A Commentary On The Securities Commission Malaysia’s Proposed Amendments For The Digital Asset Exchange Framework.

A Commentary On The Securities Commission Malaysia’s Proposed Amendments For The Digital Asset Exchange Framework.

Introduction

Since the introduction of the Digital Asset Exchange (“DAX”) regulatory framework on 31 January 2019,¹ the DAX industry in Malaysia has experienced a steady growth.² Notably, the year 2024 recorded the highest total trading value amounting to RM13.9 billion, which reflected an increase of 2.6 times from 2023.³ In tandem with this growth, the Securities Commission Malaysia (“SC”) has seen an increase in interest from institutional investors and traditional capital market intermediaries who wish to participate in the digital asset market directly or through investment funds.⁴ Therefore, in conjunction with this, the SC has proactively introduced measures to support and facilitate this process.

According to the SC’s Guidelines on Recognized Markets (“RMO Guidelines”), a ‘DAX’ means an electronic platform which facilitates the trading of a Digital Asset; a “Digital Asset” in turn refers to a digital currency or a digital token; a “DAX operator” means a recognized market operator who operates a DAX.⁵ There are currently six DAX operators registered with the SC (Luno Malaysia and HATA Digital among them), with there being fifteen tradeable digital assets approved by the SC (Bitcoin and Ethereum among them).⁶

The SC had on 30 June 2025, issued the Public Consultation Paper No. 3/2025 (“PCP 3/2025”) to seek public feedback on proposed enhancements to its regulatory framework for DAX.⁷ The public consultation period runs from 30 June 2025 to 11 August 2025, so comments directed to the SC are welcomed. The proposals set out in the PCP 3/2025 aim to improve the competitiveness of Malaysia’s regulated digital asset market while reinforcing investor protection and the overall integrity and resilience of DAX operators.⁸

Recognising the critical role of DAXs in providing responsible access to digital assets within a regulated environment, the PCP 3/2025 proposes several key enhancements:

1. Encouraging a more competitive DAX market: facilitating wider range of digital assets to be offered on a DAX whilst ensuring investors are protected;⁹
2. Enhancing investor protection: strengthening the requirements in relation to safeguarding of clients’ asset and control measures in addition to enhancing governance framework, as well as stronger regulatory oversight; and¹⁰
3. Strengthening the resilience and integrity of DAX operators: strengthening the requirements relating to financials, shareholding and management proficiency of DAXs. This is to promote confidence and greater interaction between DAXs and the broader ecosystem of the Malaysian capital market such as dealings with licensed persons and other RMOs.¹¹

The SC’s Proposed Amendments

The proposed amendments are categorised into Parts A, B, and C for the purposes of this article:

Part A: Liberalising Digital Asset Listing Process on DAX

Current Framework

Pursuant to the RMO Guidelines, DAX operators are required to implement policies and procedures to assess digital assets before listing them for trading.¹² Following this assessment, DAX operators must then obtain the SC’s prior concurrence before offering any digital asset on their platform.¹³

Proposals

(i) Criteria for Listing of Digital Asset

However, as part of the initiative to encourage a more competitive DAX market, the SC intends liberalise the digital assets market and promote a faster time to market, by removing the requirement for DAX operators to obtain the SC’s concurrence for digital assets to be offered for trading (“Liberalised Listing Framework”).¹⁴ In this regard, the DAX operator is now solely accountable for the assessment and permit of such digital assets traded on their platform, and is to assess the following criteria instead:

1. the digital asset fulfils the criteria as specified in paragraph 15.19 of the RMO Guidelines;¹⁵
2. the underlying protocol, network and application must have undergone security audits, and the audit results must be made available to the public; and¹⁶
3. the digital asset must have been traded for at least one year on any Virtual Asset Service Provider (“VASP”) that is in compliance with the FATF Recommendations 2012 which may include the status of the VASP registered, authorised, licensed or regulated by a regulatory authority having similar regulatory authority or function as the SC.¹⁷

Further, notwithstanding the above, the SC has identified certain types of digital assets that are of inherent characteristics which present significant risks to investor welfares or the stability of macro policies.¹⁸ Thus, the SC is seeking views for listing the following types of digital assets which may be considered to be of higher risk:

Type of Digital Asset	Description of Asset	Potential Risk
Privacy Coins	Digital assets intended to enhance user anonymity and transaction confidentiality.	The lack of transparency aspect in certain digital assets appeal to individuals involved in unlawful conduct which may result in the increased risk of money laundering and terrorism financing.
Meme Coins	Digital assets intended to follow internet trends or popular culture that builds on community support.	The risk of everchanging internet trends and pop culture interests which may potentially result in the heightened risk of market volatility and market manipulation.
Stablecoins	Digital assets intended to maintain a stable value to a reference asset, currency or commodity.	These assets may still be susceptible to price volatility within the market, are subject to pegging mechanisms solely controlled by the issuer and may pose as a threat to financial stability which is within the regulatory ambit of Bank Negara Malaysia.
Digital assets intended to provide benefits	Benefits provided to the holders or investors to be used within the DAX and its related or affiliated entities or exchanges.	This has the potential increased risk of conflict of interest.
Nascent Utility Tokens	Digital assets which have been recently circulated that may not have market demand yet.	This is due to the possibility that such nascent tokens will carry distinct and higher risks such as: regulatory reach to issuers of the protocol or network;market risk;liquidity riskconcentration and distribution risk;project and token economics risks; andtechnology and cyber risk.

(ii) Revised Disclosure Requirements

The following proposals are subsequently implemented in line with the principles and recommendations outlined in the International Organization of Securities Commission (“IOSCO”) Policy Recommendations Report.¹⁹ More specifically, Chapter 4 of the IOSCO Policy Recommendations Report states that the listing and trading of crypto-assets “should adopt and disclose substantive and procedural listing and delisting standards pertaining to crypto assets.”²⁰ As such, to supplement the introduction of the Liberalised Listing Framework, the SC proposes that DAXs must ensure the relevant information relating to the tradeable digital assets is made available to the public.²¹ Among others, the information must include the following:²²

1. comprehensive description of the digital asset;
2. information on ownership and control of digital asset;
3. information relating to the issuer, its business and management team;
4. risks associated with the digital asset;
5. trading history of the digital asset, including volumes and prices;
6. operational description of the digital asset, including any incidents of manipulation or security failures;
7. digital asset ownership concentration and any options and lock-ups for founding team, insiders and affiliates;
8. protocols for transfers; and
9. the DAX’s treatment of the client’s digital asset and their respective rights and entitlements for events such as, but not limited to, hard forks and airdrops.

Part B: Enhancing Requirements relating to Safeguarding Client Assets and Governance

Current Framework

Recent global failures involving DAX, have significantly eroded investor confidence and trust in the financial services ecosystem.²³ In response, the SC proposes that DAX operators be subject to enhanced operational governance and controls requirements, including requirements relating to the segregation of clients’ assets. This ensures the DAXs governance and operational practices commensurate with the risks associated to their operations.²⁴

Currently, the RMO Guidelines enforce the need for DAX operators to segregate investors’ assets from their own inventory and have arrangements and processes in place to protect against the risk of loss, theft or hacking which may include, among others, maintaining an offline-wallet dedicated to the investors’ Digital Assets.²⁵ Although the existing requirements provide sufficient asset security and segregation, the SC holds the view that further measures and steps must be taken to guarantee the protection of investors’ assets held by DAXs.²⁶

Proposals

(i) Security and Segregation of Assets

Therefore, pursuant to the above, the SC has introduced the following new requirements:²⁷

1. at least 90% of the investors’ digital assets must be held in offline wallets (i.e. cold wallets) for each type of digital asset listed on its platform;
2. the remaining investors’ digital assets held in online wallets (i.e. hot wallets) must be fully collateralised with equivalent amount in the DAX’s own offline wallet;
3. where the DAX operator and/or its affiliate companies offer digital asset services in other jurisdictions, the DAX wallet address and trust account for local transactions shall be distinct and separate from its foreign digital asset transactions; and
4. DAX operators must perform daily reconciliation on its asset holdings (including investors’ assets).

(ii) Governance Controls

Additionally, the SC proposes to enhance the requirements and obligations relating to the governance of the DAXs. Such proposals are as outlined:²⁸

1. DAX operators must appoint an independent and qualified party to carry out an audit on the effectiveness of the measures and controls relating to investors’ asset segregation. Such audit must be carried out on a periodic basis, at least once a year;
2. DAX operators must appoint auditors registered with the Audit Oversight Board to conduct its annual financial audits;
3. DAX operators must maintain direct access to its wallet addresses free from influence or control of any external parties (including from its affiliate companies);
4. DAX operators must put in place effective policies and procedures to manage the risk of loss or misuse of investors’ assets including facilitating the return of investors’ assets in the event of the DAXs’ insolvency;
5. DAX operators must identify a member of its senior management who is a resident of Malaysia with the relevant capability, knowledge, experience and authority to be responsible for the administration of the access to the wallet addresses. Among others, this would relate to mitigating the risk of loss or misuse of customers’ assets and facilitating movement of digital assets as set out in subparagraph 2.6(d); and
6. DAX operators that facilitate the custody of digital assets on behalf of its investors must either be registered as a digital asset custodian (“DAC”) or engage a DAC registered with the SC to provide the custody service.

Part C: Enhancing Requirements on DAX Operators

To guarantee greater operational and financial robustness and integrity as well as strong investor protection measures, DAX operators will need to meet certain minimum financial criteria. Therefore, the proposals implemented here seeks to instil confidence among capital market participants to trade through or with regulated DAXs.²⁹

Current Framework

Paragraph 15.03 (b) of the RMO Guidelines requires a DAX operator to have a minimum paid-up share capital of RM5 million, and that a DAX operator operating as a Digital Broker model must maintain a shareholders’ funds of RM5 million at all times.³⁰

Proposals

(i) Financial Requirements 

The SC proposes to increase the financial requirements as follows:

1. Paid-up Share Capital: Minimum RM15 million; and
2. Shareholders’ Funds: The higher of the following must be maintained at all times:

1. Minimum of RM5 million, or in the case of a DAX operator operating a Digital Broker model, minimum of RM7 million; or
2. 25% of the DAX’s operating expenses.

Further, the PCP 3/2025 provides that sufficient time would be allocated to existing DAXs to familiarise and meet the proposed financial requirements above within one year from the issuance date of the revised RMO Guidelines.³¹ Moreover, the SC’s right to impose additional financial requirements or other terms and conditions on the DAX operator at any time remains unchanged as per Paragraph 15.04 of the RMO Guidelines.³²

(ii) Competency Requirements for Shareholders of DAX operators

The SC aims to promote further institutional participation through equity holdings in order to further propel the industry’s growth. This will subsequently draw in more funding and DAX partnership prospects.³³

To facilitate this, the SC proposes that, in the case of DAX operators that are owned by individuals, two of its shareholders whose total shareholding forms the majority (51% or more) in the company, must meet the following requirements:³⁴

1. each of the two shareholders have at least five years of relevant experience in capital market or digital asset business each; and
2. at least one of the two shareholders have direct experience in securities exchange or derivates exchange or broker/trading business.

(iii) Key Persons Requirements

In addition to complying with Chapter 4 of the RMO Guidelines, the ‘Key Persons’ pertaining to the operations of the DAX, (i.e. Directors, Responsible Person, Senior Management and Compliance Officer) are also expected to have the necessary credentials to support their reputation, competency and probity.³⁵ In line with the following, the SC proposes accordingly that:³⁶

1. all members of the Board of the DAX are required to complete the Securities Industry Development Corporation’s Capital Market Director Program; and
2. the responsible person of a DAX operator must have a minimum 5 years of experience in regulated financial services or digital assets business with the appropriate qualifications and skillset.

Our Perspective

There are clear indications that Malaysia is committed to cultivating an inclusive, conducive, transparent, and well-regulated digital asset ecosystem. Policy and innovation should evolve in tandem so all the main drivers such as regulators, policymakers, industry players and stakeholders alike must play their part. To this effect, there are recent positive developments to take note of: Bank Negara Malaysia launched the Digital Asset Innovation Hub (intended to support the development of digital assets and fintech),³⁷ while the government announced the formation of the Digital Asset and Artificial Intelligence Advisory Council (intended to form a strategic advisory body consisting of both local and international experts).³⁸

On the regulatory front, to reiterate, the SC’s proposed amendments to the DAX framework as discussed above focused on greater investor protection, building a more competitive DAX market and underlining the importance of the integrity and standing of the DAX operators. These proposed amendments serve to address the perceived limitations of the DAX framework as it is currently, so this represents a progressive step in improving and safeguarding Malaysia’s digital asset ecosystem. Having said that, there is still room for improvement. Despite the steady growth in recent years, according to the SC’s Capital Market Stability Review 2024, the trading value for digital assets remains relatively low and accounted for just 1.64% of the Malaysian domestic equity market in 2024.³⁹ It is fair to conclude that the digital assets market, being an alternative to the more well-known and established traditional market, remains subject to a degree of scepticism. For instance, the FTX scandal in 2022 has not helped.⁴⁰ Unregistered DAX operators (some fraudulently) have also been targeting Malaysian investors, with the SC reporting close to 1,000 complaints lodged since 2019.⁴¹ Public perception matters, so it is imperative that the SC increases its efforts on investor education and awareness on the DAX. To summarise, a more robust DAX framework as proposed by the SC is ideal and necessary, but the importance of correcting public perception to rebuild trust cannot be overestimated.

For further information, please contact:

Cecil Lim Tze Loong, Azmi & Associates

cecil.lim@azmilaw.com

1. Part G: Additional Requirements Relating to a Digital Asset Exchange, Chapter 15 of the RMO Guidelines. 

2. “SC Seeks Public Feedback on Proposed Enhancements to the Framework for Digital Asset Exchange” (SC, Media and Announcements, 30 June 2025) [cited in this paper as ‘SC Press Release’] Available at: https://www.sc.com.my/resources/media/media-release/sc-seeks-public-feedback-on-proposed-enhancements-to-the-framework-for-digital-asset-exchange [cited in this paper as ‘SC Press Release’]. 

3. Paragraph 1.3 of the PCP 3/2025 [cited in this paper as ‘PCP 3/2025’] Available at: https://www.sc.com.my/api/documentms/download.ashx?id=ce90b551-9111-427b-b8e5-30be7eaa974f. 

4. SC Press Release. 

5. Paragraph 15.01 of the RMO Guidelines. 

6. “Digital Assets” (SC) Available at https://www.sc.com.my/digital-assets. 

7. PCP 3/2025. 

8. Paragraph 1.15 of the PCP 3/2025. 

9. Paragraph 1.16(a) of the PCP 3/2025. 

10. Paragraph 1.16(b) of the PCP 3/2025. 

11. Paragraph 1.16(c) of the PCP 3/2025. 

12. Paragraph 15.16 of the RMO Guidelines. 

13. ibid. 

14. Paragraph 4.3 of the PCP 3/2025. 

15. Paragraph 4.4(a) of the PCP 3/2025. 

16. Paragraph 4.4(b) of the PCP 3/2025. 

17. Paragraph 4.4(c) of the PCP 3/2025. 

18. Paragraph 4.5 of the PCP 3/2025. 

19. Paragraph 4.7 of the PCP 3/2025. 

20. Policy Recommendations for Crypto and Digital Asset Markets, OICV-IOSCO FR11/2023, Chapter 4, Recommendation 6 on Admission to Trading, available at: https://www.iosco.org/library/pubdocs/pdf/IOSCOPD747.pdf. 

21. Paragraph 4.7 of the PCP 3/2025. 

22. ibid. 

23. Paragraph 2.1 of the PCP 3/2025. 

24. Paragraph 2.2 of the PCP 3/2025. 

25. Paragraph 15.28(e), (j) of the RMO Guidelines. 

26. Paragraph 2.4 of the PCP 3/2025. 

27. Paragraph 2.5 of the PCP 3/2025. 

28. Paragraph 2.6 of the PCP 3/2025. 

29. SC Press Release. 

30. Paragraph 15.03(b) of the RMO Guidelines. 

31. Paragraph 3.7 of the PCP 3/2025. 

32. Paragraph 15.04 of the RMO Guidelines. 

33. Paragraph 3.9 of the PCP 3/2025. 

34. Paragraph 3.11 of the PCP 3/2025. 

35. Paragraph 3.12 of the PCP 3/2025. 

36. Paragraph 3.13 of the PCP 3/2025. 

37. “PM Anwar Launches Digital Asset Innovation Hub to Explore Stablecoins In Malaysia” (Fintechnews, 17 June 2025) Available at:  https://fintechnews.my/52040/blockchain/malaysia-digital-asset-hub/. 

38. “Govt Agrees To Set Up Digital Asset And AI Advisory Council – PMO” (Asean Bernama, 8 May 2025) Available at: https://asean.bernama.com/news.php?id=2420994. 

39. “Capital Market Stability Review 2024” (SC) Available at: https://www.sc.com.my/api/documentms/download.ashx?id=90eaf922-f264-4a34-b358-ca621067b019. 

40. “‘Old-fashioned embezzlement’: where did all of FTX’s money go?” (Guardian, 28 March 2024) Available at: https://www.theguardian.com/business/2024/mar/27/where-did-ftx-money-go. 

“SC: 996 Complaints Regarding Unregistered Dax Operators Since 2019” (Bernama Biz, 20 March 2025) Available at: https://www.bernamabiz.com/news.php?id=2404235/.