On 21 July, the Monetary Authority of Singapore (MAS) published a consultation paper seeking views on a proposed new omnibus act that will allow the MAS to adopt a financial sector–wide regulatory approach to financial institutions across the financial sector.
The new omnibus act will contain provisions relating to the following areas:
- A harmonized and expanded power to issue prohibition orders
- Regulation of virtual asset service providers (VASPs) created in Singapore for anti-money laundering and countering of financing of terrorism (AML/CFT) purposes
- A harmonized power to impose requirements on technology risk management
- Providing mediators, adjudicators, and employees of an operator of an approved dispute resolution scheme with statutory protection from liability
Harmonized and Expanded Power to Issue Prohibition Orders
Under the existing regime, MAS issues prohibition orders (POs) to bar persons from conducting certain activities or from holding key roles in financial institutions (FIs) for a period of time in cases of serious misconduct, and such powers reside in the Securities and Futures Act (Cap 289) (SFA), the Financial Advisers Act (Cap 110) (FAA), and the Insurance Act (Cap 142) (IA). The unintended consequence is that MAS cannot issue POs to persons regulated under other acts administered by MAS even if such persons have committed serious misconduct in the financial industry.
Under the new act, MAS may issue a PO against any person. The sole ground for issuing a PO is proposed to be the fit and proper test; such criteria is currently set out in the MAS Guidelines on Fit and Proper Criteria (Guideline No: FSG-G01) and comprises the following elements:
- Honesty, integrity, and reputation
- Competence and capability
- Financial soundness
Under the existing regime, the effect of POs is that a person who has been issued a PO is prohibited from taking up specified positions (i.e., directorship, substantial shareholding, management) and conducting certain activities that are regulated under the SFA, FA, and IA.
Under the new act, MAS proposes additional functions to the scope of prohibition under the POs which are deemed critical to the integrity and functioning of FIs; namely, the following:
- Handling of funds, including safeguarding or administration of a digital payment token (DPT) or DPT instrument
- Risk management and control
- Critical system administration
Further, MAS proposes for the new act to include a power to prescribe additional specific functions in subsidiary legislation, which would allow MAS to respond swiftly to include new functions as the financial industry develops and new risks emerge.
Regulating Virtual Asset Service Providers Created in Singapore for AML/CFT Purposes
The Financial Action Task Force (FATF) recently revised the FATF Standards (Standards) to require countries to regulate VASPs to mitigate AML/CFT risks. FATF terms virtual assets as a “digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes.” MAS notes two key enhancements to the scope of the Standards that are pertinent for implementation. Firstly, FATF has defined five activities of VASPs that jurisdictions should regulate for AML/CFT. This first enhancement is covered in proposed amendments to the Payment Services Act.
Secondly, the Standards require VASPs to be licensed or registered in the jurisdiction where they are created. Accordingly, MAS proposes to introduce a new class of FIs, which are entities that are created in Singapore but are carrying on a business of providing virtual asset activities outside of Singapore. Such entities will be termed digital token (DT) service providers and will be regulated under the new act.
DT Service Providers
MAS proposes that a DT be defined as either of the following:
- A digital payment token as defined in the Payment Services Act
- A digital representation of a capital markets product, as defined in the SFA, which (1) can be transferred, stored, or traded electronically; and (2) satisfies such other characteristics as MAS may prescribe
Each of the following is a DT service for the purposes of the new act:
- Dealing in DTs
- Facilitating the exchange of DTs
- Inducing or attempting to induce any person to enter into or to offer to enter into any agreement for or with a view to buying or selling any DTs in exchange for any money or any other DTs
- Accepting DTs for the purposes of transferring or arranging for the transfer of the DTs or arranging for the transmission of DTs
- Safeguarding or administration of a DT or DT instrument, where the service provider has control over the DT or the DT associated with the DT instrument
- Advisory services relating to the offer or sale of DTs
MAS intends to put in place licensing and ongoing requirements on DT service providers to ensure that such entities have a meaningful presence in Singapore such that MAS has adequate supervisory oversight over them, even if they provide DT services outside of Singapore.
MAS proposes all of the following criteria to be fulfilled by a DT service provider at the point of admission:
- The applicant must appoint at least one executive director who is resident in Singapore.
- The applicant must be incorporated as a company in Singapore.
- The applicant must have a permanent place of business in Singapore.
- The applicant must satisfy such financial requirements as may be prescribed by MAS
- Each of the directors and chief executive officer, or equivalent persons, of the applicant is a fit and proper person.
Once a DT service provider is licensed (licensee), MAS proposes the following ongoing requirements:
- The licensee must have a permanent place of business in Singapore.
- The licensee must appoint at least one person to be present, on such day and at such hours as MAS may specify by notice in writing, at the licensee’s permanent place of business to address any AML/CFT-related queries or complaints from any DT user that uses any DT service provided by the licensee or is a customer of the licensee.
- The licensee must keep or cause to be kept, at the licensee’s permanent place of business, books of all the licensee’s transactions in relation to any DT service provided by the licensee. Such books must be made available to authorities in a timely manner upon request.
- The licensee must satisfy such financial requirements as may be prescribed by MAS by notice in writing.
- Each of the directors and chief executive officer, or equivalent persons, of the licensee is a fit and proper person.
AML/CFT Requirements to Be Imposed on DT Service Providers
Due to the anonymity and speed of DT services, MAS considers all transactions relating to DT services to carry higher inherent money laundering/terrorism financing risks. MAS also treats all transactions involving DTs as cross-border in nature. MAS therefore intends to issue a Notice to Digital Token Service Providers on Prevention of Money Laundering and Countering the Financing of Terrorism (FSM Notice). MAS intends to regulate DT service providers primarily for money laundering/terrorism financing risks. To this end, the DT service provider must establish and staff an adequate AML/CFT compliance function in Singapore.
MAS will consult on the full FSM Notice in due course, but anticipates that the AML/CFT requirements for DT service providers would be aligned with the requirements imposed on DPT service providers in MAS Notice PS-N02, Prevention of Money Laundering and Countering the Financing of Terrorism – Holders of Payment Service Licence (Digital Payment Token Service), which was consulted on in June 2019 and issued on 5 December 2019.
Existing MAS-regulated FIs that carry on a business of providing DT services outside of Singapore will also need to be licensed under the new act.
Harmonized Power to Impose Requirements on Technology Risk Management
As Singapore aims to be a smart nation, ensuring safety and soundness of the system is key to maintaining confidence in the financial sector. MAS has issued its Notices on Technology Risk Management and Notices on Cyber Hygiene (Tech-Risk Notices), which set out requirements on resilience of critical systems, incident reporting, and cyber hygiene.
Under the new act, MAS proposes to introduce powers to issue directions or make regulations on technology risk management instead of relying on powers in the respective acts to specify technology risk management requirements for regulated activities.
Additionally, MAS is of the view that the current maximum penalties that can be imposed for breaches of Tech-Risk Notices are not commensurate with the potential severity of a disruption to essential financial services and potential impacts to FIs’ customers. Therefore, under the new act, MAS proposes to introduce a power to issue directions to or make regulations concerning any FI or class of FIs for the management of technology risks.
MAS proposes that the maximum penalty for breaches of regulations and Tech-Risk Notices issued to be S$1 million. As in the case of other MAS-administered acts, under the new act, MAS will use a composition framework that takes into account the severity of the breach to determine a composition amount.
Providing Mediators, Adjudicators, and Employees of an Operator of an Approved Dispute Resolution Scheme with Statutory Protection from Liability
Under the existing regime, MAS requires FIs prescribed under the MAS (Dispute Resolution Scheme) Regulations 2007 to subscribe as members of an approved dispute resolution scheme.
To strengthen the confidence and autonomy of an approved dispute resolution operator’s mediators, adjudicators, and employees in carrying out their duties, MAS intends to provide them with statutory protection from liability. The proposed amendment would bring the level of protection for employees, adjudicators, and mediators of an approved dispute resolution scheme operator more in line with that of other public dispute resolution bodies.
Under the new act, a mediator, adjudicator, or employee of an operator of an approved dispute resolution scheme will not be liable for an act or omission done with reasonable care and in good faith. Mediators, adjudicators, and employees will, however, continue to be liable for acts involving willful misconduct, negligence, fraud, or corruption.
For harmonization, MAS intends to move over and/or replicate in the new act provisions in the MAS act that apply across some or all FI classes in the new act. MAS will also be inserting a new provision to impose a general duty to use reasonable care not to provide false information to MAS.
"Morgan Lewis Stamford LLC is a Singapore law corporation affiliated with Morgan, Lewis & Bockius LLP"