RMiT (Risk Management in Technology)
Bank Negara Malaysia's regulatory framework governing technology risk management for licensed financial institutions.
Risk Management in Technology (RMiT) is Bank Negara Malaysia's (BNM) policy document that sets cybersecurity and technology risk management requirements for all licensed financial institutions — banks, insurers, payment providers, digital banks, and e-money issuers. It covers cloud computing, data management, cybersecurity operations, and technology outsourcing.
For SME Vendors
If your business provides IT services, software, or data processing to a Malaysian bank or financial institution, you may be subject to RMiT requirements as a third-party vendor. Financial institutions must ensure their vendors meet RMiT security standards — which often means your business needs to demonstrate compliance during procurement.