On Aug. 25, 2016, the Monetary Authority of Singapore (MAS) issued a consultation paper (First Consultation Paper) where it proposed to overhaul the payments framework in Singapore by introducing a single activitybased framework and establish a national payments council. On Aug. 2, 2017, MAS issued its response to the feedback received on the First Consultation Paper, specifically in relation to the establishment of the payments council. On Nov. 21, MAS issued its response to the feedback received on the First Consultation Paper, specifically in relation to the proposed payments framework. On the same date, MAS issued a separate consultation paper (Second Consultation Paper) setting out the proposed Payment Services Bill (Bill). The Bill is intended to:
1. streamline payment services in a single piece of legislation by combining the Payment Systems (Oversight) Act (Chapter 222A of Singapore) (PS(O)A) and the Money-Changing and Remittance Businesses Act (Chapter 187 of Singapore) (MCRBA);
2. enhance the scope of regulated activities to account for developments in payment services; and 3. calibrate regulations according to the risks the activities pose by adopting a modular regulatory regime. The Bill sets out two parallel regulatory frameworks: (i) the licensing framework for payment service providers and (ii) the designation framework for payment systems. This briefing summarizes key features of the two frameworks.
Sidley Austin provides this information as a service to clients and other friends for educational purposes only. It should not be construed or relied on as legal advice or to create a lawyer-client relationship. Attorney Advertising: For purposes of compliance with New York State Bar rules, our headquarters are Sidley Austin LLP, 787 Seventh Ave., New York, NY 10019, +1 212 839 5300; 1 S. Dearborn, Chicago, IL 60603, +1 312 853 7000; and 1501 K St., NW, Washington, D. 20005, +1 202 736 8000.
SIDLEY UPDATE Page 2
The regulated activities under the licensing framework are these:
A. Providing account issuance services Examples include issuing, maintaining or operating an ewallet or a non-bank credit card.
This refers to
a. issuing a payment account1 to any person in Singapore; or
b. providing in Singapore services in relation to any of the operations required for operating a payment account, including
(i) services enabling money to be placed on a payment account or
(ii) services enabling money to be withdrawn from a payment account
other than providing domestic money transfer services (as defined below).
B. Providing domestic money transfer services
Examples include payment gateway services and payment kiosk services.
This refers to accepting money for the purpose of executing or arranging for the execution of one or more of the following payment transactions in Singapore, where the payment service user is not a financial institution:
a. payment transactions executed from, by way of or through a payment account,
b. direct debits including one-off direct debits through a payment account,
c. credit transfers, including standing orders through a payment account or
d. accepting any money from any person (A) for transfer to another person's (B) payment account, where A and B are not the same person.
1 "Payment account" means (a) any account held in the name of, or any account with a unique identifier of, one or more payment service users or (b) any personalized device or personalized facility
used by a payment service user for the initiation, execution, or both of payment transactions and includes a bank account, debit card, credit card and charge card.
SIDLEY UPDATE Page 3
Activity Type C. Providing cross-border
money transfer services
D. Providing merchant acquisition services
E. E-money issuance Examples of e-money include the stored monetary value in an ewallet of a stored value facility (SVF), which may be used for purchases as well as peer-to-peer transfers.
F. Providing virtual currency services Examples of virtual currency include Bitcoin and Ether.
This refers to, whether as principal or agent,
a. accepting moneys in Singapore for the purpose of transmitting, or arranging for the transmission of, moneys to any person in another country or territory outside Singapore or
b. receiving for, or arranging for the receipt by, any person in Singapore moneys from a country or territory outside Singapore.
This refers to contracting with a merchant to accept and process payment transactions that result in a transfer of money to the merchant, whether or not the payment service provider comes into possession of money in respect of the payment transactions, where the merchant carries on business in Singapore; is incorporated, formed or registered in Singapore; or the contract is entered into in Singapore.
This refers to issuing e-money in Singapore or to persons in Singapore.
E-money is defined to mean any electronically stored monetary value that is denominated in any currency that
a. has been paid in advance for the purpose of making payment transactions through the use of a payment account,
b. is accepted by a person other than the person who issues the e-money and
c. represents a claim on the person who issues the e-money
but does not include any deposit accepted in Singapore, from any person in Singapore, by a person in the course of carrying on (whether in Singapore or elsewhere) a deposit-taking business.
This refers to
a. dealing in virtual currency,
b. facilitating the exchange of virtual currency or
c. such other service relating to virtual currency as MAS may prescribe
in Singapore or providing such services to persons in Singapore.
SIDLEY UPDATE Page 4
G. Providing money-changing services
Description This refers to buying or selling foreign currency notes.
On the other hand, the activities that are excluded from the licensing framework are
1. payment transactions between the payer and payee executed through a commercial agent authorized to negotiate or conclude the sale or purchase of goods or services on behalf of the payer or the payee, not including payment transactions executed on an online marketplace
2. professional physical transport of currency, including their collection, processing and delivery
3. payment transactions consisting of non-professional currency collection and delivery as part of a not-forprofit or charitable activity
4. payment transactions based on any of the following documents drawn on a person with a view to placing money at the disposal of the payee--
d. checks, cashiers' orders, drawing vouchers, dividend warrants, demand drafts, remittance receipts, travelers' checks or gift checks or
e. paper postal orders
5. payment transactions carried out within a payment or securities settlement system between payment service providers and settlement agents, central counterparties, clearing houses, central banks or other participants in the system
6. any service provided by any technical service provider that supports the provision of payment services where the provider does not at any time enter into possession of the money to be transferred, including--
a. the processing and storage of data
b. trust and privacy protection services
c. data and entity authentication
d. information technology
e. communication network provision
f. the provision and maintenance of terminals and devices used for payment services
7. payment transactions carried out between payment services providers, or their agents or branches, for their own account
8. payment transactions between or among related corporations, where there is no intermediary intervention by any payment service provider unless the payment service provider is one of the related corporations
9. any payment service provided by any person licensed, approved, registered or regulated, including a person exempted from licensing, approval, registration or regulation, under any of the following Acts:
SIDLEY UPDATE Page 5
a. Securities and Futures Act (Chapter 289 of Singapore); b. Financial Advisers Act (Chapter 110 of Singapore); c. Trust Companies Act (Chapter 336 of Singapore); d. Insurance Act (Chapter 142 of Singapore), where such payment service is solely incidental to or solely necessary for the person's carrying on of the business in any regulated activity under the respective act 10. dealing in central bank virtual currency carried out by a central bank or financial institution 11. facilitating the exchange of central bank virtual currency carried out by a central bank or financial institution 12. any payment service provided by any person in respect of limited purpose e-money only; limited purpose emoney will include e-money issued by limited commercial networks, public authorities and loyalty programs, provided it satisfies certain criteria 13. dealing in limited purpose virtual currency 14. facilitating the exchange of limited purpose virtual currency
The other key proposed features of the licensing framework are these:
1. Activity-based framework to license, regulate and supervise all relevant segments of the payments ecosystem in Singapore
An entity that wishes to carry out one or more of the regulated activities listed in the table above will have to be licensed. This includes entities that carry out such regulated activities that are related and incidental to other businesses that they carry on.
The focus is on retail payment activities that (i) face either customers or merchants or (ii) process funds or acquire transactions.
2. Only one license required
The payment service provider will need to hold only one modular license to conduct its regulated activities.
3. Three license classes available
A payment service provider may apply to be a o Money-Changing Licensee,
o Standard Payment Institution or
o Major Payment Institution.
A Money-Changing Licensee may provide only money-changing services, while a Standard Payment Institution and a Major Payment Institution may conduct any of the regulated activities it is licensed for.
4. Key criteria that apply to applicants under the licensing framework
SIDLEY UPDATE Page 6
The rationale for the distinction between a Standard Payment Institution and a Major Payment Institution is to exclude smaller entities (Standard Payment Institutions) from certain requirements under the Bill, including user protection and interoperability requirements.
Only a Major Payment Institution may carry out payment services above either of the two following thresholds:
o accepting, processing or executing a monthly average of transactions (including all payment transactions) above S$3 million in a calendar year2 or
o holding an average daily e-money float above S$5 million in a calendar year.
Except for applicants for a Money-Changing license, the applicant must be a company (incorporated in Singapore or overseas).
The applicant must have a permanent place of business in Singapore or, if the business is carried on without a permanent place of business, a registered office in Singapore.
The applicant must appoint a person to be present at the permanent place of business or registered office of the applicant on the days and at the hours during which the place or office is to be accessible to the public to address any issues or complaints from any payment service user who is a customer of the applicant.
The applicant must keep, or cause to be kept, at the permanent place of business or registered office, as the case may be, books of all transactions in relation to any payment service the applicant provides.
The applicant must have at least one Singapore citizen or Singapore permanent resident executive director.
Except for applicants for a Money-Changing license, the applicant must hold a minimum capital of S$100,000 (or higher as prescribed) on an ongoing basis.
Major Payment Institutions are also required to provide a security deposit of S$100,000 (or higher as prescribed).
2 Money-changing transactions do not count toward the threshold.
SIDLEY UPDATE Page 7
5. Key ongoing requirements Specific risk mitigation requirements will apply to certain
licensees under the Bill depending on which regulated activity the
licensee conducts. These include
o anti-money-laundering/countering the financing of terrorism (AML/CFT) requirements
o user protection requirements
For example, the requirement to have the relevant funds/e-money float (in relation to money transfer services, merchant acquisition services, e-money issuance, etc.) safeguarded. This can be done by one or a combination of a prescribed list of ways, including having the relevant funds/e-money float covered by a guarantee by a full bank3, or having the relevant moneys deposited in a trust account with a full bank.
o interoperability requirements
MAS will have the power to impose interoperability measures. For example, MAS may mandate any Major Payment Institution to participate in a common platform to achieve interoperability of major wallets or to adopt a common standard to make widely used payment acceptance methods interoperable.
o technology risk management requirements
Other ongoing compliance requirements include annual audit requirements, requirements to notify MAS of specific events, and requirements to obtain MAS' prior approval for any change in control of the licensee or for appointing key individuals in the licensee's organization.
6. Arrangements for existing financial institutions and transitional periods
Exemptions for certain financial institutions:
o Banks, merchant banks, finance companies ("deposit-taking institutions") will be exempted from holding a license and from complying with
entity-specific requirements that overlap with those the financial institutions are already subject to under the BA,
3 "Full bank" means any bank holding a license granted by MAS under the Banking Act (Chapter 19 of Singapore) (BA), which permits the bank to carry on the full range of banking business.
SIDLEY UPDATE Page 8
MAS Act and Finance Companies Act (Chapter 108 of Singapore) (FCA)
activity-specific requirements (for some but not all activities regulated under the Bill) that are regulated in or are an integral part of the activities regulated in the BA, MAS Act and FCA
o Non-bank credit card or charge card issuers licensed under the BA will also be exempted from holding a license and from complying with entity-specific requirements that deposittaking institutions are exempted from. However, non-bank credit card issuers need to comply with the other requirements in the Bill, including activity-specific requirements, as they do not overlap with those in the BA. Non-bank credit card or charge card issuers also need to comply with interoperability requirements that MAS may impose under the Bill.
o MAS proposes to commence the Bill not earlier than at least six months after Parliament passes it.
o MAS will deem the existing widely accepted SVFs holders and remittance agents as Major Payment Institutions (to conduct any activity) under the Bill. These entities will not need to separately apply for a payment services license. They have six months from the Bill's date of commencement to inform MAS of the specific activities they are conducting.
o MAS will deem money-changing licensees under the MCRBA to be Money-Changing Licensees under the Bill.
o As mentioned, deposit-taking institutions and licensed nonbank credit card or charge card issuers will be exempted from holding a payment services license under the Bill.
o Upon the Bill's commencement, MAS will grant a temporary exemption to entities providing payment services regulated under the Bill but who are currently not licensed under the MCRBA or an approved SVF holder under the PS(O)A (Newly Regulated Entities). So long as these Newly Regulated Entities submit their license applications to MAS within six months of the Bill's date of commencement, the exemption will extend to the date on which MAS approves or rejects the
SIDLEY UPDATE Page 9
license application. The Newly Regulated Entities must also disclose clearly to the public that MAS has granted them an exemption for the interim period.
o To contain the risk of overregulation, MAS is prepared to consider granting class exemptions to entities that fall within the scope of Standard Payment Institutions but do not pose sufficient ML/TF risks. Such class exemptions have not been set out in the Bill and will instead be prescribed as regulations.
o If a Standard Payment Institution operates a business model that at all times does not require the institution to put in place AML/CFT measures as set out in the relevant notices, MAS is prepared to exempt such entities as a class from holding a license under the Bill.
1. Expansion of designation
While the licensing framework focuses on retail payment
criteria for payment systems
activities facing consumers and merchants, the designation
framework focuses on payment systems whose disruption would
pose financial stability risks or impact confidence in the financial
system. Such systems are likely to be interbank payment systems
such as FAST, GIRO and MEPS+.
The Bill will largely retain existing designation regime for payment systems under the PS(O)A. The designation regime provides MAS powers to designate any payment system for regulation.
Under the Bill, the designation criteria will expand to allow MAS to designate widely used payment systems to ensure efficiency or competitiveness in the service provider.
SIDLEY UPDATE Page 10
Invitation for Comments
Please refer to the Consultation Paper for the complete set of proposals. The deadline for comments and feedback to be submitted to the MAS is Jan. 8, 2018. We are collating comments from clients and industry participants for submission. If you have comments on the proposals that you would like us to submit on your behalf, please contact any of the lawyers listed below.
If you have any questions regarding this update, please contact the Sidley lawyer with whom you usually work or
Han Ming Ho Partner
[email protected] +65 6230 3966
Yuet Ming Tham Partner
[email protected] +852 2509 7645 / +65 6230 3969
Josephine Law Counsel
[email protected] +65 6230 3916
John Casanova Partner
[email protected] +44 20 7360 3739
SIDLEY UPDATE Page 11
Investment Funds, Advisers and Derivatives Practice
Sidley has a premier, global practice in structuring and advising investment funds and advisers. We advise clients in the formation and operation of all types of alternative investment vehicles, including hedge funds, fund-of-funds, commodity pools, venture capital and private equity funds, private real estate funds and other public and private pooled investment vehicles. We also represent clients with respect to more traditional investment funds, such as closed-end and open-end registered investment companies (i.e., mutual funds) and exchange-traded funds (ETFs). Our advice covers the broad scope of legal and compliance issues that are faced by funds and their boards, as well as investment advisers to funds and other investment products and accounts, under the laws and regulations of the various jurisdictions in which they may operate. Our practice group consists of approximately 120 lawyers in New York, Chicago, London, Hong Kong, Singapore, Shanghai, Tokyo, Los Angeles and San Francisco. In Asia, our practice includes Singapore, U.S., English, Hong Kong and Japanese-qualified lawyers. For further information on our Investment Funds, Advisers and Derivatives practice, please contact the co-heads of Sidley's Asia Investment Funds practice: Han Ming Ho, Singapore (+65 6230 3966, [email protected]), or Effie Vasilopoulos, Hong Kong (+852 2509 7860, [email protected]).
Privacy and Cybersecurity Practice
We offer clients an inter-disciplinary, international group of lawyers focusing on the complex national and international issues of data protection and cyber law. The group includes lawyers experienced in regulatory compliance, litigation, financial institutions, healthcare, EU regulation, IT licensing, marketing counsel, intellectual property and criminal issues. Sidley provides services in the following areas: Privacy and Consumer Protection Litigation, Enforcement and Regulatory Compliance Data Breach, Incident Response and Cybersecurity Advice, Response and Litigation Global Data Protection, International Data Transfer Solutions and Cross-Border Issues Corporate Data Protection, Compliance Programs and Information Governance Assessments FTC and State Attorney General Investigations of Unfair or Deceptive Acts and Practices Cloud Computing, Social Media, Online Advertising, Internet of Things, E-Commerce and Internet Issues EU, China, Japan, Singapore, Hong Kong and other International Data Protection and Compliance Counseling Gramm-Leach-Bliley and Financial Privacy HIPAA and Healthcare Privacy Communications Law and Data Protection Workplace Privacy and Employee Monitoring Website Policies, Online Trademarks and Domain Name Protection Records Retention, Electronic Discovery and Defensible Deletion Governmental Access and National Security
To receive Sidley Updates, please subscribe at www.sidley.com/subscribe
BEIJING BOSTON BRUSSELS CENTURY CITY CHICAGO DALLAS GENEVA HONG KONG HOUSTON LONDON LOS ANGELES MUNICH NEW YORK PALO ALTO SAN FRANCISCO SHANGHAI SINGAPORE SYDNEY TOKYO WASHINGTON, D.C.
Sidley Austin refers to Sidley Austin LLP and affiliated partnerships as explained at www.sidley.com/disclaimer.
www.sidley.com or www.sidley.com.cn