The MAS’ proposals in the CP are driven by multiple considerations, including a perceived need to consolidate key supervisory powers of the MAS into a standalone legislative framework (namely, an Omnibus Act), a need to expand the scope of regulatory supervision to address apparent gaps, and Singapore’s commitment to implement the anti-money laundering and countering-the-financing-of-terrorism (AML/CFT) guidance issued by the Financial Action Task Force (FATF) in relation to VASPs.
The proposed starting-point for this reform initiative is a transfer of supervisory powers of the MAS from the Monetary Authority of Singapore Act (Cap. 186) (MAS Act) to the Omnibus Act. The MAS Act sets out the MAS’ structure and competencies as a statutory board, but has over the years been amended intermittently to accommodate additional supervisory powers. Pursuant to the proposals in the CP, existing provisions relating to AML/CFT, the control and resolution of financial institutions (FIs) and the oversight of financial sector dispute resolution schemes would be transferred from the MAS Act to the Omnibus Act. Concurrently, the regulatory framework would be expanded in key areas, as further detailed below.
Expanded powers to issue prohibition orders
The imposition of a prohibition order (PO) is one of a range of enforcement actions the MAS is currently able to take in respect of wrongdoing by persons in the Singapore financial industry. Specifically, where a person engages in serious misconduct, a PO allows the MAS to prohibit that person from carrying on an activity, or holding a certain role, for a specified amount of time. As the MAS is currently only empowered to issue POs under the Securities and Futures Act (Cap 289) (SFA), the Financial Advisers Act (Cap 110) (FAA) and the Insurance Act (Cap 142) (IA) and can only prohibit the carrying on of certain regulated activities, there may currently be circumstances in which imposing a PO is not available to the MAS as a course of action in respect of serious misconduct.
To address this gap, the MAS proposes an expansion of its powers to allow it to issue a PO against any person whose misconduct has the potential to cause harm, based on the sole criterion of whether such person is fit and proper. In line with its existing criteria on fitness and propriety, the MAS may find that a person is not fit and proper where there is a deficiency in the person’s honesty, integrity or reputation, competence or capability, or financial soundness. As is currently the case, individuals subject to a PO would have a right of appeal.
While POs can currently debar persons from taking up certain roles in relation to FIs (e.g., directorships or substantial shareholdings) and from carrying on activities regulated under the SFA, FAA and IA, the MAS proposes to expand the ambit of POs so that they can also prohibit persons from conducting additional activities that are critical to the integrity and functioning of an FI. Specifically, these would be (i) the handling of funds, including the safeguarding or administration of digital payment tokens (DPT) or digital payment token instruments (i.e., crypto custody), (ii) risk-taking, (iii) risk management and control, and (iv) critical system administration. Additional functions may be added in due course, by way of subsidiary legislation.
AML/CFT regulation of persons in Singapore providing digital token services overseas
In June 2019, the FATF adopted guidance to clarify how its AML/CFT standards apply to VASPs. Pursuant to Singapore’s commitment to align with the FATF guidance, the MAS proposes to expand its scope of regulation with regard to virtual asset1 services by making certain additional activities licensable; this would involve a widening of the remit of DPT services under the Payment Services Act (PS Act), as outlined in a consultation paper issued by the MAS on 23 December 2019. Additionally, the FATF guidance requires that the jurisdiction where a VASP is created must regulate and supervise it, notwithstanding that the VASP may also be subject to regulation in other jurisdictions where its activities have touchpoints. Consequently, the MAS proposes to introduce a new licensing framework for VASPs that are based in Singapore and that service customers overseas. These entities are proposed to be termed digital token (DT) service providers and would be regulated under the new Omnibus Act.
Importantly, this new licensing regime for DT service providers would not be limited to entities providing services in respect of DPT as defined in the PS Act (i.e., Bitcoin and certain other cryptocurrencies), but would also extend to services relating to any digital representation of a capital markets product (as defined in the SFA) which can be transferred, stored or traded electronically and which satisfies any other characteristics that the MAS may prescribe. Consequently, it appears that entities providing services in relation to, for example, digital securities or tokenised funds may fall under the new framework.
While the existing licensing regimes under the PS Act, SFA and FAA already regulate activities that are deemed to be carried on “in Singapore” (in accordance with regulatory guidance which the MAS has issued on their scope), the new licensing framework is intended to capture DT service providers who are based in Singapore but provide services “outside Singapore”, and would therefore be complementary to the existing regimes. To achieve alignment with the FATF AML/CFT guidance for VASPs, the new framework would apply to:
- Dealing in DTs. This would capture the buying and selling of DTs, e.g., where incidental to broking, fund management or underwriting activities.
- Facilitating the exchange of DTs. Exchanges which list DTs are an example of entities falling into this category.
- Inducing or attempting to induce any person to enter into, or to offer to enter into, any DT purchase or sale transaction. Arranging brokers may fall within this category, even where they do not take possession of the DT.
- Accepting DTs for the purposes of transferring, or arranging for the transfer or transmission of, the DTs. Persons providing remittance or digital asset transfer services may fall within this category, even where they do not take possession of the DT.
- Safeguarding or administration of a DT or DT instrument, where the service provider has control over the DT or the DT associated with the DT instrument. This category is likely to affect crypto custodians and entities providing custodial services in relation to other digital assets, such as digital securities.
- Advisory services relating to the offer or sale of DTs. This category may affect a range of entity types, including firms that provide consultancy services on digital-asset investment opportunities and those that provide advice and recommendations in a manner that is incidental to their other DT-related services (e.g., broking).
To be eligible for licensing under the new framework, a DT service provider would need to incorporate a company in, and maintain a permanent place of business in, Singapore. It would also require at least one executive director who is resident in Singapore, and would need to fulfil prescribed financial requirements, and ensure its directors and chief executive officer (or equivalent persons) are fit and proper. Once licensed, a DT service provider would need to appoint at least one person to be present at its place of business at prescribed times to address any AML/CFT related queries or complaints from users, and ensure books of all DT transactions are kept and made available to authorities on request.
DT service providers would be subject principally to AML/CFT regulation, and would need to establish an adequate AML/CFT compliance function in Singapore. They would be subject to an AML/CFT notice issued by the MAS, on which the MAS proposes to consult separately in due course. The notice is expected to be similar in substance to the notice applying to DPT service providers under the PS Act, in that DT transactions will be treated as being inherently high-risk. Where relevant, DT service providers will also need to comply with requirements relating to cross-border value transfers (collectively referred to in the industry as the “travel rule”), as well as those on occasional transactions.
Existing MAS-regulated FIs that are incorporated in Singapore and provide DT services wholly outside of Singapore will be subject to the new licensing requirement unless the service already falls within an existing Singapore licensing regime (e.g., broadly, it falls within the (extra)territorial scope of the SFA and/or FAA). The MAS proposes to exempt existing DT service providers from the new licensing requirement for a transitional period, to be consulted upon separately in due course.
Harmonised power to impose TRM requirements
Acknowledging the increasingly fundamental role that technology plays in the delivery of financial services and in the development of Singapore’s “Smart Nation” strategy, the MAS also proposes to harmonise and expand its supervisory powers in relation to TRM. While TRM is already subject to regulation in the form of guidelines and notices (including the MAS Notices on Cyber-Hygiene, which are due to take effect on 6 August 2020), the MAS notes that its powers in this area are linked primarily to TRM supporting specified regulated activities under particular acts, notably the Banking Act, IA and SFA. The MAS recognises that systems that do not support regulated activities can nonetheless pose technology risk, and therefore proposes to widen its powers so that it is able to impose TRM requirements on any FI (or any class of FIs) in relation to the FI’s systems, irrespective of whether these support a regulated activity. These requirements may relate to the management of cyber-security risks, the safe and sound use of technology to deliver financial services, and the safe and sound use of technology to protect data, among other areas.
The maximum penalty for breaches of TRM notices or other regulation will also be increased to S$1 million, which will achieve alignment with other key Singapore legislative frameworks, such as the Personal Data Protection Act 2012.
Statutory protection from liability for mediators, adjudicators and employees of an operator of an approved dispute resolution scheme
To provide consumers with an independent and affordable forum for resolving disputes with FIs, prescribed FIs are required to subscribe as members of an approved dispute resolution scheme. At present, the only scheme prescribed for this purpose is the Financial Industry Disputes Resolution Centre. To strengthen the confidence and autonomy of an approved dispute resolution operator’s mediators, adjudicators and employees, the MAS proposes to provide them with statutory protection from liability in all cases where they act with reasonable care and in good faith.
The proposals for the new Omnibus Act bear testimony to the key role which the MAS attributes to technology in the delivery of financial services, and also reflect a need for the MAS to expand its supervisory ambit as Singapore continues its growth trajectory as an increasingly important global financial centre.
The expansion of the MAS’ powers to issue POs would be a continuation of the thematic focus on individual responsibility that has been evident in various regulatory initiatives over the past years, ranging from the numerous POs that were issued by the MAS across the Singapore financial services industry in connection with its 1MDB probe, to its more recent proposals for guidelines on individual accountability and conduct. While the MAS will continue to impose POs only in cases of serious misconduct, its proposals in this regard will serve to focus the minds of individuals conducting any activity that may be critical to the integrity and functioning of an FI.
Similarly, the MAS’ increasing emphasis on TRM must be viewed in the context of other regulatory initiatives in this area, notably the recent introduction of industry-wide requirements relating to cyber-hygiene (which focus on an FI’s ability to withstand cyberattacks and other forms of unauthorised intrusion) and the MAS’ pending consultation on comprehensive revisions to its TRM guidelines. As fintech moves into the mainstream, this regulatory focus on TRM is likely to continue and intensify.
The proposed Omnibus Act provisions that are likely to attract the highest degree of industry scrutiny are those relating to the AML/CFT regulation of persons in Singapore providing DT services overseas. While the substance of these proposals should not come as a surprise (since it reflects the FATF’s AML/CFT guidance for VASPs, which Singapore has committed to follow), various questions are likely to arise in relation to their implementation. Specifically, it is conceivable that consultation feedback will touch on the following points:
- A question arises as to the pros and cons of enshrining the DT services licensing framework in the new Omnibus Act as opposed to making discrete amendments to the PS Act, SFA and FAA, respectively. Whichever structure is adopted, the aim should be to minimise any risk of inconsistent application of the FATF-driven requirements across different types of DT service provider (i.e., payment firms, capital markets intermediaries, market infrastructure providers and financial advisers) and to achieve a coherent and complementary approach between the regulation of services provided “in Singapore” and those provided “outside Singapore”.
- Questions may also arise in relation to the timing of the proposals relating to DT services, given that many digital asset service providers in Singapore are currently at a key stage in the regulatory calibration of their business models, and that responses to other consultations on potential changes to the PS Act (notably in relation to amendments to the scope of DPT services and the conceptual distinction between DPT and e-money) currently remain pending.
- Additional clarity may be required in relation to the application of the new DT licensing framework to FIs which carry on activities in relation to capital markets products such as securities. In particular, the application of this framework in relation to products that are “a digital representation of a capital markets product” that can be “transferred, stored or traded electronically” may inadvertently capture a broad range of products, such as immobilised securities listed on stock exchanges. Conversely, the transfer or trading of products such as digital securities, although registered on a blockchain, may in some cases still require some non-electronic elements (e.g., for the purposes of recognition under local company law, conventional changes to the underlying issuer’s shareholder register may be required).
- The requirement for existing MAS-regulated FIs that are incorporated in Singapore, but that carry on a business of providing DT services wholly outside of Singapore, to become licensed under the new framework is also likely to raise questions about duplicative requirements. This may give rise to calls for a streamlining of the proposals with a view to ensuring that FIs that are already subject to regulation in Singapore are afforded a degree of facilitation for the purposes of transitioning to the new regime.
Interested parties must respond to the consultation by 20 August 2020. Should you wish to discuss any aspects of the consultation or require assistance with your feedback to the MAS, please reach out to any of the team above, or to your usual Reed Smith contact.
Reed Smith LLP is licensed to operate as a foreign law practice in Singapore under the name and style, Reed Smith Pte Ltd (hereafter collectively, "Reed Smith"). Where advice on Singapore law is required, we will refer the matter to and work with Reed Smith's Formal Law Alliance partner in Singapore, Resource Law LLC, where necessary.
- The FATF defines a ‘virtual asset’ as a digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes.