Zurich General Insurance Malaysia Berhad (ZGIMB) and Zurich General Takaful Malaysia Berhad (ZGTMB), two Malaysian insurance entities operating under the Zurich brand, have been handed Administrative Monetary Penalties by Bank Negara Malaysia for breaching targeted financial sanctions requirements.
ABNM imposed a penalty of RM1,040,000 on ZGIMB and RM520,000 on ZGTMB, bringing the combined total to RM1,560,000.
Both penalties were paid in full, with ZGIMB settling on 26 January 2026 and ZGTMB following on the same date. The breaches relate to incidents that came to light on 19 January 2026.
The violations stemmed from Zurich’s failure to keep its sanctions database current, meaning that customer screening was carried out against outdated information.
As reporting institutions, both entities were obligated to update the database promptly upon publication of the Domestic List and to screen customers — existing, potential and new — against both the Domestic List and the United Nations Security Council Resolutions (UNSCR) List as part of their customer due diligence obligations. BNM uncovered the breaches after Zurich itself submitted reports disclosing that several entities listed on the Domestic List had been onboarded as customers.
Beyond the database failures, Zurich also did not adequately follow up on potential matches to confirm whether they constituted true matches. In the case of ZGIMB, the regulator found an additional failing: the firm did not freeze the relevant customer’s funds or immediately notify BNM upon determining that it held or controlled funds linked to a designated entity. Such steps are considered essential to preventing the financial system from being exploited for terrorism financing.
The root causes identified by BNM included deficiencies in Zurich’s sanctions screening systems and standard operating procedures, alongside insufficient staff oversight and awareness. In determining the size of the penalties, BNM weighed both aggravating and mitigating factors, including the severity of the breaches, Zurich’s prior compliance record, its standard of care in meeting TFS requirements, and the effectiveness of remedial steps taken following the misconduct.
Since the breaches were identified, Zurich has moved to address the underlying issues by strengthening its standard operating procedures and delivering refresher training to relevant staff to reinforce compliance with TFS obligations. BNM affirmed that it expects all reporting institutions to adhere to TFS requirements and signalled it would not hesitate to pursue supervisory or enforcement action against any institution that falls short of its legal and regulatory duties.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
