Bank Negara Malaysia (BNM) has imposed significant penalties on two of Malaysia’s largest banks, Maybank and CIMB, for serious lapses in their technology infrastructure that led to prolonged service disruptions. These enforcement actions, including a RM4.32 million fine on Maybank and a RM760,000 fine on CIMB, have drawn attention to the operational weaknesses behind the glossy veneer of their recent accolades.
Both banks have been recipients of prestigious awards this year. Maybank, for instance, was recognized as the “Best Islamic Bank in Asia” and “Best Islamic Bank in Malaysia” by Global Finance and Euromoney Islamic Finance Awards 2024. CIMB, meanwhile, was lauded at The Asset Triple A Awards for Sustainable Finance 2024. However, these accolades are now overshadowed by the regulatory actions highlighting significant operational failures.
Maybank: Awards vs. Penalties
Maybank’s RM4.32 million fine was imposed due to a series of unplanned downtimes affecting its Regional Mobile Banking Platform (RMBP) and MAE applications between June 2023 and May 2024. These disruptions breached BNM’s stringent guidelines under the Financial Services Act 2013 (FSA) and the Islamic Financial Services Act 2013 (IFSA), causing significant service interruptions for customers.
Despite its celebrated status in Islamic finance, BNM’s investigation found that Maybank failed to recover promptly from these system failures, revealing serious gaps in its technology resilience. The penalty underscores the critical importance of operational excellence, even as Maybank continues to receive industry accolades.
CIMB: Recognition Amidst Regulatory Scrutiny
CIMB, another major player in Malaysia’s banking sector, was fined RM760,000 by BNM for similar failures in maintaining high availability of its banking systems. On 8 and 9 April 2024, CIMB’s customers experienced significant service disruptions across e-banking channels, ATMs, and debit and credit card services. These disruptions exceeded the maximum tolerable downtime thresholds specified by BNM, revealing lapses in CIMB’s response and recovery processes.
The penalty imposed on CIMB highlights the bank’s struggle to ensure consistent service availability, despite its recognition for sustainability efforts. BNM’s enforcement action emphasizes the need for robust IT infrastructure and swift recovery processes, as these are essential for maintaining customer trust and regulatory compliance.
A Broader Industry Issue
The penalties against Maybank and CIMB underscore a broader issue within Malaysia’s banking sector: the disconnect between public recognition and operational performance. While awards and accolades reflect success in areas like Islamic finance and sustainability, they do not shield banks from the consequences of failing to meet the rigorous operational standards required by regulators. BNM’s enforcement actions are a clear reminder that even the most celebrated banks must maintain technology resilience to safeguard their customers and the integrity of the financial system.
Looking Forward
Both Maybank and CIMB now face the challenge of aligning their award-winning reputations with the need to address significant operational weaknesses. As they invest in improving their infrastructure and recovery processes, the financial sector and their customers will be closely monitoring their progress. The recent penalties serve as a cautionary tale, reinforcing that industry recognition must be backed by robust operational practices to maintain long-term trust and stability.
BNM’s actions make it clear: the accolades are important, but they must go hand-in-hand with high operational standards. For Maybank, CIMB, and the broader financial industry, this is a wake-up call to prioritize technology resilience and regulatory compliance.