MALAYSIA Law and Practice Contributed by: Janet Toh, Irene Yong, Krystle Lui and Boo Cheng Xuan, Shearn Delamore & Co.
financial institutions are subject to more strin - gent requirements imposed by BNM through various policy documents, including the RMiT PD, Outsourcing PD, BCM PD, and MCI PD (col - lectively the “BNM Policies”). The BNM Policies typically require financial institutions to include certain mandatory clauses in their contracts with third parties, where the contract or arrangement involves the use of technology, engagement of external service providers and handling of cus - tomer information, etc. Apart from the inclusion of mandatory contrac - tual provisions required by the BNM Policies, financial institutions must also ensure that the other contractual clauses are not inconsistent with other requirements of the BNM Policies (eg, uptime or other service level requirements). In the context of technology service agreements and telecommunications interconnection agree - ments, which are typically technical in nature, contracting parties should carefully consider the key definitions. The scope of the services or interconnection arrangement (as the case may be), shall also be clearly defined, includ - ing implementation plans, service levels, deliv - erables, and remedies for service or connection failures. Other essential terms cover fees, ter - mination, responsibilities, security, data protec - tion, intellectual property, exclusion of liability, indemnification and dispute resolution. Clear modification procedures and force majeure clauses ensure adaptability while safeguarding both parties’ interests. While many such provisions may appear com - monplace, it is crucial to assess the effect of each provision with reference to the contem - plated technology service or interconnection 7.2 Service Agreements and Interconnection Agreements
arrangement at hand. For instance, although it is common for technology service agreements to exclude the service provider’s liability for loss of data, this may appear unreasonable to a customer in an agreement for the provision of data storage service, since the secure storage of data is essentially what the customer requires in this situation. The parties may therefore have to consider a compromise that is reasonable in the context of data storage, although this does not necessarily mean that there must be no exclu - sion of liability for loss of data. Such tailored approach should similarly be adopted when negotiating other key provisions.
8. Trust Services and Digital Entities
8.1 Trust Services and Electronic Signatures/Digital Identity Schemes Electronic signatures are addressed in the fol - lowing statutes in Malaysia. • The ECA provides for legal recognition of electronic messages in commercial transac - tions and the conditions for use of the elec - tronic messages to fulfil the requirements and to enable and facilitate commercial transac - tions through the use of electronic means and other matters connected therewith. “Com - mercial transaction” is defined in the ECA to mean a single or multiple communication of a commercial nature, whether contractual or not, which includes any matter relating to the supply or exchange of goods or services, agency, investments, financing, banking and insurance. • The Digital Signature Act 1997 (DSA) provides for, and regulates the use of, digital signature as defined in the DSA and to provide for mat - ters connected therewith.
233 CHAMBERS.COM
Powered by FlippingBook