NGOs - THE DO AND THE DONTS - Overview by Nik Zafri

Recently, an NGO that became a cooperative and later a business entity was arrested (not for legally collecting humanitarian donations with LHDN approval, but) for investing those funds without proper authorisation. I want to clarify this so people understand how a well-intentioned NGO can still be found guilty of money laundering.

1. Collection of Donations

An NGO that collects donations with approval from LHDN (usually under Income Tax Act 1967 Section 44(6) or via official charitable status) is authorised only for the stated charitable purpose.

The money must be used for that stated purpose e.g., humanitarian aid to Palestine and not diverted for other uses unless approved by the donors or governing committee and compliant with the NGO’s constitution.

2. Investing Donations Without Approval

a) Internal governance: If the NGO invests funds without the prior consent of its committee or in breach of its constitution, that can be a breach of trust under Malaysian law.

b) Criminal aspect: Misuse of charitable funds may fall under Penal Code provisions for criminal breach of trust (CBT).

c) Regulatory aspect: Investing pooled funds in securities or capital markets without licensing can violate Capital Markets and Services Act 2007 (CMSA), which requires:

a. A Fund Manager’s License from the Securities Commission Malaysia (SC).

b. Proper registration, disclosure, and, in certain cases, a prospectus if the fund resembles a collective investment scheme.

3. Why It’s a Big Offense

a) Misappropriation: Using donation money for unauthorised investments even if profits are intended for the cause is treated as diversion of funds.

b) Unlicensed activity: Managing or investing public money without a fund management license is prohibited under CMSA Section 58 and 59.

c) Breach of trust: Trustees, office bearers, or committee members can be held personally liable.

4. Possible Consequences

a) LHDN can revoke the NGO’s tax-exempt status,

b) Securities Commission (SC) can impose fines or imprisonment for unlicensed fund management,

c) ROS (Registrar of Societies) or SSM (if it’s a company limited by guarantee) can deregister the NGO,

d) MACC may investigate if there’s suspicion of corruption or abuse.

In short : Any unlawful activity may be deemed or misconstrued as money laundering.

Bottom line:

Even if intentions are good, NGOs must get written approval from their governing body and comply with LHDN, SC, and ROS/SSM regulations before investing donation money. Otherwise, it’s a high-risk move that can lead to deregistration, legal charges, and reputational damage.

Cults, Charisma, and Cash: The Dark Web of Manipulation in Religion, Influence, and Crime - overview by Nik Zafri

Not every guru is wise. Not every movement is noble. Question everything.

Cults have both captivated and horrified the world, cloaked in charisma, religious undertones, and promises of salvation or special knowledge. While many think of cults as isolated religious oddities, the cult mindset and mechanisms have quietly evolved, seeping into modern scams, fake influencer cultures, and even organized crime. At the core, it’s not just about belief, it’s about control, manipulation, and ultimately, money.

Terrorism often begins this way too through cult-like indoctrination, amplifying grievances, promising martyrdom, or utopia. The ultimate currency? Blind loyalty, chaos and cash.

A. CLASSIC CULT MOVEMENT EXAMPLES

1. Heaven’s Gate (USA)

A doomsday cult in the 1990s that combined apocalyptic Christianity with science fiction. Members believed that a spaceship trailing the Hale-Bopp comet would transport them to salvation after death. This led to a mass suicide of 39 people in 1997.

2. Aum Shinrikyo (Japan)

Led by Shoko Asahara, this cult mixed Buddhist and Hindu ideas with conspiracy theories. In 1995, they carried out a deadly sarin gas attack on the Tokyo subway. Despite the violence, members were brainwashed into viewing Asahara as a divine figure.

3. Sky Kingdom (Malaysia – Ayah Pin)

Ayah Pin claimed to be a reincarnation of religious figures across major faiths. His commune was famous for its large teapot structure, symbolizing purification. Despite its seemingly peaceful doctrine, authorities saw it as deviant. It drew followers through the promise of divine truth and spiritual superiority, even as critics pointed to manipulation and financial exploitation.

B. MODERN CULT MECHANICS

Cults don’t always need compounds or temples. Today, cult-style tactics appear in subtler forms:

• Fake Influencers and Online Gurus - Self-proclaimed “mentors” or “wealth coaches” build loyal followings using motivational language, fake luxury, and manipulated social proof. They mimic cult leaders, offering a vision, creating an “us vs. them” mindset, and using fear of missing out (FOMO) to retain loyalty,

• Scammers and Ponzi Schemers - using the power of suggestion, many scammers construct narratives that blend religious hope with psychological manipulation. They often play on trust, faith, or status. Many victims don’t just lose money, they lose identity and social support after being brainwashed into defending their exploiters.

C. MANIPULATION, MAGIC AND MIND GAMES

While I'm not denying that black magic is occasionally invoked in cult narratives especially in Southeast Asia, the real power lies in suggestion and psychological manipulation. Among them are :

• Repetition and Isolation eventually breaking down critical and logical thinking,

• Religious symbolism adds emotional weight,

• Charismatic leadership creates dependence,

• Cover-ups and conspiracies are used to protect the inner circle and silence dissent.

D. MONEY TRAIL - ORGANIZED CRIME AND CULT POWER

Many cults have financial operations that resemble organized crime syndicates.

• Money laundering through donations or businesses,

• Flaunting of wealth to attract new recruits ("If God blesses me, follow me!"),

• Land grabs, crypto scams, fake MLMs,

• Sexual exploitation masked as spiritual rituals

• Layered trust networks that prevent whistleblowing

At the heart of it all, even the most spiritual-sounding cult often boils down to power and money. Control of assets, of people, of belief and the ability to extract wealth in plain sight.

CONCLUSION

The cult isn’t dead, it’s just rebranded. Whether through robes and rituals or reels and retweets, the mechanics remain: isolate, indoctrinate, exploit. As lines blur between spiritual enlightenment and psychological enslavement, the world must sharpen its awareness. What starts as a community of belief can easily become a web of manipulation and when power is unchecked, the victims are often invisible until it’s too late.

MALAYSIANS INVOLVEMENT IN COUNTERFEIT CARD OPERATIONS IN THE UK

Based on the online news, "Foot Soldiers" and one of the leaders of the organized crime from Eastern Europe for skimming and hidden cameras at ATMs have been caught by the Fraud Squad from both UK City and Metropolitan Police.

One of their greatest bust is a huge delivery of more than 2000 counterfeit cards (Citibank, Standard Chartered, DBS etc complete with Visa/Mastercard, Hologram features and magnetic strip (to store compromised data) for swipe with signature, all without chip/pin facilities (using only swipe) from Malaysia to another young Malaysian man renting a room in North London.

During the raid, search in the room found lists of account numbers, foil to emboss the credit cards and details of regular shipments from Malaysia. If the cards haven't been intercepted, stolen British account details would have been encrypted onto the magnetic strips.

What’s particularly disturbing to me is the involvement of Malaysians in such sophisticated and intricate criminal operations. It’s a stark reminder that the issue isn’t just international, it has local roots too.

I sincerely hope the Malaysian government will urgently re-examine the operations of licensed security printing companies, investigate the possible involvement of bank insiders, and crack down on underground black-market printers, in order to strengthen oversight and prevent further abuse of our financial systems.

#FinancialCrime #CardFraud

According to The Register, a total of 105 individuals suspected of credit card fraud were arrested across Asia and Europe following a complex, months-long investigation spanning two continents.

The operation focused on a syndicate allegedly led from Malaysia, with networks extending into 14 European countries including the UK and Germany that specialized in using counterfeit credit cards to purchase high-value goods.

As part of the coordinated takedown, nine suspects were arrested in Malaysia and 76 in various parts of Europe. The crackdown included multiple raids on targeted locations, including two sites believed to be used for producing “high-quality” counterfeit credit cards.

During the searches, authorities seized approximately 3,000 counterfeit payment cards, along with fake passports, surveillance equipment, jewellery, and large sums of cash.

A BRIEF ON HOW TO DETECT FRAUD IN BANKING AND FINANCIAL SECTORS - Nik Zafri

Please also read my other articles about money laundering and anti-corruption.

Detecting fraud is usually linked money laundering, and corruption in the banking and financial sectors is crucial for maintaining the integrity of the financial system. there are strategies and technologies need to be taken into account.

1. Fraud Detection

a. Transaction Monitoring Systems (TMS)

These systems analyze transaction patterns in real-time or near real-time to detect suspicious activities. They use predefined rules, statistical models, and machine learning algorithms to flag anomalies. This will enable banks to proactively detect and investigate suspicious activities, helping to prevent them from escalating into more significant financial crimes. By identifying and halting illegal transactions early, banks can avoid potential losses and reduce the risk of regulatory scrutiny.

b. Anomaly Detection (AI)

Machine learning techniques (AI), such as supervised and unsupervised learning, are employed to detect deviations from typical behavior. These methods can identify unusual patterns that may indicate fraud. Machine learning models has proven effective in detecting anomalies by identifying unusual patterns in vast datasets. These AI models continuously learn from transaction data, adapting to emerging fraudulent schemes in real-time.

c. Behavioural Analytics

Sometimes, a user behaviour can also indicate fraudulent activity. These include frequent login times, transaction types, and sometimes at different locations and mixture of transactions (frequent use of cash deposit machine with significantly large amounts at different locations and online transfers/interbank transfer) 

d. Multi-factor Authentication (MFA)

Implementing MFA helps in preventing unauthorized access to banking systems, which is a common precursor to fraud. It can pose problems to the customers with too many authentications and verifications but it will protect both customers and bank from fraud and scamming. MFA adds an extra layer of security beyond just a password. Customers must provide two or more verification factors—such as something they know (a password), something they have (a smartphone or security token), or something they are (a fingerprint or facial recognition). This makes it much more difficult for unauthorized users to gain access, as even if they manage to obtain one factor, they would still need the additional factor(s) to successfully log in.

2. Money Laundering Detection (Anti-Money Laundering or AML)

a. Know Your Customer (KYC) and Customer Due Diligence (CDD)

KYC involves verifying the identity of customers, while CDD involves ongoing monitoring of their transactions to help identify potentially suspicious behavior linked to money laundering.

b. Suspicious Activity Reporting (SAR)

Banks are required to file SARs for any transactions that they suspect may involve money laundering. These reports are then reviewed by financial regulatory authorities such as Bank Negara.

c. Risk-Based Approach

Financial institutions categorize customers and transactions based on their risk level. Higher-risk transactions are monitored more closely to detect potential money laundering.

d. Transaction Structuring Detection

Money launderers often structure transactions in small amounts to avoid detection. Advanced algorithms can detect patterns of structuring across multiple accounts or over time.

e. Beneficial Ownership Identification

It's essential to determine the true owners behind complex corporate structures, as money launderers often hide behind layers of corporate entities.

3. Corruption Detection

a. Conflict of Interest Checks

Regular audits and checks can help identify situations where employees or executives of the bank might have conflicts of interest, potentially leading to corrupt activities via specific client favoritisms.

b. Vendor and Third-Party Risk Management

Financial institutions should monitor and evaluate the integrity of vendors and third-party relationships to detect corrupt practices, such as bribery or kickbacks.

c. Whistleblower Programs

Encouraging employees to report corrupt activities internally through protected channels can lead to the early detection of corruption.

d. Internal Audits and Controls

Regular internal audits can identify weaknesses in financial controls that could be exploited for corrupt purposes.

4. Technology and Data Analytics

a. Artificial Intelligence and Machine Learning:

AI and ML are increasingly used to detect complex fraud, money laundering, and corruption schemes. These technologies can analyze large datasets and identify patterns that humans might miss.

b. Blockchain Technology

Blockchain’s transparency and immutability make it a powerful tool in preventing fraud and money laundering, especially in tracking the provenance of funds.

c. Big Data Analytics

Analyzing vast amounts of structured and unstructured data helps in identifying suspicious activities across different systems and jurisdictions.

d. Network Analysis

Analyzing relationships between different entities (e.g., customers, accounts, transactions) can reveal hidden connections that may indicate fraudulent or corrupt activity.

5. Regulatory Compliance and Reporting

a. Regulatory Technology 

Regulatory Technology help financial institutions comply with regulatory requirements by automating the monitoring, reporting, and auditing processes.

b. Continuous Training and Awareness

Financial institutions must regularly train their employees on the latest fraud, AML, and anti-corruption techniques and regulations to ensure vigilance and compliance.

c. Collaboration with Law Enforcement

Financial institutions often work closely with law enforcement agencies such as Bank Negara Malaysia, Security Commission, the Police (PDRM), Company Commission etc. to share information and intelligence, helping to detect and prevent illicit activities.

6. Challenges and Emerging Threats

a. Cyber Fraud

As banking becomes increasingly digital, cyber fraud (e.g., phishing, hacking) poses a significant threat. Institutions must continuously update their cybersecurity measures.

b. Cross-Border Transactions

Detecting fraud and money laundering in cross-border transactions is challenging due to differing regulations and the complexity of tracking funds across multiple jurisdictions.

c. Cryptocurrency Risks

The rise of cryptocurrencies presents new challenges for detecting money laundering, as these digital assets offer a degree of anonymity and are harder to trace.

Conclusion

Detecting fraud, money laundering, and corruption requires a multi-faceted approach that combines advanced technology, strict regulatory compliance, and robust internal controls. As threats evolve, financial institutions must stay ahead by adopting innovative detection methods and continuously improving their risk management strategies.

INSURANCE REPORTING PROCEDURE? (Malaysia)

Disclaimer : This brief article represents solely my personal research findings. I do not act as a representative of any mentioned party. The views expressed are strictly my own and do not represent those of the parties referenced herein. Additionally, I may not be updated with the latest insurance reporting procedures. Your input to rectify any inaccuracies in my research is greatly appreciated.

The Anti-Money Laundering, Anti-Terrorism and Proceeds of Unlawful Activities Act 2001 (“the Act”) came into force on 15.1.2001 is aimed at thwarting money laundering, terrorism financing, and the utilization of illicit funds. Reporting entities are mandated to disclose any dubious circumstances, as outlined in the Act, along with sector-specific directives or rules set forth by the Bank Negara Malaysia.

I am more interested to touch on Insurance Sector and how reporting is done.

Insurance fraud entails engaging in deceptive actions to achieve illegitimate gains within an insurance procedure. It happens when either the insurer or the claimant seeks to acquire benefits they are not rightfully entitled to, or when an insurer deliberately withholds benefits rightfully owed. 

Fraud like these adversely affects policyholders, resulting in millions of ringgits lost through elevated premiums and inflated prices for goods and services. Pinpointing the precise cost of insurance fraud proves challenging as a significant portion of instances remain undisclosed.

Examples of insurance fraud that may involve the claimant and/or be known to insurer officials include:

a. Fabricating Claims - Orchestrating staged accidents, such as fake "oil spillage" incidents or chain collisions, to gain possession of the vehicle(s) for repairs.

b. Exaggerating Loss Amounts - Submitting inflated claims where the severity of damage or injuries sustained in a legitimate accident is overstated.

c. Providing False Information for Compensation - Presenting inflated or "padded" claims where the extent of damage or injuries sustained in a genuine accident is misrepresented.

Quoting 14A. (1) of Anti-Money Laundering, Anti-Terrorism, Financing and Proceeds of Unlawful Activities Act (AMLATFPUA) 2001 :

Any person who knows or has reason to suspect that a reporting institution is proposing to report, is reporting or has lodged a report under section 14 or is proposing to provide, is providing or has provided any other related information to the competent authority and discloses such knowledge, suspicion or information to any other person commits an offence and shall on conviction be liable to a fine not exceeding three million ringgit or to imprisonment for a term not exceeding five years or to both.

In this context :

•            Any person        : claimant/insurer officials,

•            Reporting Institution: Insurance Company,

•            Competent Authority: Persatuan Insurans Am Malaysia (PIAM)

The competent authority duly authorized by BNM for reporting fraud is Persatuan Insurans Am Malaysia (PIAM).

However, I noticed some limitations:

Possible ambiguity regarding whether compliance officials (or a member of general public) can utilize the same form (FRCF) to report against another officials - if so, will it reach BNM or any other authority (will such insurance compliance official be protected under the Witness Protection Act 2009 (Act 696),

The general reporting period allocated is six (6) months but clarity is potentially lacking on other types of cases,

Unresolved issues can be reported to either the Ombudsman for Financial Services (OFS) or BNM. 

Nevertheless, there appear to be limitations on BNM side in handling complaints of misconduct, which may not be consistent with Section 14 (A) of AMLATFPUA.

The reporting procedure by other institutions such as Banking and Financial Institutions are generally clear, but there appear to be "some exceptions" regarding reporting insurance incidents, which I consider vague, especially concerning officials reporting misconduct against another official.

If these are valid concerns - there's a need for improvement to ensure that there are no restrictions on disclosing reports directly to Bank Negara Malaysia, aside from PIAM or OFS.

SOME OF THE SHADY TACTICS OF MONEY LAUNDERING - NIK ZAFRI

1) Professional services firms for example accounting, legal and even consultancy firms may unwittingly or knowingly become entangled in money laundering schemes.

Criminals might exploit them by using complex transactions- creating intricate financial transactions or structures, using services to obfuscate the origin of funds or make illicit gains appear legitimate. On the other hand, some professionals might be complicit in facilitating money laundering by either turning a blind eye to suspicious activities or actively aiding in the creation of complex financial setups that conceal the illegal source of funds.

Oversight and due diligence by these firms may also result in inadvertently processing transactions that involve illicit funds without recognizing the red flags.

A conflict of professional secrecy vs a crime will always be an issue. Professionals might be exploited by criminals to shield their activities from scrutiny, using these professionals to shield their transactions or communication from legal investigations.

I hope regulatory bodies should monitor some of these firms and ensure they too implement anti-money laundering measures and know-your-customer protocols. I know many professional firms are dedicated to comply with anti-money laundering and anti-corruption laws but the authorities should find more effective ways to prevent such misuse.

The reality now is that, I notice gaps in compliance or deliberate evasion may enable criminals to exploit and manipulate these services for money laundering purposes.

2)  The process of money laundering in the realm of cryptocurrency involves criminals using diverse methods and services to route funds through numerous addresses or enterprises, obscuring their initial source. Following this, these funds are moved from a seemingly lawful origin to a specific address or platform for conversion into cash.

This approach involves employing cryptocurrency tumblers and mixing services. These services fragment unlawful funds into smaller sums, dispersing them among various addresses before reuniting them, effectively disconnecting the connection between the initial fund source and where it eventually ends up.

ANTI-MONEY LAUNDERING, ANTI TERRORISM AND PROCEEDS OF UNLAWFUL ACTIVITIES ACT 2001 - MY THOUGHT FOR THE DAY

The Malaysian Anti-Money Laundering, Anti-Terrorism and Proceeds of Unlawful Activities Act 2001 is clear in terms of enforcement, reporting institutions and entities, detecting of red flags, sanctions, seizures, etc.

However, there is a possibility of overlapping of duties between several agencies, leaving the general public unclear about "who can do what." This includes Bank Negara Malaysia, Security Commission, Company Commission of Malaysia, Malaysian Anti-Corruption Agency, Royal Military Police, and Special Forces. It's important to sort out these duties to ensure transparency and clarity in the system.

Other potential shortcomings include different reporting periods, accessing databases, listing and global sharing of information. I hope to see improvements in the near future.

PART 2 - ANTI-BRIBERY MANAGEMENT SYSTEM - by Nik Zafri

Note : For all parters of my articles, I will not touch clause 2.0 and 3.0. The articles may follow the sequential order of the standard clauses or quoting certain paras/phrase from the standard but the contents are mostly self-explanation based on my understanding and experience. The contents may also be customized to the Malaysian environment with some references cited from international laws and case studies.

Scope

All documented information is recommended to use anti-bribery laws and voluntary commitments as their guidelines.

Among others, ISO 37001:2016 entails the need for detect, prevent and respond to many types of bribery. The scope involves personnel, associates, business activities, 3rd parties from public, private and not-for-profit sectors (example NGO). 

This means that it's not limited only to clients but also branching out to customers, JV, JV partners, consortium partners, outsourcing providers, contractors, consultants, sub-contractors, suppliers, vendors, advisors, agents, distributors, representatives, intermediaries and investors.

For public official, the system should also cover person holding a legislative, administrative or judicial office, whether by appointment, election or succession, or any person exercising a public function, including for a public agency or public enterprise, or any official or agent of a public domestic or international organization, or any candidate for public office.

These requirements are typically addressed in the Anti Bribery Management System (ABMS) Manual. 

Although the standard may not be thorough, to organizations practicing (corporate) governance especially Public and Public Listed Company, the manual and the associated procedures should include fraud, cartels, anti-trust/competition offences, money laundering etc.

However, this may require a joint effort between those in the financial positions and the duly authorized personnel from the management.

It is recommended the organization work closely to Bank Negara Malaysia, Security Commission, Registrar of Company/Society etc. for more information on legislation or conditions for public-listing/investment.

PENGUBAHAN WANG HARAM/MONEY LAUNDERING

Kajian : Nik Zafri (Januari, 2006)

Artikel berikut adalah kajian bebas pengarang dan bukanlah bertujuan untuk memberikan khidmat nasihat kepada pembaca. Pembaca digalakkan menghubungi pihak yang berwajib seperti institusi perbankan dan kewangan.

Mungkin ramai yang pernah mendengar frasa 'money laundering' atau 'pengubahan wang haram'. Aktiviti money laundering ini telah mengakibatkan kerugian jutaan ringgit kepada sesebuah negara. Setakat ini Malaysia mengamalkan dasar yang agak ketat bagi menangani masalah ini.

Money laundering dikatakan amat popular di peringkat antarabangsa terutamanya golongan pengedar-pengedar dadah, kongsi gelap, bookie, pemain judi dan kumpulan pengganas. Walaupun terdapat pelbagai undang-undang telah digubal di seluruh dunia, namun money laundering, amat sukar di kawal.

Dikatakan money laundering berasal daripada satu kumpulan kongsi gelap/penjenayah antarabangsa yang menggunakan duit hasil kegiatan jenayah untuk 'dilaburkan' atau 'dibersihkan' dengan menggunakan jalan-jalan yang berlandaskan undang-undang seperti menerusi aktiviti pembelian saham, stok, derivatif, futures, FOREX, insurans, pembiayaan industri/projek yang besar, terlibat dalam sektor hartanah dan sebagainya. 

Malah 'penjenayah' menggunakan wang berkenaan bagi 'membiayai' dan 'membeli' bank-bank tertentu (yang bermasalah) untuk diniagakan menerusi pelbagai skim pinjaman berfaedah termasuk segala potongan cukai bagi 'membersihkan' wang berkenaan dan mengikut 'lunas undang-undang' serta dianggap sebagai 'revenue'/hasil. - ('doing the wrong thing the right way' - pengarang)

Suatu laporan antarabangsa pernah dikeluarkan yang menyatakan bahawa kewujudan Money Laundering juga menandakan wujudnya operasi jenayah terancang (organised crime) dan transnasional. 

Money Laundering juga amat cepat evolusinya di mana penjenayah amat bijak menyesuaikan teknik 'pelaburan' agar sukar dikesan tambahan pula dengan adanya teknologi ICT yang mempermudah dan mempercepatkan lagi urusan 'perniagaan'. Apabila banyak keuntungan diperolehi dari 'pelaburan' money laundering, maka dengan sendirinya kekemungkinan 'keuntungan' ini digunakan pula untuk membiayai aktiviti jenayah adalah tinggi.