Bank Negara Malaysia fined Aeon Credit RM520000 for targeted financial sanctions breaches

BNM.png

Bank Negara Malaysia (BNM) has imposed an Administrative Monetary Penalty (AMP) of RM520,000 on AEON Credit Service (M) Berhad on 6 April 2026. This was after BNM found a failure to comply with targeted financial sanctions requirements, including cases in which customers who should have been blocked were not rejected or frozen according to established procedures.

 

Why was AEON Credit fined?

AEON Credit, as a reporting institution, is required to conduct customer due diligence to prevent misuse of the financial system for terrorist financing activities, by referring to the sanctions list. This sanctions list refers to individuals or entities designated under the Domestic List and the United Nations Security Council Resolution (UNSCR) List.

What happened

  • BNM found that an entity on the sanctions list had successfully registered as an AEON Credit customer.
  • AEON Credit did not reject the customer even though the system showed a positive match with the listed entity.
  • After the customer was identified as a blocked entity, AEON Credit took its time to freeze the account.

This issue was traced to low levels of staff supervision as well as weaknesses in the company's Standard Operating Procedures (SOPs), according to BNM.

BNM detected this non-compliance following an on-premises supervisory inspection, which revealed that a designated entity listed on the Domestic List had been registered as a customer. AEON Credit failed to reject the potential match despite the positive match. In addition, there was also a delay in freezing the customer's account after confirming that the customer was a designated entity. This non-compliance occurred due to low levels of staff supervision and weaknesses in AEON Credit's standard operating procedures (SOPs). - BNM

 

Follow-up action

Screenshot 2026-06-25 115506.png

In the same statement, BNM informed that AEON Credit had already paid the penalty in full on 16 April 2026. The company has also taken remedial steps by improving existing SOPs and providing intensive training to relevant staff. This is to ensure that full compliance with TFS requirements can be maintained in the future.

Moreover, BNM reminds all reporting institutions to always comply with the law to protect the integrity of the country's financial system. Personally, we feel BNM did the right thing. After all, data security and data breaches are very serious matters in Malaysia. What are your thoughts on the news? Feel free to leave your comments below.

 

Stay tuned to TechNave.com for more updates like this.