Latest news with #SmallandMediumEnterprisesAssociationofMalaysia
BusinessToday
3 days ago
- Business
- BusinessToday
Small Traders Relieved After Govt Postponed E-Invoice Implementation
Micro-enterprises in Malaysia will be permanently exempted from mandatory e-invoicing, while small and medium enterprises (SMEs) earning below RM5 million annually will have their e-invoicing deadline extended to Jan 1, 2026, in a move welcomed by the Small and Medium Enterprises Association of Malaysia (SAMENTA). The Government has also temporarily waived LPG permit requirements for small food and beverage traders, easing the regulatory load on street-level operators and hawkers. Datuk William Ng, National President of SAMENTA 'These exemptions are not only timely but also reflect an understanding of the real challenges faced by small businesses on the ground,' said Datuk William Ng, National President of SAMENTA. The e-invoicing exemption applies to businesses earning below RM500,000 a year, many of which operate without digital infrastructure. SAMENTA had earlier raised concerns that mandatory compliance could push small traders to shut down or turn to informal operations. The association also noted that the LPG permit waiver, although minor on paper, has 'significant implications for business continuity and the cost of living.' SAMENTA credited the Government's response with averting what could have escalated into a 'national micro-business crisis.' Related
New Straits Times
3 days ago
- Business
- New Straits Times
SMEs hail e-Invoicing exemption as major relief
KUALA LUMPUR: The government's decision to permanently exempt small and medium enterprises (SMEs) from mandatory e-invoicing requirements is a "huge relief" for the small traders, the Small and Medium Enterprises Association of Malaysia (Samenta) said. The association praised the move, particularly the permanent exemption for micro-enterprises, the extended implementation timeline for SMEs, and the temporary waiver of liquefied petroleum gas (LPG) permit requirements for small food and beverage (F&B) traders. Its national president, Datuk William Ng, said the exemptions are not only timely but also reflect an understanding of the real challenges faced by small businesses on the ground. "We have provided input on both issues, and we are grateful that the government has shown genuine care and support for our most vulnerable enterprises," he said in a statement. The government has permanently exempted businesses earning below RM500,000 annually from the e-invoicing mandate. Ng said the exemption spares the smallest traders, hawkers and family-run shops, many operating without digital infrastructure, from compliance burdens that could have forced them to shut down or operate informally. Meanwhile, the postponement of e-invoicing requirements for businesses earning below RM5 million to Jan 1 next year provides SMEs the breathing space they need to prepare, upskill and adapt. Ng noted that the LPG permit temporary waiver, although a small administrative change, has significant implications for business continuity and the cost of living. He said the government's proactive stance has averted what could have become a national micro-business crisis. Under the earlier implementation schedule, businesses with annual revenues between RM500,000 and RM25 million were required to adopt e-invoicing by July 1, 2025, while those earning below RM500,000 were slated to comply by January 1, 2026. The Inland Revenue Board (LHDN), in a recent statement, said the revised decision was made in recognition of the commitments faced by Micro, Small, and Medium Enterprises (MSMEs) in complying with e-invoicing regulations that need sufficient time and face various implementation challenges.
New Straits Times
7 days ago
- Business
- New Straits Times
NST Leader: Of PDPA and DPOs
"Give us time, give us time", is a refrain we often hear from Malaysian employers when the government introduces a new law or regulation. The amendment to the Personal Data Protection Act (PDPA) that makes the appointment of data protection officers (DPO) mandatory for companies processing more than 20,000 individual personal data or 10,000 sensitive personal data entries, is no exception, with the Small and Medium Enterprises Association of Malaysia, the Malaysian Employers Federation and the Federation of Malaysian Manufacturers complaining that the rule on DPOs is vague and they need more time. Are employers right? No, according to lawyer Arik Zakri. Malaysia, he says, ranks high on the list of countries where online fraud and personal data leaks are common occurrences. To him, there is no valid reason to delay the enforcement of the PDPA. Plus, nine months have elapsed since the Dewan Negara passed the amendment bill on July 31, 2024. Given that three public consultation papers have been issued since January last year, time shouldn't be an issue. As Arik points out, the employers would be missing a good legal defence if they delay the appointment of the DPOs. DPOs, being experts in their field, help companies safeguard personal data, which can serve as a defence in law if they are charged for offences under the act. The directors of the companies can claim they took every reasonable measure possible. Perhaps the employers are misreading the PDPA as amended. Not all companies are required to appoint DPOs. A good question for employers to ask is does this business require DPOs? The answer will be obvious: only companies that hit the 20,000 individual personal data or 10,000 sensitive personal data entries threshold need to do so. Companies that handle that number of personal data are into economies of scale to make higher profits, argues Arik. They should consider the money spent on appointing DPOs as a cost of doing that kind of business. Let's be blunt. Scams and data leakages in Malaysia have reached appalling levels. Malaysia's jurisprudence has not reached a stage where litigation based on breaches of data protection is widespread. We have yet to see big cases where punitive fines and jail terms being imposed on large corporations, such as telcos and financial institutions, for breaches of customers' personal data. The government is right in making the appointment of DPOs mandatory. Let's not forget that the PDPA was passed in 2013 and that is enough time for our employers to have prepared their businesses for this eventuality. Employers should adopt a more positive attitude and march in step with the government's efforts to protect the personal data of the people. It is also in the interest of the employers to hurry with the appointment of the DPOs because it can help mitigate the litigation risks that the companies may be up against. Employers should not underestimate the impact of a data breach suit; it can be so damaging — should the data subjects be numerous — that it can put an entity out of business. True, we haven't had such a case in Malaysia, but it doesn't mean it will never happen.
New Straits Times
31-05-2025
- Business
- New Straits Times
Data protection officer rule creates SME compliance woes
KUALA LUMPUR: An association representing more than 5,000 small- and medium-scale enterprises (SMEs) has voiced concerns about the lack of clarity on the government's requirement for certain businesses to employ data protection officers (DPOs). Last July, the Personal Data Protection Act (PDPA) was amended, requiring, among other things, the appointment of DPOs for companies processing more than 20,000 individual personal data entries and 10,000 sensitive personal data entries. The amended PDPA comes into effect today, but the Small and Medium Enterprises Association of Malaysia (Samenta) said many companies are in the dark over policy specifics. "Most SMEs are struggling to interpret what is expected of them, including the criteria for determining who qualifies as a DPO, the scope of responsibilities, and the consequences of non-compliance," Samenta president Datuk William Ng said. He said while SMEs understood the importance of data protection, there is a need to be realistic about the capacity of smaller companies to absorb additional costs linked to the rule. "Many SMEs subject to PDPA are using bare-bones templates for their policy statements. "The new rule requiring a data protection officer will raise costs and compliance requirements." He said the creation of such a role would set an SME back by RM45,000 to RM60,000 a year. Ng called on the government to extend the deadline for compliance. "We need the government to provide clearer, more detailed guidelines on the DPO role, including responsibilities, compliance expectations and enforcement mechanisms." The New Straits Times has reached out to the Digital Ministry for comment and clarification about the DPO role, enforcement plans and industry player concerns, but has not received a response. While the Personal Data Protection Commissioner's Office has released guidelines on the appointment of DPOs, employers say the guidelines lack clarity and specificity. According to the FAQ on the commission's website, no minimum requirements have been set for DPOs, although employers must ensure that appointed officers receive adequate training to perform their duties. It also states that DPOs must be knowledgeable about PDPA and have a sound understanding of data security. The FAQ said there is no directive on the duration of courses or training that DPOs must attend. "However, it is recommended that such courses or training be completed within a reasonable timeframe, and organisations should determine an appropriate duration based on the course content and their needs." Malaysian Employers Federation president Datuk Syed Hussain Syed Husman has called for the publication of detailed guidelines on the minimum qualifications required for DPOs. "The government should outline minimum competency standards to ensure consistency. "Without this standard, enforcement may be arbitrary, and employers acting in good faith may face penalties." "Without guidelines on credentials, employers face uncertainty when hiring and appointing DPOs." Syed Hussain said MSMEs, in particular, would struggle with role allocation, especially if the DPO role is part time or combined with other responsibilities. "For large employers, DPO responsibilities may be absorbed within the legal, compliance or IT departments. "But most SMEs will find it difficult to manage this as a separate requirement. "We need to be realistic in our execution and not rely on a textbook approach." He urged the government to consider extending the compliance deadline. "Additional time will allow employers to prepare and build the necessary infrastructure for sustained compliance and effective data protection governance." Federation of Malaysian Manufacturers president Tan Sri Soh Thian Lai said hiring a full-time DPO would significantly increase salary and benefit costs for companies. "Annual salaries for an in-house DPO range from RM40,000 to RM150,000, depending on the company's size, the size and complexity of the data handled, and the talent's experience." Soh said a short extension period should be given to companies struggling to comply with the regulation. He said the government should provide additional guidance and support, such as training programmes and clearer communication about the requirements. Jobstreet by SEEK estimates that 27,000 DPOs are needed to fulfil the government's requirements, its managing director Nicholas Lam said. "There is no public estimate for thenumber of practising DPOs in Malaysia. "However, industry feedback on our platform indicates that while organisations recognise the importance of data protection, many do not yet have a dedicated DPO role." Lam said DPO job listings have been relatively unchanged since 2021 despite the new requirements. UiTM Associate Professor of Cybersecurity and Information Safety Dr Muhamad Khairulnizam Zaini said university programmes at the bachelor's and master's levels and even certificates were sufficient to supply such talent. "The Human Resources Development Corporation's Data Privacy and Privacy by Design course is also applicable to develop the skills needed." Khairulnizam, however, said there would be a temporary shortage of DPOs as the June deadline looms. "We are on the right track. Preparedness is a challenge due to a lack of talent." He said that the government's mandate has aligned Malaysia more closely with international standards. He added that having qualified personnel will reduce data breaches and cybersecurity risks, and encourage companies to be more accountable in maintaining cyber hygiene.
New Straits Times
28-05-2025
- Business
- New Straits Times
Samenta urges policy continuity, bold reforms ahead of 13MP finalisation
KUALA LUMPUR: The Small and Medium Enterprises Association of Malaysia (SAMENTA) has urged the government to maintain policy continuity and commit to bold, long-term economic reforms as the 13th Malaysia Plan (13MP) draws closer to its finalisation. The call was made following the resignation of Datuk Seri Rafizi Ramli as Minister of Economy. The association warned that Malaysia risks losing another economic cycle unless the reforms outlined in the draft 13MP are safeguarded and fully implemented. In a statement today, its president, Datuk William Ng, said 13MP must be viewed as a national blueprint born out of broad consultations and urgent necessity. "Malaysia has fallen behind Asian peers because we've failed to act boldly on the basics, namely education, productivity, and enterprise competitiveness. "We understand the plan seeks to pivot the economy towards productivity, private sector investment, and behavioural change. But we must also agree that no plan will succeed if we do not address the underlying issues that continue to hold Malaysia back," he said. The association emphasised the need for the incoming leadership at the Ministry of Economy to preserve the core strategic thrusts of 13MP, including its focus on policy sequencing, behavioural incentives, and place-based development. The government must also ensure execution readiness by aligning ministries, agencies, and budget priorities around outcomes, not merely activities. "The 13MP may very well be our last real chance to become a truly high-income, innovation-driven economy. We cannot afford to keep revisiting the same challenges every five years," Ng said. -- BERNAMA TAGS: SAMENTA, 13th Malaysia Plan, William Ng, economy
