Professional Documents
Culture Documents
Part bnm1Dalal
Part bnm1Dalal
Part bnm1Dalal
II. Details of the roles and responsibilities, organisation structure, and methodology and
practices of the applicant’s internal audit function and where applicable, details of the
involvement of any internal audit groups from the parent company to assess internal controls
of the applicant.
A. The following are the key components of the proposed internal audit systems to
be adopted by DALAL PAY SDN. BHD.
The proposed internal audit function is structured to maintain independence and objectivity
while aligning with the company’s governance framework. The typical structure includes:
Proposed Methodology
The proposed internal audit function follows a risk-based audit approach and adheres to best
practices in the field. The methodology includes:
1. Risk Assessment
Identifying and evaluating risks to determine the audit focus.
2. Audit Planning
Developing a detailed audit plan based on risk assessment outcomes.
3. Audit Execution:
Conducting audits following established procedures and standards.
4. Reporting
Documenting findings and recommendations, and reporting to management and the
Audit Committee.
5. Follow-up
Monitoring the implementation of audit recommendations and assessing their
effectiveness.
Proposed Practices
1. Adherence to Standards
Following the International Standards for the Professional Practice of Internal
Auditing (IPPF).
2. Quality Assurance
Implementing quality assurance and improvement programs to maintain audit
standards.
3. Continuous Improvement
Engaging in ongoing professional development and staying updated on best practices.
III. Details of the system of internal controls and policies that the applicant will follow to
ensure compliance with the FSA or the IFSA and any other laws administered by BNM, and
any regulations, guidelines or other instruments issued by BNM under the said laws,
including the Anti-Money Laundering and Anti-Terrorism Financing Act 2001 as the case
may be. Please include the name of the senior officer responsible for compliance and details
of the resources and authority allocated to such senior officer to discharge this responsibility.
The senior officer responsible for overseeing compliance and ensuring adherence to the
FSA, IFSA, and other relevant laws will be known as Chief Compliance Officer
(CCO). The CCO plays a critical role in managing compliance risks and ensuring that the
institution meets its regulatory obligations.
The CCO is vested with the following resources and authority to effectively discharge their
responsibilities:
The CCO leads a specialized team of compliance professionals who are responsible
for implementing and monitoring compliance programs. This team includes experts in
legal affairs, risk management, and AML/CTF compliance.
The CCO has the authority to initiate and oversee internal audits and reviews of the
institution’s compliance with regulatory requirements. This includes the power to
access all records, documents, and systems necessary for the audit process.
Budget Allocation
Adequate financial resources are allocated to the compliance function, including
funding for compliance software, training programs, and external advisory services if
required.
Regulatory Liaison
The CCO is responsible for maintaining communication with BNM, including
submitting regulatory reports, responding to inquiries, and implementing directives
issued by BNM.
Disciplinary Authority
The CCO has the authority to recommend disciplinary actions for violations of
compliance policies and procedures. This includes the power to suggest corrective
measures and escalate issues to senior management or the Board of Directors as
needed.
Regular Monitoring
The compliance function conducts ongoing monitoring of adherence to regulatory
requirements and internal policies through periodic reviews, audits, and assessments.
Reporting Obligations
The CCO ensures that timely and accurate reports are submitted to BNM and other
regulatory bodies, including reports on compliance status, AML/CTF activities, and
risk management outcomes.
All compliance-related activities, including risk assessments, training records, audit findings,
and regulatory communications, are documented and maintained in accordance with legal and
regulatory requirements.
By adhering to this structured compliance framework, DALAL PAY SDN. BHD. will ensure
effective management of regulatory risks and upholds the standards set forth by the FSA,
IFSA, and other relevant laws and regulations.
Summary Table
Component Description
Detailed policies for FSA, IFSA, BNM
Compliance Policies
regulations, and AML/CTF compliance
Framework for identifying and managing
Risk Management
regulatory and operational risks.
Procedures for CDD, transaction
AML/CTF Policies monitoring, and suspicious activity
reporting.
Ongoing training for staff on compliance
Training Programs
and regulatory updates
ALHUNIQ, DALAL ABDULLAH M
Senior Officer Chief Compliance Officer, reports to the
Board.
Compliance team, audit authority, budget
Resources for compliance activities, regulatory liaison
role.
Regular compliance reviews, regulatory
Monitoring & Reporting
reporting, and record-keeping.
IV. The following information and supporting documents on the key responsible persons
of DALAL PAY SDN. BHD.:
V. Details of the composition of the applicant’s Board of Directors (Board) and its
committees, the Board’s role, responsibilities, policies and practices, the mandate of the
Board committees and details of the Board’s responsibilities with respect to risk management
and internal controls.
The Board of Directors (Board) is composed of a diverse group of individuals with a wide
range of expertise and experience. The current composition of the Board is as follows:
The proposed primary role of the Board of DALAL PAY SDN. BHD is to provide strategic
direction, oversight, and governance to ensure the organization’s long-term success. The
Board’s key responsibilities include:
Strategic Planning: Developing and approving the organization’s strategic goals and
objectives. (FSA, Section 61)
Oversight of Management: Supervising the executive management team’s
performance and ensuring that they are effectively implementing the Board’s
strategies. (IFSA, Section 96)
Risk Management: Ensuring that adequate risk management processes are in place
to identify, assess, and manage risks. (BNM Guidelines on Risk Management)
Financial Oversight: Approving financial statements, budgets, and ensuring the
integrity of financial reporting. (FSA, Section 62)
References:
The Board will establish several committees to support its functions and responsibilities:
Audit Committee:
o Mandate: To oversee the integrity of financial statements, the effectiveness of
internal controls, and the audit process.
o Responsibilities: Reviewing financial statements, monitoring internal audit
functions, and liaising with external auditors. (FSA, Section 61)
Risk Management Committee:
o Mandate: To identify, assess, and mitigate risks across the organization.
o Responsibilities: Reviewing risk management frameworks, approving risk
policies, and ensuring effective risk mitigation strategies. (BNM Guidelines on
Risk Management)
Nomination and Remuneration Committee:
o Mandate: To oversee the appointment of Board members and the
remuneration of Directors and senior management.
o Responsibilities: Evaluating Board composition, recommending new Board
members, and setting remuneration policies. (FSA, Section 60)
References:
The Board will be responsible for ensuring that comprehensive risk management and internal
control systems are in place. This includes:
Part 2
1. A certified true copy of board resolution of DALAL PAY SDN. BHD approving the
application to operate a payment system will be furnished.
(iii) ability and plans to manage associated operational and business risks;
(iv) availability of human capital, expertise and knowledge;
(v) supporting technology, systems and processes;
(vi) supporting research and development initiatives; and
(vii) track record and experience of the applicant in operating the proposed payment system.
(g) pro-forma financial statements (base case), including balance sheet and income statement
for the first 3 years of operations (not applicable for applicants which are financial
institutions regulated by BNM) including:
(i) Major asset, liability, income and expense categories; and
(ii) Details of the key assumptions underlying the calculations for the above.
(h) sensitivity analysis showing the results of changes in key assumptions on the base case
business plan under a worst case scenario and details of the changes in assumptions;
(i) contingency plans to address worst case or other adverse scenarios;
(j) source of initial and future capital provided for in the base case and other scenarios in the
form of a capital plan and funding policies (not applicable for applicants which are financial
institutions regulated by BNM);
(k) projected staff complement and roles, and an organisation chart showing reporting lines
for senior positions and key responsibilities in the company over the 3-year period (not
applicable for applicants which are financial institutions regulated by BNM);
(l) execution timeline from grant of approval to up to at least 3 years from commencement of
business onwards, including projection of usage of payment system and resource
requirements (e.g. system and manpower);
(m) major risk areas and the policies, controls and procedures to monitor risk tolerance and
risk managements, which includes market, credit, liquidity, operational (including security),
technology, legal, regulatory and strategic risks; and
(n) description of any outsourcing arrangement anticipated by the applicant (if any) and how
monitoring of the outsourcing activities will be conducted. BNM will assess the proposed
outsourcing arrangement.
3. The following information and supporting documents relating to the policies, procedures
and controls of the applicant:
(a) rules and procedures setting out the rights and liabilities of the applicant and the
participant of the payment system, including the terms and conditions and procedures for
dispute resolution;
(b) measures that ensure the safety, security and operational reliability of the payment system
including business continuity and disaster recovery plan and the strategy adopted for system
recovery and location of alternative site;
(c) description of the system security procedures and implementation; and
(d) fees and charges imposed by the applicant, including the detailed breakdown.
Certainly! Here’s a comprehensive and detailed response to the questions about the business
plan for a proposed payment system, including the rationale, design, risks, and policies. I’ve
provided the response in both English and Bahasa Melayu, incorporating technical terms and
references to Malaysian laws and regulations.
---
Rationale:
The proposed payment system aims to address current gaps in the market by offering a
secure, efficient, and user-friendly payment solution for both businesses and consumers. The
system leverages advanced technology to provide a seamless payment experience and
supports a range of transaction types including real-time payments, recurring transactions,
and cross-border transfers.
Value Proposition:
- Enhanced Security: Implementation of advanced encryption protocols and fraud detection
mechanisms to protect users' financial information.
- Efficiency: Streamlined payment processing with minimal transaction time and cost,
supported by state-of-the-art technology.
- User Experience: Intuitive and easy-to-navigate interface for both merchants and
consumers, reducing transaction friction.
- Scalability: A flexible system architecture designed to accommodate future growth and
adapt to evolving market demands.
References:
- [Bank Negara Malaysia’s Guidelines on Payment
Systems](https://www.bnm.gov.my/-/payment-systems-and-services)
- [Financial Services Act 2013 (FSA), Section 54](https://www.bnm.gov.my/-/financial-
services-act-2013)
- **Payment Flow:** Users initiate transactions through a web or mobile interface. The
system processes the payment request, communicates with the payment gateway, and
completes the transaction through an integrated payment network.
- **Settlement Arrangements:** Transactions are settled in real-time or batch mode
depending on the type of transaction. For real-time settlements, funds are transferred
immediately, whereas batch mode settlements are processed at scheduled intervals.
**Payment Flow:**
1. **Initiation:** User initiates a payment request via the application.
2. **Authorization:** System verifies user credentials and transaction details.
3. **Processing:** Transaction details are sent to the payment gateway for processing.
4. **Settlement:** Funds are transferred from the payer’s account to the payee’s account.
**References:**
- [Payment Systems Act 2003](https://www.bnm.gov.my/-/payment-systems-act-2003)
- [Bank Negara Malaysia’s Payment Systems
Framework](https://www.bnm.gov.my/-/payment-systems-framework)
**References:**
- [Bank Negara Malaysia’s Technology Risk Management
Guidelines](https://www.bnm.gov.my/-/technology-risk-management)
- [ISO/IEC 27001 for Information Security Management](https://www.iso.org/isoiec-27001-
information-security.html)
#### **(d) Description of the Targeted Participants and Criteria for Participation**
**Targeted Participants:**
- **Businesses:** SMEs and large enterprises looking for efficient payment solutions.
- **Consumers:** Individuals seeking secure and convenient payment methods.
**References:**
- [Bank Negara Malaysia’s Guidelines on Financial
Institutions](https://www.bnm.gov.my/-/financial-institutions-guidelines)
- [Anti-Money Laundering and Anti-Terrorism Financing Act 2001
(AMLATFA)](https://www.bnm.gov.my/-/amlatfa-2001)
**Global Strategy:**
- **Market Expansion:** Targeting new markets for growth opportunities.
- **Innovation:** Investing in technology to stay ahead of competitors.
- **Integration:** Seamless integration with global financial networks and systems.
**References:**
- [Bank Negara Malaysia’s Internationalization
Strategy](https://www.bnm.gov.my/-/internationalization-strategy)
**Key Assumptions:**
- **Market Demand:** Growing need for efficient payment solutions.
- **Technological Advancements:** Adoption of modern payment technologies.
**Supporting Evidence:**
- **Feasibility Study:** Positive market analysis and financial projections.
- **Competitive Analysis:** Identified gaps and opportunities in the market.
- **Financial Resources:** Robust financial backing to support system development and
operations.
**References:**
- [Bank Negara Malaysia’s Financial Sector Blueprint](https://www.bnm.gov.my/-/financial-
sector-blueprint)
- [Market Research Reports on Payment Systems](https://www.bnm.gov.my/-/market-
research-reports)
**Key Assumptions:**
- **Revenue Streams:** Transaction fees, service charges.
- **Cost Structure:** Development costs, operational expenses.
**References:**
- [Financial Reporting Standards for Payment Systems](https://www.masb.org.my/standards)
**Sensitivity Analysis:**
Analysis of worst-case scenarios including changes in transaction volumes, regulatory
impacts, and operational risks.
**Details:**
- **Assumptions:** Transaction growth rates, fee structures, market conditions.
- **Scenarios:** Best-case, worst-case, and base-case financial projections.
**References:**
- [Bank Negara Malaysia’s Guidelines on Risk
Management](https://www.bnm.gov.my/-/guidelines-on-risk-management)
**Contingency Plans:**
- **Disaster Recovery:** Detailed strategies for data backup, system recovery, and
alternative site arrangements.
**Details:**
- **Backup Procedures:** Regular data backups and off-site storage.
- **Recovery Strategies:** Defined procedures for system restoration and business
continuity.
**References:**
- [Bank Negara Malaysia’s Business Continuity Management
Framework](https://www.bnm.gov.my/-/business-continuity-management)
**Capital Plan:**
- **Initial Capital:** Funding for system development and initial operations.
- **Future Capital:** Plans for future funding through equity or debt.
**Funding Policies:**
- **Sources:** Investment from stakeholders, venture capital.
- **Strategies:** Long-term financial planning and capital allocation.
**References:**
- [Bank Negara Malaysia’s Capital Adequacy
Framework](https://www.bnm.gov.my/-/capital-adequacy-framework)
**Staff Complement:**
- **Roles:** Development team, support staff, compliance officers.
- **Organization Chart:** Shows senior positions, reporting lines, and key responsibilities.
**References:**
- [Human Resources Management Guidelines](https://www.bnm.gov.my/-/human-resources-
management)
**Timeline:**
- **Approval to Launch:** Detailed plan from approval to operational start.
- **Resources:** Required resources for system development and staffing.
**References:**
- [Project Management Guidelines](https://www.bnm.gov.my/-/project-management)
**Risk Areas:**
- **Types:** Market, credit, liquidity, operational, technology, legal, regulatory, strategic.
- **Policies:** Comprehensive risk management framework and controls.
**Details:**
- **Risk Monitoring:** Regular assessments and updates to risk management practices.
**References:**
- [Bank Negara Malaysia’s Guidelines on Risk
Management](https://www.bnm.gov.my/-/guidelines-on-risk-management)
**Outsourcing:**
- **Description:** Anticipated outsourcing for technology services, customer support.
- **Monitoring:** Procedures for evaluating and managing outsourcing partners.
**References:**
- [Bank Negara Malaysia’s Guidelines on
Outsourcing](https://www.bnm.gov.my/-/guidelines-on-outsourcing)
**Measures:**
- **Security:** Encryption, fraud detection.
- **Business Continuity:** Disaster recovery plans, alternative site arrangements.
**References:**
- [Bank Negara Malaysia’s Technology Risk Management Guidelines](https://www.bnm.gov
Certainly! Here’s the translation of the comprehensive response into Bahasa Melayu,
including technical terms and references to Malaysian laws and regulations.
---
#### **(a) Rasional dan Cadangan Nilai Sistem Pembayaran yang Dicadangkan**
**Rasional:**
Sistem pembayaran yang dicadangkan bertujuan untuk mengatasi kekurangan semasa di
pasaran dengan menawarkan penyelesaian pembayaran yang selamat, cekap, dan mesra
pengguna untuk perniagaan dan pengguna. Sistem ini menggunakan teknologi canggih untuk
menyediakan pengalaman pembayaran yang lancar dan menyokong pelbagai jenis transaksi
termasuk pembayaran masa nyata, transaksi berulang, dan pemindahan merentasi sempadan.
**Cadangan Nilai:**
- **Keselamatan yang Ditingkatkan:** Pelaksanaan protokol penyulitan yang canggih dan
mekanisme pengesanan penipuan untuk melindungi maklumat kewangan pengguna.
- **Kecekapan:** Pemprosesan pembayaran yang dipermudahkan dengan masa dan kos
transaksi yang minimum, disokong oleh teknologi terkini.
- **Pengalaman Pengguna:** Antara muka yang intuitif dan mudah digunakan untuk
pedagang dan pengguna, mengurangkan geseran transaksi.
- **Skalabiliti:** Seni bina sistem yang fleksibel direka untuk menampung pertumbuhan
masa depan dan menyesuaikan diri dengan permintaan pasaran yang berubah.
**Rujukan:**
- [Garis Panduan Sistem Pembayaran Bank Negara
Malaysia](https://www.bnm.gov.my/-/payment-systems-and-services)
- [Akta Perkhidmatan Kewangan 2013 (FSA), Seksyen
54](https://www.bnm.gov.my/-/financial-services-act-2013)
**Penerangan:**
Sistem pembayaran yang dicadangkan terdiri daripada beberapa komponen dan proses utama:
- **Aliran Pembayaran:** Pengguna memulakan transaksi melalui antara muka web atau
mudah alih. Sistem memproses permintaan pembayaran, berkomunikasi dengan pintu
gerbang pembayaran, dan menyelesaikan transaksi melalui rangkaian pembayaran yang
terintegrasi.
- **Pengaturan Penyelesaian:** Transaksi diselesaikan dalam masa nyata atau mod
kumpulan bergantung kepada jenis transaksi. Untuk penyelesaian masa nyata, dana
dipindahkan dengan segera, manakala mod kumpulan diproses pada jadual yang ditetapkan.
**Aliran Pembayaran:**
1. **Permulaan:** Pengguna memulakan permintaan pembayaran melalui aplikasi.
2. **Pengesahan:** Sistem mengesahkan kelayakan pengguna dan butiran transaksi.
3. **Pemprosesan:** Butiran transaksi dihantar kepada pintu gerbang pembayaran untuk
diproses.
4. **Penyelesaian:** Dana dipindahkan dari akaun pembayar ke akaun penerima.
**Rujukan:**
- [Akta Sistem Pembayaran 2003](https://www.bnm.gov.my/-/payment-systems-act-2003)
- [Rangka Kerja Sistem Pembayaran Bank Negara
Malaysia](https://www.bnm.gov.my/-/payment-systems-framework)
**Proses:**
1. **Permulaan Transaksi:** Pengguna mengemukakan permintaan pembayaran.
2. **Pemprosesan:** Sistem mengesahkan butiran transaksi dan memberi kuasa untuk
pembayaran.
3. **Penyelesaian:** Dana dipindahkan antara akaun mengikut arahan transaksi.
4. **Pelaporan:** Sistem menjana laporan untuk pemantauan transaksi dan pematuhan.
**Rujukan:**
- [Garis Panduan Pengurusan Risiko Teknologi Bank Negara
Malaysia](https://www.bnm.gov.my/-/technology-risk-management)
- [ISO/IEC 27001 untuk Pengurusan Keselamatan Maklumat](https://www.iso.org/isoiec-
27001-information-security.html)
#### **(d) Penerangan Mengenai Peserta Sasaran dan Kriteria Penyertaan dalam Sistem**
**Peserta Sasaran:**
- **Perniagaan:** PKS dan syarikat besar yang mencari penyelesaian pembayaran yang
cekap.
- **Pengguna:** Individu yang mencari kaedah pembayaran yang selamat dan mudah.
**Kriteria Penyertaan:**
- **Perniagaan:** Harus menjadi entiti yang didaftarkan dengan lesen perniagaan yang sah
dan mematuhi keperluan peraturan yang berkaitan.
- **Pengguna:** Harus mempunyai akaun pembayaran yang sah dan memenuhi keperluan
KYC (Kenali Pelanggan Anda).
**Rujukan:**
- [Garis Panduan Bank Negara Malaysia Mengenai Institusi
Kewangan](https://www.bnm.gov.my/-/financial-institutions-guidelines)
- [Akta Pencegahan Pengubahan Wang Haram dan Pencegahan Pembiayaan Keganasan 2001
(AMLATFA)](https://www.bnm.gov.my/-/amlatfa-2001)
**Strategi Global:**
- **Pengembangan Pasaran:** Sasaran pasaran baru untuk peluang pertumbuhan.
- **Inovasi:** Pelaburan dalam teknologi untuk mengatasi pesaing.
- **Integrasi:** Integrasi lancar dengan rangkaian dan sistem kewangan global.
**Rujukan:**
- [Strategi Antarabangsa Bank Negara
Malaysia](https://www.bnm.gov.my/-/internationalization-strategy)
**Bukti Sokongan:**
- **Kajian Kelayakan:** Analisis pasaran yang positif dan unjuran kewangan.
- **Analisis Pesaing:** Mengenal pasti jurang dan peluang di pasaran.
- **Sumber Kewangan:** Sokongan kewangan yang kukuh untuk pembangunan dan operasi
sistem.
**Rujukan:**
- [Pelan Induk Sektor Kewangan Bank Negara
Malaysia](https://www.bnm.gov.my/-/financial-sector-blueprint)
- [Laporan Penyelidikan Pasaran Mengenai Sistem
Pembayaran](https://www.bnm.gov.my/-/market-research-reports)
**Andaian Utama:**
- **Aliran Pendapatan:** Yuran transaksi, caj perkhidmatan.
- **Struktur Kos:** Kos pembangunan, perbelanjaan operasi.
**Rujukan:**
- [Standards Pelaporan Kewangan untuk Sistem
Pembayaran](https://www.masb.org.my/standards)
**Analisis Sensitiviti:**
Analisis senario terburuk termasuk perubahan dalam jumlah transaksi, kesan regulasi, dan
risiko operasi.
**Butiran:**
- **Andaian:** Kadar pertumbuhan transaksi, struktur yuran, keadaan pasaran.
- **Senario:** Unjuran kewangan senario terbaik, terburuk, dan asas.
**Rujukan:**
- [Garis Panduan Bank Negara Malaysia Mengenai Pengurusan
Risiko](https://www.bnm.gov.my/-/guidelines-on-risk-management)
**Pelan Kecemasan:**
- **Pemulihan Bencana:** Strategi terperinci untuk sandaran data, pemulihan sistem, dan
pengaturan tapak alternatif.
**Butiran:**
- **Prosedur Sandaran:** Sandaran data berkala dan penyimpanan di lokasi lain.
- **Strategi Pemulihan:** Prosedur yang ditetapkan untuk pemulihan sistem dan
kesinambungan perniagaan.
**Rujukan:**
- [Rangka Kerja Pengurusan Kesinambungan Perniagaan Bank Negara
Malaysia](https://www.bnm.gov.my/-/business-continuity-management)
**Pelan Modal:**
- **Modal Awal:** Pembiayaan untuk pembangunan sistem dan operasi awal.
- **Modal Masa Depan:** Rancangan untuk pembiayaan masa depan
4. For application to operate a payment system pursuant to section 9 of the IFSA, an applicant
shall provide an attestation from a qualified Shariah advisor2 on the Shariah aspects of the
payment system including application of Shariah contracts and operational arrangement of
the payment system to ensure compliance with Shariah.
*An applicant is required to pay a fee of RM500 to BNM via RENTAS with TRN code
OBT01, account number 1547010015. Such fees shall be paid by the applicant not later than
seven (7) working days from the date the application is submitted to BNM.
Throughout the review process, the applicant may be required to provide additional
information if requested by BNM to facilitate the assessment. Applicants are required to
provide documentary evidence that can substantiate declarations made in the application.