A Guide to AML/CFT for Singaporean FinTechs
The Guide to AML/CFT for Singaporean Fintechs provides firms with useful guideposts and pointers on approaching common risks to help them address key issues around AML/CFT.
Download your copyIn recent years, Singapore has seen rapid developments in its FinTech sector. The government and the country’s regulator – the Monetary Authority of Singapore (MAS) – have made significant efforts to ensure the country’s regulatory framework keeps up with this growth. One of the most important regulatory developments in this context is the Payment Services Act (PSA) of 2019. This act consolidated previous legislation to create a streamlined approach covering both new and traditional payment services. It came into effect in January 2020.
The Payment Services Act (PSA) in Singapore is a regulation that oversees and governs payment services and digital payment transactions. Passed into law on January 14, 2019, and into legal effect on January 28, 2020, the PSA combines the previous Payment Systems (Oversight) Act 2006 and the Money-Changing and Remittance Businesses Act 1979 to form a single legal framework.
Intended to prepare Singapore’s payments industry for the future without stifling FinTech innovation, the PSA sets out regulatory requirements for payment service providers in Singapore and gives the Monetary Authority of Singapore (MAS) legal oversight of payments systems.
Accordingly, the PSA serves two parallel regulatory frameworks:
To comply with the Payment Services Act, Singapore’s payment service providers must be familiar with its regulatory scope and the AML/CFT obligations it entails.
The Payment Services Act (PSA) governs a range of payment services within Singapore. This includes services involved in issuing payment accounts to customers and operations necessary for a payment account’s functioning; notable examples are non-bank credit cards and e-wallets.
Moreover, the PSA encompasses services facilitating the domestic transfer of funds across Singapore, which can be offered through online payment gateways and physical payment kiosks.
Alongside this, international money transfer services, enabling cross-border fund transfers to and from Singapore, fall under the PSA’s regulation.
Additionally, the act covers merchant acquisition services where service providers handle payment processing on merchants’ behalf, with payment gateways and point-of-sale card terminals being prime examples. Lastly, money-changing services, crucial for the buying and selling of foreign currencies within Singapore – including those provided by online platforms and physical currency exchange outlets – are regulated under the PSA.
Amendments to the PSA in 2019 expanded its scope to better align with Financial Action Task Force (FATF) standards and to extend its regulatory reach to services associated with virtual assets and currencies. Accordingly, the PSA also applies to:
Under the PSA, Singapore payment services must take a risk-based approach to the money laundering and terrorism financing threats they face and implement the following measures as part of an internal AML/CFT policy:
The Guide to AML/CFT for Singaporean Fintechs provides firms with useful guideposts and pointers on approaching common risks to help them address key issues around AML/CFT.
Download your copyThe application of the PSA to DPT service providers is a significant regulatory step for the use of cryptocurrency in Singapore. Under the PSA, providers of cryptocurrencies and cryptocurrency exchange services must, like other service providers, obtain a license from MAS to operate and comply with a range of AML/CFT requirements. The new rules expand the definition of digital payment token services to any provider that transfers cryptocurrency across accounts (or arranges that transfer) within Singapore or beyond its borders.
The PSA imposes certain specific AML/CFT regulations on DPT service providers. These include:
However, in April 2024, MAS announced changes to the PSA and its subsidiary legislation. These changes expand MAS’ regulation of payment services and introduce requirements for user protection and financial stability related to DPT service providers. As a result, the following activities are now regulated under the PSA:
Transitional arrangements will be made for entities currently conducting activities under the expanded scope of the PS Act. These entities must notify MAS within 30 days and submit a license application by October 2024 to continue their activities on a temporary basis while MAS reviews their license applications. The license application must be accompanied by an attestation report of the entity’s business activities and compliance with AML/CFT requirements, duly completed by a qualified external auditor by January 2025.
Entities that do not meet the above requirements are required to cease their activities when the amendments come into effect.
The amended Payment Services Regulations on safeguarding assets belonging to customers of DPT service providers will take from October 2024. These regulations include:
To fulfill their CDD responsibilities, MAS requires DPTs to collect a customer’s name, nationality, unique ID number (such as passport or NRIC number), residential or business address, and date of birth (or date of incorporation).
This guide is a practical resource for compliance professionals in the crypto industry, covering the essentials of building and scaling a crypto AML program, navigating regulatory change, and identifying emerging use cases and threats.
Download your copySince its introduction in 2019, the PSA has significantly impacted Singapore’s payment industry, strengthening the supervision of the digital payments industry and increasing consumer protection. However, keeping up with an ever-evolving regulatory landscape can create a variety of challenges for firms as they strive to grow their business while mitigating risk and remaining compliant. Some of these challenges include:
To ensure compliance with the PSA and its AML obligations in Singapore, PSPs should review the following best practices:
Experience a better way to screen transactions with ComplyAdvantage’s data-optimized screening algorithms and integrated case management capabilities.
See it in actionOriginally published 28 February 2020, updated 12 July 2024
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2024 IVXS UK Limited (trading as ComplyAdvantage).