Chapter 16: FAQ & Glossary
The most-asked questions from the previous 15 chapters, answered quickly, plus a glossary for reference.
16.1 FAQ
Q1: What is the single core hurdle to open an exchange in Malaysia?
Registering as a Recognized Market Operator (RMO) — DAX under the SC. Without it, operating is illegal. See Ch.1.
Q2: How much money do I need?
The hard threshold is continuously maintaining RM 5M shareholders’ funds; but to actually operate (one-time spend + 12–24 months burn + liquidity inventory), realistic preparation is usually RM 25M – 40M+. See Ch.9, Ch.10, Ch.11 (downloadable model).
Q3: How long to get the licence?
Typically 6–18 months or more, depending on document quality, shareholder background, tech/compliance maturity and SC scheduling. No fast track. See Ch.4.
Q4: Must it be a local company? Can foreigners control it?
It must be a locally incorporated Sdn Bhd with real local substance. Whether foreign shareholding is restricted depends on specifics — consult local counsel. The SC reviews through to the UBO. See Ch.3.
Q5: Can I list any coin?
No. Each asset must pass an SC-criteria listing assessment; tradable assets are concentrated in majors. See Ch.7.
Q6: Can I offer leverage, futures or earn/lending?
Highly sensitive, often outside the DAX licence — launching unilaterally can cost you the licence. Get explicit legal opinion and SC permission first. See Ch.12.
Q7: Is banking hard?
Very — one of the most real bottlenecks. Engage multiple banks early and in parallel, leveraging solid compliance and SC registration status. See Ch.7.
Q8: Why is liquidity so expensive, yet mandatory?
A thin book loses users, and the SC requires a fair, orderly market. MM inventory must be own funds, segregated from client assets. See Ch.10.
Q9: Once licensed, am I set forever?
No. You must maintain capital, report periodically, audit annually, and notify material changes in advance; breaches bring penalties or deregistration. See Ch.14.
Q10: What if we get hacked?
Follow the pre-built incident-response plan and report to the SC within the required timeframe; notify users per law. Insurance and cold-wallet architecture are key buffers. See Ch.15.
Q11: Build or buy white-label?
At MVP, prefer white-label for fast compliant launch; build core modules in-house after scaling. See Ch.9, Ch.12.
Q12: What’s the very first step?
Do a feasibility + budget assessment → hire a local firm fluent in CMSA/SC → pre-engage the SC → advance tech/compliance/banking in parallel. See Ch.8.
16.2 Glossary & abbreviations
| Abbrev. / term | Full name | Meaning |
|---|---|---|
| SC | Securities Commission Malaysia | Primary regulator |
| BNM | Bank Negara Malaysia | Central bank |
| SSM | Companies Commission of Malaysia | Company registry |
| DAX | Digital Asset Exchange | The exchange |
| RMO | Recognized Market Operator | Status a DAX must register for |
| IEO | Initial Exchange Offering | Token fundraising via a platform |
| DAC | Digital Asset Custodian | Custody provider |
| CMSA | Capital Markets and Services Act 2007 | Parent act |
| AMLA | Anti-Money Laundering Act 2001 | AML/CFT parent act |
| AML/CFT | Anti-Money Laundering / Counter Financing of Terrorism | |
| KYC | Know Your Customer | Identity verification |
| CDD / EDD | Customer / Enhanced Due Diligence | |
| STR / SAR | Suspicious Transaction / Activity Report | |
| PEP | Politically Exposed Person | |
| UBO | Ultimate Beneficial Owner | |
| AMLCO / MLRO | AML Compliance Officer / Money Laundering Reporting Officer | |
| FIED | Financial Intelligence and Enforcement Department | BNM unit |
| PDPA | Personal Data Protection Act 2010 | |
| Sdn Bhd | Sendirian Berhad | Private limited company |
| MPC | Multi-Party Computation | Key management |
| HSM | Hardware Security Module | |
| BCP / DR | Business Continuity Plan / Disaster Recovery | |
| RTO / RPO | Recovery Time / Point Objective | |
| CAC / LTV | Customer Acquisition Cost / Lifetime Value | |
| AUC | Assets Under Custody | |
| PoR | Proof of Reserves |
16.3 One-page route recap
Ch.1-2] --> S[Entity
Ch.3] --> A[Application
Ch.4] A --> C[Compliance/Tech
Ch.5-7] --> M[Money
Ch.8-11] M --> P[Product/Growth
Ch.12-13] --> O[Ongoing ops
Ch.14-15]
Summary / action items
- Use the FAQ as a quick Q&A base for team/investor conversations
- Standardize team and application wording with the glossary
- Self-assess completion of each stage against the one-page route
➡️ Compress the whole guide into an executable plan: Chapter 17: Execution Roadmap
🔙 Back to Overview | Previous Risk & Incident Response