mechanisms to identify and ensure that RPTs are within approved internal limits; and (iv) procedures for reporting to the board, senior management and BNM on RPTs. 
An FI shall ensure that any RPTs (including subsequent changes to the terms and conditions and write-offs) are approved by the board. However, the board may delegate: 
  1. the responsibility for approving immaterial RPTs to a board committee4; and
  2. the responsibility for approving low valued personal consumption credit facilities (such as motor vehicle financing, mortgage loans and credit card facilities below a limit set by the board) to responsible officers.5   
An FI is required to regularly review and monitor the approved RPTs and exposures and take appropriate steps to control, mitigate or reduce the risks of RPTs.
 
Limits on exposures to related party
 
An FI is required to set appropriate internal limit(s)6 to manage risk concentration of a related party that could be material enough to threaten its financial condition.
 
In respect of FIs that are subject to the policy document on Single Counterparty Exposures Limit (“SCEL PD”), the internally set limit(s) to be set under the Policy Document shall be at least as strict as the said SCEL PD.
 
A prescribed DFI shall not have a total outstanding exposures to all related parties (including exposures through subsidiaries or other entities that are under the prescribed DFI’s control) exceeding 100% of the Tier 1 Capital or 25% of total outstanding exposures, whichever is lower.7
 
Register of RPTs
 
An FI must establish and maintain a centralised register8 of all RPTs (irrespective of their nature) that at a minimum must include the details set out in paragraph 11.2 of the Exposure Draft. The register must be continuously updated to capture every RPT and its details, including transactions and exposures that are contractually agreed or committed but are yet to be executed.
 
The register of RPTs and its supporting documentation must be submitted to BNM within such period as may be specified by BNM. The FI must obtain an independent assurance of the RPT register and exposures, if required by BNM.
 
Monitoring of RPTs
 
To manage risks effectively, an FI is required to conduct ongoing assessments of all RPTs, including establishing sound and structured processes to: (i) facilitate the timely identification, measurement and continuous monitoring of all RPTs; (ii) comply with its internal policies; and (iii) identify exceptions to policies, processes and limits. FIs are also required to conduct regular and independent reviews on the effectiveness of the aforesaid processes.
 
The outcomes of monitoring and review activities, including any anomalies or breaches, shall be escalated to the board or senior management, to facilitate effective oversight, timely remedial action and decision-making.
 
Other Requirements
 
Disclosures
 
An FI must disclose all RPTs in its financial statement in accordance with the applicable financial reporting standards on related parties (including MFRS 124) or any other standard that may be issued in relation to such disclosures, and the applicable requirements under BNM’s policy document on Financial Reporting.
 
Prescribed DFIs must, in addition, provide comprehensive disclosures of RPTs in their financial statement, including aggregated exposures to Ministry of Finance (Incorporated) companies.
 
Reporting of breaches to BNM
 
An FI shall promptly notify BNM in writing of any breach of the requirements of the Policy Document, and of material exception or non-compliance with the FI’s internal policy governing RPTs. The notification must include details on how the breach occurred, and all remedial actions taken or to be taken.
 
Effective date and Documents Superseded
 
BNM has proposed that the Policy Document is to come into effect on 1 January 2029, whereupon the five documents set out in paragraph 7.1 of the Policy Document will be superseded.
 
Feedback on the Exposure Draft
 
Feedback on the Exposure Draft is to be submitted electronically to BNM in the prescribed template at pfpconsult@bnm.gov.my by 30 June 2026.
 
Comments
 
The provisions of the Policy Document is to be welcomed. First, the Policy Document combines the requirements on RPTs that are presently found in the five regulatory instruments set out in paragraph 7.1 of the Exposure Draft into a single document, thus ensuring consistency of requirements across the main financial services sectors in Malaysia. Second, it is an overdue update of the requirements under the existing regulatory instruments, of which four were issued more than nine years ago.
 
 
Article by Lee Ai Hsian (Partner) and Javene Fan (Senior Associate) of the Banking and Finance Practice of Skrine.
 
 
 
1 Refer to paragraph 5.2 of the Exposure Draft for definition of “beneficial owners”.
2 Refer to paragraph 5.2 of the Exposure Draft for definition of “board” and “senior management”.
3 The following are excluded from the Policy Document: (a) remuneration granted to an employee or director of an FI; or (b) staff benefits granted to an employee or director of an FI pursuant to the internal policy of the FI approved by the board (paragraph 8.3 of the Exposure Draft).
4 See paragraph 9.6 of the Exposure Draft for further discussion.
5 See paragraph 9.7 of the Exposure Draft for further discussion.
6 The limit(s) may apply to certain types of related parties or RPTs, on an aggregated or individual basis, or both.
7 See paragraph 10.4 of the Exposure Draft on requirements relating to the calculation of RPT limits applicable to a prescribed DFI.
8 The maintenance and governance of the register is to be integrated into the FI’s internal control framework and risk management systems.

This article/alert contains general information only. It does not constitute legal advice nor an expression of legal opinion and should not be relied upon as such. For further information, kindly contact skrine@skrine.com.

  • Proud to be a member of
  • Lex_Mundi_3-line_Strap_White_RGB.png
  • connect with us
  •  
  •