KUALA LUMPUR: As Malaysia grapples with a significant rise in cybercrimes, the Malaysian Crime Prevention Foundation (MCPF) has made a series of pivotal recommendations to 'overhaul' the Communications and Multimedia Act (CMA) 1998, ahead of its anticipated amendments in Parliament.
MCPF senior vice-chairman, Datuk Seri Ayub Yaakob, said the foundation hopes that the reforms will include increased penalties for cybercriminals, more stringent victim protection mechanisms, and expanded collaboration between financial institutions, law enforcement, and digital platforms.
The foundation's recommendations come amid concerning statistics, with RM1.2 billion lost to online scams in 2023 alone, a 70 per cent increase from 2020.
The rise in cases of online fraud and digital crimes has prompted MCPF to call for stronger legal measures to ensure that penalties for cybercrimes are proportionate to the significant financial and emotional harm caused to victims.
"One of the most pressing concerns is the insufficient penalties for cybercriminals, which have failed to act as a strong deterrent against the rising tide of online fraud. The foundation is advocating for significantly higher fines and longer prison sentences for those convicted of cybercrimes, especially given the substantial financial losses and long-lasting impact on victims. The penalties under the current framework are not adequate considering the severity of the crimes and the massive financial damage caused to individuals," said Ayub.
He said the minimum fines for cybercriminals involved in fraud, such as investment scams, impersonation schemes, and romance scams, should be increased to RM100,000, with minimum prison sentences of three years. This would align the penalties with the financial harm inflicted on victims and serve as a stronger deterrent for potential offenders.
He added that the CMA amendments must also state clear victim protection and compensation mechanisms, including allowing victims to seek compensation directly through the courts, while also establishing support networks to assist them throughout the legal process.
Ayub said initiating specialised cyber courts to handle scam cases and cybercrime cases can also lift the 'weight' of the judicial system and reduce the delays in justice and a backlog of cases.
He said these cyber courts would streamline the judicial process for digital crimes, ensuring quicker rulings and more effective enforcement of penalties.
"MCPF also calls for greater accountability from tech companies. The foundation advocates for regulations that would require platforms including social media sites, e-commerce platforms, and financial institutions to take more responsibility for moderating harmful content and preventing fraudulent activities on their sites.
"Social media and e-commerce platforms need to be more proactive in detecting and removing fraudulent content. We are also looking forward to clearer legal obligations for platforms to verify user identities and ensure that scammers cannot easily operate under fake profiles," he added.
He also emphasised the need for collaboration between financial institutions, telecommunications companies, and law enforcement agencies.
"In the face of increasingly sophisticated cybercrimes, coordinated efforts are crucial to combat fraud and bring perpetrators to justice. The foundation calls for mandatory reporting of suspicious activities by financial institutions and telecom companies, enabling quicker responses to potential threats," he said.
"Cybercrime often involves multiple actors and networks across various sectors. We need an integrated response from all stakeholders to address this issue effectively," Ayub said, adding that the establishment of cyber forensic units within law enforcement would also enhance the ability to investigate digital crimes and track perpetrators.
Ayub said the scale of the cybercrime problem in Malaysia is staggering with an average of 60 Malaysians falling victim to online scams every day, with 86 commercial crime cases reported daily in 2024.
"The total financial losses from these crimes have exceeded RM2.5 billion, underscoring the urgent need for reform. The increasing sophistication of cybercrimes, including the use of artificial intelligence (AI), deepfakes, and impersonation schemes, has made it even harder for victims to identify fraud and protect themselves," he said, urging the government to give due consideration to their recommendations in the CMA amendments.
Meanwhile, University Sains Malaysia criminologist, Associate Professor Dr Geshina Ayu Mat Saat, said the amendments should include making it mandatory to report cyber victimisation.
She said it is essential because, without reports, investigations cannot proceed.
"The current reporting mechanisms are cumbersome and need to be streamlined to encourage victims to come forward," she added.
Geshina proposed several key measures to improve Malaysia's cybercrime prevention and response systems, which included streamlined reporting processes, introducing mandatory user agreements during online sign-ins to educate users of their rights and enhancing capabilities for investigators by investing in specialised training for officers across fields like AI, blockchain, and cyber forensics.
"While legislative reforms and enforcement mechanisms are pivotal, it is equally important for potential victims to recognise how they might inadvertently create opportunities for perpetrators or enable their own victimisation," she said.
She also added the need for widespread public education on the risks of engaging with suspicious online activities, falling prey to cyberbullying, or unknowingly enabling blackmail and identity fraud.
Geshina also advocated for incorporating diverse expertise into the legislative reform process.
"Policymakers must include researchers, academicians, and technicians alongside lawyers and judges when amending cybercrime laws. These experts bring critical insights into criminal behaviour, modes of operation, and technical solutions," she said.
She urged policymakers to listen to the voices of victims to better understand how cybercrimes unfold.
She said breaking the chain of cybercrime requires coordinated efforts from social platforms, service providers, and financial institutions to work together, identify and block suspicious activities.