Malaysia has transformed significantly over the last decade, underpinned by a more integrated and globalised environment, rapid technological advances and diverse financing needs. The landscape of business has changed dramatically, with outsourcing activities increasingly replacing a wider range of internal processes and business functions, within associated or group entities, or third parties.
A constant concern, as pointed out by the Central Bank of Malaysia (“BNM”), is the effective management of outsourcing arrangements and whether over-reliance on the service providers will increase the risk of any threat to the safety of information and data.
In Toh See Wei v Teddric Jon Mohr  1 LNS 445 (Suit No. 22NCVC-574-08/2012), learned Judicial Commissioner observed:
 "My view is that Malaysians are concerned about their privacy. If a comprehensive poll of Malaysians' views about privacy is to be taken, surely a large section of Malaysian people would express concern about their privacy and some might view the computer as a threat to their private lives. At the same time, the younger generation are increasingly willing to disclose private feelings, information and photographs every day on social networking websites and through other technological websites and through other technological medias such as smart phones.
 The right to privacy is a multi-dimensional concept. In this modern society, the right to privacy has been recognised both in the eye of law and in common parlance. The right to privacy refers to the specific right of an individual to control the collection, use and disclosure of personal information. Personal information could be in the form of personal interests, habits and activities, family records, education records, communication [including mail and telephone] records, medical records, to name a few. An individual could easily be harmed by the existence of computerised data about him/her which is inaccurate or misleading and which could be transferred to an unauthorised third party at high speed at very little cost. Innovative technologies make personal data easily accessible and communicable, and there is inherent conflict between the right to privacy and data protection.”
The growing number of data-related incidents in recent years has led to the BNM, regulators and respective stakeholders to establish a framework seeking a suitable solution, including:
Notwithstanding concerns around data protection and the public’s increasing awareness of their right to privacy, cloud computing has received much attention in recent years. Thus, there is increasing motivation to explore the possibility of adopting new technologies such as AI, automation and the cloud to reduce IT outsourcing and the impact of the hardware and attrition management. That being said, it is arguable whether the current legal framework in Malaysia adequately regulates and/or governs cloud computing.
BP outsourcing has increased significantly over the last decade to meet diverse commercial needs and to keep businesses competitive in the move towards globalisation.
In recent years, new technologies such as AI and robotic process automation – which may be perceived as tools to reduce business outsourcing – have become very attractive to the local market. While BP outsourcing may bring upon reduced costs, software can provide labour that has almost no cost if properly programmed.
The digitisation of business processes is a common trend in Malaysia, with the aim of tracking and optimising business engagement, either internally or externally, through an API connection to business ecosystem.
In line with good practice, in digital business engagements that fall within the Pareto Principle, to achieve efficiency and manage potential fraud businesses will require a strong strategy that supports both internal and external processes for dispensing information throughout the company.
The key governance on information, such as ISO9001 and ISO22000, has been consistently challenged by GDPR and PDPA.
In this era of globalisation, new technologies such as big data analytics, autonomous robots, cloud computing and AI have become an irresistible force.
The 2018 budget, which implements the Malaysia Digital Policy, prioritised two digital policies, “Cloud First” and the National Artificial Intelligence (AI) Framework. In tandem with these policies, the Malaysia Digital Economy Corporation (“MDEC”) is establishing an artificial intelligence (AI) unit comprising of local and international experts to support the setting up of the National AI Framework. The National AI Framework is expected to be completed by the end of 2019. These new technologies typically promise to improve the efficiency and transparency between businesses.
The new government has continued this “digital” endeavour with the Communication and Multimedia Ministry of Malaysia working together with MDEC to establish a new Digital Content Ecosystem (“DICE”) policy, which aims to accelerate the digital content creative industry as a driver of economic growth in Malaysia.
Based on the initiative taken by the Malaysian government, it may be expected that the market will slowly but surely become more digitalised. Unfortunately, with increasing accessibility due to the use of new technologies, local regulators such as the Securities Commission and BNM are constantly kept on their toes to issue guidelines, rules and/or regulations to regulate these new technologies especially those that concern cryptocurrencies.
For example, the Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) – Digital Currencies (Sector 6), issued by BNM, came into effect on 27 February 2018, and ensures that effective measures are in place against money laundering and terrorism financing risks associated with the use of digital currencies.
Further, with the popularity of e-money growing the SC, on 31 January 2019, amended its Guidelines on Recognised Markets to introduce new requirements for electronic platforms that facilitate the trading of digital assets. Under the revised guidelines, any person who is interested in operating a digital asset platform is required to apply to the SC to be registered as a recognised market operator.
The effective realignment of the business process to suit the ongoing business challenges has become the focus of major enterprises within the insurance, medical, transportation and finance industries.
There is no one specific “parent” statute that regulates or governs “outsourcing” in Malaysia, but there are many industry-specific statutes that may inherently and/or imply restrictions, controls or regulations on outsourcing, eg, the Communication and Multimedia Act 1998, the National Forestry Act 1984 and the Employment Act 1955.
Furthermore, certain industries, such as capital markets and financial services, have strict guidelines or regulations in place that affect the outsourcing of services associated with capital markets or the provision of financial services. For example, the Licensing Handbook, issued by the Securities Commission of Malaysia (“SC”), regulates outsourcing activities by market intermediaries under the Capital Markets and Services Act 2007 (“CMSA”), and the Policy Document on Outsourcing, issued by BNM, regulates outsourcing activities for financial institutions under the Financial Services Act 2013 (“FSA”), the Islamic Financial Services Act 2013 (“IFSA”) and the Development Financial Institutions Act 2002 (“DFIA”)
The industry-specific statutes, guidelines or regulations are discussed further below, see 2.2 Industry Specific Restrictions and 2.3 Legal or Regulatory Restrictions on Data Processing or Data Security.
Communication and Multimedia Act 1998 (“CMA”)
The CMA regulates the increasingly convergent communications and multimedia industries in Malaysia. It does not expressly provide for restrictions on the outsourcing of related services, but does put in place a mechanism that effectively restricts outsourcing. For example, s.36 of the CMA provides that the grant of an individual licence is personal to the licensee, and the individual licence cannot be assigned or transferred to another party without the prior written approval of the Minister. This effectively prohibits the outsourcing of licensed telecommunications services to third parties where it relates to licensable activities.
National Forestry Act 1984 (“NFA”)
The NFA is the principal Act providing for the administration, management and conservation of forests and forestry development within the states of Malaysia. Similar to the CMA, s.23 of the NFA provides for the personal nature of a licence issued for the taking of forest produce, resulting in similar in-built restrictions, ie, the outsourcing of taking of forest produce is prohibited.
Employment Act 1955 (“EA”)
The EA is the principal Act that regulates and governs the labour industry in Malaysia. It provides for a minimum statutory benefit that must be afforded to workers by employers. Pursuant to an amendment in 2011, s.33A was added into the EA, recognising the role of contractors for labour in the employment landscape. A contractor for labour means a person who contracts with a principal, contractor or sub-contractor to supply the labour required for the execution of any work, ie, supplying workers (particularly foreign workers) to any trade or business. It is noteworthy that s.33A only applies to the agriculture industry (EA Section 2, Employment (Exemption) Order 2012).
The new provision of s.33A imposes a legal obligation that a contractor for labour who intends to supply or undertakes to supply any employee must registers with the Director General of Labour Department within 14 days before supplying the employee. The provision also mandates that the contractor for labour must keep or maintain a record of information relating to the supply of employees for the inspection and investigation of the relevant authority.
This new provision is to ensure that workers who are employed under contract for labour are protected and enjoy rights and minimum benefits as provided for under the EA, because an employer must enter a contract of service with the employee in order to be afforded the benefits. This contract is non-existent if the employees are supplied by contractors for labour. This system (commonly known as labour outsourcing) involves the conclusion of a contract for service between the principal and a contractor – thus, no contract of service is executed between worker and owner, which would be most detrimental to the protection and benefit of the workers who technically would not fall under the applicability of the EA.
With the new amendment, the Director General will be informed of the particulars of the contractors and their employees, enabling the Ministry of Human Resources and other relevant authorities to trace any irresponsible contractors, keep up to date with the statistics of contract labourers, and protect the contract labourers.
Licensing Handbook (“Handbook”)
The Handbook was issued pursuant to s.377 of the CMSA and is, essentially, a guideline. The Handbook applies to all holders of a Capital Market and Services Licence (“CMSL”), which covers entities that:
It is worth noting that the Handbook does not apply to investment banks (10.01(3), Handbook).
Notification to the SC
The Handbook distinguishes between material and non-material outsourcing arrangements. A CMSL holder must notify the SC within two weeks of signing the service level agreement for any material outsourcing arrangement.
Material v non-material outsourcing arrangements
The outsourcing of the following functions by a CMSL holder is considered a material outsourcing arrangement and can be outsourced to the following service provider (Item 10.02(1), Handbook):
A CMSL holder is not allowed to outsource any back office function that involves (Item 10.02(2), Handbook):
Other outsourcing arrangements will also be considered as material outsourcing arrangements in the following circumstances (Item 10.02(3), Handbook):
It is pertinent to note that Chapter 10 of the Handbook provides that a CMSL holder must select an appropriate and efficient service provider as well as monitor the outsourcing arrangement on a continuous basis to ensure that it does not lead to business disruption and negative consequences for the CMSL holder's clients (Item 10.01, Handbook).
In brief, CMSL holders need only notify the SC within two weeks of signing the service level agreement for any material outsourcing arrangement; no prior approval is necessary.
Policy Document on Outsourcing (“Policy Document”)
On 28 December 2018, BNM issued the Policy Document which officially came into force on 1 January 2019, following a period of submission of feedback to the draft proposals by BNM on the same topic, as set out in the Exposure Draft on Outsourcing issued on 27 September 2017 (“Exposure Draft”).
The Policy Documents sets out BNM’s proposed regulatory requirements on the outsourcing arrangements of financial institutions. The objective is to ensure that risk management practices regarding outsourcing remain effective moving forward amid the intensification of technological advances. It is applicable to licensed banks, licensed investment banks, licensed Islamic banks, licensed insurers, licensed takaful operators and prescribed development financial institutions, and came into effect on 1 January 2018 (Front page, Policy Document).
Regulatory and approval process
The Policy Document provides that a financial institution must obtain written approval from BNM before entering into a new outsourcing arrangement or renegotiating/renewing an existing outsourcing (12.1, Policy Document), with the following exemptions:
For the purposes of the Policy Document, arrangements which entail procurement of services, leveraging common industry-wide infrastructure driven by regulatory requirements and involvement of third parties due to legal requirements, are generally not considered as outsourcing arrangements. These include (Appendix 3, Policy Document):
An outsourcing arrangement must be governed by a written agreement that is legally enforceable. The outsourcing agreement must, at a minimum, provide for the following (9.6, Policy Document):
The outsourcing agreement must also contain provisions which (9.7, Policy Document):
The Policy Document places a heavier burden on the board and senior management of the financial institution.
The board must:
Senior management shall bear primary responsibility over the day-to-day management of outsourcing risk. The senior management must:
The Policy Document provides for a comprehensive assessment on a potential service provider, which must cover the following:
Thereafter, the findings and outcomes from the due diligence exercise will need to be documented and escalated to the board (9.5, Policy Document).
Outsourcing arrangements outside Malaysia or involving cloud service provider (part 10 and 11, Policy Document)
The policy document acknowledges where service providers is located, or performs the outsourced activity outside Malaysia, or via cloud service provider, there is an inherent added risk with regards to data accessibility, confidentiality, integrity, sovereignty, recoverability and regulatory compliance.
A financial institution should have in place appropriate controls and safeguards to manage these additional risks.
Personal Data Protection Act 2010 (“PDPA”)
Data processing or data security in Malaysia is governed by the PDPA, which regulates the processing of the personal data involved in commercial transactions. The PDPA applies to the processing of personal data by persons established in Malaysia (or by any other person employed or engaged by a person established in Malaysia), and to the processing of personal data by persons who are not established in Malaysia but use equipment located in Malaysia to process personal data (other than for purposes of transit through Malaysia). The PDPA does not apply to the processing of personal data outside Malaysia, unless the personal data is intended to be processed further in Malaysia.
Principles under the PDPA
Pursuant to the PDPA, every data user has to comply with the seven Personal Data Protection Principles, namely:
The PDPA on cross-border transfer of data
The PDPA imposes cross-border restrictions, with the general rule being that personal data may not be transferred to locations outside Malaysia unless somewhere specified by the Minister (Section 129, PDPA). When the PDPA came into effect, the Minister did not publish a list where data may be transferred outside Malaysia (“whitelist”). Until a whitelist is published, cross-border transfers may proceed via alternative means, such as:
A public consultation paper (Personal Data Protection (Transfer Of Personal Data To Places Outside Malaysia) Order 2017) was issued, whereby the Personal Data Protection Commissioner (“Commissioner”) requested feedback and suggestions from the public to be submitted on or before 4 May 2017.
The effect of this whitelist (once it officially comes into effect) is that data users will be permitted to transfer personal data to the jurisdictions that have been identified, and will no longer be required to fulfil the prescribed conditions under S.129(3) of the PDPA prior to the transfer of personal data.
The places identified by the Commissioner under the proposed whitelist are the European Economic Area (EEA) member countries, the United Kingdom, the United States of America, Canada, Switzerland, New Zealand, Argentina, Uruguay, Andorra, the Faroe Islands, Guernsey, Israel, the Isle of Man, Jersey, Australia, Japan, Korea, China, Hong Kong, Taiwan, Singapore, the Philippines and Dubai International Financial Centre (DIFC). As yet, the Minister has yet to approve the safe harbour jurisdiction.
General Data Protection Regulation (“GDPR”)
The GDPR is the new legal framework that came into effect on 25 May 2018 in the European Union (“EU”) and is directly applicable to all EU member states. This new set of rules is designed to give EU citizens more control over their personal data and aims to simplify the regulatory environment for businesses so that both citizens and businesses in the EU can fully benefit from the digital economy.
The GDPR is extra-territorial in nature and applies not just to organisations within the EU but also to organisations outside the EU that offer goods or services to individuals within the EU. Therefore, it applies to a Malaysian organisation if it markets to, or processes the information of EU citizens.
The penalties for the breach of each law are outlined below. Please note that “person” includes an individual, corporation, statutory body, local authority, society, trade union, co-operative society, partnership and any other body, organissation, association or group of persons, whether corporate or unincorporate.
The Policy Document provides for “standard” and “guidance” applicable to financial institutions. It is noteworthy that the “standard” and “guidance” are defined as:
From the aforementioned definitions, it implies that “enforcement action” would entail from a failure to comply with a “standard” as opposed to a “guidance”.
Although neither the Policy Document nor the FSA defines “enforcement action”, BNM has clarified that “enforcement action” is synonymous with administrative actions as provided for under Part XV, Division 2 of the FSA.
If an errant financial institution breaches a standard imposed by BNM, BNM is empowered to take any one or more of the following administrative actions:
Contractual terms to give effect to the seven principles of the PDPA are included in contracts (see 2.3 Legal or Regulatory Restrictions on Data Processing or Data Security).
There is no standard supplier customer model in Malaysia for outsourcing contracts. Thus, organisations are free to select a suitable contracting model, negotiate its terms and conceptualise bespoke outsourcing contracts that best fit their outsourcing needs. Large organisations may have a fixed, existing template for outsourcing contracts.
Outsourcing contracts are generally bespoke contracts that may vary depending on the needs of the customer. However, the models generally used are as follows:
In 2018, global insurers AXA announced the establishment of its new AXA Shared Services Centre in the Puchong Financial Corporate Centre (PFCC) – the latest MSC Cybercentre and an iconic corporate landmark in Puchong. AXA generated an approximate 200 jobs across different technologies and capabilities by the end of 2018.
This is of great importance, as automation in the shared services industry may threaten hundreds, or even thousands, of low-skilled and repetitive jobs in both developed and developing economies.
Customer falls under the definition of “consumer” under the Consumer Protection Act 1999 (“CPA”). The CPA provides for the protection of consumers and promotes a fair, accessible and sustainable marketplace for consumer products and services.
The main customer/consumer protections with regards to goods include the following guarantees:
The main customer/consumer protections with regards to services include the following guarantees:
The remedies available to the consumer against the supplier where any goods or services fail to comply with the above-mentioned guarantees are as follows:
Where the Court or Tribunal for Consumer Claims comes to the conclusion that a contract or a term of a contract is either procedurally or substantively unfair or both, they may declare the contract or the term of the contract as unenforceable or void and the Court may grant judgment or the Tribunal may make an award as provided for under the CPA (s.24G(1), CPA).
The Court or the Tribunal may, in proceedings before it, raise an issue as to whether a contract or its terms are unfair, even if none of the parties has raised the issue in its pleadings (s.24F, CPA).
A contract or a term of a contract is procedurally unfair if it has resulted in an unjust advantage to the supplier or unjust disadvantage to the consumer on account of the conduct of the supplier or the manner in which or circumstances under which the contract or the term of the contract has been entered into or has been arrived at by the consumer and supplier (s.24C(1), CPA).
A contract or a term of a contract is substantively unfair if the contract or the term of the contract is in itself harsh, oppressive, unconscionable, excludes or restricts liability for negligence or excludes or restricts liability for breach of express or implied terms of the contract without adequate justification (s.24D(1), CPA).
For completeness, we highlight the effect of exemption clause in Malaysia. Our Federal Court has recently held in CIMB Bank Berhad v Anthony Lawrence Bourke  2 CLJ 1
" We agree with the defendant that parties are bound by the terms of the contract which they entered into and that it is the court's duty to give effect to the clear and plain meaning of the words in the said clause. That is quite trite.
 The law recognises the principle of freedom of contract. Parties to a contract are free to determine for themselves what their obligations are.
 It is also trite that an agreement must be construed by the words used in the agreement and the court is not empowered to improve upon the instrument which it is called upon to construct…
 We agree with the Court of Appeal when it opined that it is not right to think that a right can be dissociated from remedy and as can be clearly demonstrated by the instant appeal, where despite the finding that there is a breach by the bank, if cl. 12 of the loan agreement is allowed, it would be an exercise in futility for the plaintiffs to file any suit against it. The plaintiffs are precluded from claiming the remedies against the bank. Clause 12 of the loan agreement negates the rights of the plaintiffs to a suit for damages, and the kind of damages as spelt out in the said clause encompasses and covers all forms of damages under a suit for breach of contract or negligence. There is an absolute restriction. Section 29 of the Contracts Act 1950 prohibits such restriction.
 The pertinent question to ask is whether the plaintiffs were absolutely restricted from enforcing their rights under or in respect of the contract. Once again, we have to examine cl. 12 of the loan agreement. From our reading of the said clause (which we have reproduced at para. 19 earlier) the plaintiffs are precluded from claiming any loss or damage and the defendant will not be liable for any amount for loss of income or profit or savings, or any indirect, incidental, consequential, exemplary, punitive or special damages.
 We agree with the views of the Court of Appeal that the kind of damages spelt out in the said cl. 12 encompasses all forms of damages under suit for a breach of contract or negligence. One may ask: If the plaintiffs were precluded from claiming the remedies they sought under para. 21 of their statement of claim, what can they claim against the defendant? Are they not totally restricted from enforcing their rights in respect of the contract? In our considered view, on the plain meaning of the words used in the said cl. 12 of the loan agreement, whatever the plaintiffs are claiming has been negated and as such s. 29 of the Contracts Act 1950 ought to be invoked.
 The right of access to the courts has always been jealously guarded by the common law, and the general principle remains that contracts which seek to oust the jurisdiction of the courts are invalid (See: R A Buckley, Illegality and Public Policy (Sweet & Maxwell, 3rd edn, 2013 at para 8.02)".
Parties may enter into an agreement to govern their relationship, including terms as to when the contract may be terminated. Depending on the terms agreed by the parties, termination may be with cause or without cause.
The customer or supplier may terminate the contract when one party breaches a condition to the contract. A condition is a stipulation that is essential to the main purpose of the contract, the breach of which gives rise to a right to treat the contract as repudiated (s.12, Sale of Goods Act 1957).
The principal Act that deals with loss suffered due to a breach of a contract is the Contracts Act 1950 (“CA”), s.74 of which provides that the aggrieved party is entitled to receive compensation from the party that breaks the contract for any loss or damage that arose from the breach, or which the parties knew was likely to occur when they made the contract (s.74(1), CA). This compensation is not to be given for any remote and indirect loss or damage sustained by reason of the breach (s.74(2), CA).
In Malaysia, there is a distinction between direct and indirect loss. The plaintiffs/claimants are entitled to claim losses that were the natural consequence of the defendant’s breach, or losses that were within the contemplation of both parties at the time they made the contract. Losses that are too remote or not within the contemplation of the parties may not be claimable.
In Malaysia, a plaintiff seeking substantial damages has the burden of proving the liability of the defendant, the remoteness of the damage (foreseeability) and the actual damage suffered (quantum) based on clear and sound proof; failure to do so would entail an award of only nominal damages. Furthermore, the fundamental principle of damages is that they are compensatory in nature.
Loss of Profit
As a general rule, the Court may be disinclined to order an award of damages for loss of profit in fear of causing a windfall in favour of the plaintiff. With that being said, cases in Malaysia (SPM Membrance Switch Sdn Bhd v Kerajaan Negeri Selangor  1 CLJ 177; Bank Bumiputra Malaysia Bhd. Kuala Terengganu v Mae Perkayuan Sdn. Bhd. & Anor.  2 CLJ 295) have held that loss of profit may be regarded as a head of damages in specific circumstances. In this regard, s.74 of the CA still applies. Therefore, as long as the damage suffered for loss of profit is deemed to be a natural result of the breach or within the contemplation of the breaching party, nothing precludes the Court from ordering substantial damages for loss of profit in favour of the aggrieved party.
Loss of Goodwill
Case law in Malaysia has regarded loss of goodwill as a head of damages (Taiping Poly (M) Sdn Bhd v Wong Fook Toh, Wong Che Leong and Wong Su Fah (t/a Kong Wah Trading Co)  1 MLJ 798). Although it would be impossible to quantify the actual loss suffered with regards to loss of goodwill, the Courts have held that the applicable principle in determining loss of goodwill is by utilising the “best means” test, whereby the Court must assess what is a fair and temperate sum for the plaintiff, by the best means it can. The rationale for this is that the law assumes that damages will result if the goodwill of a man’s business has been interfered with by the passing off of goods.
In brief, the quantum of award in respect of goodwill is a matter of Court discretion, depending on the facts of the particular case. Factors that the Court consider in determining this include the plaintiff’s reputation and the length of time of the defendant’s wrongful act.
In recent years, Malaysian Courts seem inclined to be guided by intellectual property valuation reports when determining the quantum of damages for loss of goodwill. In this regard, the Intellectual Property Commission of Malaysia (“IPCM”) provides training and even certification to certify an individual as a registered IP Valuer with IPCM.
Generally, parties are bound by the terms of the contracts they have signed. For the purpose of construction of the terms, the Malaysian Courts will generally give effect to the plain and natural words used in the contract: Morello Sdn Bhd v Jaques (International) Sdn Bhd  2 CLJ 23 held as follows:
“… For the purposes of construction of contracts, the intention of the parties is the meaning of the words they have used. In Schuler (L.) AG v Wickman Machine Tool Sales Ltd.  AC 235, Lord Simon of Glaisdale approved the following passage in Norton on Deeds (2nd Ed. p.50):
...the question to be answered always is, 'What is the meaning of what the parties have said?' not 'What did the parties mean to say?'...it being a presumption juris et de jure... that the parties intended to say that which they have said.”
The Malaysian Courts will generally give effect to the plain and natural words used in the contract: Encony Development Sdn Bhd v Robert Geoffrey Gooch & Anor  3 MLJ 400, Court of Appeal at para 41 and 42; Perbadanan Kemajuan Negeri Selangor v Selangor Country Club Sdn Bhd  2 MLJ 819, Court of Appeal at para. 33 – 34.
The Malaysian Courts will not intervene to rewrite or audit the bargain between the parties, and will instead hold them to the contract, agreement or instrument they made for themselves by giving effect to the clear and unequivocal words of the terms: Bank Islam Malaysia Bhd v Lim Kok Hoe & Anor and Other Appeals  6 CLJ 22, Court of Appeal; Agromate (M) Sdn Bhd v KTS Trading Sdn Bhd  1 LNS 1707 , Court of Appeal, para 40; Ling Ing Keat v Martina Pg Ismail  3 CLJ 149, Court of Appeal, para 27.
In Berjaya Times Square Sdn Bhd (formerly known as Berjaya Ditan Sdn Bhd) v M Concept Sdn Bhd  1 MLJ 597, Federal Court at para. 43
“The most recent statement of the guideline to interpretation of contracts statutes and other instruments is to be found in Attorney General of Belize v. Belize Telecom Limited  UKPC 11, where when delivering the Advice of the Board, Lord Hoffmann said:
The court has no power to improve upon the instrument which it is called upon to construe, whether it be a contract, a statute or articles of association. It cannot introduce terms to make it fairer or more reasonable. It is concerned only to discover what the instrument means. However, that meaning is not necessarily or always what the authors or parties to the document would have intended. It is the meaning which the instrument would convey to a reasonable person having all the background knowledge which would reasonably be available to the audience to whom the instrument is addressed: see Investors Compensation Scheme Ltd v. West Bromwich Building Society 1 WLR 896, 912-913. It is this objective meaning which is conventionally called the intention of the parties, or the intention of Parliament, or the intention of whatever person or body was or is deemed to have been the author of the instrument.” (Emphasis added)
There are no fixed implied terms that are relevant to outsourcing contracts in Malaysia. This is in tandem with the fact that a myriad of services may be outsourced, so the terms would vary depending on the nature of the outsourcing contract.
With that being said, case law in Malaysia has held that the business efficacy test and the officious bystander test can determine whether a term has been implied into a contract: Sababumi (Sandakan) Sdn Bhd v Datuk Yap Pak Leong  3 MLJ 151.
The business efficacy test would be satisfied if it can be shown that the term sought to be implied is necessary to give business efficacy to the transactions – that is, to enable the transaction to be efficient or to produce the effect that was intended.
The officious bystander test denotes that it is a term so obvious that it goes without saying: if an officious bystander were to suggest some express provision for the agreement while the parties were making their bargain, they would testily suppress him with a common, “Oh, of course!”
Therefore, there is no hard and fast rule with regards to implied terms for a contract, including an outsourcing contract. Should a term fulfil both the tests described above, the Court may imply said term into the outsourcing contract.
Recently, our Federal Court has adopted the following guidelines in interpreting a contract. First, a court interpreting a private contract is not confined to the four corners of the document. It is entitled to look at the factual matrix forming the background to the transaction. Second, the factual matrix which forms the background to the transaction includes all material that was reasonably available to the parties. Third, the interpreting court must disregard any part of the background that is declaratory of subjective intent only. Lastly, the court should adopt an objective approach when interpreting a private contract.
It is a deeply entrenched principle in industrial jurisprudence that employers have managerial prerogative to transfer their employees. The Court would normally not interfere when this prerogative is exercised, unless there is a contract to the contrary.
However, the power to transfer employees is subject to the following well-recognised restrictions:
Furthermore, consent is usually required (unless provided otherwise in the employment contract), as case law has shown that, in some cases, the transfer of an employee to another legal entity without their consent could potentially result in a claim of constructive dismissal, especially if the employee is transferred to the service provider and the employee’s job scope differs significantly. Transfer without consent may also be deemed a violation of the Federal Constitution, as the employee has the right to be employed by an employer of their choice. Therefore, compelling an employee to work for a particular employer without affording him a choice in the matter has been interpreted to constitute one form of forced labour: Barat Estates Sdn Bhd & Anor v Parawakan A/L Subramaniam & Ors  4 MLJ 107.
To avoid any claims for constructive dismissal, an employer should ensure that any transfer:
There is no statute in Malaysia for workers council. However, trade unions are governed by the Industrial Relations Act 1967 and the Trade Unions Act 1959.
By the black letter of the law, there is no legal requirement for an employer to consult trade unions before outsourcing, unless expressly provided under collective agreement entered into between trade unions and employers. Thus, in the event a collective agreement provides for a duty of the employer to consult the trade union before outsourcing, the employer would be contractually bound to do so.
There is no applicable information in this jurisdiction.
There are no general terms or standard contracts governing the transfer of assets in outsourcing agreements in Malaysia. Terms are entirely transaction specific and are, therefore, a matter for negotiation.
With that being said, Malaysian law imposes formality requirements in the transfer of certain assets, for example:
Moveable property and other assets are not generally subjected to any formalities, but a written agreement is advisable for clarity and evidential purpose.