.png)
A new bill has been presented to parliament [LINK] that will widen the powers of the local banking regulator, The Monetary Authority of Singapore.
In effect, MAS will be able to prohibit people operating in the financial sector as it deems fit or, to be precise, as MAS identifies a person as being unfit.
There will also be enhanced control over what it labels as virtual assets, capturing cryptocurrencies and digital payment services in the regulatory scope.
Finally, the regulator's ability to impose requirements on financial institutions regarding the technology they use or the risk from misuse of technology in providing digital services has also been included in the new bill.
When taken in whole, their regulatory powers have been expanded substantially across the business landscape of Singapore in what I believe is going to bring more stability and consistency to the banking sector and the services it offers to the broader population.
Some Regulatory Scenarios
Let's look at some of the scenarios captured in this widened net of regulations.
[1] Theoretically, any firm offering digital payment solutions will need to ensure it meets Anti-Money Laundering requirements similar to that of a bank — As it should be.
[2] An incompetent Risk Manager is potentially unfit for service under the new rulings — It's about time the second line of defence is to be held accountable for their work.
Indeed, the new rules don't just apply to IT departments and sales units of a bank or an IT company providing digital services (the scope is comprehensive), but the second line of defence in financial institutions as well.
The new bill was crafted from the Omnibus Consultation Paper directive [LINK] that states in its 99 pages of detailings no less and one sheet shy of a century ... some of the following:
MAS proposes to be able to prohibit a person who is not fit and proper from engaging in the following four specified functions.
(a) Handling of funds, including safeguarding or administration of a digital payment token or digital payment token instrument;
(b) Risk-taking;
(c) Risk management and control; and
(d) Critical system administration.
[3] The protection of data and, by extension, the confidentiality of that data throughout the entire IT provision of services. "The technology to deliver financial services, and safe and sound use of technology to protect data" — Oh yes, IT solution providers and companies that provide services to the finance sector may need to pick up their act.
[4] Say you are a company registered in Singapore offering payment services outside Singapore. Would you be safe from the new rulings?
Under the new act, MAS will NOW capture you in their regulatory net!
"offer such services outside of Singapore and that are not captured under current legislation. MAS intends to regulate such entities for ML/TF risks."
The nuanced list goes on ... Certainly, if you are a compliance officer operating in the finance sector, it's worth reading the brief and appreciating some of the clauses at a deeper level.