CIMB Beefs up Security Measures as Mandated by Bank Negara Malaysia

CIMB Beefs up Security Measures as Mandated by Bank Negara Malaysia

by September 29, 2022

CIMB and CIMB Islamic Bank announced that it is on track to fully implement the enhanced security measures against scam as announced recently by Bank Negara Malaysia (BNM).

The bank has already implemented SecureTAC approval via its CIMB Clicks app for online activities, fund transfers and payments, as well as changes to personal information and account settings.

SMS One Time Passwords (OTPs) and Transaction Authorisation Codes (TAC) are currently only available as a fallback option for customers without the Clicks App or for FPX transactions.

The bank will fully cease the alternative option of using SMS OTPs or TAC and mandate only SecureTAC authorisation by the first half of 2023.

CIMB urges all customers who have yet to do so, to download the CIMB Clicks App and to turn on the notifications.

The bank will limit customers to one secure mobile device for the authentication of online banking transactions, with a targeted rollout by end of October 2022.

CIMB will introduce customer verification callback process for all new online banking registration and new secure device activation to protect customers against financial scams.

The bank will also introduce progressively a cooling-off period for first- time enrolment of online banking or secure devices. Once implemented, activation of service will take place during this period only after verification or contact has been made with the customer.

Additionally, the bank will no longer include live URLs, i.e. clickable links, in its SMS messages to customers by the end of 2022.

The bank has also set up dedicated hotlines for customers to report financial scam incidents.

Customers who suspect their banking details have been compromised or that a suspicious transaction has taken place can immediately contact the CIMB contact center to suspend their account immediately.

CIMB will provide a self-serve feature on its digital banking platform for customers to temporarily suspend their account on their own. This service is expected to be made available by the first half of 2023.

The bank says that it already has a sophisticated real- time fraud monitoring system in place to detect high risk transactions and out-of-norm usage or behaviour.

Dato’ Abdul Rahman Ahmad

Dato’ Abdul Rahman Ahmad

Dato’ Abdul Rahman Ahmad, Group Chief Executive Officer of CIMB Group said,

“Security is always CIMB’s highest priority, and the bank already has strong existing controls with multiple layers of security in place.


As such, the bank is supportive of the five additional security measures as announced by BNM, and is committed to fully implement them in a timely manner”.