Malaysia's MY-AI Standards takes aim at the country’s online fraud crisis

The MY-AI Standards platform is Malaysia's most structured attempt yet to get ahead of that curve.

Digital security and safety concept. Blue glossy shield icon on abstract circuit board with zoom in and lens distortion effect

Malaysia has launched a national AI standards platform, and the timing is not incidental. The country recorded 67,735 online crime cases between January and November 2025, with cumulative losses exceeding RM2.7 billion–figures that trace a threat landscape that has grown faster than the legal and regulatory frameworks meant to contain it.

The MY-AI Standards platform, launched on March 10, 2026, by Digital Minister Gobind Singh Deo, is Malaysia's most structured attempt yet to get ahead of that curve. Developed through a collaboration between the National AI Office (NAIO), CyberSecurity Malaysia, and the Department of Standards Malaysia–with ISO support–the platform gives businesses and institutions a single access point to more than 80 global AI standards.

Gobind has described it not as a document archive but as "trust infrastructure": a working framework that embeds transparency and accountability into how AI gets built and deployed in the country.

The fraud context matters here because it is increasingly an AI story. Deepfake videos and voice impersonation have become standard tools in the scammer's kit, used to fabricate identities, manufacture urgency, and bypass verification systems that were not designed with synthetic media in mind.

The Global Anti-Scam Alliance's State of Scams in Malaysia 2025 Report found that Malaysians face an average of 140 scam attempts per person each year, with 85% of adults having been exposed. Of those who lose money, only 13% recover any of it.

The financial damage is unevenly distributed in ways that reveal how targeted these schemes have become. Of the RM2.7 billion lost through November 2025, non-existent investment scams–though accounting for fewer than 10,000 of the 67,735 cases–were responsible for RM1.37 billion in losses alone. That is not random fraud. That is precision targeting, and increasingly, it relies on AI-generated content to establish the trust that makes victims part with large sums.

The global picture reinforces the concern. Deepfake fraud incidents increased tenfold between 2022 and 2023, and by the first quarter of 2025, the quarterly volume had already surpassed the total for all of 2024. For enterprises, the exposure is concrete: some organizations reported losses of up to US$680,000 per deepfake incident in 2024.

The case of a finance worker at Arup, tricked into wiring US$25 million after a fabricated video conference call, remains one of the starkest illustrations of what enterprise-level vulnerability looks like.

Against that, MY-AI Standards is positioned as a common language–between government, industry, and the public–for what responsible AI deployment actually means in practice. The framework is structured around three components: standards development, regulation and compliance, and legislation and enforcement.

The first phase focuses on sector-specific guidelines developed with industry input, before any dedicated legislation is introduced. The Ministry has signaled that measurable progress on the framework is expected within 12 months.

The platform does not stand alone. The Malaysia AI Action Plan 2026–2030 is being finalized. The AI Governance Bill and National AI Code of Ethics are in development. A Digital Trust and Data Security Strategy 2026–2030 is expected later this year. The Penal Code has already been amended, with provisions under Sections 424A to 424D targeting mule account use, and a new cybercrime bill is being drafted.

CyberSecurity Malaysia is also building an AI-powered image and video authentication tool in collaboration with Universiti Kebangsaan Malaysia, intended to support investigations involving identity fraud and digital disinformation.

On the international side, Malaysia is already a participating member of ISO/IEC JTC 1/SC 42–the joint ISO-IEC body that sets the global standard for AI standardization, covering everything from trustworthiness and data governance to ethics and risk management. MY-AI Standards is intended to anchor Malaysia's contribution to that process, not just domestically consume its outputs.

For Malaysia’s tech channel ecosystem, the practical read is this: Malaysia's AI governance environment is tightening across legislation, standards, and enforcement simultaneously. The standards being established now will shape what compliant AI deployment looks like, what clients in regulated sectors will demand, and how procurement decisions get made. As such, the local channel ecosystem will need to work with vendors to ensure customers get the best outcomes in their AI journey.

Getting familiar with MY-AI Standards is not a distant concern. The 12-month progress timeline the Ministry has set makes it a near-term one.