Companies in Malaysia must comply with several key laws and regulations. Here are the main Acts:

1. Cyber Security Act 2024
Establishment of the National Cyber Security Agency (NACSA)

Governs activities and transactions conducted online or through digital technologies

2. Personal Data Protection Act 2010 (PDPA 2010)

Regulates the processing of personal data in commercial transactions.

Requires companies to protect personal data from cyber threats and unauthorized access.

Enforced by the Department of Personal Data Protection (JPDP).

3. Computer Crimes Act 1997 (CCA 1997)

Specifically addresses cybercrimes such as unauthorized access, hacking, fraud, and system interference.

Criminalizes unauthorized access to computer material, unauthorized modification of computer content, and wrongful communication of passwords or access codes.

4. Penal Code (Act 574) – Cybercrime-related Offenses

Covers cyber offenses such as fraud, identity theft, cyberstalking, and harassment under general criminal provisions.

Includes offenses related to electronic evidence in cybercrimes.

5. Communications and Multimedia Act 1998 (CMA 1998)

Governs the use of network services and infrastructure, including cybersecurity and data protection aspects.

The Malaysian Communications and Multimedia Commission (MCMC) enforces this Act.

Covers offenses such as hacking, illegal access, and cyber-related fraud.

6. Digital Signature Act 1997
Regulates the use of digital signatures to ensure secure electronic transactions.

Establishes legal recognition of digital signatures for authentication and integrity in online communications.

7. Sedition Act 1948 & Defamation Act 1957

Regulates online speech and prevents seditious, defamatory, or misleading online content.
Cyber harassment and misinformation fall under these laws.

8. Strategic Trade Act 2010 (STA 2010)

Regulates the export, transfer, and brokering of strategic cyber-related goods and technology to prevent misuse in cyber warfare or espionage.

9. National Security Council (NSC) Act 2016

Grants the government powers to respond to cyber threats and national security incidents.

Used to coordinate cybersecurity response in cases of major cyber incidents.

10. Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA 2001)

Regulates financial transactions to prevent cyber-related money laundering and terrorism financing.