SUBANG JAYA, MALAYSIA — May 11, 2026. nCrypt Malaysia has launched a dedicated Threat & Vulnerability Risk Assessment (TVRA) service line aligned to Bank Negara Malaysia's Risk Management in Technology (RMiT) framework.
The service is published at /compliance/bnm-tvra and is targeted at Malaysian licensed banks, Islamic banks, e-money issuers, payment system operators, and digital banks subject to BNM technology risk supervision.
The TVRA methodology covers asset and process inventory, threat modelling against the institution's critical technology services, control-effectiveness rating, residual-risk scoring, and remediation roadmap. Deliverables are formatted to support submission to the institution's Board Risk Committee and to BNM upon request, and are produced in conjunction with intelligence-led penetration testing where required by the framework.
The launch consolidates engagement experience from prior nCrypt client work in the Malaysian financial sector and creates a single entry point for procurement teams scoping TVRA-aligned engagements. It complements the existing RMiT compliance hub and the intelligence-led penetration testing service.
Accreditation context. nCrypt's CREST member-firm application is in progress; individual consultants hold CREST CRT among other certifications relevant to BNM-supervised testing. NACSA licence application is submitted. ISO 27001 certification audit is in progress.