KUALA LUMPUR, Aug 1 — The government, through the Inland Revenue Board (IRB), prioritises safeguarding the security of data within the MyInvois System while ensuring that implementation objectives are met comprehensively, Finance Minister II Datuk Seri Amir Hamzah Azizan said.
Amir Hamzah said the security of MyInvois is maintained through compliance with the IRB’s information and communication technology (ICT) security policy, information security guidelines for cloud computing in public services and other relevant government ICT security policies, circulars and guidelines.
He said the IRB will continuously review and enhance data protection practices based on periodic monitoring and audit activities to address any deficiencies, weaknesses, or opportunities for improvement.
“To safeguard e-Invoice data from unauthorised access, modification, loss, or disclosure, the IRB will implement cybersecurity measures aligned with industry standards, including encryption, authentication, access control and firewalls,” he said at the Dewan Negara today.
Amir Hamzah was responding to Senator Datuk Noraini Idris, who asked about the Ministry of Finance’s preparedness in handling security risks and cyber threats, such as hacking and data breaches, with the digital implementation of e-invoicing for Malaysian taxpayers.
Additionally, he said the IRB has established data governance based on industry standards, ensuring the safe processing of sensitive information and restricting access to authorised individuals.
“This approach protects individual privacy rights and maintains trust in data management protocols following the implementation of e-Invoicing in Malaysia,” he said.
He said the IRB also conducts periodic security posture assessments with third parties and collaborates with the National Cyber Security Agency and the National Security Council to ensure the security of the system.
Regarding the first phase of e-Invoicing, starting today, Amir Hamzah described it as the beginning of the system’s digital transformation journey for tax administration.
He explained that 5,000 companies are expected to start using e-invoices today, and preliminary estimates suggest that 21 million e-invoices will be issued daily by companies.
The testing and production environment for the Application Programming Interface (API) has been open to all companies and taxpayers since April 2024.
“As of August 1, 2024, 16,000 companies have accessed the API sandbox, and 3,500 companies have accessed the API production environment. The MyInvois portal has been accessed by 47,000 taxpayers since June 2024,” he said.
Amir Hamzah was answering an additional question from Noraini regarding the status of the e-invoice system implementation and the effectiveness of the MyInvois Portal and API in terms of real-time submission and receiving.
“To date, over 800,000 e-invoices have been successfully sent through the MyInvois Portal, while four million e-invoices have been sent via the API method in both production and testing environments,” he said.
The government has conducted a pilot project since May 2024 involving more than 90 companies from various industries to test the effectiveness of the MyInvois portal and API.
“This pilot project allows the government and industry to identify technical issues and improve the e-invoicing system continuously. This includes testing real-time submission and receiving within less than two seconds,” he added. — Bernama