The Financial Services and Markets Bill ("FSM Bill") was read for the second time on 4 April 2022 and subsequently passed by the Singapore Parliament on 5 April 2022. Once it comes into force, the FSM Bill will allow MAS to adopt a financial sector-wide regulatory approach to address key financial sector risks, including money laundering and terrorism financing ("ML/TF") risks, financial misconduct risks and technology risks.

In line with enhancements to the Financial Action Task Force ("FATF") Recommendations, the FSM Bill will also subject digital token ("DT") service providers which are created in Singapore, but do not provide any DT services in Singapore to ML/TF regulation. This serves to prevent regulatory arbitrage by such DT service providers and ensures that they are regulated in at least one jurisdiction.

This update outlines the key aspects of the FSM Bill.

1. Harmonised and expanded powers to issue prohibition orders ("POs")

Prior to the FSM Bill, the Monetary Authority of Singapore ("MAS") had the power under the Securities and Futures Act, the Financial Advisers Act and the Insurance Act to issue POs against persons who have committed serious misconduct and bar them from conducting certain regulated activities or from holding key positions in financial institutions ("FIs") regulated under those respective statutes.

MAS did not have a similar power to issue POs against persons in respect of FIs regulated under other Acts (such as banks regulated under the Banking Act). A person issued with a PO under the Securities and Futures Act, Financial Advisers Act or Insurance Act would also not be prohibited by the PO from carrying out activities regulated under other statutory frameworks.

Under the FSM Bill, MAS' powers to issue POs will be consolidated to apply to all MAS-regulated financial services. The FSM Bill will also empower MAS to issue POs against any person (whether located within or outside Singapore), with the fit and proper criteria being the sole ground upon which MAS will decide whether to issue a PO. Additionally, the scope of prohibition will be broadened to not only include taking up key positions such as directorship, management, or substantial shareholding, but also performing essential functions such as handling of funds, risk-taking, risk management and control, and critical system administration. FIs who use the services of prohibited persons in contravention of the PO will also be guilty of an offence unless they have taken reasonable steps to ensure compliance with the PO and believed on reasonable grounds that they would not be breaching the PO by indirectly engaging a prohibited person.

Despite the wider reach of MAS' new PO powers, MAS has indicated that a PO will generally be issued only to persons with a former, existing or prospective nexus to the financial industry. MAS has also indicated that the scope of coverage of a PO may also extend to certain roles within entities that provide outsourced services to an FI.

In recognizing that POs can materially affect an individual's livelihood, MAS has given the assurance that it would use its powers sparingly, and in a risk-proportionate manner, taking into consideration the nature and severity of the individual's misconduct and its actual or potential impact on the financial industry. MAS has also indicated that it would further issue guidelines to provide clarity on how it would exercise its powers to issue POs.

2. Enhanced regulation of DT service providers for ML/TF risks

The FATF is an inter-governmental body that was established to set standards and promote the effective implementation of measures to combat ML/TF risks and other related threats to the integrity of the international financial system. It is responsible for developing the FATF Recommendations, which are a set of internationally endorsed standards for ML/TF measures.

Since October 2018, the FATF has progressively made changes to the FATF Recommendations and other associated documents to clarify that the FATF Recommendations apply to activities involving what the FATF refers to as virtual assets. More specifically, it was made clear that virtual asset service providers ("VASPs") ought to be licensed or registered in the jurisdictions where they are created, to prevent regulatory arbitrage where no single jurisdiction has sufficient regulatory hold over a specific VASP.

Currently, Singapore regulates certain types of VASPs as providers of digital payment token ("DPT") services under the Payment Services Act ("PSA"). Thus, where the virtual asset qualifies as a DPT under the PSA, a provider of such a virtual asset would be considered as being engaged in providing a licensable payment service under the PSA (since a DPT service is one of several different types of licensable payment services under the PSA). However, the PSA framework only provides for the licensing of DPT services only when the service is carried on as a business in Singapore. Thus, where the DPT service is only offered outside of Singapore, licensing under the PSA would not be required. As such, the legal position in Singapore is presently not fully aligned with the FATF Recommendations.

To address this gap, the FSM Bill will establish a separate licensing regime for persons who provide DT services outside Singapore from within Singapore. Thus, a person who carries on from a place of business in Singapore the business of providing a DT service outside Singapore will be required to be licensed under Part 9 (when the FSM Bill passes into law and becomes the FSM Act), unless that person is already regulated under some other existing regulatory framework (for instance, as a DPT service provider under the PSA).

The FSM Bill will primarily impose ML/TF-related requirements on DT service providers, and these requirements will be similar to those imposed on DPT service providers under the PSA. This means that DT service providers will have to comply with the ML/TF requirements under the FSM Bill, in addition to any other legal requirements applicable under the law of the country in which they offer DT services.

The meaning of the term "DT services" under the new regime will be aligned with the FATF Recommendations to include the following:

(a) dealing in DTs;

(b) facilitating the exchange of DTs;

(c) inducing or attempting to induce any person to enter into or to offer to enter into any agreement for or with a view to buying or selling any DTs in exchange for any money or any other DTs (whether of the same or a different type);

(d) accepting DTs for the purposes of transferring, or arranging for the transfer of, the DTs or arranging for the transmission of DTs (where the service provider does not come into possession of the DTs);

(e) safeguarding or administration of a DT or DT instrument, where the service provider has control over the DT or the DT associated with the DT instrument; and

(f) advisory services relating to the offer or sale of DTs.

In general, a DT is defined as a digital payment token or a digital representation of a capital markets product which can be transferred, stored or traded electronically and satisfies other prescribed characteristics. Conversely, other types of tokens such as digital representation of physical products, which are neither digital payment tokens nor digital representation of capital markets products, will not be regulated as DTs under the FSM Bill.

DT service providers will be subject to licensing and ongoing requirements under the FSM Bill, including but not limited to the following:

(a) having a permanent place of business in Singapore;

(b) appointing at least one person to be present at the DT service provider's place of business to respond to any queries relating to ML/TF or complaints from customers or users;

(c) establishing and staffing an adequate ML/TF compliance function in Singapore;

(d) keeping books of all transactions relating to any DT services at the DT service provider's place of business;

(e) notifying MAS of certain events, providing information about DT services to MAS, and submitting periodic reports to MAS; and

(f) satisfying financial, operational or other such requirements which MAS may prescribe by notice.

3. Harmonised power to impose requirements on technology risk management

The FSM Bill will also consolidate MAS' powers to impose requirements relating to technology risk management on all FIs. Further, the maximum penalty for breaches of technology risk management related regulations will be pegged at S$1 million. This quantum takes into consideration the existing penalty regimes of other Singapore agencies such as the Personal Data Protection Commission.

MAS has indicated that this S$1 million quantum was proposed to signal the importance of technology risk management, given that incidents that lead to disruptions to systems, data leaks, and fraud can impact large numbers of customers. In the event where an FI's breach of technology risk management related regulations also results in a concurrent breach of regulations in Acts administered by other agencies, MAS will work with these other agencies to determine an appropriate course of action.

4. Statutory protection from liability for mediators, adjudicators and employees of operator of approved dispute resolution scheme

Prior to the FSM Bill, the regime for approval of dispute resolution schemes was provided for under the Monetary Authority of Singapore Act ("MAS Act") and the Monetary Authority of Singapore (Dispute Resolution Schemes) Regulations 2007. This approval regime will now be migrated to the FSM Bill, along with the introduction of a new provision conferring statutory protection for mediators, adjudicators, and employees of an operator of an approved dispute resolution scheme against liability or claims by a complainant or FI. This statutory protection will apply where these persons carry out their duties with reasonable care and in good faith, but will not apply in cases of wilful misconduct, negligence, fraud or corruption.

5. Migration of certain MAS Act provisions to the FSM Bill

Apart from the above key changes, various other provisions within the MAS Act will also be migrated to the FSM Bill once it comes into force. Firstly, MAS' general power to issue directions to FIs where necessary in the public interest will be migrated to the FSM Bill. This will be supplemented by a new power to approve the carrying on of business in Singapore by FIs which are not otherwise regulated by MAS, where the operations of such FIs would affect the monetary stability and credit conditions in Singapore, or the development of Singapore as a financial centre, or the financial situation of Singapore generally.

Secondly, MAS' powers of control and resolution of FIs as well as its powers to assist foreign and domestic authorities to support their ML/TF supervisory actions, will be migrated from the MAS Act to the FSM Bill in substantially the same form. MAS' powers of inspections will also be migrated from the MAS Act to the FSM Bill, with amendments to include inspections for the purpose of determining the extent of compliance by an FI with technology risk management requirements, and the extent of compliance by DT service providers with the new DT services regime.

To supplement its powers, the FSM Bill will also contain a new provision obliging FIs to take reasonable care not to provide false or misleading information to MAS.

6. Conclusion

Given the rapid developments to the financial sector, the FSM Bill is a necessary step to provide MAS with powers and tools cutting across sectors and activities to maintain Singapore's position as a reputable global financial centre, by providing stronger safeguards against ML/TF risks, technology risks and other hazards which will come into the fore as the financial sector increases its dependence and reliance on new technologies and innovations to offer products and services.