Securities Commission Malaysia Seeks Feedback for ICO Regulation

Securities Commission Malaysia Seeks Feedback for ICO Regulation

by March 6, 2019

In recognition of the growing public interest in ICOs, its increasing popularity among business seeking to raise funds and a need for a well regulated space, the Securities Commission Malaysia  (SC) has issued a consultation paper to seek the public feedback on its ICO framework.

Securities Commission Malaysia stated in the consultation paper that the lack of regulatory framework exposes investors to risk and makes them vulnerable to fraud and manipulation. They added that regulation is required in order to protect investors and promote confidence in the ICO market

There are few key components that are outlined in this consultation paper that the regulator is seeking feedback on.

Before we dive into that it would be prudent for to us to emphasize that we have summarised some of the key points for the purposes of making it easier to read. If you are however interested in a more detailed and specific read the document can be found here.

A Third-Party Host

Drawing from its experience in regulating ECF and P2P financing, SC proposes for the formation of 3rd party platform to host and assess ICOs, similar to how SMEs are hosting their notes on platforms like pitchIN and Funding Societies.

It is also proposed that this host is then regulated as a recognised market operator (which is the same category that ECF and P2P players are regulated under). Alternatively the framework also explores the possibility of have individuals recognised by SC to conduct the assessments.

If the regulator were to move forward with this approach as separate framework will be issued to regulate these platforms.

ICOs will also have to be approved by SC prior to be being hosted by these independent 3rd parties.

ICO Assessment Criteria

The consultation paper lays out the evaluation and assessment that will be guided by the following:

  1. ICO issuers must be deemed fit to carry out the project sustainably based on the strategy outlined in their whitepaper. This includes the track record of the board of directors and management team
  2. The project must be able to demonstrate a degree of innovation or a meaning digital value proposition for Malaysia
  3. Sufficient safeguards to protect the interests of existing shareholders and token holders
  4. The ICO’s risk must be evaluated and risk mitigation measures must be put in place alongside an assessment of the project plan of the issuer
  5. Adequate processes to manage related party transactions and conflict of interest
  6. Satisfactory processes to monitor AML requirements
  7. Reasonable valuation methodology and assumption for price determination of the digital tokens
  8. An evaluation of the protocol/code, platform or any other application for the technology, as the case may be and its cyber risk management framework.

ICO Issuer Eligibility

The framework proposes that only companies that fulfills the following criteria shall be allowed to issue ICOs in Malaysia:

  1. Locally incorporated with its main business carried out in Malaysia
  2. Minimum paid up capital of RM 500,000
  3. Not publicly listed, but public listed companies are allowed to establish a separate entity to carry out an ICO. The framework explains that this is to prevent potential impact on the company’s price, valuation and shareholder rights. In addition to that the paper also proposes for the board of directors and senior management to collective hold 50% equity in the ICO issuer to ensure they are committed to the success of the ICO. The board and senior management team will not be able to dispose their equity for 18 months.

Governance Requirement

  1. Half of the board of directors and senior management should consist of Malaysians
  2. A member of the board or senior management team as a contact person for SC. This person shall be responsible for identifying and reporting to SC any breach of the requirements, relevant laws or material adverse change relating to the ICO or the ICO issuer.
  3. Establish processes to effectively manage conflict of interest and risk. The ICO issuer must also have in place a business continuity management and cyber-resiliency framework

Limits on Funds Raised Through ICO

ICO issuer may raise funds calculated as a multiple of 10 times the shareholders’ funds and subject to a ceiling of RM100 million.

Requirements on the Proceeds Raised through ICO

  1. Proceeds should be subject to Bank Negara Malaysia’s exchange controls. Which means at least 50% of the ICOs proceeds must be ultilised in Malaysia and if the ICO is asset-backed, to ensure that at least 50% of the assets are based in Malaysia
  2. ICO issuer should only be able to withdraw monies based on the milestones disclosed in their whitepaper

Other Obligations by an Issuer

  1. Fulfill KYC, Customer Due Dilligence and Anti Money Laundering requirements
  2. Prohibition against 3rd party endorsement, promotion and publicity of the ICO
  3. Annual and quarterly reporting to SC
  4. All funds should be deposited to a seperate trust account with a licensed bank. The trust account must be maintained by an independent custodian, escrow agent or entity acting in the capacity of a trustee that is registered with the SC for carrying out capital market activities.

Whitepaper Requirements

  1. Whitepaper must contain brief of the ICO issuer including, where applicable, the group structure and details of material entities within the group
  2. Details and profile of the board of directors/ senior management team/promoters
  3. Brief description of the shares and/or digital token held by the board of directors/ senior management team/ promoters
  4. Objective or purpose and timeline of the ICO, including detailed information on the underlying business/project to be managed and operated by the ICO issuer
  5. Business plan, including detailed description of the sustainability and scalability of the underlying business/project, and the targeted date for each major phase in the business/project
  6. Targeted amount to be raised through the ICO and a scheduled timeline for utilisation of the proceeds including the details of each utilisation
  7. Any rights, conditions or functions attached to digital tokens issued from the ICO including any specific rights/privileges/benefits attributed to a digital token holder
  8. Details of the independent custodian, escrow agents or entity acting in the capacity of a trustee
  9. Discussion on the determination of the price per digital token including the valuation methodology and reasonable assumptions adopted in such calculation
  10. Financial information including audited financial statements or management 19 accounts (where applicable)
  11. A detailed technical description of the protocol, platform and, or application, as the case may be, and the associated benefits of the technology
  12. Details of the associated challenges and risks including any conflict of interest and related party transactions


The regulator welcomes feedback on its framework and members of the public keen to submit their feedback can do so via this email address before 29th March 2019