Bank Negara Malaysia (BNM) has imposed a total of RM1.56 million in administrative monetary penalties on Zurich General Insurance Malaysia Berhad (ZGIMB) and Zurich General Takaful Malaysia Berhad (ZGTMB) for breaches of targeted financial sanctions (TFS) requirements linked to Malaysia’s anti-money laundering and counter-terrorism financing framework. BNM said the penalties were decided on Jan. 19, 2026, and paid on Jan. 26, 2026. ZGIMB paid RM1.04 million, while ZGTMB paid RM520,000.
As reporting institutions, both Zurich entities are required to update their internal sanctions databases without delay when the Domestic List is issued or amended and to screen customers and prospects against both the Domestic List and the United Nations Security Council Resolutions (UNSCR) List as part of customer due diligence. According to BNM, the breaches came to light when Zurich reported that it had onboarded several entities that were already named on the Domestic List. The central bank said the onboarding occurred because Zurich did not update its sanctions database promptly, resulting in sanctions screening being performed against an outdated dataset.
BNM also found that Zurich did not complete the steps required to determine whether potential name matches were true matches, as it did not carry out sufficient follow-up inquiries in certain cases. In one case involving a specified entity, ZGIMB did not freeze the customer’s funds or immediately report its determination to BNM, despite having concluded that it held funds for that entity. Under Malaysia’s anti-money laundering and terrorism financing framework, reporting institutions must assess whether a potential name match is genuine. Where a true match is established, the institution must freeze the relevant funds and submit reports to BNM and the Royal Malaysia Police without delay.
BNM attributed the breaches to gaps in Zurich’s sanctions screening systems and standard operating procedures, as well as to limitations in staff oversight and awareness regarding TFS obligations. In determining the administrative monetary penalties, BNM said it considered the nature and seriousness of the breaches, Zurich’s level of care in meeting TFS requirements, its past compliance record, and its conduct after the breaches were identified. The central bank also reviewed the remedial measures taken by Zurich and the extent to which those measures were directed at the causes of the failures and at preventing a repeat of similar incidents.
BNM stated that the enforcement action is consistent with its published Enforcement Approach, which sets out the process used to assess breaches and the range of supervisory and enforcement responses available. The central bank reiterated that all reporting institutions are legally required to comply with TFS obligations and said it “will not hesitate” to take supervisory or enforcement action where firms do not meet applicable legal and regulatory standards.
The penalties were imposed under section 234(3)(b)(i) of the Financial Services Act 2013 and section 245(3)(b)(i) of the Islamic Financial Services Act 2013. The TFS and screening obligations referenced in this case are derived from BNM’s policy documents on anti-money laundering, countering the financing of terrorism, and targeted financial sanctions for financial institutions. For the relevant period, the requirements were set out in the Anti-Money Laundering, Countering Financing of Terrorism, and Targeted Financial Sanctions for Financial Institutions Policy Document, which took effect on Jan. 1, 2020, and remained in force until Feb. 5, 2024. This has been replaced by the Anti-Money Laundering, Countering Financing of Terrorism, Countering Proliferation Financing, and Targeted Financial Sanctions for Financial Institutions Policy Document, which has applied since Feb. 6, 2024. Key provisions on sanctions list maintenance, customer screening, match determination, freezing of funds, and reporting obligations are preserved in the current framework. The Domestic List contains names and particulars of specified entities declared by the Minister of Home Affairs under the Anti-Money Laundering, Anti-Terrorism Financing, and Proceeds of Unlawful Activities Act 2001. The UNSCR List consists of individuals and entities designated by the United Nations Security Council or its sanctions committees and is treated as part of the domestic sanctions regime.
BNM noted that Zurich has undertaken remedial steps, including revising its standard operating procedures and conducting refresher training for relevant employees on TFS-related processes. In a separate statement, Zurich Malaysia said it acknowledged BNM’s public notice relating to its sanctions screening processes in 2022. “Zurich Malaysia has been working closely with BNM to address these self-identified gaps and has since taken the necessary actions to further strengthen oversight, ensuring that our processes are reliable and robust to meet our regulatory obligations,” it said, as reported by The Edge Malaysia. The insurer added that it remains committed to “upholding compliance standards and safeguarding the interests of its customers, partners, and stakeholders.”
