MY

Malaysia — AI Governance and Ethics Guidelines (AIGE) + PDPA 2010: AI Compliance Requirements

Malaysia has no mandatory AI law as of April 2026 — comprehensive AI legislation is expected to be submitted to Cabinet in June 2026. However, the Ministry of Science, Technology and Innovation (MOSTI) published the National Guidelines on AI Governance and Ethics (AIGE) in September 2024, and it is prudent for organizations operating in Malaysia to align with its principles. Separately, significant amendments to Malaysia's Personal Data Protection Act (PDPA 2010) took effect in June 2025, updating data protection obligations relevant to AI systems processing personal data of Malaysian residents. Businesses using AI to process Malaysian residents' data must comply with the amended PDPA now.

Check your compliance — freeDownload checklist

Key Facts

Effective Date

September 1, 2024

Maximum Penalty

MYR 1,000,000 under amended PDPA 2010 (eff. June 2025) — AI-specific fines pending future legislation

What Your Business Must Do

2 compliance requirements identified. Critical requirements carry the highest risk of enforcement action.

Malaysia PDPA 2010 Compliance for AI Data Processing

High Priority

The amended Malaysia PDPA (effective June 2025) applies to any organization processing personal data of Malaysian residents through AI systems. Update your privacy notices to disclose AI-driven data processing, ensure lawful bases for automated decision-making, implement data breach notification procedures, and appoint a data protection officer if processing large volumes of Malaysian personal data.

Malaysia AIGE Voluntary Alignment

Medium Priority

While not yet legally binding, the National AI Governance and Ethics Guidelines (AIGE, September 2024) represent the Malaysian government's expectations for responsible AI development and deployment. Aligning now prepares your organization for the mandatory AI legislation expected in 2026. Key AIGE principles: human-centered AI, privacy by design, transparency, fairness, accountability, safety, and sustainability. Organizations in regulated sectors (financial services, healthcare, public services) should treat AIGE alignment as a compliance requirement.

Frequently Asked Questions

Does Malaysia — AI Governance and Ethics Guidelines (AIGE) + PDPA 2010 apply to my business?

Malaysia has no mandatory AI law as of April 2026 — comprehensive AI legislation is expected to be submitted to Cabinet in June 2026. However, the Ministry of Science, Technology and Innovation (MOSTI) published the National Guidelines on AI Governan. Use ComplianceIQ's free scanner to get a personalized assessment in under 5 minutes.

What is the penalty for non-compliance?

The maximum penalty under Malaysia — AI Governance and Ethics Guidelines (AIGE) + PDPA 2010 is: MYR 1,000,000 under amended PDPA 2010 (eff. June 2025) — AI-specific fines pending future legislation. Fines are typically scaled by company size, severity of violation, and whether violations were willful or accidental.

How do I comply with Malaysia — AI Governance and Ethics Guidelines (AIGE) + PDPA 2010?

The 2 requirements above cover the core obligations. The fastest path to compliance is: (1) conduct an AI risk assessment, (2) document your AI systems, (3) implement transparency disclosures where required. ComplianceIQ generates all required documents automatically.

Official Source

https://www.mosti.gov.my/en/usains/aige/

Last updated: 2026-04-13 — verify at source before relying on this information.

Don't leave compliance to chance

ComplianceIQ scans your AI tools, tells you exactly which regulations apply, and generates all required documents — in 30 minutes.

Start your free compliance scan