Confidentiality of Information
The collection and disclosure of information by the Credit Bureau is governed by legal provisions in the Central Bank of Malaysia Act 2009 (CBA), the Financial Services Act 2013 (FSA), the Islamic Financial Services Act 2013 (IFSA) and the Development Financial Institutions Act 2002 (DFIA). Disclosure to third parties is not allowed unless such disclosure is provided for in any written law and/or with consent from the customer/borrower. The legal provisions also provide for severe penalties for unauthorised access, abuse or misuse of the information by any party that has been given access to such information including, Bank Negara Malaysia.
The credit information provided by the Credit Bureau to a participating financial institution is classified as confidential. The participating financial institutions are required to observe the banking secrecy provisions in the CBA, FSA, IFSA and DFIA which prohibit them from divulging the affairs of their borrowers to a third party except in legally permitted circumstances such as in the course of any court proceedings between the borrower and the participating financial institution, when the disclosure is authorised under any law or when authorised to do so, in writing, by the borrower.
The usage of credit reports within the participating financial institutions is strictly regulated by a policy document issued to the institutions by Bank Negara Malaysia. In addition, information security is protected by the use of smart card, password and other secured technologies. At Bank Negara Malaysia, the CCRIS database keeps a record of all requests for credit reports by participating financial institutions, detailing which participating financial institution and its officers who have requested for the credit reports or have accessed the database as well as the time of access.