The AI & Compliance Lawyer: Why Malaysia Needs a New Kind of  Legal Professional 

By Usharani Subramaniam

brown concrete pillars indoors

Artificial intelligence is already shaping how businesses operate, how data is processed and how decisions are made. From banks using AI-driven credit scoring to companies deploying chatbots and automated recruitment tools, AI is becoming embedded in everyday commercial activity. As this happens, you are seeing the emergence of a critical new role: the AI & Compliance Lawyer. 

If you are considering a legal career, or are already working in law, this is one of the most relevant specialisations you can pursue. 

Why AI Changes the Legal Landscape in Malaysia 

When organisations adopt AI, they do not merely acquire new technology - they assume new legal and regulatory risks. AI systems process personal data, automate decision-making and often operate with limited transparency. This raises complex compliance issues under Malaysian law. 

You need to understand how AI intersects with regulatory frameworks such as: 

  • Personal Data Protection Act 2010 (PDPA) 
  • Bank Negara Malaysia (BNM) Risk Management in Technology (RMiT) policy 
  • Securities Commission Malaysia (SC) guidelines on fintech and digital assets 
  • Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act (AMLA) 
  • The upcoming AI Governance Bill (expected to be presented to the Cabinet by June 2026), National AI Office (NAIO) body overseeing Action Plan 2026-2030 
  • Online platform Businesses – Online Safety Act 2025 
  • All in built AI software - Microsoft 365, Zoom, legal research database, chatbots, Resumes screening applications, AI Agentic etc 

As an AI & Compliance Lawyer, your role is to ensure that AI systems are deployed lawfully, responsibly and in a manner that can withstand regulatory scrutiny. 

What You Do as an AI & Compliance Lawyer 

AI-related compliance work is proactive rather than reactive. You are involved at the design and implementation stage, identifying legal risk before harm occurs. 

Your responsibilities typically include: 

  • Assessing whether AI systems comply with PDPA principles such as consent, purpose limitation and data security 
  • Advising on risks arising from automated decision-making, including bias in recruitment, lending or pricing models 
  • Drafting internal AI governance frameworks and compliance policies 
  • Working with IT, data and risk teams to translate legal requirements into operational controls 
  • Preparing organisations for regulatory reviews, audits or investigations by BNM, SC or other regulators 
  • Creating realistic usage policies that balance employee productivity with corporate safety, ensuring ‘Shadow AI’ doesn’t lead to accidental date leaks 
  • Auditing standard software that the company uses to ensure built in AI features follow local laws 
  • Enabling as a bridge to explain AI decisions to clients or authorities if challenged 
  • Existing as ‘Human - in – the – Loop' checkpoint for human professionals remain legally responsible for the final output albeit worked by the AI agent.  
  • Ensuring that third-party vendor is responsible for ‘AI hallucination’ or data breaches in using Agentic AI 
  • Creating policies on mandatory AI Labelling which is a potential requirement under Online Safety Act 2025 to curb deepfakes and scams 

In highly regulated sectors such as banking, insurance, healthcare and telecommunications, your role becomes central to risk management. 

Data Protection, AI and Regulatory Interpretation 

Malaysia’s PDPA 2010 was enacted before the widespread deployment of modern AI systems. While the Act does not expressly regulate AI, its principles apply directly to AI-driven data processing. 

This requires you to interpret existing legal frameworks in new contexts. You may be required to consider questions such as: 

  • Whether AI profiling complies with PDPA consent requirements 
  • How accountability is assigned when an AI system makes an adverse or harmful decision 
  • How transparency obligations are met when AI models function as “black boxes” 
  • How to manage the mandatory regime that requires notification to the commissioner as soon as practicable  
  • How to translate high level risk-based models to specific internal policies that align with the local or international laws 
  • How to prevent automated drafting or research does not trigger unintentional legal obligations or data leaks 

As Malaysia advances initiatives such as MyDIGITAL and the Malaysia Digital Economy Blueprint, regulators are paying closer attention to how emerging technologies are governed. 

Why Demand for AI & Compliance Lawyers Is Rising 

Malaysia’s digital economy continues to expand rapidly, with fintech, e-commerce and data-driven services playing an increasingly significant role. As AI adoption accelerates, so does regulatory oversight. 

You are likely to find demand from: 

  • Banks and financial institutions regulated by BNM 
  • Public-listed companies subject to SC supervision 
  • Multinational corporations deploying AI systems across ASEAN 
  • Technology firms supplying AI solutions to regulated industries 
  • Retail & Digital Platforms ensuring compliance with the Online Safety Act 2025 
  • Healthcare sector for safety and consent under the upcoming National AI Technology Action Plan 2026 – 2030 
  • Online Platforms – Online Safety Act 2025 

In many organisations, you act as the link between legal compliance, technological implementation and enterprise risk - a role that remains undersupplied in the current legal market. 

Skills You Need to Succeed 

To work effectively in this field, you must be comfortable operating at the intersection of law, technology and regulation. 

Key competencies include: 

  • Strong grounding in data protection and regulatory compliance 
  • A working understanding of how AI systems function (without needing to code) 
  • Risk assessment and governance design 
  • Clear communication with technical and non-legal teams 
  • Awareness of regional and global AI regulatory developments 

Lawyers who develop these skills are often better positioned for long-term career resilience. 

How a Law Degree from BAC Supports Your Path into AI & Compliance Law 

A law degree from Brickfields Asia College (BAC) provides you with the legal foundations required to operate in emerging compliance fields such as AI governance. While AI technology evolves rapidly, the legal principles you rely on (including statutory interpretation, regulatory compliance, common law, data protection and risk analysis) remain constant. Your legal education trains you to apply these principles systematically to new and complex scenarios. 

At BAC, you also benefit from free AI and the Law courses offered to all law students throughout their studies, ensuring that your legal training keeps pace with technological change. These courses expose you to how artificial intelligence intersects with legal responsibility, regulatory oversight and professional ethics, allowing you to contextualise doctrinal legal knowledge within modern technological environments. 

Through this combination of core legal training and structured exposure to AI-related legal issues, you develop the ability to analyse legislation, understand regulatory intent and evaluate legal risk in evolving commercial and technological contexts. This foundation enables you to engage confidently with regulators, technologists and senior management, and equips you to adapt as Malaysia’s AI regulatory framework continues to develop. 

A Future-Proof Legal Career 

As an AI & Compliance Lawyer, you play a key role in shaping how technology is deployed responsibly within society. Your work protects organisations from regulatory exposure while safeguarding individuals from unfair or unlawful uses of AI. 

In an economy increasingly influenced by algorithms and automation, the need for legally trained professionals who can interpret, implement and defend compliance will only grow. If you are seeking a legal career in Malaysia with long-term relevance, intellectual challenge and societal impact, this is a pathway firmly aligned with the future of the profession.