The Monetary Authority of Singapore (MAS) has issued a Consultation Paper on the Proposed Payment Services Bill (draft Bill).
The draft Bill regulates the following types of payment service activities:
- Account issuance services: Issuing, maintaining or operating a payment account in Singapore, such as an e-wallet or a non-bank credit card.
- Domestic money transfer services: Providing local funds transfer services in Singapore, including payment gateway services and payment kiosk services.
- Cross border money transfer services: Providing inbound or outbound remittance services in Singapore.
- Merchant acquisition services: Providing merchant acquisition services in Singapore. This is where the service provider contracts with a merchant to accept and process payment transactions, which results in a transfer of money to the merchant. Usually the service includes providing a point of sale terminal or online payment gateway.
- E-money issuance: Issuing e-money in Singapore to allow the user to pay merchants or transfer e-money to another individual (with carve-out for e-money used for certain specified limited purposes).
- Virtual currency services: Buying or selling virtual currency, or providing a platform to allow persons to exchange virtual currency in Singapore (with carve-out for virtual currency used for certain specified limited purposes).
- Money-changing services: Buying or selling foreign currency notes in Singapore.
Licence to Carry out Payment Service Activities
A licence will be required to carry out any of these services. Three classes of licences are proposed:
- A licence to be a Money-Changing Licensee, which will only allow the licence holder to carry out money-changing services.
- A licence to be a Standard Payment Institution, which will allow the licence holder to carry out any payment service activity below specified threshold limits.
- A licence to be a Major Payment Institution, which will allow the licence holder to carry out any payment service activity above the specified threshold limits.
The threshold limits that are specified are as follows:
- Accepting, processing, or executing a monthly average of transactions (including all payment transactions but excluding money-changing transactions) of less than S$3 million in a calendar year; or
- Holding an average daily e-money float of less than S$5 million in a calendar year.
A licence to carry out the payment service activity will not be needed for the following persons:
- Deposit taking institutions already licensed under the Banking Act, the MAS Act or the Finance Companies Act.
- A person regulated or exempt under the Securities and Futures Act, the Financial Advisers Act, the Trust Companies Act or the Insurance Act if the provision of that activity is solely incidental or necessary for the carrying on of its regulated activity.
To apply for a licence, the applicant must:
- Be a company (whether incorporated in Singapore or overseas);
- Have a permanent place of business or a registered office in Singapore;
- Have at least one executive director that is a Singapore citizen or a Singapore permanent resident; and
- Comply with the capital and security deposit requirements.
Risk Mitigation Measures
The providers of payment service activities will need to implement risk mitigation measures. These are broadly divided into AML/CFT measures and user protection measures. AML/CFT measures apply to all three types of licensees, while the user protection measures apply only to Major Payment Institutions.
The table below sets out what types of measures are required to be adopted in respect of each payment service activity. What the measures entail are set out below the table.
AML/CFT requirements would include the following:
- Identification and verification of customers and beneficial owners;
- Ongoing monitoring including transactions monitoring;
- Screening of customers for money laundering / terrorism financing concerns; and
- Suspicious transaction reporting and record keeping.
User protection measures comprise the following:
- Safeguarding of e-money float / funds in transit:
- The float / funds is covered by an undertaking from any full bank which is fully liable to the e-money users for such moneys.
- The float / funds is guaranteed by any full bank.
- The float / funds is deposited in a trust account with any full bank no later than T+1.
- The float / funds is deposited in a trust account with an authorised custodian specified or prescribed by the MAS no later than T+1.
- The float / funds is invested in any secure, liquid and low risk assets as the MAS may prescribe, no later than T+1, and the assets are deposited in a trust account with an authorised custodian prescribed or specified by the MAS.
- Protection of personal use wallets:
- The maximum personal e-wallet load capacity will be set at S$5,000.
- E-wallet issuers must not allow the user of a personal e-wallet to transfer more than S$30,000 out of his or her e-wallet on a 12-month consecutive basis. Transfers to certain personal bank accounts held in Singapore do not count towards the S$30,000 restriction.
- Protection of access to funds:
- These measures will be set out in guidelines to be consulted on later.
- The guidelines will apply to all issuers of high value payment accounts that enable users to execute electronic payment transactions.
- Users protected under the funds access protection guidelines will be individuals and businesses employing fewer than 10 persons or with an annual turnover of no more than S$1 million.
- The liability of payment users of high value payment accounts will be capped at S$100.
The Bill empowers the MAS to mandate interoperability. However, the MAS has stated that it does not currently intend to require interoperability.
The existing guidance on technology risk management will be extended to licensees. Accordingly, only designated payment systems will be required to adopt technology risk management requirements.